Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies;
false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and
the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties,
implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided
is at the user’s risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever
arising out of or in connection with the use of this tool, the analysis performed, or the resulting report.
Scan Information (
show all ):
dependency-check version : 6.1.1Report Generated On : Tue, 28 Dec 2021 00:51:00 +0100Dependencies Scanned : 65 (58 unique)Vulnerable Dependencies : 5 Vulnerabilities Found : 40Vulnerabilities Suppressed : 0... NVD CVE Checked : 2021-12-28T00:05:10NVD CVE Modified : 2021-12-27T22:00:01VersionCheckOn : 2021-12-28T00:05:10Summary Display:
Showing Vulnerable Dependencies (click to show all) Dependencies FastInfoset-1.2.15.jarDescription:
Open Source implementation of the Fast Infoset Standard for Binary XML (http://www.itu.int/ITU-T/asn1/). License:
http://www.opensource.org/licenses/apache2.0.php File Path: /Volumes/Users/fritz/LocalData/Business/Tidalwave/Projects/WorkAreas/tidalwave.bitbucket.io/repository/com/sun/xml/fastinfoset/FastInfoset/1.2.15/FastInfoset-1.2.15.jar
MD5: 57f3894ad7e069ae740b277d92d10fa0
SHA1: bb7b7ec0379982b97c62cd17465cb6d9155f68e8
SHA256: 785861db11ca1bd0d1956682b974ad73eb19cd3e01a4b3fa82d62eca97210aec
Referenced In Project/Scope: TheseFoolishThings :: Examples :: Finder :: JPA Finder:compile
Evidence Type Source Name Value Confidence Vendor Manifest Implementation-Vendor Oracle High Vendor jar (hint) package name oracle Highest Vendor Manifest Implementation-Vendor-Id com.oracle Medium Vendor Manifest bundle-docurl http://www.oracle.com Low Vendor file name FastInfoset High Vendor jar package name xml Highest Vendor pom parent-groupid com.sun.xml.fastinfoset Medium Vendor Manifest implementation-url http://fi.java.net Low Vendor Manifest implementation-build-id ${scmBranch}-${buildNumber}, ${timestamp} Low Vendor pom artifactid FastInfoset Low Vendor Manifest (hint) Implementation-Vendor sun High Vendor Manifest bundle-symbolicname com.sun.xml.fastinfoset.FastInfoset Medium Vendor Manifest require-capability osgi.ee;filter:="(&(osgi.ee=JavaSE)(version=9.0))" Low Vendor Manifest url http://fi.java.net Low Vendor pom groupid com.sun.xml.fastinfoset Highest Vendor pom name fastinfoset High Vendor jar package name sun Highest Vendor pom groupid sun.xml.fastinfoset Highest Vendor pom parent-artifactid fastinfoset-project Low Vendor Manifest extension-name com.sun.xml.fastinfoset Medium Vendor jar package name fastinfoset Highest Vendor pom url http://fi.java.net Highest Product Manifest Bundle-Name fastinfoset Medium Product Manifest specification-title ITU-T Rec. X.891 | ISO/IEC 24824-1 (Fast Infoset) Medium Product pom artifactid FastInfoset Highest Product Manifest bundle-docurl http://www.oracle.com Low Product file name FastInfoset High Product jar package name xml Highest Product pom parent-groupid com.sun.xml.fastinfoset Medium Product Manifest implementation-url http://fi.java.net Low Product Manifest implementation-build-id ${scmBranch}-${buildNumber}, ${timestamp} Low Product Manifest bundle-symbolicname com.sun.xml.fastinfoset.FastInfoset Medium Product Manifest require-capability osgi.ee;filter:="(&(osgi.ee=JavaSE)(version=9.0))" Low Product pom parent-artifactid fastinfoset-project Medium Product Manifest url http://fi.java.net Low Product pom name fastinfoset High Product jar package name sun Highest Product Manifest Implementation-Title Fast Infoset Implementation High Product pom groupid sun.xml.fastinfoset Highest Product Manifest extension-name com.sun.xml.fastinfoset Medium Product jar package name fastinfoset Highest Product pom url http://fi.java.net Medium Version Manifest Bundle-Version 1.2.15 High Version Manifest Implementation-Version 1.2.15 High Version pom version 1.2.15 Highest Version file version 1.2.15 High
antlr-2.7.7.jarDescription:
A framework for constructing recognizers, compilers,
and translators from grammatical descriptions containing
Java, C#, C++, or Python actions.
License:
BSD License: http://www.antlr.org/license.html File Path: /Volumes/Users/fritz/LocalData/Business/Tidalwave/Projects/WorkAreas/tidalwave.bitbucket.io/repository/antlr/antlr/2.7.7/antlr-2.7.7.jar
MD5: f8f1352c52a4c6a500b597596501fc64
SHA1: 83cd2cd674a217ade95a4bb83a8a14f351f48bd0
SHA256: 88fbda4b912596b9f56e8e12e580cc954bacfb51776ecfddd3e18fc1cf56dc4c
Referenced In Project/Scope: TheseFoolishThings :: Examples :: Finder :: JPA Finder:compile
Evidence Type Source Name Value Confidence Vendor jar package name antlr Highest Vendor jar package name parser Highest Vendor jar package name antlr Low Vendor pom artifactid antlr Low Vendor file name antlr High Vendor jar package name java Highest Vendor pom groupid antlr Highest Vendor jar package name python Highest Vendor jar package name actions Highest Vendor pom url http://www.antlr.org/ Highest Vendor pom name AntLR Parser Generator High Product jar package name antlr Highest Product jar package name parser Highest Product pom url http://www.antlr.org/ Medium Product pom artifactid antlr Highest Product file name antlr High Product jar package name java Highest Product pom groupid antlr Highest Product jar package name python Highest Product jar package name actions Highest Product pom name AntLR Parser Generator High Version pom version 2.7.7 Highest Version file version 2.7.7 High
aspectjrt-1.9.6.jarDescription:
The runtime needed to execute a program using AspectJ License:
Eclipse Public License - v 1.0: http://www.eclipse.org/legal/epl-v10.html File Path: /Volumes/Users/fritz/LocalData/Business/Tidalwave/Projects/WorkAreas/tidalwave.bitbucket.io/repository/org/aspectj/aspectjrt/1.9.6/aspectjrt-1.9.6.jar
MD5: 391f9257f19b84b45eb79a1878b9600a
SHA1: 1651849d48659e5703adc2599e694bf67b8c3fc4
SHA256: 20c785678cbb4ee045914daf83da25f98a16071177dfa0e3451326723dfb4705
Referenced In Projects/Scopes: TheseFoolishThings :: Examples :: Finder :: In-memory Finder:compile TheseFoolishThings :: Examples :: DCI :: Marshal XStream:compile TheseFoolishThings :: Examples :: Finder :: JPA Finder:compile TheseFoolishThings :: Examples :: DCI :: Swing:compile TheseFoolishThings :: Roles :: Spring:compile TheseFoolishThings :: Examples :: Finder :: Extended Finder:compile TheseFoolishThings :: MessageBus :: Spring:compile TheseFoolishThings :: Examples :: DCI :: Displayable:compile TheseFoolishThings :: Examples :: DCI :: Persistence JPA:compile TheseFoolishThings :: Examples :: Data:compile Evidence Type Source Name Value Confidence Vendor file name aspectjrt High Vendor Manifest automatic-module-name org.aspectj.runtime Medium Vendor pom url https://www.eclipse.org/aspectj/ Highest Vendor pom groupid aspectj Highest Vendor jar package name aspectj Highest Vendor jar package name runtime Highest Vendor pom artifactid aspectjrt Low Vendor pom name AspectJ runtime High Vendor pom groupid org.aspectj Highest Vendor manifest: org/aspectj/lang/ Implementation-Vendor https://www.eclipse.org/aspectj/ Medium Product file name aspectjrt High Product Manifest automatic-module-name org.aspectj.runtime Medium Product manifest: org/aspectj/lang/ Implementation-Title org.aspectj.runtime Medium Product pom groupid aspectj Highest Product jar package name aspectj Highest Product manifest: org/aspectj/lang/ Specification-Title AspectJ Runtime Classes Medium Product jar package name runtime Highest Product pom url https://www.eclipse.org/aspectj/ Medium Product pom artifactid aspectjrt Highest Product pom name AspectJ runtime High Version file version 1.9.6 High Version manifest: org/aspectj/lang/ Implementation-Version 1.9.6 Medium Version pom version 1.9.6 Highest
betterbeansbinding-core-1.3.0.jarDescription:
Keeping JavaBeans in sync. License:
http://www.gnu.org/licenses/lgpl-2.1.html File Path: /Volumes/Users/fritz/LocalData/Business/Tidalwave/Projects/WorkAreas/tidalwave.bitbucket.io/repository/it/tidalwave/betterbeansbinding/betterbeansbinding-core/1.3.0/betterbeansbinding-core-1.3.0.jar
MD5: a4ed4664612ece2fdff12bf5f21accc8
SHA1: ba454e7173845a67ba7f9e9478af4a9e43700b7b
SHA256: da366781ce264f2facefc922b858382dc1b82b551a777c6df6106a9349763080
Referenced In Project/Scope: TheseFoolishThings :: Examples :: DCI :: Swing:compile
Evidence Type Source Name Value Confidence Vendor pom groupid it.tidalwave.betterbeansbinding Highest Vendor pom name BetterBeansBinding Core High Vendor pom parent-artifactid betterbeansbinding Low Vendor file name betterbeansbinding-core High Vendor Manifest implementation-build unknown Low Vendor Manifest bundle-symbolicname it.tidalwave.betterbeansbinding.betterbeansbinding-core Medium Vendor pom artifactid betterbeansbinding-core Low Vendor Manifest bundle-docurl http://www.tidalwave.it Low Product pom groupid it.tidalwave.betterbeansbinding Highest Product pom name BetterBeansBinding Core High Product file name betterbeansbinding-core High Product Manifest implementation-build unknown Low Product Manifest bundle-symbolicname it.tidalwave.betterbeansbinding.betterbeansbinding-core Medium Product pom artifactid betterbeansbinding-core Highest Product Manifest Bundle-Name BetterBeansBinding Core Medium Product pom parent-artifactid betterbeansbinding Medium Product Manifest bundle-docurl http://www.tidalwave.it Low Version pom version 1.3.0 Highest Version file version 1.3.0 High Version Manifest Bundle-Version 1.3.0 High
betterbeansbinding-el-1.3.0.jarDescription:
Keeping JavaBeans in sync. License:
http://www.gnu.org/licenses/lgpl-2.1.html File Path: /Volumes/Users/fritz/LocalData/Business/Tidalwave/Projects/WorkAreas/tidalwave.bitbucket.io/repository/it/tidalwave/betterbeansbinding/betterbeansbinding-el/1.3.0/betterbeansbinding-el-1.3.0.jar
MD5: 63cad21fb9a2b5a837b11e881eeeda22
SHA1: f285f3cd2b41cbde08a45095ca3be862d7ef7adf
SHA256: b19e603cc5e959f2bde777f9f992ea63e59fef211c650d3bf4bf707ed741a84f
Referenced In Project/Scope: TheseFoolishThings :: Examples :: DCI :: Swing:compile
Evidence Type Source Name Value Confidence Vendor pom groupid it.tidalwave.betterbeansbinding Highest Vendor jar package name el Highest Vendor pom parent-artifactid betterbeansbinding Low Vendor Manifest implementation-build unknown Low Vendor pom artifactid betterbeansbinding-el Low Vendor pom name BetterBeansBinding EL High Vendor Manifest bundle-symbolicname it.tidalwave.betterbeansbinding.betterbeansbinding-el Medium Vendor file name betterbeansbinding-el High Vendor Manifest bundle-docurl http://www.tidalwave.it Low Product pom groupid it.tidalwave.betterbeansbinding Highest Product jar package name el Highest Product Manifest implementation-build unknown Low Product Manifest Bundle-Name BetterBeansBinding EL Medium Product pom name BetterBeansBinding EL High Product Manifest bundle-symbolicname it.tidalwave.betterbeansbinding.betterbeansbinding-el Medium Product pom parent-artifactid betterbeansbinding Medium Product file name betterbeansbinding-el High Product pom artifactid betterbeansbinding-el Highest Product Manifest bundle-docurl http://www.tidalwave.it Low Version pom version 1.3.0 Highest Version file version 1.3.0 High Version Manifest Bundle-Version 1.3.0 High
betterbeansbinding-swingbinding-1.3.0.jarDescription:
Keeping JavaBeans in sync. License:
http://www.gnu.org/licenses/lgpl-2.1.html File Path: /Volumes/Users/fritz/LocalData/Business/Tidalwave/Projects/WorkAreas/tidalwave.bitbucket.io/repository/it/tidalwave/betterbeansbinding/betterbeansbinding-swingbinding/1.3.0/betterbeansbinding-swingbinding-1.3.0.jar
MD5: 73e42607d80f5e24e9be17e4e3952184
SHA1: d865d0482b48bd900099fc5c84c02892766ff375
SHA256: 053cdb906c0d366df9e4851ce2528f200ba97fda2d7d6769dabe7012dcc83d29
Referenced In Project/Scope: TheseFoolishThings :: Examples :: DCI :: Swing:compile
Evidence Type Source Name Value Confidence Vendor pom groupid it.tidalwave.betterbeansbinding Highest Vendor Manifest bundle-symbolicname it.tidalwave.betterbeansbinding.betterbeansbinding-swingbinding Medium Vendor pom parent-artifactid betterbeansbinding Low Vendor file name betterbeansbinding-swingbinding High Vendor Manifest implementation-build unknown Low Vendor jar package name swingbinding Highest Vendor pom name BetterBeansBinding SwingBinding High Vendor Manifest bundle-docurl http://www.tidalwave.it Low Vendor pom artifactid betterbeansbinding-swingbinding Low Product Manifest Bundle-Name BetterBeansBinding SwingBinding Medium Product Manifest bundle-symbolicname it.tidalwave.betterbeansbinding.betterbeansbinding-swingbinding Medium Product pom groupid it.tidalwave.betterbeansbinding Highest Product file name betterbeansbinding-swingbinding High Product Manifest implementation-build unknown Low Product jar package name swingbinding Highest Product pom artifactid betterbeansbinding-swingbinding Highest Product pom parent-artifactid betterbeansbinding Medium Product pom name BetterBeansBinding SwingBinding High Product Manifest bundle-docurl http://www.tidalwave.it Low Version pom version 1.3.0 Highest Version file version 1.3.0 High Version Manifest Bundle-Version 1.3.0 High
bsh-2.0b4.jarDescription:
BeanShell File Path: /Volumes/Users/fritz/LocalData/Business/Tidalwave/Projects/WorkAreas/tidalwave.bitbucket.io/repository/org/beanshell/bsh/2.0b4/bsh-2.0b4.jarMD5: a1c60aa83c9c9a6cb2391c1c1b85eb00SHA1: a05f0a0feefa8d8467ac80e16e7de071489f0d9cSHA256: 91395c07885839a8c6986d5b7c577cd9bacf01bf129c89141f35e8ea858427b6Referenced In Project/Scope: TheseFoolishThings :: Test Utilities:compile
Evidence Type Source Name Value Confidence Vendor pom parent-artifactid beanshell Low Vendor Manifest specification-vendor http://www.beanshell.org/ Low Vendor hint analyzer vendor beanshell_project Highest Vendor Manifest Implementation-Vendor Pat Niemeyer (pat@pat.net) High Vendor pom name BeanShell High Vendor pom parent-groupid org.beanshell Medium Vendor jar package name bsh Highest Vendor file name bsh High Vendor pom artifactid bsh Low Vendor pom groupid beanshell Highest Vendor jar package name org Highest Vendor pom groupid org.beanshell Highest Product jar package name bsh Highest Product hint analyzer product beanshell Highest Product file name bsh High Product pom artifactid bsh Highest Product Manifest specification-title BeanShell Medium Product pom parent-artifactid beanshell Medium Product pom groupid beanshell Highest Product jar package name org Highest Product pom name BeanShell High Product pom parent-groupid org.beanshell Medium Version pom version 2.0b4 Highest
Published Vulnerabilities CVE-2016-2510 suppress
BeanShell (bsh) before 2.0b6, when included on the classpath by an application that uses Java serialization or XStream, allows remote attackers to execute arbitrary code via crafted serialized data, related to XThis.Handler. CWE-19 Data Processing Errors
CVSSv2:
Base Score: MEDIUM (6.8) Vector: /AV:N/AC:M/Au:N/C:P/I:P/A:P CVSSv3:
Base Score: HIGH (8.1) Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H References:
Vulnerable Software & Versions: (show all )
byte-buddy-1.10.20.jarDescription:
Byte Buddy is a Java library for creating Java classes at run time.
This artifact is a build of Byte Buddy with all ASM dependencies repackaged into its own name space.
License:
http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /Volumes/Users/fritz/LocalData/Business/Tidalwave/Projects/WorkAreas/tidalwave.bitbucket.io/repository/net/bytebuddy/byte-buddy/1.10.20/byte-buddy-1.10.20.jar
MD5: d158464cbd647e92a6493f608bb3b985
SHA1: c5d2d12c75c5d52f8df33f4211e6dbd05a42b117
SHA256: 5fcad05da791e9a22811c255a4a74b7ea094b7243d9dbf3e6fc578c8c94290ac
Referenced In Projects/Scopes: TheseFoolishThings :: Examples :: Finder :: JPA Finder:compile TheseFoolishThings :: Test Utilities:compile Evidence Type Source Name Value Confidence Vendor jar package name asm Highest Vendor pom artifactid byte-buddy Low Vendor jar package name bytebuddy Highest Vendor pom parent-artifactid byte-buddy-parent Low Vendor pom name Byte Buddy (without dependencies) High Vendor jar package name build Highest Vendor Manifest bundle-symbolicname net.bytebuddy.byte-buddy Medium Vendor jar package name net Highest Vendor pom groupid net.bytebuddy Highest Vendor file name byte-buddy High Vendor Manifest multi-release true Low Product jar package name bytebuddy Highest Product Manifest Bundle-Name Byte Buddy (without dependencies) Medium Product jar package name net Highest Product pom parent-artifactid byte-buddy-parent Medium Product pom artifactid byte-buddy Highest Product Manifest multi-release true Low Product pom groupid net.bytebuddy Highest Product jar package name asm Highest Product pom name Byte Buddy (without dependencies) High Product jar package name build Highest Product Manifest bundle-symbolicname net.bytebuddy.byte-buddy Medium Product file name byte-buddy High Version pom version 1.10.20 Highest Version Manifest Bundle-Version 1.10.20 High Version file version 1.10.20 High
byte-buddy-1.10.20.jar (shaded: net.bytebuddy:byte-buddy-dep:1.10.20)Description:
Byte Buddy is a Java library for creating Java classes at run time.
This artifact is a build of Byte Buddy with a remaining dependency onto ASM.
You should never depend on this module without repackaging Byte Buddy and ASM into your own namespace.
File Path: /Volumes/Users/fritz/LocalData/Business/Tidalwave/Projects/WorkAreas/tidalwave.bitbucket.io/repository/net/bytebuddy/byte-buddy/1.10.20/byte-buddy-1.10.20.jar/META-INF/maven/net.bytebuddy/byte-buddy-dep/pom.xmlMD5: ff053762ee21489bdc49a39082536debSHA1: 180120a8eaf360c106ee4bf5bbe732a83a9376f3SHA256: a1a7b34c16b26ff06eaed38d9d16a712f3fe8b48a3d23567437daacac19557b0Referenced In Projects/Scopes:
TheseFoolishThings :: Examples :: Finder :: JPA Finder:compile TheseFoolishThings :: Test Utilities:compile Evidence Type Source Name Value Confidence Vendor pom parent-artifactid byte-buddy-parent Low Vendor pom artifactid byte-buddy-dep Low Vendor pom name Byte Buddy (with dependencies) High Vendor pom groupid net.bytebuddy Highest Product pom artifactid byte-buddy-dep Highest Product pom parent-artifactid byte-buddy-parent Medium Product pom name Byte Buddy (with dependencies) High Product pom groupid net.bytebuddy Highest Version pom version 1.10.20 Highest
byte-buddy-agent-1.10.20.jarDescription:
The Byte Buddy agent offers convenience for attaching an agent to the local or a remote VM. License:
http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /Volumes/Users/fritz/LocalData/Business/Tidalwave/Projects/WorkAreas/tidalwave.bitbucket.io/repository/net/bytebuddy/byte-buddy-agent/1.10.20/byte-buddy-agent-1.10.20.jar
MD5: 9a19e38d298603d085f175401702f725
SHA1: 8391bfea9da53fd92edd4a453571ef70b3aae09f
SHA256: b592a6c43e752bf41659717956c57fbb790394d2ee5f8941876659f9c5c0e7e8
Referenced In Project/Scope: TheseFoolishThings :: Test Utilities:compile
Evidence Type Source Name Value Confidence Vendor jar package name bytebuddy Highest Vendor pom parent-artifactid byte-buddy-parent Low Vendor Manifest can-retransform-classes true Low Vendor file name byte-buddy-agent High Vendor jar package name agent Highest Vendor jar package name net Highest Vendor pom artifactid byte-buddy-agent Low Vendor Manifest require-capability osgi.ee;filter:="(&(osgi.ee=JavaSE)(version=1.5))" Low Vendor Manifest can-redefine-classes true Low Vendor pom groupid net.bytebuddy Highest Vendor Manifest multi-release true Low Vendor Manifest bundle-symbolicname net.bytebuddy.byte-buddy-agent Medium Vendor Manifest can-set-native-method-prefix true Low Vendor pom name Byte Buddy agent High Product jar package name bytebuddy Highest Product Manifest Bundle-Name Byte Buddy agent Medium Product pom artifactid byte-buddy-agent Highest Product Manifest can-retransform-classes true Low Product file name byte-buddy-agent High Product jar package name agent Highest Product jar package name net Highest Product Manifest require-capability osgi.ee;filter:="(&(osgi.ee=JavaSE)(version=1.5))" Low Product pom parent-artifactid byte-buddy-parent Medium Product Manifest can-redefine-classes true Low Product Manifest multi-release true Low Product pom groupid net.bytebuddy Highest Product Manifest bundle-symbolicname net.bytebuddy.byte-buddy-agent Medium Product Manifest can-set-native-method-prefix true Low Product pom name Byte Buddy agent High Version pom version 1.10.20 Highest Version Manifest Bundle-Version 1.10.20 High Version file version 1.10.20 High
classmate-1.5.1.jarDescription:
Library for introspecting types with full generic information
including resolving of field and method types.
License:
Apache License, Version 2.0: https://www.apache.org/licenses/LICENSE-2.0.txt File Path: /Volumes/Users/fritz/LocalData/Business/Tidalwave/Projects/WorkAreas/tidalwave.bitbucket.io/repository/com/fasterxml/classmate/1.5.1/classmate-1.5.1.jar
MD5: e91fcd30ba329fd1b0b6dc5321fd067c
SHA1: 3fe0bed568c62df5e89f4f174c101eab25345b6c
SHA256: aab4de3006808c09d25dd4ff4a3611cfb63c95463cfd99e73d2e1680d229a33b
Referenced In Project/Scope: TheseFoolishThings :: Examples :: Finder :: JPA Finder:compile
Evidence Type Source Name Value Confidence Vendor pom organization name fasterxml.com High Vendor pom name ClassMate High Vendor Manifest automatic-module-name com.fasterxml.classmate Medium Vendor Manifest require-capability osgi.ee;filter:="(&(osgi.ee=JavaSE)(version=1.6))" Low Vendor pom url FasterXML/java-classmate Highest Vendor pom organization url https://fasterxml.com Medium Vendor pom groupid fasterxml Highest Vendor jar package name classmate Highest Vendor pom parent-groupid com.fasterxml Medium Vendor pom parent-artifactid oss-parent Low Vendor jar package name fasterxml Highest Vendor Manifest specification-vendor fasterxml.com Low Vendor file name classmate High Vendor Manifest bundle-docurl https://github.com/FasterXML/java-classmate Low Vendor pom groupid com.fasterxml Highest Vendor Manifest Implementation-Vendor fasterxml.com High Vendor Manifest implementation-build-date 2019-10-19 22:46:35+0000 Low Vendor Manifest Implementation-Vendor-Id com.fasterxml Medium Vendor Manifest bundle-symbolicname com.fasterxml.classmate Medium Vendor jar package name types Highest Vendor pom artifactid classmate Low Product pom name ClassMate High Product Manifest automatic-module-name com.fasterxml.classmate Medium Product Manifest require-capability osgi.ee;filter:="(&(osgi.ee=JavaSE)(version=1.6))" Low Product pom parent-artifactid oss-parent Medium Product jar package name filter Highest Product pom groupid fasterxml Highest Product jar package name classmate Highest Product Manifest specification-title ClassMate Medium Product pom parent-groupid com.fasterxml Medium Product jar package name fasterxml Highest Product pom organization name fasterxml.com Low Product Manifest Implementation-Title ClassMate High Product pom url FasterXML/java-classmate High Product file name classmate High Product Manifest bundle-docurl https://github.com/FasterXML/java-classmate Low Product Manifest Bundle-Name ClassMate Medium Product pom artifactid classmate Highest Product Manifest implementation-build-date 2019-10-19 22:46:35+0000 Low Product jar package name types Highest Product Manifest bundle-symbolicname com.fasterxml.classmate Medium Product pom organization url https://fasterxml.com Low Version pom version 1.5.1 Highest Version file version 1.5.1 High Version Manifest Bundle-Version 1.5.1 High Version Manifest Implementation-Version 1.5.1 High Version pom parent-version 1.5.1 Low
dom4j-2.1.3.jarDescription:
flexible XML framework for Java License:
BSD 3-clause New License: https://github.com/dom4j/dom4j/blob/master/LICENSE File Path: /Volumes/Users/fritz/LocalData/Business/Tidalwave/Projects/WorkAreas/tidalwave.bitbucket.io/repository/org/dom4j/dom4j/2.1.3/dom4j-2.1.3.jar
MD5: 41efcf234c5a05a8c590f9b51d53ca66
SHA1: a75914155a9f5808963170ec20653668a2ffd2fd
SHA256: 549f3007c6290f6a901e57d1d331b4ed0e6bf7384f78bf10316ffceeca834de6
Referenced In Project/Scope: TheseFoolishThings :: Examples :: Finder :: JPA Finder:compile
Evidence Type Source Name Value Confidence Vendor pom groupid org.dom4j Highest Vendor pom artifactid dom4j Low Vendor jar package name dom4j Low Vendor jar package name dom4j Highest Vendor pom groupid dom4j Highest Vendor pom name dom4j High Vendor file name dom4j High Vendor pom url http://dom4j.github.io/ Highest Product jar package name dom4j Highest Product pom groupid dom4j Highest Product pom artifactid dom4j Highest Product pom name dom4j High Product pom url http://dom4j.github.io/ Medium Product file name dom4j High Version pom version 2.1.3 Highest Version file version 2.1.3 High
h2-2.0.202.jarDescription:
H2 Database Engine License:
MPL 2.0: https://www.mozilla.org/en-US/MPL/2.0/
EPL 1.0: https://opensource.org/licenses/eclipse-1.0.php File Path: /Volumes/Users/fritz/LocalData/Business/Tidalwave/Projects/WorkAreas/tidalwave.bitbucket.io/repository/com/h2database/h2/2.0.202/h2-2.0.202.jar
MD5: aba27ca47ea0919d04efb7a57406e1d0
SHA1: 0aa2bed5c4fc426eb83f14c55c51360e89eda53a
SHA256: 95090f0609aacb0ee339128ef04077145ef28320ee874ea2e33a692938da5b97
Referenced In Project/Scope: TheseFoolishThings :: Examples :: Finder :: JPA Finder:compile
Evidence Type Source Name Value Confidence Vendor file name h2 High Vendor Manifest provide-capability osgi.service;objectClass:List=org.osgi.service.jdbc.DataSourceFactory Low Vendor Manifest bundle-symbolicname com.h2database Medium Vendor jar package name engine Highest Vendor Manifest bundle-category jdbc Low Vendor Manifest implementation-url https://h2database.com Low Vendor Manifest multi-release true Low Vendor pom artifactid h2 Low Vendor pom groupid h2database Highest Vendor jar package name database Highest Vendor pom groupid com.h2database Highest Vendor pom url https://h2database.com Highest Vendor pom name H2 Database Engine High Vendor jar package name h2 Highest Vendor Manifest automatic-module-name com.h2database Medium Product pom url https://h2database.com Medium Product file name h2 High Product pom artifactid h2 Highest Product Manifest Bundle-Name H2 Database Engine Medium Product Manifest provide-capability osgi.service;objectClass:List=org.osgi.service.jdbc.DataSourceFactory Low Product jar package name engine Highest Product Manifest bundle-symbolicname com.h2database Medium Product Manifest Implementation-Title H2 Database Engine High Product Manifest bundle-category jdbc Low Product Manifest implementation-url https://h2database.com Low Product Manifest multi-release true Low Product pom groupid h2database Highest Product jar package name jdbc Highest Product jar package name database Highest Product jar package name org Highest Product jar package name service Highest Product pom name H2 Database Engine High Product jar package name h2 Highest Product Manifest automatic-module-name com.h2database Medium Version Manifest Implementation-Version 2.0.202 High Version file version 2.0.202 High Version pom version 2.0.202 Highest Version Manifest Bundle-Version 2.0.202 High
h2-2.0.202.jar: data.zip: table.jsFile Path: /Volumes/Users/fritz/LocalData/Business/Tidalwave/Projects/WorkAreas/tidalwave.bitbucket.io/repository/com/h2database/h2/2.0.202/h2-2.0.202.jar/org/h2/util/data.zip/org/h2/server/web/res/table.jsMD5: 89035ebfe01df66e3948c7d22b89eca0SHA1: cb70b05af52bf623e2a5a0290f3382dc15b8d912SHA256: aab1eb7f02d09e7d4446e79931d136f9173fb9fdf48a27a65a128851189a64c7Referenced In Project/Scope: TheseFoolishThings :: Examples :: Finder :: JPA Finder:compile
Evidence Type Source Name Value Confidence
h2-2.0.202.jar: data.zip: tree.jsFile Path: /Volumes/Users/fritz/LocalData/Business/Tidalwave/Projects/WorkAreas/tidalwave.bitbucket.io/repository/com/h2database/h2/2.0.202/h2-2.0.202.jar/org/h2/util/data.zip/org/h2/server/web/res/tree.jsMD5: 65fe84a1a2f78d660fc85d7a710e6b48SHA1: 6ed3f84a0e93d16e7a768dca605edcdcfc834924SHA256: 3597dad4a384cc4caf8aaf7e0c878cb823bb47beaa55bb6a927364c3efa13c15Referenced In Project/Scope: TheseFoolishThings :: Examples :: Finder :: JPA Finder:compile
Evidence Type Source Name Value Confidence
hamcrest-core-1.3.jarDescription:
This is the core API of hamcrest matcher framework to be used by third-party framework providers. This includes the a foundation set of matcher implementations for common operations.
File Path: /Volumes/Users/fritz/LocalData/Business/Tidalwave/Projects/WorkAreas/tidalwave.bitbucket.io/repository/org/hamcrest/hamcrest-core/1.3/hamcrest-core-1.3.jarMD5: 6393363b47ddcbba82321110c3e07519SHA1: 42a25dc3219429f0e5d060061f71acb49bf010a0SHA256: 66fdef91e9739348df7a096aa384a5685f4e875584cce89386a7a47251c4d8e9Referenced In Project/Scope: TheseFoolishThings :: Test Utilities:compile
Evidence Type Source Name Value Confidence Vendor jar package name matcher Highest Vendor Manifest Implementation-Vendor hamcrest.org High Vendor pom artifactid hamcrest-core Low Vendor jar package name core Highest Vendor pom parent-groupid org.hamcrest Medium Vendor Manifest built-date 2012-07-09 19:49:34 Low Vendor pom name Hamcrest Core High Vendor jar package name hamcrest Highest Vendor pom parent-artifactid hamcrest-parent Low Vendor pom groupid org.hamcrest Highest Vendor pom groupid hamcrest Highest Vendor file name hamcrest-core High Product jar package name hamcrest Highest Product pom parent-artifactid hamcrest-parent Medium Product jar package name matcher Highest Product jar package name core Highest Product pom parent-groupid org.hamcrest Medium Product Manifest Implementation-Title hamcrest-core High Product Manifest built-date 2012-07-09 19:49:34 Low Product pom groupid hamcrest Highest Product pom artifactid hamcrest-core Highest Product file name hamcrest-core High Product pom name Hamcrest Core High Version pom version 1.3 Highest Version file version 1.3 High Version Manifest Implementation-Version 1.3 High
hibernate-commons-annotations-5.1.2.Final.jarDescription:
Common reflection code used in support of annotation processing License:
GNU Library General Public License v2.1 or later: http://www.opensource.org/licenses/LGPL-2.1 File Path: /Volumes/Users/fritz/LocalData/Business/Tidalwave/Projects/WorkAreas/tidalwave.bitbucket.io/repository/org/hibernate/common/hibernate-commons-annotations/5.1.2.Final/hibernate-commons-annotations-5.1.2.Final.jar
MD5: 2a2490b3eb8e7585a6a899d27d7ed43f
SHA1: e59ffdbc6ad09eeb33507b39ffcf287679a498c8
SHA256: 1c7ce712b2679fea0a5441eb02a04144297125b768944819be0765befb996275
Referenced In Project/Scope: TheseFoolishThings :: Examples :: Finder :: JPA Finder:compile
Evidence Type Source Name Value Confidence Vendor pom groupid hibernate.common Highest Vendor jar package name annotations Highest Vendor file name hibernate-commons-annotations High Vendor Manifest automatic-module-name org.hibernate.commons.annotations Medium Vendor Manifest Implementation-Vendor Hibernate.org High Vendor Manifest Implementation-Vendor-Id org.hibernate Medium Vendor Manifest implementation-url http://hibernate.org Low Vendor jar package name reflection Highest Vendor jar package name common Highest Vendor pom name Hibernate Commons Annotations High Vendor pom organization name Hibernate.org High Vendor Manifest require-capability osgi.ee;filter:="(&(osgi.ee=JavaSE)(version=1.8))" Low Vendor pom groupid org.hibernate.common Highest Vendor hint analyzer vendor redhat Highest Vendor pom url http://hibernate.org Highest Vendor Manifest bundle-symbolicname org.hibernate.common.hibernate-commons-annotations Medium Vendor jar package name hibernate Highest Vendor pom organization url http://hibernate.org Medium Vendor pom artifactid hibernate-commons-annotations Low Product pom groupid hibernate.common Highest Product pom url http://hibernate.org Medium Product jar package name annotations Highest Product file name hibernate-commons-annotations High Product Manifest automatic-module-name org.hibernate.commons.annotations Medium Product Manifest Bundle-Name hibernate-commons-annotations Medium Product pom organization name Hibernate.org Low Product Manifest implementation-url http://hibernate.org Low Product jar package name reflection Highest Product jar package name common Highest Product pom name Hibernate Commons Annotations High Product Manifest require-capability osgi.ee;filter:="(&(osgi.ee=JavaSE)(version=1.8))" Low Product pom organization url http://hibernate.org Low Product pom artifactid hibernate-commons-annotations Highest Product jar package name version Highest Product Manifest bundle-symbolicname org.hibernate.common.hibernate-commons-annotations Medium Product jar package name hibernate Highest Version Manifest Implementation-Version 5.1.2.Final High Version Manifest Bundle-Version 5.1.2.Final High Version pom version 5.1.2.Final Highest
hibernate-core-5.4.27.Final.jarDescription:
Hibernate's core ORM functionality License:
GNU Library General Public License v2.1 or later: http://www.opensource.org/licenses/LGPL-2.1 File Path: /Volumes/Users/fritz/LocalData/Business/Tidalwave/Projects/WorkAreas/tidalwave.bitbucket.io/repository/org/hibernate/hibernate-core/5.4.27.Final/hibernate-core-5.4.27.Final.jar
MD5: b6043155bbf66dc01ca885586cf10270
SHA1: d711d8d2ad02622e4575ecf1fbb069a256f4fa91
SHA256: 717430f169b00f95bf50b00a401d3122a59127797a8a6591eb0b19007562956a
Referenced In Project/Scope: TheseFoolishThings :: Examples :: Finder :: JPA Finder:compile
Evidence Type Source Name Value Confidence Vendor Manifest automatic-module-name org.hibernate.orm.core Medium Vendor pom groupid hibernate Highest Vendor Manifest Implementation-Vendor Hibernate.org High Vendor Manifest Implementation-Vendor-Id org.hibernate Medium Vendor file name hibernate-core High Vendor Manifest specification-vendor Hibernate.org Low Vendor pom name Hibernate ORM - hibernate-core High Vendor Manifest bundle-symbolicname org.hibernate.orm.core Medium Vendor Manifest implementation-url http://hibernate.org/orm Low Vendor pom organization name Hibernate.org High Vendor Manifest require-capability osgi.ee;filter:="(&(osgi.ee=JavaSE)(version=1.8))" Low Vendor pom url http://hibernate.org/orm Highest Vendor pom groupid org.hibernate Highest Vendor pom artifactid hibernate-core Low Vendor hint analyzer vendor redhat Highest Vendor Manifest bundle-docurl http://www.hibernate.org/orm/5.4 Low Vendor jar package name hibernate Highest Vendor pom organization url http://hibernate.org Medium Product Manifest Implementation-Title hibernate-core High Product Manifest automatic-module-name org.hibernate.orm.core Medium Product jar package name filter Highest Product pom groupid hibernate Highest Product pom organization name Hibernate.org Low Product file name hibernate-core High Product pom name Hibernate ORM - hibernate-core High Product Manifest bundle-symbolicname org.hibernate.orm.core Medium Product Manifest Bundle-Name hibernate-core Medium Product pom url http://hibernate.org/orm Medium Product Manifest implementation-url http://hibernate.org/orm Low Product Manifest require-capability osgi.ee;filter:="(&(osgi.ee=JavaSE)(version=1.8))" Low Product Manifest specification-title hibernate-core Medium Product pom organization url http://hibernate.org Low Product pom artifactid hibernate-core Highest Product jar package name version Highest Product Manifest bundle-docurl http://www.hibernate.org/orm/5.4 Low Product jar package name hibernate Highest Product hint analyzer product orm Highest Version pom version 5.4.27.Final Highest Version Manifest Bundle-Version 5.4.27.Final High Version Manifest Implementation-Version 5.4.27.Final High
Related Dependencies hibernate-entitymanager-5.4.27.Final.jarFile Path: /Volumes/Users/fritz/LocalData/Business/Tidalwave/Projects/WorkAreas/tidalwave.bitbucket.io/repository/org/hibernate/hibernate-entitymanager/5.4.27.Final/hibernate-entitymanager-5.4.27.Final.jar MD5: b13f426807d4c73cc8edfb8b46b5c89a SHA1: 51d06e13956bb1819e085efbb9a872bd28257db7 SHA256: 6b98351e8c163384187c3e9dc8b9587a143f761632fea615eb5f99e48128c5ac pkg:maven/org.hibernate/hibernate-entitymanager@5.4.27.Final istack-commons-runtime-3.0.7.jarDescription:
istack common utility code License:
https://glassfish.java.net/public/CDDL+GPL_1_1.html, https://glassfish.java.net/public/CDDL+GPL_1_1.html File Path: /Volumes/Users/fritz/LocalData/Business/Tidalwave/Projects/WorkAreas/tidalwave.bitbucket.io/repository/com/sun/istack/istack-commons-runtime/3.0.7/istack-commons-runtime-3.0.7.jar
MD5: 83e9617b86023b91bd54f65c09838f4b
SHA1: c197c86ceec7318b1284bffb49b54226ca774003
SHA256: 6443e10ba2e259fb821d9b6becf10db5316285fc30c53cec9d7b19a3877e7fdf
Referenced In Project/Scope: TheseFoolishThings :: Examples :: Finder :: JPA Finder:compile
Evidence Type Source Name Value Confidence Vendor jar (hint) package name oracle Highest Vendor Manifest originally-created-by Apache Maven Bundle Plugin Low Vendor file name istack-commons-runtime High Vendor Manifest bundle-symbolicname com.sun.istack.commons-runtime Medium Vendor pom groupid sun.istack Highest Vendor Manifest implementation-build-id 3.0.7-c8b5e20894f565780625d6f9b018ef7c458cd688, 2018-08-29T05:23:37-0700 Low Vendor pom parent-artifactid istack-commons Low Vendor pom name istack common utility code runtime High Vendor pom parent-groupid com.sun.istack Medium Vendor pom artifactid istack-commons-runtime Low Vendor pom groupid com.sun.istack Highest Vendor jar package name sun Highest Vendor Manifest require-capability osgi.ee;filter:="(&(osgi.ee=JavaSE)(version=1.7))" Low Vendor Manifest Implementation-Vendor Oracle Corporation High Vendor Manifest Implementation-Vendor-Id com.sun.istack Medium Vendor Manifest bundle-docurl http://www.oracle.com/ Low Vendor jar package name istack Highest Product Manifest Implementation-Title istack common utility code runtime High Product Manifest originally-created-by Apache Maven Bundle Plugin Low Product Manifest Bundle-Name istack common utility code runtime Medium Product file name istack-commons-runtime High Product Manifest bundle-symbolicname com.sun.istack.commons-runtime Medium Product pom groupid sun.istack Highest Product Manifest implementation-build-id 3.0.7-c8b5e20894f565780625d6f9b018ef7c458cd688, 2018-08-29T05:23:37-0700 Low Product pom name istack common utility code runtime High Product pom parent-groupid com.sun.istack Medium Product jar package name sun Highest Product pom artifactid istack-commons-runtime Highest Product Manifest require-capability osgi.ee;filter:="(&(osgi.ee=JavaSE)(version=1.7))" Low Product pom parent-artifactid istack-commons Medium Product Manifest bundle-docurl http://www.oracle.com/ Low Product jar package name istack Highest Version file version 3.0.7 High Version Manifest Implementation-Version 3.0.7 High Version Manifest Bundle-Version 3.0.7 High Version pom version 3.0.7 Highest
it-tidalwave-messagebus-3.2-ALPHA-12.jarDescription:
An abstract description of a simple message bus to be used within an application.
File Path: /Volumes/Users/fritz/LocalData/Business/Tidalwave/Projects/WorkAreas/tidalwave.bitbucket.io/repository/it/tidalwave/thesefoolishthings/it-tidalwave-messagebus/3.2-ALPHA-12/it-tidalwave-messagebus-3.2-ALPHA-12.jarMD5: a211c40892433451db43ab2361a5c7ddSHA1: 7a7ead236cdd3ef35bcd9a2c2558502e2b162cc3SHA256: 8ec11137cbdac0f7a36253f26c80a981e41f7a03b3293a9bf9df96e97019a795Referenced In Projects/Scopes:
TheseFoolishThings :: Actors:compile TheseFoolishThings :: MessageBus :: Spring:compile Evidence Type Source Name Value Confidence Vendor jar package name messagebus Highest Vendor file name it-tidalwave-messagebus High Vendor Manifest build-jdk-spec 11 Low Vendor Manifest Implementation-Vendor Tidalwave s.a.s. High Vendor pom name TheseFoolishThings :: MessageBus High Vendor jar package name tidalwave Highest Vendor pom artifactid it-tidalwave-messagebus Low Vendor pom parent-artifactid modules Low Vendor pom groupid it.tidalwave.thesefoolishthings Highest Vendor jar package name it Highest Vendor Manifest specification-vendor Tidalwave s.a.s. Low Product jar package name messagebus Highest Product file name it-tidalwave-messagebus High Product Manifest build-jdk-spec 11 Low Product pom parent-artifactid modules Medium Product pom name TheseFoolishThings :: MessageBus High Product jar package name tidalwave Highest Product pom artifactid it-tidalwave-messagebus Highest Product Manifest Implementation-Title TheseFoolishThings :: MessageBus High Product pom groupid it.tidalwave.thesefoolishthings Highest Product Manifest specification-title TheseFoolishThings :: MessageBus Medium Product jar package name it Highest Version pom version 3.2-ALPHA-12 Highest
it-tidalwave-role-3.2-ALPHA-12.jarDescription:
Roles are a powerful way for designing complex behaviours while keeping good practices such as Single Responsibility, Dependency Inversion and
Interface Segregation.
File Path: /Volumes/Users/fritz/LocalData/Business/Tidalwave/Projects/WorkAreas/tidalwave.bitbucket.io/repository/it/tidalwave/thesefoolishthings/it-tidalwave-role/3.2-ALPHA-12/it-tidalwave-role-3.2-ALPHA-12.jarMD5: bbbd653ddd69241962354c52e8cd7300SHA1: f244e83c310d8745d217580c09a32efdc836fceeSHA256: 995ded51f98619a966e74dd51292b9e5195ad1287dc81bb337284e56e533ae55Referenced In Projects/Scopes:
TheseFoolishThings :: Examples :: Finder :: In-memory Finder:compile TheseFoolishThings :: Examples :: DCI :: Marshal XStream:compile TheseFoolishThings :: Examples :: Finder :: JPA Finder:compile TheseFoolishThings :: Examples :: DCI :: Swing:compile TheseFoolishThings :: Roles :: Spring:compile TheseFoolishThings :: Examples :: Finder :: Extended Finder:compile TheseFoolishThings :: Examples :: DCI :: Displayable:compile TheseFoolishThings :: Examples :: DCI :: Persistence JPA:compile TheseFoolishThings :: Examples :: Data:compile Evidence Type Source Name Value Confidence Vendor Manifest build-jdk-spec 11 Low Vendor Manifest Implementation-Vendor Tidalwave s.a.s. High Vendor jar package name role Highest Vendor file name it-tidalwave-role High Vendor pom name TheseFoolishThings :: Roles High Vendor jar package name tidalwave Highest Vendor pom artifactid it-tidalwave-role Low Vendor pom parent-artifactid modules Low Vendor pom groupid it.tidalwave.thesefoolishthings Highest Vendor jar package name it Highest Vendor Manifest specification-vendor Tidalwave s.a.s. Low Product Manifest build-jdk-spec 11 Low Product Manifest Implementation-Title TheseFoolishThings :: Roles High Product jar package name role Highest Product pom parent-artifactid modules Medium Product file name it-tidalwave-role High Product pom name TheseFoolishThings :: Roles High Product jar package name tidalwave Highest Product pom artifactid it-tidalwave-role Highest Product pom groupid it.tidalwave.thesefoolishthings Highest Product jar package name it Highest Product Manifest specification-title TheseFoolishThings :: Roles Medium Version pom version 3.2-ALPHA-12 Highest
it-tidalwave-role-spring-3.2-ALPHA-12.jarDescription:
Specific Spring support for DCI roles.
File Path: /Volumes/Users/fritz/LocalData/Business/Tidalwave/Projects/WorkAreas/tidalwave.bitbucket.io/repository/it/tidalwave/thesefoolishthings/it-tidalwave-role-spring/3.2-ALPHA-12/it-tidalwave-role-spring-3.2-ALPHA-12.jarMD5: 3e05949505a2f9afa5251ba1b2ae84d9SHA1: c6be88cd4b3e3c459375699de9cdd07090a0b5d7SHA256: 0a4230fccfad6d51a2a9bc7b2d3b49f262aa7317873529a9ed8c3e210a7639d0Referenced In Projects/Scopes:
TheseFoolishThings :: Examples :: Finder :: In-memory Finder:compile TheseFoolishThings :: Examples :: DCI :: Marshal XStream:compile TheseFoolishThings :: Examples :: Finder :: JPA Finder:compile TheseFoolishThings :: Examples :: DCI :: Swing:compile TheseFoolishThings :: Examples :: Finder :: Extended Finder:compile TheseFoolishThings :: Examples :: DCI :: Displayable:compile TheseFoolishThings :: Examples :: DCI :: Persistence JPA:compile TheseFoolishThings :: Examples :: Data:compile Evidence Type Source Name Value Confidence Vendor pom artifactid it-tidalwave-role-spring Low Vendor jar package name tidalwave Highest Vendor pom groupid it.tidalwave.thesefoolishthings Highest Vendor jar package name it Highest Vendor Manifest specification-vendor Tidalwave s.a.s. Low Vendor jar package name spring Highest Vendor file name it-tidalwave-role-spring High Vendor Manifest build-jdk-spec 11 Low Vendor Manifest Implementation-Vendor Tidalwave s.a.s. High Vendor jar package name role Highest Vendor pom name TheseFoolishThings :: Roles :: Spring High Vendor pom parent-artifactid modules Low Product jar package name tidalwave Highest Product pom artifactid it-tidalwave-role-spring Highest Product Manifest Implementation-Title TheseFoolishThings :: Roles :: Spring High Product Manifest specification-title TheseFoolishThings :: Roles :: Spring Medium Product pom groupid it.tidalwave.thesefoolishthings Highest Product jar package name it Highest Product jar package name spring Highest Product file name it-tidalwave-role-spring High Product Manifest build-jdk-spec 11 Low Product jar package name role Highest Product pom parent-artifactid modules Medium Product pom name TheseFoolishThings :: Roles :: Spring High Version pom version 3.2-ALPHA-12 Highest
it-tidalwave-thesefoolishthings-examples-data-3.2-ALPHA-12.jarDescription:
This module provides sample data structures used by other examples.
File Path: /Volumes/Users/fritz/LocalData/Business/Tidalwave/Projects/WorkAreas/tidalwave.bitbucket.io/repository/it/tidalwave/thesefoolishthings/it-tidalwave-thesefoolishthings-examples-data/3.2-ALPHA-12/it-tidalwave-thesefoolishthings-examples-data-3.2-ALPHA-12.jarMD5: 4253b0cebe08ac23fa219e1770e9124aSHA1: bf40d76bc2f41890dd90579fcaef0cec37849b34SHA256: 32508bd364542b9a0785eea635e2ef249aac5085e6d0363a7f4cc19af98f2b0eReferenced In Projects/Scopes:
TheseFoolishThings :: Examples :: Finder :: In-memory Finder:compile TheseFoolishThings :: Examples :: DCI :: Marshal XStream:compile TheseFoolishThings :: Examples :: Finder :: JPA Finder:compile TheseFoolishThings :: Examples :: DCI :: Swing:compile TheseFoolishThings :: Examples :: Finder :: Extended Finder:compile TheseFoolishThings :: Examples :: DCI :: Displayable:compile TheseFoolishThings :: Examples :: DCI :: Persistence JPA:compile Evidence Type Source Name Value Confidence Vendor jar package name thesefoolishthings Highest Vendor pom parent-artifactid thesefoolishthings-examples Low Vendor file name it-tidalwave-thesefoolishthings-examples-data High Vendor pom artifactid it-tidalwave-thesefoolishthings-examples-data Low Vendor jar package name examples Highest Vendor jar package name tidalwave Highest Vendor pom groupid it.tidalwave.thesefoolishthings Highest Vendor jar package name it Highest Vendor Manifest specification-vendor Tidalwave s.a.s. Low Vendor Manifest build-jdk-spec 11 Low Vendor Manifest Implementation-Vendor Tidalwave s.a.s. High Vendor pom name TheseFoolishThings :: Examples :: Data High Product jar package name thesefoolishthings Highest Product Manifest Implementation-Title TheseFoolishThings :: Examples :: Data High Product pom artifactid it-tidalwave-thesefoolishthings-examples-data Highest Product file name it-tidalwave-thesefoolishthings-examples-data High Product jar package name examples Highest Product jar package name tidalwave Highest Product pom parent-artifactid thesefoolishthings-examples Medium Product pom groupid it.tidalwave.thesefoolishthings Highest Product jar package name it Highest Product Manifest build-jdk-spec 11 Low Product pom name TheseFoolishThings :: Examples :: Data High Product Manifest specification-title TheseFoolishThings :: Examples :: Data Medium Version pom version 3.2-ALPHA-12 Highest
it-tidalwave-thesefoolishthings-examples-finderexample1-3.2-ALPHA-12.jarDescription:
A simple example of Finder usage.
File Path: /Volumes/Users/fritz/LocalData/Business/Tidalwave/Projects/WorkAreas/tidalwave.bitbucket.io/repository/it/tidalwave/thesefoolishthings/it-tidalwave-thesefoolishthings-examples-finderexample1/3.2-ALPHA-12/it-tidalwave-thesefoolishthings-examples-finderexample1-3.2-ALPHA-12.jarMD5: 756ba798e0318d2e2bda99e33fce0732SHA1: d978cde44d339114affad9054e37aaa5d653264aSHA256: 13d2d555dc3e23c17837b71c61d4339ddb14583fe7913ee5086d0b7795b37356Referenced In Project/Scope: TheseFoolishThings :: Examples :: Finder :: Extended Finder:compile
Evidence Type Source Name Value Confidence Vendor jar package name thesefoolishthings Highest Vendor pom parent-artifactid thesefoolishthings-examples Low Vendor jar package name examples Highest Vendor file name it-tidalwave-thesefoolishthings-examples-finderexample1 High Vendor jar package name tidalwave Highest Vendor pom artifactid it-tidalwave-thesefoolishthings-examples-finderexample1 Low Vendor pom groupid it.tidalwave.thesefoolishthings Highest Vendor jar package name it Highest Vendor Manifest specification-vendor Tidalwave s.a.s. Low Vendor Manifest build-jdk-spec 11 Low Vendor Manifest Implementation-Vendor Tidalwave s.a.s. High Vendor pom name TheseFoolishThings :: Examples :: Finder :: In-memory Finder High Product Manifest specification-title TheseFoolishThings :: Examples :: Finder :: In-memory Finder Medium Product jar package name thesefoolishthings Highest Product jar package name examples Highest Product file name it-tidalwave-thesefoolishthings-examples-finderexample1 High Product jar package name tidalwave Highest Product pom parent-artifactid thesefoolishthings-examples Medium Product pom groupid it.tidalwave.thesefoolishthings Highest Product jar package name it Highest Product Manifest build-jdk-spec 11 Low Product Manifest Implementation-Title TheseFoolishThings :: Examples :: Finder :: In-memory Finder High Product pom name TheseFoolishThings :: Examples :: Finder :: In-memory Finder High Product pom artifactid it-tidalwave-thesefoolishthings-examples-finderexample1 Highest Version pom version 3.2-ALPHA-12 Highest
it-tidalwave-util-3.2-ALPHA-12.jarDescription:
A collection of common utilities.
File Path: /Volumes/Users/fritz/LocalData/Business/Tidalwave/Projects/WorkAreas/tidalwave.bitbucket.io/repository/it/tidalwave/thesefoolishthings/it-tidalwave-util/3.2-ALPHA-12/it-tidalwave-util-3.2-ALPHA-12.jarMD5: 848e14a20ed68b64eb0c3d03e93ebe5dSHA1: c42553076c28d95efbad13ed492be24332427169SHA256: d777c13dfc423f751482516214dd18d1a0d9dc183a73c46b965f4073abb1c95fReferenced In Projects/Scopes:
TheseFoolishThings :: Examples :: DCI :: Marshal XStream:compile TheseFoolishThings :: Examples :: Finder :: JPA Finder:compile TheseFoolishThings :: Roles:compile TheseFoolishThings :: Actors:compile TheseFoolishThings :: MessageBus :: Spring:compile TheseFoolishThings :: Test Utilities:compile TheseFoolishThings :: Examples :: DCI :: Persistence JPA:compile TheseFoolishThings :: Examples :: Data:compile TheseFoolishThings :: Examples :: Finder :: In-memory Finder:compile TheseFoolishThings :: Examples :: DCI :: Swing:compile TheseFoolishThings :: Roles :: Spring:compile TheseFoolishThings :: Examples :: Finder :: Extended Finder:compile TheseFoolishThings :: Examples :: DCI :: Displayable:compile Evidence Type Source Name Value Confidence Vendor pom name TheseFoolishThings :: Utilities High Vendor Manifest build-jdk-spec 11 Low Vendor file name it-tidalwave-util High Vendor Manifest Implementation-Vendor Tidalwave s.a.s. High Vendor pom artifactid it-tidalwave-util Low Vendor jar package name util Highest Vendor jar package name tidalwave Highest Vendor pom parent-artifactid modules Low Vendor pom groupid it.tidalwave.thesefoolishthings Highest Vendor jar package name it Highest Vendor Manifest specification-vendor Tidalwave s.a.s. Low Product pom name TheseFoolishThings :: Utilities High Product Manifest build-jdk-spec 11 Low Product file name it-tidalwave-util High Product Manifest Implementation-Title TheseFoolishThings :: Utilities High Product jar package name util Highest Product pom parent-artifactid modules Medium Product jar package name tidalwave Highest Product Manifest specification-title TheseFoolishThings :: Utilities Medium Product pom artifactid it-tidalwave-util Highest Product pom groupid it.tidalwave.thesefoolishthings Highest Product jar package name it Highest Version pom version 3.2-ALPHA-12 Highest
it-tidalwave-util-test-3.2-ALPHA-12.jarDescription:
Miscellaneous utilities for testing.
File Path: /Volumes/Users/fritz/LocalData/Business/Tidalwave/Projects/WorkAreas/tidalwave.bitbucket.io/repository/it/tidalwave/thesefoolishthings/it-tidalwave-util-test/3.2-ALPHA-12/it-tidalwave-util-test-3.2-ALPHA-12.jarMD5: f93edd57646de433c070f26b1579e835SHA1: f95c618f6d9520618f8e61316ce58ef948d13319SHA256: 59b0cbd6fb980749543314728fd32374472bad9ed57575d651f23001d5a3175eReferenced In Projects/Scopes:
TheseFoolishThings :: Examples :: Finder :: In-memory Finder:compile TheseFoolishThings :: Examples :: DCI :: Marshal XStream:compile TheseFoolishThings :: Examples :: DCI :: Swing:compile TheseFoolishThings :: Roles:compile TheseFoolishThings :: Examples :: Finder :: Extended Finder:compile TheseFoolishThings :: MessageBus :: Spring:compile TheseFoolishThings :: Examples :: DCI :: Displayable:compile TheseFoolishThings :: Examples :: DCI :: Persistence JPA:compile TheseFoolishThings :: Examples :: Data:compile Evidence Type Source Name Value Confidence Vendor pom artifactid it-tidalwave-util-test Low Vendor jar package name tidalwave Highest Vendor pom name TheseFoolishThings :: Test Utilities High Vendor file name it-tidalwave-util-test High Vendor pom groupid it.tidalwave.thesefoolishthings Highest Vendor jar package name it Highest Vendor jar package name test Highest Vendor Manifest specification-vendor Tidalwave s.a.s. Low Vendor Manifest build-jdk-spec 11 Low Vendor Manifest Implementation-Vendor Tidalwave s.a.s. High Vendor jar package name util Highest Vendor pom parent-artifactid modules Low Product Manifest Implementation-Title TheseFoolishThings :: Test Utilities High Product jar package name tidalwave Highest Product pom name TheseFoolishThings :: Test Utilities High Product file name it-tidalwave-util-test High Product pom groupid it.tidalwave.thesefoolishthings Highest Product jar package name test Highest Product jar package name it Highest Product Manifest specification-title TheseFoolishThings :: Test Utilities Medium Product Manifest build-jdk-spec 11 Low Product jar package name util Highest Product pom parent-artifactid modules Medium Product pom artifactid it-tidalwave-util-test Highest Version pom version 3.2-ALPHA-12 Highest
jandex-2.1.3.Final.jarDescription:
Parent POM for JBoss projects. Provides default project build configuration. License:
Apache License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /Volumes/Users/fritz/LocalData/Business/Tidalwave/Projects/WorkAreas/tidalwave.bitbucket.io/repository/org/jboss/jandex/2.1.3.Final/jandex-2.1.3.Final.jar
MD5: cdd8144ee815df6be81f9637debc942b
SHA1: cd56603e39eb1421560b71daa584348ecfd9e0b8
SHA256: a003dcfe44818b7e02166a153342fcf792b8c569ac660496aaddc86ea7c2a0f0
Referenced In Project/Scope: TheseFoolishThings :: Examples :: Finder :: JPA Finder:compile
Evidence Type Source Name Value Confidence Vendor file name jandex High Vendor Manifest Implementation-Vendor-Id org.jboss Medium Vendor Manifest java-vendor Oracle Corporation Medium Vendor Manifest specification-vendor JBoss by Red Hat Low Vendor Manifest build-timestamp Fri, 20 Mar 2020 17:26:11 -0500 Low Vendor Manifest os-name Mac OS X Medium Vendor Manifest os-arch x86_64 Low Vendor jar package name jandex Highest Vendor Manifest bundle-docurl http://www.jboss.org Low Vendor Manifest Implementation-Vendor JBoss by Red Hat High Vendor pom groupid org.jboss Highest Vendor Manifest bundle-symbolicname org.jboss.jandex Medium Vendor pom parent-groupid org.jboss Medium Vendor pom parent-artifactid jboss-parent Low Vendor pom groupid jboss Highest Vendor pom artifactid jandex Low Vendor hint analyzer vendor redhat Highest Vendor jar package name indexer Highest Vendor Manifest automatic-module-name org.jboss.jandex Medium Vendor pom name Java Annotation Indexer High Vendor Manifest implementation-url http://www.jboss.org/jandex Low Vendor jar package name jboss Highest Product file name jandex High Product Manifest build-timestamp Fri, 20 Mar 2020 17:26:11 -0500 Low Product Manifest os-name Mac OS X Medium Product Manifest os-arch x86_64 Low Product pom artifactid jandex Highest Product jar package name jandex Highest Product Manifest bundle-docurl http://www.jboss.org Low Product pom parent-artifactid jboss-parent Medium Product Manifest Implementation-Title Java Annotation Indexer High Product Manifest Bundle-Name Java Annotation Indexer Medium Product Manifest bundle-symbolicname org.jboss.jandex Medium Product pom parent-groupid org.jboss Medium Product Manifest specification-title Java Annotation Indexer Medium Product pom groupid jboss Highest Product jar package name indexer Highest Product Manifest automatic-module-name org.jboss.jandex Medium Product pom name Java Annotation Indexer High Product Manifest implementation-url http://www.jboss.org/jandex Low Product jar package name jboss Highest Version Manifest Implementation-Version 2.1.3.Final High Version pom parent-version 2.1.3.Final Low Version Manifest Bundle-Version 2.1.3.Final High Version pom version 2.1.3.Final Highest
java-diff-utils-4.9.jarDescription:
The DiffUtils library for computing diffs, applying patches, generationg side-by-side view in Java. License:
http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /Volumes/Users/fritz/LocalData/Business/Tidalwave/Projects/WorkAreas/tidalwave.bitbucket.io/repository/io/github/java-diff-utils/java-diff-utils/4.9/java-diff-utils-4.9.jar
MD5: 6a4c9c3c4f2a61ff97b38c9f7bac91fa
SHA1: 3ec791c5aa74a72fb499ae8d9547abe27b637b0f
SHA256: 2dcf8710d0a453d8fa56c6d76bc4f16f86ec5de8eb7155f17ebff595c0c64aa0
Referenced In Projects/Scopes: TheseFoolishThings :: Examples :: Finder :: In-memory Finder:compile TheseFoolishThings :: Examples :: DCI :: Marshal XStream:compile TheseFoolishThings :: Examples :: DCI :: Swing:compile TheseFoolishThings :: Roles:compile TheseFoolishThings :: Examples :: Finder :: Extended Finder:compile TheseFoolishThings :: MessageBus :: Spring:compile TheseFoolishThings :: Examples :: DCI :: Displayable:compile TheseFoolishThings :: Test Utilities:compile TheseFoolishThings :: Examples :: DCI :: Persistence JPA:compile TheseFoolishThings :: Examples :: Data:compile Evidence Type Source Name Value Confidence Vendor file name java-diff-utils High Vendor pom name java-diff-utils High Vendor jar package name github Highest Vendor Manifest require-capability osgi.ee;filter:="(&(osgi.ee=JavaSE)(version=1.8))" Low Vendor Manifest automatic-module-name io.github.javadiffutils Medium Vendor pom artifactid java-diff-utils Low Vendor pom parent-artifactid java-diff-utils-parent Low Vendor pom groupid io.github.java-diff-utils Highest Vendor Manifest bundle-symbolicname io.github.java-diff-utils Medium Product file name java-diff-utils High Product jar package name diffutils Highest Product pom parent-artifactid java-diff-utils-parent Medium Product pom name java-diff-utils High Product jar package name github Highest Product Manifest require-capability osgi.ee;filter:="(&(osgi.ee=JavaSE)(version=1.8))" Low Product Manifest automatic-module-name io.github.javadiffutils Medium Product Manifest Bundle-Name java-diff-utils Medium Product pom artifactid java-diff-utils Highest Product pom groupid io.github.java-diff-utils Highest Product Manifest bundle-symbolicname io.github.java-diff-utils Medium Version pom version 4.9 Highest Version file version 4.9 High
javassist-3.27.0-GA.jarDescription:
Javassist (JAVA programming ASSISTant) makes Java bytecode manipulation
simple. It is a class library for editing bytecodes in Java.
License:
MPL 1.1: http://www.mozilla.org/MPL/MPL-1.1.html
LGPL 2.1: http://www.gnu.org/licenses/lgpl-2.1.html
Apache License 2.0: http://www.apache.org/licenses/ File Path: /Volumes/Users/fritz/LocalData/Business/Tidalwave/Projects/WorkAreas/tidalwave.bitbucket.io/repository/org/javassist/javassist/3.27.0-GA/javassist-3.27.0-GA.jar
MD5: 05ea852668c9e38294d1bb823af95a70
SHA1: f63e6aa899e15eca8fdaa402a79af4c417252213
SHA256: 0730bdb1547a5a3f458d60400d804078d80f329c5b5dbc2498a4e220de8f7013
Referenced In Project/Scope: TheseFoolishThings :: Examples :: Finder :: JPA Finder:compile
Evidence Type Source Name Value Confidence Vendor pom groupid org.javassist Highest Vendor pom url http://www.javassist.org/ Highest Vendor Manifest specification-vendor Shigeru Chiba, www.javassist.org Low Vendor file name javassist High Vendor pom groupid javassist Highest Vendor Manifest require-capability osgi.ee;filter:="(&(osgi.ee=JavaSE)(version=1.8))" Low Vendor pom organization name Shigeru Chiba, www.javassist.org High Vendor pom artifactid javassist Low Vendor jar package name javassist Highest Vendor jar package name bytecode Highest Vendor Manifest bundle-symbolicname javassist Medium Vendor pom name Javassist High Product pom url http://www.javassist.org/ Medium Product Manifest Bundle-Name Javassist Medium Product file name javassist High Product pom groupid javassist Highest Product pom organization name Shigeru Chiba, www.javassist.org Low Product Manifest require-capability osgi.ee;filter:="(&(osgi.ee=JavaSE)(version=1.8))" Low Product jar package name javassist Highest Product jar package name bytecode Highest Product Manifest specification-title Javassist Medium Product Manifest bundle-symbolicname javassist Medium Product pom artifactid javassist Highest Product pom name Javassist High Version Manifest specification-version 3.27.0-GA High Version pom version 3.27.0-GA Highest
javax.activation-api-1.2.0.jarDescription:
JavaBeans Activation Framework API jar License:
https://github.com/javaee/activation/blob/master/LICENSE.txt File Path: /Volumes/Users/fritz/LocalData/Business/Tidalwave/Projects/WorkAreas/tidalwave.bitbucket.io/repository/javax/activation/javax.activation-api/1.2.0/javax.activation-api-1.2.0.jar
MD5: 5e50e56bcf4a3ef3bc758f69f7643c3b
SHA1: 85262acf3ca9816f9537ca47d5adeabaead7cb16
SHA256: 43fdef0b5b6ceb31b0424b208b930c74ab58fac2ceeb7b3f6fd3aeb8b5ca4393
Referenced In Project/Scope: TheseFoolishThings :: Examples :: Finder :: JPA Finder:compile
Evidence Type Source Name Value Confidence Vendor Manifest Implementation-Vendor Oracle High Vendor Manifest (hint) specification-vendor sun Low Vendor Manifest bundle-docurl http://www.oracle.com Low Vendor Manifest bundle-symbolicname javax.activation-api Medium Vendor jar package name javax Highest Vendor Manifest originally-created-by 1.8.0_141 (Oracle Corporation) Low Vendor pom parent-groupid com.sun.activation Medium Vendor Manifest (hint) Implementation-Vendor sun High Vendor file name javax.activation-api High Vendor jar package name activation Highest Vendor Manifest automatic-module-name java.activation Medium Vendor Manifest Implementation-Vendor-Id com.sun Medium Vendor Manifest extension-name javax.activation Medium Vendor pom groupid javax.activation Highest Vendor pom artifactid javax.activation-api Low Vendor pom parent-artifactid all Low Vendor Manifest specification-vendor Oracle Low Vendor pom name JavaBeans Activation Framework API jar High Product Manifest bundle-docurl http://www.oracle.com Low Product pom parent-artifactid all Medium Product Manifest bundle-symbolicname javax.activation-api Medium Product jar package name javax Highest Product Manifest originally-created-by 1.8.0_141 (Oracle Corporation) Low Product Manifest Bundle-Name JavaBeans Activation Framework API jar Medium Product pom parent-groupid com.sun.activation Medium Product Manifest Implementation-Title javax.activation.javax.activation-api High Product file name javax.activation-api High Product Manifest specification-title javax.activation.javax.activation-api Medium Product jar package name activation Highest Product Manifest automatic-module-name java.activation Medium Product Manifest extension-name javax.activation Medium Product pom groupid javax.activation Highest Product pom artifactid javax.activation-api Highest Product pom name JavaBeans Activation Framework API jar High Version pom version 1.2.0 Highest Version file version 1.2.0 High Version Manifest Bundle-Version 1.2.0 High Version Manifest Implementation-Version 1.2.0 High
javax.annotation-api-1.3.2.jarDescription:
Common Annotations for the JavaTM Platform API License:
CDDL + GPLv2 with classpath exception: https://github.com/javaee/javax.annotation/blob/master/LICENSE File Path: /Volumes/Users/fritz/LocalData/Business/Tidalwave/Projects/WorkAreas/tidalwave.bitbucket.io/repository/javax/annotation/javax.annotation-api/1.3.2/javax.annotation-api-1.3.2.jar
MD5: 2ab1973eefffaa2aeec47d50b9e40b9d
SHA1: 934c04d3cfef185a8008e7bf34331b79730a9d43
SHA256: e04ba5195bcd555dc95650f7cc614d151e4bcd52d29a10b8aa2197f3ab89ab9b
Referenced In Projects/Scopes: TheseFoolishThings :: Examples :: DCI :: Marshal XStream:compile TheseFoolishThings :: Examples :: Finder :: JPA Finder:compile TheseFoolishThings (modules):compile TheseFoolishThings :: Roles:compile TheseFoolishThings :: Actors:compile TheseFoolishThings :: MessageBus :: Spring:compile TheseFoolishThings :: Examples (master):compile TheseFoolishThings :: MessageBus:compile TheseFoolishThings :: Test Utilities:compile TheseFoolishThings :: Examples :: DCI :: Persistence JPA:compile TheseFoolishThings :: Examples :: Data:compile TheseFoolishThings :: Examples :: Finder :: In-memory Finder:compile TheseFoolishThings :: Utilities:compile TheseFoolishThings :: Examples :: DCI :: Swing:compile TheseFoolishThings :: Roles :: Spring:compile TheseFoolishThings :: Examples :: Finder :: Extended Finder:compile TheseFoolishThings :: Examples :: DCI :: Displayable:compile Evidence Type Source Name Value Confidence Vendor pom url http://jcp.org/en/jsr/detail?id=250 Highest Vendor Manifest extension-name javax.annotation Medium Vendor pom artifactid javax.annotation-api Low Vendor Manifest specification-vendor Oracle Corporation Low Vendor Manifest bundle-docurl https://javaee.github.io/glassfish Low Vendor jar package name javax Highest Vendor jar package name annotation Highest Vendor pom parent-groupid net.java Medium Vendor file name javax.annotation-api High Vendor Manifest bundle-symbolicname javax.annotation-api Medium Vendor Manifest Implementation-Vendor GlassFish Community High Vendor pom organization url https://javaee.github.io/glassfish Medium Vendor Manifest Implementation-Vendor-Id org.glassfish Medium Vendor pom name ${extension.name} API High Vendor Manifest automatic-module-name java.annotation Medium Vendor pom organization name GlassFish Community High Vendor pom groupid javax.annotation Highest Vendor pom parent-artifactid jvnet-parent Low Product Manifest Bundle-Name javax.annotation API Medium Product Manifest extension-name javax.annotation Medium Product Manifest bundle-docurl https://javaee.github.io/glassfish Low Product jar package name javax Highest Product jar package name annotation Highest Product pom parent-groupid net.java Medium Product pom organization name GlassFish Community Low Product file name javax.annotation-api High Product Manifest bundle-symbolicname javax.annotation-api Medium Product pom name ${extension.name} API High Product pom parent-artifactid jvnet-parent Medium Product pom url http://jcp.org/en/jsr/detail?id=250 Medium Product Manifest automatic-module-name java.annotation Medium Product pom organization url https://javaee.github.io/glassfish Low Product pom artifactid javax.annotation-api Highest Product pom groupid javax.annotation Highest Version pom version 1.3.2 Highest Version pom parent-version 1.3.2 Low Version Manifest Bundle-Version 1.3.2 High Version Manifest Implementation-Version 1.3.2 High Version file version 1.3.2 High
javax.inject-1.jarDescription:
The javax.inject API License:
The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /Volumes/Users/fritz/LocalData/Business/Tidalwave/Projects/WorkAreas/tidalwave.bitbucket.io/repository/javax/inject/javax.inject/1/javax.inject-1.jar
MD5: 289075e48b909e9e74e6c915b3631d2e
SHA1: 6975da39a7040257bd51d21a231b76c915872d38
SHA256: 91c77044a50c481636c32d916fd89c9118a72195390452c81065080f957de7ff
Referenced In Projects/Scopes: TheseFoolishThings :: Examples :: Finder :: In-memory Finder:compile TheseFoolishThings :: Examples :: DCI :: Marshal XStream:compile TheseFoolishThings :: Examples :: Finder :: JPA Finder:compile TheseFoolishThings :: Examples :: DCI :: Swing:compile TheseFoolishThings :: Actors:compile TheseFoolishThings :: Roles :: Spring:compile TheseFoolishThings :: Examples :: Finder :: Extended Finder:compile TheseFoolishThings :: MessageBus :: Spring:compile TheseFoolishThings :: Examples :: DCI :: Displayable:compile TheseFoolishThings :: Examples :: DCI :: Persistence JPA:compile TheseFoolishThings :: Examples :: Data:compile Evidence Type Source Name Value Confidence Vendor jar package name inject Highest Vendor pom url http://code.google.com/p/atinject/ Highest Vendor jar package name inject Low Vendor pom artifactid javax.inject Low Vendor file name javax.inject-1 High Vendor jar package name javax Highest Vendor jar package name javax Low Vendor pom groupid javax.inject Highest Vendor pom name javax.inject High Product jar package name inject Highest Product jar package name inject Low Product file name javax.inject-1 High Product jar package name javax Highest Product pom groupid javax.inject Highest Product pom name javax.inject High Product pom url http://code.google.com/p/atinject/ Medium Product pom artifactid javax.inject Highest Version pom version 1 Highest Version file version 1 Medium
javax.persistence-api-2.2.jarDescription:
Java(TM) Persistence API License:
Eclipse Public License v1.0: http://www.eclipse.org/legal/epl-v10.html
Eclipse Distribution License v. 1.0: http://www.eclipse.org/org/documents/edl-v10.php File Path: /Volumes/Users/fritz/LocalData/Business/Tidalwave/Projects/WorkAreas/tidalwave.bitbucket.io/repository/javax/persistence/javax.persistence-api/2.2/javax.persistence-api-2.2.jar
MD5: e6520b3435f5b6d58eee415b5542abf8
SHA1: 25665ac8c0b62f50e6488173233239120fc52c96
SHA256: 5578b71b37999a5eaed3fea0d14aa61c60c6ec6328256f2b63472f336318baf4
Referenced In Projects/Scopes: TheseFoolishThings :: Examples :: Finder :: JPA Finder:compile TheseFoolishThings :: Examples :: DCI :: Persistence JPA:compile Evidence Type Source Name Value Confidence Vendor Manifest automatic-module-name java.persistence Medium Vendor Manifest Implementation-Vendor-Id com.oracle Medium Vendor Manifest specification-vendor Oracle Corporation Low Vendor pom url javaee/jpa-spec Highest Vendor jar package name javax Highest Vendor pom parent-groupid net.java Medium Vendor pom groupid javax.persistence Highest Vendor Manifest bundle-symbolicname javax.persistence-api Medium Vendor jar package name persistence Highest Vendor pom artifactid javax.persistence-api Low Vendor Manifest require-capability osgi.ee;filter:="(&(osgi.ee=JavaSE)(version=1.8))" Low Vendor Manifest extension-name javax.persistence Medium Vendor file name javax.persistence-api High Vendor pom parent-artifactid jvnet-parent Low Product Manifest automatic-module-name java.persistence Medium Product jar package name javax Highest Product pom parent-groupid net.java Medium Product pom groupid javax.persistence Highest Product pom url javaee/jpa-spec High Product Manifest bundle-symbolicname javax.persistence-api Medium Product jar package name persistence Highest Product pom artifactid javax.persistence-api Highest Product Manifest require-capability osgi.ee;filter:="(&(osgi.ee=JavaSE)(version=1.8))" Low Product Manifest extension-name javax.persistence Medium Product pom parent-artifactid jvnet-parent Medium Product file name javax.persistence-api High Product Manifest Bundle-Name Java(TM) Persistence API jar Medium Product jar package name version Highest Version Manifest Implementation-Version 2.2 High Version Manifest Bundle-Version 2.2 High Version pom parent-version 2.2 Low Version pom version 2.2 Highest Version file version 2.2 High
jaxb-api-2.3.1.jarDescription:
JAXB (JSR 222) API License:
https://oss.oracle.com/licenses/CDDL+GPL-1.1, https://oss.oracle.com/licenses/CDDL+GPL-1.1 File Path: /Volumes/Users/fritz/LocalData/Business/Tidalwave/Projects/WorkAreas/tidalwave.bitbucket.io/repository/javax/xml/bind/jaxb-api/2.3.1/jaxb-api-2.3.1.jar
MD5: bcf270d320f645ad19f5edb60091e87f
SHA1: 8531ad5ac454cc2deb9d4d32c40c4d7451939b5d
SHA256: 88b955a0df57880a26a74708bc34f74dcaf8ebf4e78843a28b50eae945732b06
Referenced In Project/Scope: TheseFoolishThings :: Examples :: Finder :: JPA Finder:compile
Evidence Type Source Name Value Confidence Vendor file name jaxb-api High Vendor pom groupid javax.xml.bind Highest Vendor Manifest specification-vendor Oracle Corporation Low Vendor pom artifactid jaxb-api Low Vendor jar package name javax Highest Vendor jar package name xml Highest Vendor Manifest bundle-symbolicname jaxb-api Medium Vendor Manifest require-capability osgi.ee;filter:="(&(osgi.ee=JavaSE)(version>=1.8))" Low Vendor jar package name bind Highest Vendor Manifest multi-release true Low Vendor jar package name jaxb Highest Vendor pom parent-artifactid jaxb-api-parent Low Vendor Manifest Implementation-Vendor-Id org.glassfish Medium Vendor Manifest Implementation-Vendor Oracle Corporation High Vendor Manifest extension-name javax.xml.bind Medium Vendor Manifest bundle-docurl http://www.oracle.com/ Low Vendor Manifest implementation-build-id UNKNOWN-7de2ca118a0cfc4a373872915aef59148dff5f93, 2018-09-12T06:28:43-0700 Low Product Manifest Bundle-Name jaxb-api Medium Product file name jaxb-api High Product pom groupid javax.xml.bind Highest Product Manifest specification-title jaxb-api Medium Product jar package name javax Highest Product jar package name xml Highest Product Manifest bundle-symbolicname jaxb-api Medium Product Manifest require-capability osgi.ee;filter:="(&(osgi.ee=JavaSE)(version>=1.8))" Low Product pom artifactid jaxb-api Highest Product jar package name bind Highest Product Manifest multi-release true Low Product jar package name jaxb Highest Product Manifest extension-name javax.xml.bind Medium Product Manifest bundle-docurl http://www.oracle.com/ Low Product pom parent-artifactid jaxb-api-parent Medium Product Manifest implementation-build-id UNKNOWN-7de2ca118a0cfc4a373872915aef59148dff5f93, 2018-09-12T06:28:43-0700 Low Version Manifest Bundle-Version 2.3.1 High Version file version 2.3.1 High Version pom version 2.3.1 Highest
jaxb-runtime-2.3.1.jarDescription:
JAXB (JSR 222) Reference Implementation File Path: /Volumes/Users/fritz/LocalData/Business/Tidalwave/Projects/WorkAreas/tidalwave.bitbucket.io/repository/org/glassfish/jaxb/jaxb-runtime/2.3.1/jaxb-runtime-2.3.1.jarMD5: 848098e3eda0d37738d51a7acacd8e95SHA1: dd6dda9da676a54c5b36ca2806ff95ee017d8738SHA256: 45fecfa5c8217ce1f3652ab95179790ec8cc0dec0384bca51cbeb94a293d9f2fReferenced In Project/Scope: TheseFoolishThings :: Examples :: Finder :: JPA Finder:compile
Evidence Type Source Name Value Confidence Vendor Manifest Implementation-Vendor Oracle High Vendor jar (hint) package name oracle Highest Vendor Manifest Implementation-Vendor-Id com.oracle Medium Vendor jar package name xml Highest Vendor pom parent-groupid com.sun.xml.bind.mvn Medium Vendor Manifest (hint) Implementation-Vendor sun High Vendor file name jaxb-runtime High Vendor pom parent-artifactid jaxb-runtime-parent Low Vendor pom groupid org.glassfish.jaxb Highest Vendor jar package name bind Highest Vendor pom name JAXB Runtime High Vendor pom groupid glassfish.jaxb Highest Vendor pom artifactid jaxb-runtime Low Vendor jar package name sun Highest Vendor Manifest git-revision ad5fa4c697632694cbcfa80177707db908cd98b2 Low Product pom parent-artifactid jaxb-runtime-parent Medium Product jar package name xml Highest Product pom parent-groupid com.sun.xml.bind.mvn Medium Product file name jaxb-runtime High Product jar package name bind Highest Product Manifest specification-title Java Architecture for XML Binding Medium Product pom name JAXB Runtime High Product pom groupid glassfish.jaxb Highest Product jar package name sun Highest Product Manifest git-revision ad5fa4c697632694cbcfa80177707db908cd98b2 Low Product Manifest Implementation-Title JAXB Implementation High Product pom artifactid jaxb-runtime Highest Version Manifest major-version 2.3.1 Medium Version Manifest Implementation-Version 2.3.1 High Version file version 2.3.1 High Version Manifest build-id 2.3.1 Medium Version pom version 2.3.1 Highest
jboss-logging-3.4.1.Final.jarDescription:
The JBoss Logging Framework License:
Apache License, version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /Volumes/Users/fritz/LocalData/Business/Tidalwave/Projects/WorkAreas/tidalwave.bitbucket.io/repository/org/jboss/logging/jboss-logging/3.4.1.Final/jboss-logging-3.4.1.Final.jar
MD5: 52ee373b84e39570c78c0815006375bc
SHA1: 40fd4d696c55793e996d1ff3c475833f836c2498
SHA256: 8efe877d93e5e1057a1388b2950503b88b0c28447364fde08adbec61e524eeb8
Referenced In Project/Scope: TheseFoolishThings :: Examples :: Finder :: JPA Finder:compile
Evidence Type Source Name Value Confidence Vendor pom name JBoss Logging 3 High Vendor Manifest os-arch amd64 Low Vendor Manifest specification-vendor JBoss by Red Hat Low Vendor Manifest java-vendor Oracle Corporation Medium Vendor pom artifactid jboss-logging Low Vendor Manifest bundle-docurl http://www.jboss.org Low Vendor pom url http://www.jboss.org Highest Vendor Manifest bundle-symbolicname org.jboss.logging.jboss-logging Medium Vendor Manifest Implementation-Vendor JBoss by Red Hat High Vendor pom groupid org.jboss.logging Highest Vendor pom parent-groupid org.jboss Medium Vendor Manifest require-capability osgi.ee;filter:="(&(osgi.ee=JavaSE)(version=1.8))" Low Vendor jar package name logging Highest Vendor Manifest os-name Linux Medium Vendor Manifest automatic-module-name org.jboss.logging Medium Vendor pom parent-artifactid jboss-parent Low Vendor hint analyzer vendor redhat Highest Vendor Manifest implementation-url http://www.jboss.org Low Vendor pom groupid jboss.logging Highest Vendor Manifest Implementation-Vendor-Id org.jboss.logging Medium Vendor jar package name jboss Highest Vendor file name jboss-logging High Product pom name JBoss Logging 3 High Product Manifest os-arch amd64 Low Product Manifest specification-title JBoss Logging 3 Medium Product Manifest bundle-docurl http://www.jboss.org Low Product Manifest bundle-symbolicname org.jboss.logging.jboss-logging Medium Product pom parent-artifactid jboss-parent Medium Product pom artifactid jboss-logging Highest Product pom url http://www.jboss.org Medium Product pom parent-groupid org.jboss Medium Product Manifest require-capability osgi.ee;filter:="(&(osgi.ee=JavaSE)(version=1.8))" Low Product jar package name logging Highest Product Manifest os-name Linux Medium Product Manifest automatic-module-name org.jboss.logging Medium Product Manifest Implementation-Title JBoss Logging 3 High Product Manifest implementation-url http://www.jboss.org Low Product pom groupid jboss.logging Highest Product jar package name jboss Highest Product file name jboss-logging High Product Manifest Bundle-Name JBoss Logging 3 Medium Version pom parent-version 3.4.1.Final Low Version Manifest Bundle-Version 3.4.1.Final High Version Manifest Implementation-Version 3.4.1.Final High Version pom version 3.4.1.Final Highest
jboss-transaction-api_1.2_spec-1.1.1.Final.jarDescription:
The Java Transaction 1.2 API classes License:
Common Development and Distribution License: http://repository.jboss.org/licenses/cddl.txt
GNU General Public License, Version 2 with the Classpath Exception: http://repository.jboss.org/licenses/gpl-2.0-ce.txt File Path: /Volumes/Users/fritz/LocalData/Business/Tidalwave/Projects/WorkAreas/tidalwave.bitbucket.io/repository/org/jboss/spec/javax/transaction/jboss-transaction-api_1.2_spec/1.1.1.Final/jboss-transaction-api_1.2_spec-1.1.1.Final.jar
MD5: 1e633c47138aba999d39692a31a1a124
SHA1: a8485cab9484dda36e9a8c319e76b5cc18797b58
SHA256: a310a50b9bdc44aaf36362dc9bb212235a147ffa8ef72dc9544a39c329eabbc3
Referenced In Project/Scope: TheseFoolishThings :: Examples :: Finder :: JPA Finder:compile
Evidence Type Source Name Value Confidence Vendor pom artifactid jboss-transaction-api_1.2_spec Low Vendor Manifest java-vendor Oracle Corporation Medium Vendor Manifest automatic-module-name java.transaction Medium Vendor jar package name javax Highest Vendor Manifest bundle-docurl http://www.jboss.org Low Vendor Manifest Implementation-Vendor-Id org.jboss.spec.javax.transaction Medium Vendor pom name Java Transaction API High Vendor file name jboss-transaction-api_1.2_spec-1.1.1.Final High Vendor pom groupid org.jboss.spec.javax.transaction Highest Vendor Manifest Implementation-Vendor JBoss by Red Hat High Vendor pom parent-groupid org.jboss Medium Vendor Manifest bundle-symbolicname org.jboss.spec.javax.transaction.jboss-transaction-api_1.2_spec Medium Vendor jar package name transaction Highest Vendor Manifest os-name Windows 10 Medium Vendor pom parent-artifactid jboss-parent Low Vendor Manifest implementation-url http://www.jboss.org/jboss-transaction-api_1.2_spec Low Vendor Manifest require-capability osgi.ee;filter:="(&(osgi.ee=JavaSE)(version=1.7))" Low Vendor hint analyzer vendor redhat Highest Vendor pom groupid jboss.spec.javax.transaction Highest Vendor Manifest os-arch x86 Low Product Manifest automatic-module-name java.transaction Medium Product Manifest Bundle-Name Java Transaction API Medium Product pom artifactid jboss-transaction-api_1.2_spec Highest Product jar package name javax Highest Product Manifest bundle-docurl http://www.jboss.org Low Product pom name Java Transaction API High Product file name jboss-transaction-api_1.2_spec-1.1.1.Final High Product pom parent-artifactid jboss-parent Medium Product Manifest specification-title JSR 907: Java Transaction API (JTA) Medium Product pom parent-groupid org.jboss Medium Product Manifest bundle-symbolicname org.jboss.spec.javax.transaction.jboss-transaction-api_1.2_spec Medium Product jar package name transaction Highest Product Manifest os-name Windows 10 Medium Product Manifest implementation-url http://www.jboss.org/jboss-transaction-api_1.2_spec Low Product Manifest require-capability osgi.ee;filter:="(&(osgi.ee=JavaSE)(version=1.7))" Low Product pom groupid jboss.spec.javax.transaction Highest Product Manifest Implementation-Title Java Transaction API High Product Manifest os-arch x86 Low Version Manifest Implementation-Version 1.1.1.Final High Version pom parent-version 1.1.1.Final Low Version pom version 1.1.1.Final Highest Version Manifest Bundle-Version 1.1.1.Final High
jcl-over-slf4j-1.7.30.jarDescription:
JCL 1.2 implemented over SLF4J License:
Apache License, Version 2.0: https://www.apache.org/licenses/LICENSE-2.0.txt File Path: /Volumes/Users/fritz/LocalData/Business/Tidalwave/Projects/WorkAreas/tidalwave.bitbucket.io/repository/org/slf4j/jcl-over-slf4j/1.7.30/jcl-over-slf4j-1.7.30.jar
MD5: 69ad224b2feb6f86554fe8997b9c3d4b
SHA1: cd92524ea19d27e5b94ecd251e1af729cffdfe15
SHA256: 71e9ee37b9e4eb7802a2acc5f41728a4cf3915e7483d798db3b4ff2ec8847c50
Referenced In Projects/Scopes: TheseFoolishThings :: Examples :: DCI :: Marshal XStream:compile TheseFoolishThings :: Examples :: DCI :: Swing:compile TheseFoolishThings :: Examples :: DCI :: Displayable:compile TheseFoolishThings :: Examples :: DCI :: Persistence JPA:compile Evidence Type Source Name Value Confidence Vendor Manifest bundle-symbolicname jcl.over.slf4j Medium Vendor Manifest bundle-requiredexecutionenvironment J2SE-1.5 Low Vendor pom artifactid jcl-over-slf4j Low Vendor Manifest automatic-module-name org.apache.commons.logging Medium Vendor pom groupid org.slf4j Highest Vendor pom parent-artifactid slf4j-parent Low Vendor pom name JCL 1.2 implemented over SLF4J High Vendor pom groupid slf4j Highest Vendor file name jcl-over-slf4j High Vendor jar package name logging Highest Vendor jar package name apache Highest Vendor pom parent-groupid org.slf4j Medium Vendor pom url http://www.slf4j.org Highest Vendor jar package name commons Highest Product Manifest bundle-symbolicname jcl.over.slf4j Medium Product Manifest bundle-requiredexecutionenvironment J2SE-1.5 Low Product pom artifactid jcl-over-slf4j Highest Product Manifest automatic-module-name org.apache.commons.logging Medium Product pom name JCL 1.2 implemented over SLF4J High Product Manifest Bundle-Name jcl-over-slf4j Medium Product pom groupid slf4j Highest Product file name jcl-over-slf4j High Product pom url http://www.slf4j.org Medium Product jar package name logging Highest Product pom parent-artifactid slf4j-parent Medium Product jar package name apache Highest Product pom parent-groupid org.slf4j Medium Product jar package name commons Highest Product Manifest Implementation-Title jcl-over-slf4j High Version file version 1.7.30 High Version pom version 1.7.30 Highest Version Manifest Implementation-Version 1.7.30 High Version Manifest Bundle-Version 1.7.30 High
jcommander-1.48.jarDescription:
A Java framework to parse command line options with annotations. License:
The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /Volumes/Users/fritz/LocalData/Business/Tidalwave/Projects/WorkAreas/tidalwave.bitbucket.io/repository/com/beust/jcommander/1.48/jcommander-1.48.jar
MD5: 7a84fb4b01f46c904bd549e67e6c48a1
SHA1: bfcb96281ea3b59d626704f74bc6d625ff51cbce
SHA256: a7313fcfde070930e40ec79edf3c5948cf34e4f0d25cb3a09f9963d8bdd84113
Referenced In Project/Scope: TheseFoolishThings :: Test Utilities:compile
Evidence Type Source Name Value Confidence Vendor Manifest bundle-symbolicname com.beust.jcommander Medium Vendor jar package name beust Highest Vendor pom name JCommander High Vendor pom groupid com.beust Highest Vendor jar package name jcommander Highest Vendor file name jcommander High Vendor pom groupid beust Highest Vendor pom artifactid jcommander Low Vendor pom url http://beust.com/jcommander Highest Product Manifest bundle-symbolicname com.beust.jcommander Medium Product jar package name beust Highest Product pom name JCommander High Product Manifest Bundle-Name JCommander Medium Product pom artifactid jcommander Highest Product jar package name jcommander Highest Product pom url http://beust.com/jcommander Medium Product file name jcommander High Product pom groupid beust Highest Version file version 1.48 High Version pom version 1.48 Highest
joda-time-1.6.2.jarDescription:
Date and time library to replace JDK date handling License:
Apache 2: http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /Volumes/Users/fritz/LocalData/Business/Tidalwave/Projects/WorkAreas/tidalwave.bitbucket.io/repository/joda-time/joda-time/1.6.2/joda-time-1.6.2.jar
MD5: 6442e992dedaddadd8b9e3c87a38bfb8
SHA1: 7a0525fe460ef5b99ea3152e6d2c0e4f24f04c51
SHA256: 442ffc099aaa8e1907dcf8806104c1640acba906f68988f9c5a2e1442e0fb8e5
Referenced In Project/Scope: TheseFoolishThings :: Actors:compile
Evidence Type Source Name Value Confidence Vendor file name joda-time High Vendor jar package name time Highest Vendor pom url http://joda-time.sourceforge.net Highest Vendor Manifest Implementation-Vendor Joda.org High Vendor pom artifactid joda-time Low Vendor Manifest extension-name joda-time Medium Vendor pom groupid joda-time Highest Vendor Manifest Implementation-Vendor-Id org.joda Medium Vendor pom organization url http://www.joda.org Medium Vendor jar package name joda Highest Vendor Manifest bundle-requiredexecutionenvironment J2SE-1.3 Low Vendor pom organization name Joda.org High Vendor pom name Joda time High Vendor Manifest specification-vendor Joda.org Low Vendor Manifest bundle-docurl http://joda-time.sourceforge.net/ Low Vendor Manifest bundle-symbolicname joda-time Medium Product file name joda-time High Product pom organization name Joda.org Low Product jar package name time Highest Product Manifest extension-name joda-time Medium Product pom groupid joda-time Highest Product jar package name joda Highest Product Manifest Bundle-Name Joda-Time Medium Product Manifest bundle-requiredexecutionenvironment J2SE-1.3 Low Product pom name Joda time High Product pom organization url http://www.joda.org Low Product Manifest Implementation-Title org.joda.time High Product Manifest bundle-docurl http://joda-time.sourceforge.net/ Low Product pom url http://joda-time.sourceforge.net Medium Product pom artifactid joda-time Highest Product Manifest specification-title Joda-Time Medium Product Manifest bundle-symbolicname joda-time Medium Version Manifest Bundle-Version 1.6.2 High Version pom version 1.6.2 Highest Version file version 1.6.2 High Version Manifest Implementation-Version 1.6.2 High
jsr305-3.0.2.jarDescription:
JSR305 Annotations for Findbugs License:
The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /Volumes/Users/fritz/LocalData/Business/Tidalwave/Projects/WorkAreas/tidalwave.bitbucket.io/repository/com/google/code/findbugs/jsr305/3.0.2/jsr305-3.0.2.jar
MD5: dd83accb899363c32b07d7a1b2e4ce40
SHA1: 25ea2e8b0c338a877313bd4672d3fe056ea78f0d
SHA256: 766ad2a0783f2687962c8ad74ceecc38a28b9f72a2d085ee438b7813e928d0c7
Referenced In Projects/Scopes: TheseFoolishThings :: Examples :: DCI :: Marshal XStream:compile TheseFoolishThings :: Examples :: Finder :: JPA Finder:compile TheseFoolishThings (modules):compile TheseFoolishThings :: Roles:compile TheseFoolishThings :: Actors:compile TheseFoolishThings :: MessageBus :: Spring:compile TheseFoolishThings :: Examples (master):compile TheseFoolishThings :: MessageBus:compile TheseFoolishThings :: Test Utilities:compile TheseFoolishThings :: Examples :: DCI :: Persistence JPA:compile TheseFoolishThings :: Examples :: Data:compile TheseFoolishThings :: Examples :: Finder :: In-memory Finder:compile TheseFoolishThings :: Utilities:compile TheseFoolishThings :: Examples :: DCI :: Swing:compile TheseFoolishThings :: Roles :: Spring:compile TheseFoolishThings :: Examples :: Finder :: Extended Finder:compile TheseFoolishThings :: Examples :: DCI :: Displayable:compile Evidence Type Source Name Value Confidence Vendor file name jsr305 High Vendor pom artifactid jsr305 Low Vendor pom groupid com.google.code.findbugs Highest Vendor pom groupid google.code.findbugs Highest Vendor pom name FindBugs-jsr305 High Vendor pom url http://findbugs.sourceforge.net/ Highest Vendor Manifest bundle-symbolicname org.jsr-305 Medium Product pom url http://findbugs.sourceforge.net/ Medium Product pom artifactid jsr305 Highest Product file name jsr305 High Product pom groupid google.code.findbugs Highest Product pom name FindBugs-jsr305 High Product Manifest bundle-symbolicname org.jsr-305 Medium Product Manifest Bundle-Name FindBugs-jsr305 Medium Version file version 3.0.2 High Version pom version 3.0.2 Highest Version Manifest Bundle-Version 3.0.2 High
junit-4.12.jarDescription:
JUnit is a unit testing framework for Java, created by Erich Gamma and Kent Beck. License:
Eclipse Public License 1.0: http://www.eclipse.org/legal/epl-v10.html File Path: /Volumes/Users/fritz/LocalData/Business/Tidalwave/Projects/WorkAreas/tidalwave.bitbucket.io/repository/junit/junit/4.12/junit-4.12.jar
MD5: 5b38c40c97fbd0adee29f91e60405584
SHA1: 2973d150c0dc1fefe998f834810d68f278ea58ec
SHA256: 59721f0805e223d84b90677887d9ff567dc534d7c502ca903c0c2b17f05c116a
Referenced In Project/Scope: TheseFoolishThings :: Test Utilities:compile
Evidence Type Source Name Value Confidence Vendor pom artifactid junit Low Vendor jar package name junit Highest Vendor pom organization name JUnit High Vendor pom url http://junit.org Highest Vendor pom groupid junit Highest Vendor pom organization url http://www.junit.org Medium Vendor jar package name framework Highest Vendor file name junit High Vendor Manifest Implementation-Vendor-Id junit Medium Vendor pom name JUnit High Vendor Manifest Implementation-Vendor JUnit High Product pom artifactid junit Highest Product jar package name junit Highest Product pom groupid junit Highest Product jar package name framework Highest Product Manifest Implementation-Title JUnit High Product file name junit High Product pom url http://junit.org Medium Product pom name JUnit High Product pom organization name JUnit Low Product pom organization url http://www.junit.org Low Version pom version 4.12 Highest Version file version 4.12 High Version Manifest Implementation-Version 4.12 High
Published Vulnerabilities CVE-2020-15250 (OSSINDEX) suppress
In JUnit4 from version 4.7 and before 4.13.1, the test rule TemporaryFolder contains a local information disclosure vulnerability. On Unix like systems, the system's temporary directory is shared between all users on that system. Because of this, when files and directories are written into this directory they are, by default, readable by other users on that same system. This vulnerability does not allow other users to overwrite the contents of these directories or files. This is purely an information disclosure vulnerability. This vulnerability impacts you if the JUnit tests write sensitive information, like API keys or passwords, into the temporary folder, and the JUnit tests execute in an environment where the OS has other untrusted users. Because certain JDK file system APIs were only added in JDK 1.7, this this fix is dependent upon the version of the JDK you are using. For Java 1.7 and higher users: this vulnerability is fixed in 4.13.1. For Java 1.6 and lower users: no patch is available, you must use the workaround below. If you are unable to patch, or are stuck running on Java 1.6, specifying the `java.io.tmpdir` system environment variable to a directory that is exclusively owned by the executing user will fix this vulnerability. For more information, including an example of vulnerable code, see the referenced GitHub Security Advisory. CVSSv3:
Base Score: MEDIUM (5.5) Vector: CVSS:/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N References:
Vulnerable Software & Versions (OSSINDEX):
cpe:2.3:a:junit:junit:4.12:*:*:*:*:*:*:* logback-core-1.2.3.jarDescription:
logback-core module License:
http://www.eclipse.org/legal/epl-v10.html, http://www.gnu.org/licenses/old-licenses/lgpl-2.1.html File Path: /Volumes/Users/fritz/LocalData/Business/Tidalwave/Projects/WorkAreas/tidalwave.bitbucket.io/repository/ch/qos/logback/logback-core/1.2.3/logback-core-1.2.3.jar
MD5: 841fc80c6edff60d947a3872a2db4d45
SHA1: 864344400c3d4d92dfeb0a305dc87d953677c03c
SHA256: 5946d837fe6f960c02a53eda7a6926ecc3c758bbdd69aa453ee429f858217f22
Referenced In Projects/Scopes: TheseFoolishThings :: Examples :: Finder :: JPA Finder:runtime TheseFoolishThings :: Examples :: DCI :: Swing:runtime TheseFoolishThings :: Examples :: Data:runtime TheseFoolishThings :: Examples :: DCI :: Marshal XStream:runtime TheseFoolishThings :: Examples :: DCI :: Displayable:runtime TheseFoolishThings :: Examples :: DCI :: Persistence JPA:runtime TheseFoolishThings :: Examples :: Finder :: In-memory Finder:runtime TheseFoolishThings :: Examples (master):runtime TheseFoolishThings :: Examples :: Finder :: Extended Finder:runtime Evidence Type Source Name Value Confidence Vendor jar package name qos Highest Vendor Manifest require-capability osgi.ee;filter:="(&(osgi.ee=JavaSE)(version=1.6))" Low Vendor Manifest originally-created-by Apache Maven Bundle Plugin Low Vendor jar package name core Highest Vendor pom groupid ch.qos.logback Highest Vendor Manifest bundle-docurl http://www.qos.ch Low Vendor pom parent-artifactid logback-parent Low Vendor Manifest bundle-requiredexecutionenvironment JavaSE-1.6 Low Vendor jar package name logback Highest Vendor pom artifactid logback-core Low Vendor jar package name ch Highest Vendor pom name Logback Core Module High Vendor Manifest bundle-symbolicname ch.qos.logback.core Medium Vendor file name logback-core High Product Manifest Bundle-Name Logback Core Module Medium Product jar package name qos Highest Product Manifest require-capability osgi.ee;filter:="(&(osgi.ee=JavaSE)(version=1.6))" Low Product Manifest originally-created-by Apache Maven Bundle Plugin Low Product pom parent-artifactid logback-parent Medium Product jar package name core Highest Product pom groupid ch.qos.logback Highest Product Manifest bundle-docurl http://www.qos.ch Low Product Manifest bundle-requiredexecutionenvironment JavaSE-1.6 Low Product jar package name logback Highest Product jar package name ch Highest Product pom artifactid logback-core Highest Product pom name Logback Core Module High Product Manifest bundle-symbolicname ch.qos.logback.core Medium Product file name logback-core High Version file version 1.2.3 High Version pom version 1.2.3 Highest Version Manifest Bundle-Version 1.2.3 High
Related Dependencies logback-classic-1.2.3.jarFile Path: /Volumes/Users/fritz/LocalData/Business/Tidalwave/Projects/WorkAreas/tidalwave.bitbucket.io/repository/ch/qos/logback/logback-classic/1.2.3/logback-classic-1.2.3.jar MD5: 64f7a68f931aed8e5ad8243470440f0b SHA1: 7c4f3c474fb2c041d8028740440937705ebb473a SHA256: fb53f8539e7fcb8f093a56e138112056ec1dc809ebb020b59d8a36a5ebac37e0 pkg:maven/ch.qos.logback/logback-classic@1.2.3 Published Vulnerabilities CVE-2021-42550 suppress
In logback version 1.2.7 and prior versions, an attacker with the required privileges to edit configurations files could craft a malicious configuration allowing to execute arbitrary code loaded from LDAP servers. CWE-502 Deserialization of Untrusted Data
CVSSv2:
Base Score: HIGH (8.5) Vector: /AV:N/AC:M/Au:S/C:C/I:C/A:C CVSSv3:
Base Score: MEDIUM (6.6) Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H References:
Vulnerable Software & Versions: (show all )
lombok-1.18.22.jarDescription:
Spice up your java: Automatic Resource Management, automatic generation of getters, setters, equals, hashCode and toString, and more! License:
The MIT License: https://projectlombok.org/LICENSE File Path: /Volumes/Users/fritz/LocalData/Business/Tidalwave/Projects/WorkAreas/tidalwave.bitbucket.io/repository/org/projectlombok/lombok/1.18.22/lombok-1.18.22.jar
MD5: 30905901647fe0ebb06fb20ee8a638bf
SHA1: 9c08ea24c6eb714e2d6170e8122c069a0ba9aacf
SHA256: ecef1581411d7a82cc04281667ee0bac5d7c0a5aae74cfc38430396c91c31831
Referenced In Projects/Scopes: TheseFoolishThings :: Roles:provided TheseFoolishThings :: MessageBus:provided TheseFoolishThings :: Examples :: DCI :: Swing:provided TheseFoolishThings :: Test Utilities:provided TheseFoolishThings :: Examples :: DCI :: Marshal XStream:provided TheseFoolishThings :: MessageBus :: Spring:provided TheseFoolishThings :: Examples :: Finder :: Extended Finder:provided TheseFoolishThings :: Roles :: Spring:provided TheseFoolishThings :: Examples (master):provided TheseFoolishThings :: Examples :: Data:provided TheseFoolishThings :: Examples :: Finder :: JPA Finder:provided TheseFoolishThings :: Examples :: DCI :: Persistence JPA:provided TheseFoolishThings (modules):provided TheseFoolishThings :: Examples :: Finder :: In-memory Finder:provided TheseFoolishThings :: Utilities:provided TheseFoolishThings :: Examples :: DCI :: Displayable:provided TheseFoolishThings :: Actors:provided Evidence Type Source Name Value Confidence Vendor pom url https://projectlombok.org Highest Vendor Manifest automatic-module-name lombok Medium Vendor jar package name lombok Highest Vendor pom groupid projectlombok Highest Vendor jar package name java Highest Vendor pom artifactid lombok Low Vendor jar package name tostring Highest Vendor file name lombok High Vendor Manifest can-redefine-classes true Low Vendor pom name Project Lombok High Vendor pom groupid org.projectlombok Highest Product Manifest automatic-module-name lombok Medium Product jar package name lombok Highest Product pom groupid projectlombok Highest Product jar package name java Highest Product pom url https://projectlombok.org Medium Product jar package name tostring Highest Product pom artifactid lombok Highest Product file name lombok High Product Manifest can-redefine-classes true Low Product pom name Project Lombok High Version file version 1.18.22 High Version Manifest lombok-version 1.18.22 Medium Version pom version 1.18.22 Highest
mockito-core-3.8.0.jarDescription:
Mockito mock objects library core API and implementation License:
The MIT License: https://github.com/mockito/mockito/blob/release/3.x/LICENSE File Path: /Volumes/Users/fritz/LocalData/Business/Tidalwave/Projects/WorkAreas/tidalwave.bitbucket.io/repository/org/mockito/mockito-core/3.8.0/mockito-core-3.8.0.jar
MD5: 181eb3008ed533261c9afb1efd1ea332
SHA1: a3f5ed0745e4d76aa880136ab514412cd50b6246
SHA256: e8a6113e5ba2fcadc22ad5da712ce60ce85db48efb8bfc1cbac4802eb36b559f
Referenced In Project/Scope: TheseFoolishThings :: Test Utilities:compile
Evidence Type Source Name Value Confidence Vendor jar package name api Highest Vendor pom groupid org.mockito Highest Vendor jar package name mockito Highest Vendor pom name mockito-core High Vendor Manifest automatic-module-name org.mockito Medium Vendor jar package name and Highest Vendor Manifest bundle-symbolicname org.mockito.mockito-core Medium Vendor Manifest require-capability osgi.ee;filter:="(&(osgi.ee=JavaSE)(version=1.8))" Low Vendor pom artifactid mockito-core Low Vendor pom groupid mockito Highest Vendor pom url mockito/mockito Highest Vendor file name mockito-core High Product jar package name api Highest Product jar package name mockito Highest Product pom name mockito-core High Product Manifest automatic-module-name org.mockito Medium Product jar package name and Highest Product pom artifactid mockito-core Highest Product Manifest Bundle-Name Mockito Mock Library for Java. Core bundle requires Byte Buddy and Objenesis. Medium Product Manifest bundle-symbolicname org.mockito.mockito-core Medium Product Manifest require-capability osgi.ee;filter:="(&(osgi.ee=JavaSE)(version=1.8))" Low Product pom groupid mockito Highest Product pom url mockito/mockito High Product file name mockito-core High Version pom version 3.8.0 Highest Version file version 3.8.0 High Version Manifest Bundle-Version 3.8.0 High
mxparser-1.2.2.jarDescription:
MXParser is a fork of xpp3_min 1.1.7 containing only the parser with merged changes of the Plexus fork.
License:
Indiana University Extreme! Lab Software License: https://raw.githubusercontent.com/x-stream/mxparser/master/LICENSE.txt File Path: /Volumes/Users/fritz/LocalData/Business/Tidalwave/Projects/WorkAreas/tidalwave.bitbucket.io/repository/io/github/x-stream/mxparser/1.2.2/mxparser-1.2.2.jar
MD5: 9d7e42409dfdcee9bd17903015bdeae2
SHA1: 476fb3b3bb3716cad797cd054ce45f89445794e9
SHA256: aeeee23a3303d811bca8790ea7f25b534314861c03cff36dafdcc2180969eb97
Referenced In Projects/Scopes: TheseFoolishThings :: Examples :: DCI :: Marshal XStream:compile TheseFoolishThings :: Examples :: DCI :: Displayable:compile Evidence Type Source Name Value Confidence Vendor Manifest build-jdk-spec 1.8 Low Vendor Manifest x-compile-target 1.4 Low Vendor pom groupid io.github.x-stream Highest Vendor Manifest x-compile-source 1.4 Low Vendor jar package name io Highest Vendor Manifest java_1_8_home /opt/oracle-jdk-bin-1.8.0.202 Low Vendor Manifest bundle-symbolicname mxparser Medium Vendor Manifest x-build-time 2021-08-18T22:35:34Z Low Vendor pom name MXParser High Vendor Manifest x-builder Maven 3.8.1 Low Vendor Manifest x-build-os Linux Low Vendor pom url http://x-stream.github.io/mxparser Highest Vendor Manifest java_1_5_home /opt/sun-jdk-1.5.0.22 Low Vendor jar package name mxparser Highest Vendor Manifest automatic-module-name io.github.xstream.mxparser Medium Vendor file name mxparser High Vendor jar package name github Highest Vendor jar package name xstream Highest Vendor Manifest java_9_home /opt/oracle-jdk-bin-9.0.4 Low Vendor Manifest java_1_7_home /opt/oracle-jdk-bin-1.7.0.80 Low Vendor Manifest java_1_4_home /opt/blackdown-jdk-1.4.2.03 Low Vendor Manifest java_1_6_home /opt/sun-jdk-1.6.0.45 Low Vendor pom artifactid mxparser Low Product Manifest build-jdk-spec 1.8 Low Product Manifest x-compile-target 1.4 Low Product pom groupid io.github.x-stream Highest Product Manifest x-compile-source 1.4 Low Product Manifest java_1_8_home /opt/oracle-jdk-bin-1.8.0.202 Low Product Manifest x-build-time 2021-08-18T22:35:34Z Low Product Manifest x-builder Maven 3.8.1 Low Product Manifest Implementation-Title MXParser High Product Manifest x-build-os Linux Low Product jar package name mxparser Highest Product Manifest specification-title MXParser Medium Product Manifest automatic-module-name io.github.xstream.mxparser Medium Product Manifest java_9_home /opt/oracle-jdk-bin-9.0.4 Low Product pom artifactid mxparser Highest Product Manifest java_1_7_home /opt/oracle-jdk-bin-1.7.0.80 Low Product Manifest java_1_4_home /opt/blackdown-jdk-1.4.2.03 Low Product jar package name io Highest Product Manifest bundle-symbolicname mxparser Medium Product pom name MXParser High Product Manifest java_1_5_home /opt/sun-jdk-1.5.0.22 Low Product pom url http://x-stream.github.io/mxparser Medium Product Manifest Bundle-Name MXParser Medium Product file name mxparser High Product jar package name github Highest Product jar package name xstream Highest Product Manifest java_1_6_home /opt/sun-jdk-1.6.0.45 Low Version pom version 1.2.2 Highest Version file version 1.2.2 High Version Manifest Bundle-Version 1.2.2 High Version Manifest Implementation-Version 1.2.2 High
Published Vulnerabilities CVE-2013-7285 suppress
Xstream API versions up to 1.4.6 and version 1.4.10, if the security framework has not been initialized, may allow a remote attacker to run arbitrary shell commands by manipulating the processed input stream when unmarshaling XML or any supported format. e.g. JSON. CWE-77 Improper Neutralization of Special Elements used in a Command ('Command Injection')
CVSSv2:
Base Score: HIGH (7.5) Vector: /AV:N/AC:L/Au:N/C:P/I:P/A:P CVSSv3:
Base Score: CRITICAL (9.8) Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H References:
Vulnerable Software & Versions: (show all )
CVE-2016-3674 suppress
Multiple XML external entity (XXE) vulnerabilities in the (1) Dom4JDriver, (2) DomDriver, (3) JDomDriver, (4) JDom2Driver, (5) SjsxpDriver, (6) StandardStaxDriver, and (7) WstxDriver drivers in XStream before 1.4.9 allow remote attackers to read arbitrary files via a crafted XML document. CWE-200 Information Exposure
CVSSv2:
Base Score: MEDIUM (5.0) Vector: /AV:N/AC:L/Au:N/C:P/I:N/A:N CVSSv3:
Base Score: HIGH (7.5) Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N References:
Vulnerable Software & Versions:
CVE-2017-7957 suppress
XStream through 1.4.9, when a certain denyTypes workaround is not used, mishandles attempts to create an instance of the primitive type 'void' during unmarshalling, leading to a remote application crash, as demonstrated by an xstream.fromXML("<void/>") call. CWE-20 Improper Input Validation
CVSSv2:
Base Score: MEDIUM (5.0) Vector: /AV:N/AC:L/Au:N/C:N/I:N/A:P CVSSv3:
Base Score: HIGH (7.5) Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H References:
Vulnerable Software & Versions:
CVE-2020-26217 suppress
XStream before version 1.4.14 is vulnerable to Remote Code Execution.The vulnerability may allow a remote attacker to run arbitrary shell commands only by manipulating the processed input stream. Only users who rely on blocklists are affected. Anyone using XStream's Security Framework allowlist is not affected. The linked advisory provides code workarounds for users who cannot upgrade. The issue is fixed in version 1.4.14. CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVSSv2:
Base Score: HIGH (9.3) Vector: /AV:N/AC:M/Au:N/C:C/I:C/A:C CVSSv3:
Base Score: HIGH (8.8) Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H References:
Vulnerable Software & Versions: (show all )
CVE-2020-26258 suppress
XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.15, a Server-Side Forgery Request vulnerability can be activated when unmarshalling. The vulnerability may allow a remote attacker to request data from internal resources that are not publicly available only by manipulating the processed input stream. If you rely on XStream's default blacklist of the Security Framework, you will have to use at least version 1.4.15. The reported vulnerability does not exist if running Java 15 or higher. No user is affected who followed the recommendation to setup XStream's Security Framework with a whitelist! Anyone relying on XStream's default blacklist can immediately switch to a whilelist for the allowed types to avoid the vulnerability. Users of XStream 1.4.14 or below who still want to use XStream default blacklist can use a workaround described in more detailed in the referenced advisories. CWE-918 Server-Side Request Forgery (SSRF)
CVSSv2:
Base Score: MEDIUM (5.0) Vector: /AV:N/AC:L/Au:N/C:P/I:N/A:N CVSSv3:
Base Score: HIGH (7.7) Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N References:
Vulnerable Software & Versions:
CVE-2020-26259 suppress
XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.15, is vulnerable to an Arbitrary File Deletion on the local host when unmarshalling. The vulnerability may allow a remote attacker to delete arbitrary know files on the host as log as the executing process has sufficient rights only by manipulating the processed input stream. If you rely on XStream's default blacklist of the Security Framework, you will have to use at least version 1.4.15. The reported vulnerability does not exist running Java 15 or higher. No user is affected, who followed the recommendation to setup XStream's Security Framework with a whitelist! Anyone relying on XStream's default blacklist can immediately switch to a whilelist for the allowed types to avoid the vulnerability. Users of XStream 1.4.14 or below who still want to use XStream default blacklist can use a workaround described in more detailed in the referenced advisories. CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVSSv2:
Base Score: MEDIUM (6.4) Vector: /AV:N/AC:L/Au:N/C:N/I:P/A:P CVSSv3:
Base Score: MEDIUM (6.8) Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N References:
Vulnerable Software & Versions:
CVE-2021-21341 suppress
XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is vulnerability which may allow a remote attacker to allocate 100% CPU time on the target system depending on CPU type or parallel execution of such a payload resulting in a denial of service only by manipulating the processed input stream. No user is affected who followed the recommendation to setup XStream's security framework with a whitelist limited to the minimal required types. If you rely on XStream's default blacklist of the Security Framework, you will have to use at least version 1.4.16. CWE-400 Uncontrolled Resource Consumption ('Resource Exhaustion'), CWE-502 Deserialization of Untrusted Data
CVSSv2:
Base Score: MEDIUM (5.0) Vector: /AV:N/AC:L/Au:N/C:N/I:N/A:P CVSSv3:
Base Score: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H References:
Vulnerable Software & Versions: (show all )
CVE-2021-21342 suppress
XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is a vulnerability where the processed stream at unmarshalling time contains type information to recreate the formerly written objects. XStream creates therefore new instances based on these type information. An attacker can manipulate the processed input stream and replace or inject objects, that result in a server-side forgery request. No user is affected, who followed the recommendation to setup XStream's security framework with a whitelist limited to the minimal required types. If you rely on XStream's default blacklist of the Security Framework, you will have to use at least version 1.4.16. CWE-502 Deserialization of Untrusted Data, CWE-918 Server-Side Request Forgery (SSRF)
CVSSv2:
Base Score: MEDIUM (6.4) Vector: /AV:N/AC:L/Au:N/C:P/I:P/A:N CVSSv3:
Base Score: CRITICAL (9.1) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N References:
Vulnerable Software & Versions: (show all )
CVE-2021-21343 suppress
XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is a vulnerability where the processed stream at unmarshalling time contains type information to recreate the formerly written objects. XStream creates therefore new instances based on these type information. An attacker can manipulate the processed input stream and replace or inject objects, that result in the deletion of a file on the local host. No user is affected, who followed the recommendation to setup XStream's security framework with a whitelist limited to the minimal required types. If you rely on XStream's default blacklist of the Security Framework, you will have to use at least version 1.4.16. CWE-502 Deserialization of Untrusted Data, CWE-73 External Control of File Name or Path
CVSSv2:
Base Score: MEDIUM (5.0) Vector: /AV:N/AC:L/Au:N/C:N/I:P/A:N CVSSv3:
Base Score: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N References:
Vulnerable Software & Versions: (show all )
CVE-2021-21344 suppress
XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is a vulnerability which may allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the processed input stream. No user is affected, who followed the recommendation to setup XStream's security framework with a whitelist limited to the minimal required types. If you rely on XStream's default blacklist of the Security Framework, you will have to use at least version 1.4.16. CWE-434 Unrestricted Upload of File with Dangerous Type, CWE-502 Deserialization of Untrusted Data
CVSSv2:
Base Score: HIGH (7.5) Vector: /AV:N/AC:L/Au:N/C:P/I:P/A:P CVSSv3:
Base Score: CRITICAL (9.8) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H References:
Vulnerable Software & Versions: (show all )
CVE-2021-21345 suppress
XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is a vulnerability which may allow a remote attacker who has sufficient rights to execute commands of the host only by manipulating the processed input stream. No user is affected, who followed the recommendation to setup XStream's security framework with a whitelist limited to the minimal required types. If you rely on XStream's default blacklist of the Security Framework, you will have to use at least version 1.4.16. CWE-502 Deserialization of Untrusted Data, CWE-94 Improper Control of Generation of Code ('Code Injection')
CVSSv2:
Base Score: MEDIUM (6.5) Vector: /AV:N/AC:L/Au:S/C:P/I:P/A:P CVSSv3:
Base Score: CRITICAL (9.9) Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H References:
Vulnerable Software & Versions: (show all )
CVE-2021-21346 suppress
XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is a vulnerability which may allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the processed input stream. No user is affected, who followed the recommendation to setup XStream's security framework with a whitelist limited to the minimal required types. If you rely on XStream's default blacklist of the Security Framework, you will have to use at least version 1.4.16. CWE-434 Unrestricted Upload of File with Dangerous Type, CWE-502 Deserialization of Untrusted Data
CVSSv2:
Base Score: HIGH (7.5) Vector: /AV:N/AC:L/Au:N/C:P/I:P/A:P CVSSv3:
Base Score: CRITICAL (9.8) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H References:
Vulnerable Software & Versions: (show all )
CVE-2021-21347 suppress
XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is a vulnerability which may allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the processed input stream. No user is affected, who followed the recommendation to setup XStream's security framework with a whitelist limited to the minimal required types. If you rely on XStream's default blacklist of the Security Framework, you will have to use at least version 1.4.16. CWE-434 Unrestricted Upload of File with Dangerous Type, CWE-502 Deserialization of Untrusted Data
CVSSv2:
Base Score: HIGH (7.5) Vector: /AV:N/AC:L/Au:N/C:P/I:P/A:P CVSSv3:
Base Score: CRITICAL (9.8) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H References:
Vulnerable Software & Versions: (show all )
CVE-2021-21348 suppress
XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is a vulnerability which may allow a remote attacker to occupy a thread that consumes maximum CPU time and will never return. No user is affected, who followed the recommendation to setup XStream's security framework with a whitelist limited to the minimal required types. If you rely on XStream's default blacklist of the Security Framework, you will have to use at least version 1.4.16. CWE-400 Uncontrolled Resource Consumption ('Resource Exhaustion'), CWE-502 Deserialization of Untrusted Data
CVSSv2:
Base Score: HIGH (7.8) Vector: /AV:N/AC:L/Au:N/C:N/I:N/A:C CVSSv3:
Base Score: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H References:
Vulnerable Software & Versions: (show all )
CVE-2021-21349 suppress
XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is a vulnerability which may allow a remote attacker to request data from internal resources that are not publicly available only by manipulating the processed input stream. No user is affected, who followed the recommendation to setup XStream's security framework with a whitelist limited to the minimal required types. If you rely on XStream's default blacklist of the Security Framework, you will have to use at least version 1.4.16. CWE-502 Deserialization of Untrusted Data, CWE-918 Server-Side Request Forgery (SSRF)
CVSSv2:
Base Score: MEDIUM (5.0) Vector: /AV:N/AC:L/Au:N/C:P/I:N/A:N CVSSv3:
Base Score: HIGH (8.6) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N References:
Vulnerable Software & Versions: (show all )
CVE-2021-21350 suppress
XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is a vulnerability which may allow a remote attacker to execute arbitrary code only by manipulating the processed input stream. No user is affected, who followed the recommendation to setup XStream's security framework with a whitelist limited to the minimal required types. If you rely on XStream's default blacklist of the Security Framework, you will have to use at least version 1.4.16. CWE-434 Unrestricted Upload of File with Dangerous Type, CWE-502 Deserialization of Untrusted Data
CVSSv2:
Base Score: HIGH (7.5) Vector: /AV:N/AC:L/Au:N/C:P/I:P/A:P CVSSv3:
Base Score: CRITICAL (9.8) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H References:
Vulnerable Software & Versions: (show all )
CVE-2021-21351 suppress
XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is a vulnerability may allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the processed input stream. No user is affected, who followed the recommendation to setup XStream's security framework with a whitelist limited to the minimal required types. If you rely on XStream's default blacklist of the Security Framework, you will have to use at least version 1.4.16. CWE-434 Unrestricted Upload of File with Dangerous Type, CWE-502 Deserialization of Untrusted Data
CVSSv2:
Base Score: MEDIUM (6.5) Vector: /AV:N/AC:L/Au:S/C:P/I:P/A:P CVSSv3:
Base Score: CRITICAL (9.1) Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H References:
Vulnerable Software & Versions: (show all )
CVE-2021-29505 suppress
XStream is software for serializing Java objects to XML and back again. A vulnerability in XStream versions prior to 1.4.17 may allow a remote attacker has sufficient rights to execute commands of the host only by manipulating the processed input stream. No user who followed the recommendation to setup XStream's security framework with a whitelist limited to the minimal required types is affected. The vulnerability is patched in version 1.4.17. CWE-502 Deserialization of Untrusted Data, CWE-94 Improper Control of Generation of Code ('Code Injection')
CVSSv2:
Base Score: MEDIUM (6.5) Vector: /AV:N/AC:L/Au:S/C:P/I:P/A:P CVSSv3:
Base Score: HIGH (8.8) Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H References:
Vulnerable Software & Versions: (show all )
CVE-2021-39139 suppress
XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the processed input stream. A user is only affected if using the version out of the box with JDK 1.7u21 or below. However, this scenario can be adjusted easily to an external Xalan that works regardless of the version of the Java runtime. No user is affected, who followed the recommendation to setup XStream's security framework with a whitelist limited to the minimal required types. XStream 1.4.18 uses no longer a blacklist by default, since it cannot be secured for general purpose. CWE-434 Unrestricted Upload of File with Dangerous Type, CWE-502 Deserialization of Untrusted Data
CVSSv2:
Base Score: MEDIUM (6.5) Vector: /AV:N/AC:L/Au:S/C:P/I:P/A:P CVSSv3:
Base Score: HIGH (8.8) Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H References:
Vulnerable Software & Versions: (show all )
CVE-2021-39140 suppress
XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to allocate 100% CPU time on the target system depending on CPU type or parallel execution of such a payload resulting in a denial of service only by manipulating the processed input stream. No user is affected, who followed the recommendation to setup XStream's security framework with a whitelist limited to the minimal required types. XStream 1.4.18 uses no longer a blacklist by default, since it cannot be secured for general purpose. CWE-502 Deserialization of Untrusted Data, CWE-835 Loop with Unreachable Exit Condition ('Infinite Loop')
CVSSv2:
Base Score: LOW (3.5) Vector: /AV:N/AC:M/Au:S/C:N/I:N/A:P CVSSv3:
Base Score: MEDIUM (6.3) Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:H References:
Vulnerable Software & Versions: (show all )
CVE-2021-39141 suppress
XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the processed input stream. No user is affected, who followed the recommendation to setup XStream's security framework with a whitelist limited to the minimal required types. XStream 1.4.18 uses no longer a blacklist by default, since it cannot be secured for general purpose. CWE-434 Unrestricted Upload of File with Dangerous Type, CWE-502 Deserialization of Untrusted Data
CVSSv2:
Base Score: MEDIUM (6.0) Vector: /AV:N/AC:M/Au:S/C:P/I:P/A:P CVSSv3:
Base Score: HIGH (8.5) Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H References:
Vulnerable Software & Versions: (show all )
CVE-2021-39144 suppress
XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker has sufficient rights to execute commands of the host only by manipulating the processed input stream. No user is affected, who followed the recommendation to setup XStream's security framework with a whitelist limited to the minimal required types. XStream 1.4.18 uses no longer a blacklist by default, since it cannot be secured for general purpose. CWE-502 Deserialization of Untrusted Data, CWE-94 Improper Control of Generation of Code ('Code Injection')
CVSSv2:
Base Score: MEDIUM (6.0) Vector: /AV:N/AC:M/Au:S/C:P/I:P/A:P CVSSv3:
Base Score: HIGH (8.5) Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H References:
Vulnerable Software & Versions: (show all )
CVE-2021-39145 suppress
XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the processed input stream. No user is affected, who followed the recommendation to setup XStream's security framework with a whitelist limited to the minimal required types. XStream 1.4.18 uses no longer a blacklist by default, since it cannot be secured for general purpose. CWE-434 Unrestricted Upload of File with Dangerous Type, CWE-502 Deserialization of Untrusted Data
CVSSv2:
Base Score: MEDIUM (6.0) Vector: /AV:N/AC:M/Au:S/C:P/I:P/A:P CVSSv3:
Base Score: HIGH (8.5) Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H References:
Vulnerable Software & Versions: (show all )
CVE-2021-39146 suppress
XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the processed input stream. No user is affected, who followed the recommendation to setup XStream's security framework with a whitelist limited to the minimal required types. XStream 1.4.18 uses no longer a blacklist by default, since it cannot be secured for general purpose. CWE-434 Unrestricted Upload of File with Dangerous Type, CWE-502 Deserialization of Untrusted Data
CVSSv2:
Base Score: MEDIUM (6.0) Vector: /AV:N/AC:M/Au:S/C:P/I:P/A:P CVSSv3:
Base Score: HIGH (8.5) Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H References:
Vulnerable Software & Versions: (show all )
CVE-2021-39147 suppress
XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the processed input stream. No user is affected, who followed the recommendation to setup XStream's security framework with a whitelist limited to the minimal required types. XStream 1.4.18 uses no longer a blacklist by default, since it cannot be secured for general purpose. CWE-434 Unrestricted Upload of File with Dangerous Type, CWE-502 Deserialization of Untrusted Data
CVSSv2:
Base Score: MEDIUM (6.0) Vector: /AV:N/AC:M/Au:S/C:P/I:P/A:P CVSSv3:
Base Score: HIGH (8.5) Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H References:
Vulnerable Software & Versions: (show all )
CVE-2021-39148 suppress
XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the processed input stream. No user is affected, who followed the recommendation to setup XStream's security framework with a whitelist limited to the minimal required types. XStream 1.4.18 uses no longer a blacklist by default, since it cannot be secured for general purpose. CWE-434 Unrestricted Upload of File with Dangerous Type, CWE-502 Deserialization of Untrusted Data
CVSSv2:
Base Score: MEDIUM (6.0) Vector: /AV:N/AC:M/Au:S/C:P/I:P/A:P CVSSv3:
Base Score: HIGH (8.5) Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H References:
Vulnerable Software & Versions: (show all )
CVE-2021-39149 suppress
XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the processed input stream. No user is affected, who followed the recommendation to setup XStream's security framework with a whitelist limited to the minimal required types. XStream 1.4.18 uses no longer a blacklist by default, since it cannot be secured for general purpose. CWE-434 Unrestricted Upload of File with Dangerous Type, CWE-502 Deserialization of Untrusted Data
CVSSv2:
Base Score: MEDIUM (6.0) Vector: /AV:N/AC:M/Au:S/C:P/I:P/A:P CVSSv3:
Base Score: HIGH (8.5) Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H References:
Vulnerable Software & Versions: (show all )
CVE-2021-39150 suppress
XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to request data from internal resources that are not publicly available only by manipulating the processed input stream with a Java runtime version 14 to 8. No user is affected, who followed the recommendation to setup XStream's security framework with a whitelist limited to the minimal required types. If you rely on XStream's default blacklist of the [Security Framework](https://x-stream.github.io/security.html#framework), you will have to use at least version 1.4.18. CWE-502 Deserialization of Untrusted Data, CWE-918 Server-Side Request Forgery (SSRF)
CVSSv2:
Base Score: MEDIUM (6.0) Vector: /AV:N/AC:M/Au:S/C:P/I:P/A:P CVSSv3:
Base Score: HIGH (8.5) Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H References:
Vulnerable Software & Versions: (show all )
CVE-2021-39151 suppress
XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the processed input stream. No user is affected, who followed the recommendation to setup XStream's security framework with a whitelist limited to the minimal required types. XStream 1.4.18 uses no longer a blacklist by default, since it cannot be secured for general purpose. CWE-434 Unrestricted Upload of File with Dangerous Type, CWE-502 Deserialization of Untrusted Data
CVSSv2:
Base Score: MEDIUM (6.0) Vector: /AV:N/AC:M/Au:S/C:P/I:P/A:P CVSSv3:
Base Score: HIGH (8.5) Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H References:
Vulnerable Software & Versions: (show all )
CVE-2021-39152 suppress
XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to request data from internal resources that are not publicly available only by manipulating the processed input stream with a Java runtime version 14 to 8. No user is affected, who followed the recommendation to setup XStream's security framework with a whitelist limited to the minimal required types. If you rely on XStream's default blacklist of the [Security Framework](https://x-stream.github.io/security.html#framework), you will have to use at least version 1.4.18. CWE-502 Deserialization of Untrusted Data, CWE-918 Server-Side Request Forgery (SSRF)
CVSSv2:
Base Score: MEDIUM (6.0) Vector: /AV:N/AC:M/Au:S/C:P/I:P/A:P CVSSv3:
Base Score: HIGH (8.5) Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H References:
Vulnerable Software & Versions: (show all )
CVE-2021-39153 suppress
XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the processed input stream, if using the version out of the box with Java runtime version 14 to 8 or with JavaFX installed. No user is affected, who followed the recommendation to setup XStream's security framework with a whitelist limited to the minimal required types. XStream 1.4.18 uses no longer a blacklist by default, since it cannot be secured for general purpose. CWE-434 Unrestricted Upload of File with Dangerous Type, CWE-502 Deserialization of Untrusted Data
CVSSv2:
Base Score: MEDIUM (6.0) Vector: /AV:N/AC:M/Au:S/C:P/I:P/A:P CVSSv3:
Base Score: HIGH (8.5) Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H References:
Vulnerable Software & Versions: (show all )
CVE-2021-39154 suppress
XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the processed input stream. No user is affected, who followed the recommendation to setup XStream's security framework with a whitelist limited to the minimal required types. XStream 1.4.18 uses no longer a blacklist by default, since it cannot be secured for general purpose. CWE-434 Unrestricted Upload of File with Dangerous Type, CWE-502 Deserialization of Untrusted Data
CVSSv2:
Base Score: MEDIUM (6.0) Vector: /AV:N/AC:M/Au:S/C:P/I:P/A:P CVSSv3:
Base Score: HIGH (8.5) Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H References:
Vulnerable Software & Versions: (show all )
objenesis-3.1.jarDescription:
A library for instantiating Java objects License:
http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /Volumes/Users/fritz/LocalData/Business/Tidalwave/Projects/WorkAreas/tidalwave.bitbucket.io/repository/org/objenesis/objenesis/3.1/objenesis-3.1.jar
MD5: 712a73c2f496ab26736fd3f8029bac20
SHA1: 48f12deaae83a8dfc3775d830c9fd60ea59bbbca
SHA256: cdb3d038c188de6f46ffd5cd930be2d5e5dba59c53b26437995d534e3db2fb80
Referenced In Project/Scope: TheseFoolishThings :: Test Utilities:compile
Evidence Type Source Name Value Confidence Vendor Manifest build-jdk-spec 1.8 Low Vendor pom artifactid objenesis Low Vendor jar package name objenesis Highest Vendor Manifest Implementation-Vendor Joe Walnes, Henri Tremblay, Leonardo Mesquita High Vendor pom url http://objenesis.org Highest Vendor Manifest bundle-symbolicname org.objenesis Medium Vendor pom parent-groupid org.objenesis Medium Vendor pom name Objenesis High Vendor pom groupid org.objenesis Highest Vendor file name objenesis High Vendor Manifest require-capability osgi.ee;filter:="(&(osgi.ee=JavaSE)(version=1.8))" Low Vendor Manifest implementation-url http://objenesis.org Low Vendor Manifest specification-vendor Joe Walnes, Henri Tremblay, Leonardo Mesquita Low Vendor pom parent-artifactid objenesis-parent Low Vendor Manifest automatic-module-name org.objenesis Medium Vendor Manifest Implementation-Vendor-Id org.objenesis Medium Vendor pom groupid objenesis Highest Product Manifest build-jdk-spec 1.8 Low Product pom parent-artifactid objenesis-parent Medium Product jar package name objenesis Highest Product Manifest specification-title Objenesis Medium Product pom artifactid objenesis Highest Product pom url http://objenesis.org Medium Product Manifest bundle-symbolicname org.objenesis Medium Product pom parent-groupid org.objenesis Medium Product pom name Objenesis High Product file name objenesis High Product Manifest require-capability osgi.ee;filter:="(&(osgi.ee=JavaSE)(version=1.8))" Low Product Manifest Implementation-Title Objenesis High Product Manifest implementation-url http://objenesis.org Low Product Manifest automatic-module-name org.objenesis Medium Product Manifest Bundle-Name Objenesis Medium Product pom groupid objenesis Highest Version pom version 3.1 Highest Version file version 3.1 High Version Manifest Implementation-Version 3.1 High
slf4j-api-1.7.30.jarDescription:
The slf4j API File Path: /Volumes/Users/fritz/LocalData/Business/Tidalwave/Projects/WorkAreas/tidalwave.bitbucket.io/repository/org/slf4j/slf4j-api/1.7.30/slf4j-api-1.7.30.jarMD5: f8be00da99bc4ab64c79ab1e2be7cb7cSHA1: b5a4b6d16ab13e34a88fae84c35cd5d68cac922cSHA256: cdba07964d1bb40a0761485c6b1e8c2f8fd9eb1d19c53928ac0d7f9510105c57Referenced In Projects/Scopes:
TheseFoolishThings :: Examples :: DCI :: Marshal XStream:compile TheseFoolishThings :: Examples :: Finder :: JPA Finder:compile TheseFoolishThings :: Roles:compile TheseFoolishThings :: Actors:compile TheseFoolishThings :: MessageBus :: Spring:compile TheseFoolishThings :: MessageBus:compile TheseFoolishThings :: Test Utilities:compile TheseFoolishThings :: Examples :: DCI :: Persistence JPA:compile TheseFoolishThings :: Examples :: Data:compile TheseFoolishThings :: Examples :: Finder :: In-memory Finder:compile TheseFoolishThings :: Utilities:compile TheseFoolishThings :: Examples :: DCI :: Swing:compile TheseFoolishThings :: Roles :: Spring:compile TheseFoolishThings :: Examples :: Finder :: Extended Finder:compile TheseFoolishThings :: Examples :: DCI :: Displayable:compile TheseFoolishThings :: Examples (master):runtime Evidence Type Source Name Value Confidence Vendor Manifest bundle-requiredexecutionenvironment J2SE-1.5 Low Vendor Manifest bundle-symbolicname slf4j.api Medium Vendor jar package name slf4j Highest Vendor pom groupid org.slf4j Highest Vendor pom artifactid slf4j-api Low Vendor pom parent-artifactid slf4j-parent Low Vendor pom groupid slf4j Highest Vendor Manifest automatic-module-name org.slf4j Medium Vendor file name slf4j-api High Vendor pom parent-groupid org.slf4j Medium Vendor pom url http://www.slf4j.org Highest Vendor pom name SLF4J API Module High Product Manifest bundle-requiredexecutionenvironment J2SE-1.5 Low Product Manifest bundle-symbolicname slf4j.api Medium Product jar package name slf4j Highest Product pom groupid slf4j Highest Product Manifest automatic-module-name org.slf4j Medium Product pom url http://www.slf4j.org Medium Product Manifest Bundle-Name slf4j-api Medium Product file name slf4j-api High Product pom artifactid slf4j-api Highest Product pom parent-artifactid slf4j-parent Medium Product pom parent-groupid org.slf4j Medium Product Manifest Implementation-Title slf4j-api High Product pom name SLF4J API Module High Version file version 1.7.30 High Version pom version 1.7.30 Highest Version Manifest Implementation-Version 1.7.30 High Version Manifest Bundle-Version 1.7.30 High
spotbugs-annotations-3.1.9.jarDescription:
Annotations the SpotBugs tool supports License:
GNU LESSER GENERAL PUBLIC LICENSE, Version 2.1: https://www.gnu.org/licenses/old-licenses/lgpl-2.1.en.html File Path: /Volumes/Users/fritz/LocalData/Business/Tidalwave/Projects/WorkAreas/tidalwave.bitbucket.io/repository/com/github/spotbugs/spotbugs-annotations/3.1.9/spotbugs-annotations-3.1.9.jar
MD5: 56a1a81d69b6a111161bbce0e6dea26a
SHA1: 2ef5127efcc1a899aab8c66d449a631c9a99c469
SHA256: 68c7c46b4299e94837e236ae742f399901a950fe910fe3ca710026753b5dd2e1
Referenced In Projects/Scopes: TheseFoolishThings :: Examples :: DCI :: Marshal XStream:compile TheseFoolishThings :: Examples :: Finder :: JPA Finder:compile TheseFoolishThings (modules):compile TheseFoolishThings :: Roles:compile TheseFoolishThings :: Actors:compile TheseFoolishThings :: MessageBus :: Spring:compile TheseFoolishThings :: Examples (master):compile TheseFoolishThings :: MessageBus:compile TheseFoolishThings :: Test Utilities:compile TheseFoolishThings :: Examples :: DCI :: Persistence JPA:compile TheseFoolishThings :: Examples :: Data:compile TheseFoolishThings :: Examples :: Finder :: In-memory Finder:compile TheseFoolishThings :: Utilities:compile TheseFoolishThings :: Examples :: DCI :: Swing:compile TheseFoolishThings :: Roles :: Spring:compile TheseFoolishThings :: Examples :: Finder :: Extended Finder:compile TheseFoolishThings :: Examples :: DCI :: Displayable:compile Evidence Type Source Name Value Confidence Vendor pom artifactid spotbugs-annotations Low Vendor pom url https://spotbugs.github.io/ Highest Vendor Manifest automatic-module-name com.github.spotbugs.annotations Medium Vendor pom groupid com.github.spotbugs Highest Vendor pom groupid github.spotbugs Highest Vendor Manifest bundle-symbolicname spotbugs-annotations Medium Vendor file name spotbugs-annotations High Vendor Manifest bundle-requiredexecutionenvironment J2SE-1.5 Low Vendor pom name SpotBugs Annotations High Product Manifest automatic-module-name com.github.spotbugs.annotations Medium Product pom artifactid spotbugs-annotations Highest Product pom groupid github.spotbugs Highest Product Manifest Bundle-Name spotbugs-annotations Medium Product Manifest bundle-symbolicname spotbugs-annotations Medium Product file name spotbugs-annotations High Product Manifest bundle-requiredexecutionenvironment J2SE-1.5 Low Product pom url https://spotbugs.github.io/ Medium Product pom name SpotBugs Annotations High Version Manifest Bundle-Version 3.1.9 High Version pom version 3.1.9 Highest Version file version 3.1.9 High
spring-core-4.3.30.RELEASE.jarDescription:
Spring Core License:
Apache License, Version 2.0: https://www.apache.org/licenses/LICENSE-2.0 File Path: /Volumes/Users/fritz/LocalData/Business/Tidalwave/Projects/WorkAreas/tidalwave.bitbucket.io/repository/org/springframework/spring-core/4.3.30.RELEASE/spring-core-4.3.30.RELEASE.jar
MD5: e34fafcb6ea7a2c9db80a686af31a27e
SHA1: b255bb7389e582d24574f75bc0c880ffb8103dfa
SHA256: 94a64b38e9dfa22df3c67664aea08aed559110bed386a736cb02a01d0254b236
Referenced In Projects/Scopes: TheseFoolishThings :: Examples :: Finder :: In-memory Finder:compile TheseFoolishThings :: Examples :: DCI :: Marshal XStream:compile TheseFoolishThings :: Examples :: Finder :: JPA Finder:compile TheseFoolishThings :: Examples :: DCI :: Swing:compile TheseFoolishThings :: Roles :: Spring:compile TheseFoolishThings :: Examples :: Finder :: Extended Finder:compile TheseFoolishThings :: MessageBus :: Spring:compile TheseFoolishThings :: Examples :: DCI :: Displayable:compile TheseFoolishThings :: Examples :: DCI :: Persistence JPA:compile TheseFoolishThings :: Examples :: Data:compile Evidence Type Source Name Value Confidence Vendor pom artifactid spring-core Low Vendor pom organization name Spring IO High Vendor jar package name io Highest Vendor pom url spring-projects/spring-framework Highest Vendor jar package name core Highest Vendor file name spring-core High Vendor pom organization url https://projects.spring.io/spring-framework Medium Vendor pom groupid org.springframework Highest Vendor jar package name springframework Highest Vendor hint analyzer vendor SpringSource Highest Vendor pom name Spring Core High Vendor pom groupid springframework Highest Vendor hint analyzer vendor vmware Highest Vendor hint analyzer vendor pivotal software Highest Product jar package name io Highest Product jar package name core Highest Product file name spring-core High Product pom artifactid spring-core Highest Product Manifest Implementation-Title spring-core High Product jar package name springframework Highest Product pom url spring-projects/spring-framework High Product hint analyzer product springsource_spring_framework Highest Product pom organization url https://projects.spring.io/spring-framework Low Product pom name Spring Core High Product pom groupid springframework Highest Product pom organization name Spring IO Low Version pom version 4.3.30.RELEASE Highest Version Manifest Implementation-Version 4.3.30.RELEASE High
Related Dependencies spring-context-4.3.30.RELEASE.jarFile Path: /Volumes/Users/fritz/LocalData/Business/Tidalwave/Projects/WorkAreas/tidalwave.bitbucket.io/repository/org/springframework/spring-context/4.3.30.RELEASE/spring-context-4.3.30.RELEASE.jar MD5: 490f15abc264678f2ef1e6f9d3a55926 SHA1: 6a66a573322d555fb97ce44419f032d266f94cc4 SHA256: 27b5bab0d84670d21cbcaeec53bfa323031d1bbfc22b01afbe8f136b825309b0 pkg:maven/org.springframework/spring-context@4.3.30.RELEASE spring-aop-4.3.30.RELEASE.jarFile Path: /Volumes/Users/fritz/LocalData/Business/Tidalwave/Projects/WorkAreas/tidalwave.bitbucket.io/repository/org/springframework/spring-aop/4.3.30.RELEASE/spring-aop-4.3.30.RELEASE.jar MD5: e718caefc0083dd07f9c5b69d878d193 SHA1: 0b2a6f86ea659114df66cc5d5763667c96336efd SHA256: 717129d1a0dc19f12c923eacbcf0d4efd45d33a326c6655c3279297afa30ee0b pkg:maven/org.springframework/spring-aop@4.3.30.RELEASE spring-aspects-4.3.30.RELEASE.jarFile Path: /Volumes/Users/fritz/LocalData/Business/Tidalwave/Projects/WorkAreas/tidalwave.bitbucket.io/repository/org/springframework/spring-aspects/4.3.30.RELEASE/spring-aspects-4.3.30.RELEASE.jar MD5: f283d9dff89caca6475f7a651e030291 SHA1: 49080b05d93bb927e489d0d0b90dcb181b670dfd SHA256: af1fa23633ee8ee60ee879467ecb21fbdf135aacce47350f1fb38c7b446dd8bc pkg:maven/org.springframework/spring-aspects@4.3.30.RELEASE spring-expression-4.3.30.RELEASE.jarFile Path: /Volumes/Users/fritz/LocalData/Business/Tidalwave/Projects/WorkAreas/tidalwave.bitbucket.io/repository/org/springframework/spring-expression/4.3.30.RELEASE/spring-expression-4.3.30.RELEASE.jar MD5: e9959f3eadbef7006c2721f27b324627 SHA1: 6ce0709c6899dde41a7213ccccfe2535e34c80fe SHA256: 21f6d95c15e1b93675b958c69cd9309754c6909dd25c01f120a3934de7e37749 pkg:maven/org.springframework/spring-expression@4.3.30.RELEASE spring-beans-4.3.30.RELEASE.jarFile Path: /Volumes/Users/fritz/LocalData/Business/Tidalwave/Projects/WorkAreas/tidalwave.bitbucket.io/repository/org/springframework/spring-beans/4.3.30.RELEASE/spring-beans-4.3.30.RELEASE.jar MD5: b07f7e509363f40654543bdab520dffd SHA1: fd6d361c817081ef9d2101e912b2cd9825c9f02a SHA256: 31575e38cbb0da38e88b166215d42b6024c6df08b29c21fa89361d15c533a741 pkg:maven/org.springframework/spring-beans@4.3.30.RELEASE stax-ex-1.8.jarDescription:
Extensions to JSR-173 StAX API. License:
Dual license consisting of the CDDL v1.1 and GPL v2
: https://glassfish.dev.java.net/public/CDDL+GPL_1_1.html File Path: /Volumes/Users/fritz/LocalData/Business/Tidalwave/Projects/WorkAreas/tidalwave.bitbucket.io/repository/org/jvnet/staxex/stax-ex/1.8/stax-ex-1.8.jar
MD5: a0ebfdbc6b5a34b174a1d1f732d1bdda
SHA1: 8cc35f73da321c29973191f2cf143d29d26a1df7
SHA256: 95b05d9590af4154c6513b9c5dc1fb2e55b539972ba0a9ef28e9a0c01d83ad77
Referenced In Project/Scope: TheseFoolishThings :: Examples :: Finder :: JPA Finder:compile
Evidence Type Source Name Value Confidence Vendor pom name Extended StAX API High Vendor Manifest Implementation-Vendor-Id org.jvnet.staxex Medium Vendor Manifest implementation-url http://stax-ex.java.net/ Low Vendor jar package name staxex Highest Vendor Manifest originally-created-by Apache Maven Bundle Plugin Low Vendor pom artifactid stax-ex Low Vendor pom parent-groupid net.java Medium Vendor Manifest implementation-build-id ${scmBranch}-${buildNumber}, ${timestamp} Low Vendor Manifest require-capability osgi.ee;filter:="(&(osgi.ee=JavaSE)(version=9.0))" Low Vendor pom url http://stax-ex.java.net/ Highest Vendor pom groupid org.jvnet.staxex Highest Vendor jar package name jvnet Highest Vendor pom groupid jvnet.staxex Highest Vendor Manifest bundle-symbolicname org.jvnet.staxex.stax-ex Medium Vendor file name stax-ex High Vendor pom parent-artifactid jvnet-parent Low Product pom name Extended StAX API High Product Manifest implementation-url http://stax-ex.java.net/ Low Product jar package name staxex Highest Product Manifest originally-created-by Apache Maven Bundle Plugin Low Product pom parent-groupid net.java Medium Product Manifest implementation-build-id ${scmBranch}-${buildNumber}, ${timestamp} Low Product pom url http://stax-ex.java.net/ Medium Product pom artifactid stax-ex Highest Product Manifest require-capability osgi.ee;filter:="(&(osgi.ee=JavaSE)(version=9.0))" Low Product Manifest Implementation-Title Extended StAX API High Product pom parent-artifactid jvnet-parent Medium Product jar package name jvnet Highest Product pom groupid jvnet.staxex Highest Product Manifest Bundle-Name Extended StAX API Medium Product Manifest bundle-symbolicname org.jvnet.staxex.stax-ex Medium Product file name stax-ex High Version pom parent-version 1.8 Low Version Manifest Implementation-Version 1.8 High Version pom version 1.8 Highest Version file version 1.8 High
testng-6.9.10.jarDescription:
Testing framework for Java License:
Apache Version 2.0, January 2004 File Path: /Volumes/Users/fritz/LocalData/Business/Tidalwave/Projects/WorkAreas/tidalwave.bitbucket.io/repository/org/testng/testng/6.9.10/testng-6.9.10.jar
MD5: 83e26cb672a81f5bbda139436ef4d8d0
SHA1: 6feb3e964aeb7097aff30c372aac3ec0f8d87ede
SHA256: 240ae7bbcf066aadff967b42a27a697693bf5a4e6a5ff4bf339b6bfe371288e4
Referenced In Project/Scope: TheseFoolishThings :: Test Utilities:compile
Evidence Type Source Name Value Confidence Vendor pom groupid testng Highest Vendor file name testng High Vendor Manifest build-time 01:14:26.500+0400 Low Vendor pom groupid org.testng Highest Vendor pom name testng High Vendor Manifest build-date 2015-12-16 Low Vendor Manifest bundle-symbolicname org.testng Medium Vendor jar package name testng Highest Vendor pom artifactid testng Low Vendor pom url http://github.com/cbeust/testng Highest Product pom groupid testng Highest Product file name testng High Product Manifest build-time 01:14:26.500+0400 Low Product pom url http://github.com/cbeust/testng Medium Product pom name testng High Product Manifest build-date 2015-12-16 Low Product Manifest bundle-symbolicname org.testng Medium Product Manifest Bundle-Name testng Medium Product pom artifactid testng Highest Product Manifest specification-title testng Medium Product jar package name testng Highest Version Manifest Bundle-Version 6.9.10 High Version pom version 6.9.10 Highest Version Manifest specification-version 6.9.10 High Version file version 6.9.10 High
testng-6.9.10.jar: jquery-1.7.1.min.jsFile Path: /Volumes/Users/fritz/LocalData/Business/Tidalwave/Projects/WorkAreas/tidalwave.bitbucket.io/repository/org/testng/testng/6.9.10/testng-6.9.10.jar/jquery-1.7.1.min.jsMD5: ddb84c1587287b2df08966081ef063bfSHA1: 9eb9ac595e9b5544e2dc79fff7cd2d0b4b5ef71fSHA256: 88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bdReferenced In Project/Scope: TheseFoolishThings :: Test Utilities:compile
Evidence Type Source Name Value Confidence Vendor file name jquery High Product file name jquery High Version file version 1.7.1.min High
Published Vulnerabilities CVE-2012-6708 suppress
jQuery before 1.9.0 is vulnerable to Cross-site Scripting (XSS) attacks. The jQuery(strInput) function does not differentiate selectors from HTML in a reliable fashion. In vulnerable versions, jQuery determined whether the input was HTML by looking for the '<' character anywhere in the string, giving attackers more flexibility when attempting to construct a malicious payload. In fixed versions, jQuery only deems the input to be HTML if it explicitly starts with the '<' character, limiting exploitability only to attackers who can control the beginning of a string, which is far less common. CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVSSv2:
Base Score: MEDIUM (4.3) Vector: /AV:N/AC:M/Au:N/C:N/I:P/A:N CVSSv3:
Base Score: MEDIUM (6.1) Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N References:
Vulnerable Software & Versions (NVD):
cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:* versions up to (excluding) 1.9.0 CVE-2015-9251 suppress
jQuery before 3.0.0 is vulnerable to Cross-site Scripting (XSS) attacks when a cross-domain Ajax request is performed without the dataType option, causing text/javascript responses to be executed. CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVSSv2:
Base Score: MEDIUM (4.3) Vector: /AV:N/AC:M/Au:N/C:N/I:P/A:N CVSSv3:
Base Score: MEDIUM (6.1) Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N References:
Vulnerable Software & Versions (NVD):
cpe:2.3:a:oracle:enterprise_operations_monitor:3.4:*:*:*:*:*:*:* cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.56:*:*:*:*:*:*:* cpe:2.3:a:oracle:retail_allocation:15.0.2:*:*:*:*:*:*:* cpe:2.3:a:oracle:hospitality_guest_access:4.2.1:*:*:*:*:*:*:* cpe:2.3:a:oracle:service_bus:12.1.3.0.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:healthcare_foundation:7.1:*:*:*:*:*:*:* cpe:2.3:a:oracle:endeca_information_discovery_studio:3.2.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:communications_interactive_session_recorder:6.2:*:*:*:*:*:*:* cpe:2.3:a:oracle:hospitality_cruise_fleet_management:9.0.11:*:*:*:*:*:*:* cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:*:*:*:*:*:*:*:* versions from (including) 7.3.3; versions up to (including) 7.3.5 cpe:2.3:a:oracle:jdeveloper:11.1.1.9.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:financial_services_profitability_management:*:*:*:*:*:*:*:* versions from (including) 8.0.4; versions up to (including) 8.0.6 cpe:2.3:a:oracle:retail_sales_audit:15.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:utilities_mobile_workforce_management:2.3.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:hospitality_materials_control:18.1:*:*:*:*:*:*:* cpe:2.3:a:oracle:insurance_insbridge_rating_and_underwriting:5.4:*:*:*:*:*:*:* cpe:2.3:a:oracle:business_process_management_suite:12.2.1.3.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:agile_product_lifecycle_management_for_process:6.2.0.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:hospitality_reporting_and_analytics:9.1.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:primavera_gateway:16.2:*:*:*:*:*:*:* cpe:2.3:a:oracle:communications_interactive_session_recorder:6.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:healthcare_foundation:7.2:*:*:*:*:*:*:* cpe:2.3:a:oracle:financial_services_market_risk_measurement_and_management:8.0.6:*:*:*:*:*:*:* cpe:2.3:a:oracle:enterprise_manager_ops_center:12.3.3:*:*:*:*:*:*:* cpe:2.3:a:oracle:agile_product_lifecycle_management_for_process:6.2.3.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:weblogic_server:12.2.1.3:*:*:*:*:*:*:* cpe:2.3:a:oracle:jdeveloper:12.1.3.0.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.55:*:*:*:*:*:*:* cpe:2.3:a:oracle:financial_services_reconciliation_framework:8.0.6:*:*:*:*:*:*:* cpe:2.3:a:oracle:siebel_ui_framework:18.10:*:*:*:*:*:*:* cpe:2.3:a:oracle:retail_customer_insights:15.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:retail_workforce_management_software:1.60.9:*:*:*:*:*:*:* cpe:2.3:a:oracle:financial_services_market_risk_measurement_and_management:8.0.5:*:*:*:*:*:*:* cpe:2.3:a:oracle:financial_services_reconciliation_framework:8.0.5:*:*:*:*:*:*:* cpe:2.3:a:oracle:enterprise_operations_monitor:4.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:primavera_gateway:17.12:*:*:*:*:*:*:* cpe:2.3:a:oracle:communications_converged_application_server:*:*:*:*:*:*:*:* versions up to (excluding) 7.0.0.1 cpe:2.3:a:oracle:agile_product_lifecycle_management_for_process:6.2.3.1:*:*:*:*:*:*:* cpe:2.3:a:oracle:financial_services_hedge_management_and_ifrs_valuations:*:*:*:*:*:*:*:* versions from (including) 8.0.4; versions up to (including) 8.0.7 cpe:2.3:a:oracle:financial_services_asset_liability_management:*:*:*:*:*:*:*:* versions from (including) 8.0.4; versions up to (including) 8.0.7 cpe:2.3:a:oracle:jd_edwards_enterpriseone_tools:9.2:*:*:*:*:*:*:* cpe:2.3:a:oracle:insurance_insbridge_rating_and_underwriting:5.5:*:*:*:*:*:*:* cpe:2.3:a:oracle:insurance_insbridge_rating_and_underwriting:5.2:*:*:*:*:*:*:* cpe:2.3:a:oracle:communications_interactive_session_recorder:6.1:*:*:*:*:*:*:* cpe:2.3:a:oracle:oss_support_tools:19.1:*:*:*:*:*:*:* cpe:2.3:a:oracle:business_process_management_suite:11.1.1.9.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:communications_webrtc_session_controller:*:*:*:*:*:*:*:* versions up to (excluding) 7.2 cpe:2.3:a:oracle:fusion_middleware_mapviewer:12.2.1.3.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:primavera_unifier:16.1:*:*:*:*:*:*:* cpe:2.3:a:oracle:financial_services_liquidity_risk_management:*:*:*:*:*:*:*:* versions from (including) 8.0.2; versions up to (including) 8.0.6 cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.57:*:*:*:*:*:*:* cpe:2.3:a:oracle:weblogic_server:12.1.3.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:siebel_ui_framework:18.11:*:*:*:*:*:*:* cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:*:*:*:*:*:*:*:* versions from (including) 8.0.0; versions up to (including) 8.0.7 cpe:2.3:a:oracle:communications_services_gatekeeper:*:*:*:*:*:*:*:* versions up to (excluding) 6.1.0.4.0 cpe:2.3:a:oracle:retail_customer_insights:16.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:agile_product_lifecycle_management_for_process:6.2.1.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:primavera_unifier:*:*:*:*:*:*:*:* versions from (including) 17.1; versions up to (including) 17.12 cpe:2.3:a:oracle:business_process_management_suite:12.1.3.0.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:webcenter_sites:11.1.1.8.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:financial_services_loan_loss_forecasting_and_provisioning:*:*:*:*:*:*:*:* versions from (including) 8.0.2; versions up to (including) 8.0.7 cpe:2.3:a:oracle:retail_workforce_management_software:1.64.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:hospitality_guest_access:4.2.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:agile_product_lifecycle_management_for_process:6.2.2.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:banking_platform:2.6.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:financial_services_funds_transfer_pricing:*:*:*:*:*:*:*:* versions from (including) 8.0.4; versions up to (including) 8.0.7 cpe:2.3:a:oracle:financial_services_data_integration_hub:*:*:*:*:*:*:*:* versions from (including) 8.0.5; versions up to (including) 8.0.7 cpe:2.3:a:oracle:primavera_unifier:16.2:*:*:*:*:*:*:* cpe:2.3:a:oracle:banking_platform:2.6.2:*:*:*:*:*:*:* cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:* versions up to (excluding) 3.0.0 cpe:2.3:a:oracle:endeca_information_discovery_studio:3.1.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:utilities_framework:*:*:*:*:*:*:*:* versions from (including) 4.3.0.1; versions up to (including) 4.3.0.4 cpe:2.3:a:oracle:jdeveloper:12.2.1.3.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:primavera_unifier:18.8:*:*:*:*:*:*:* cpe:2.3:a:oracle:enterprise_manager_ops_center:12.2.2:*:*:*:*:*:*:* cpe:2.3:a:oracle:real-time_scheduler:2.3.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:healthcare_translational_research:3.1.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:banking_platform:2.6.1:*:*:*:*:*:*:* cpe:2.3:a:oracle:service_bus:12.2.1.3.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:primavera_gateway:15.2:*:*:*:*:*:*:* cpe:2.3:a:oracle:retail_invoice_matching:15.0:*:*:*:*:*:*:* CVE-2019-11358 suppress
jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerable __proto__ property, it could extend the native Object.prototype. CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVSSv2:
Base Score: MEDIUM (4.3) Vector: /AV:N/AC:M/Au:N/C:N/I:P/A:N CVSSv3:
Base Score: MEDIUM (6.1) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N References:
Vulnerable Software & Versions (NVD):
cpe:2.3:a:oracle:communications_diameter_signaling_router:8.1:*:*:*:*:*:*:* cpe:2.3:a:oracle:bi_publisher:12.2.1.3.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:hospitality_simphony:*:*:*:*:*:*:*:* versions from (including) 19.1.0; versions up to (including) 19.1.2 cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.56:*:*:*:*:*:*:* cpe:2.3:a:oracle:primavera_gateway:*:*:*:*:*:*:*:* versions from (including) 17.12.0; versions up to (including) 17.12.7 cpe:2.3:a:oracle:communications_billing_and_revenue_management:12.0.0.3.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:hospitality_simphony:18.1:*:*:*:*:*:*:* cpe:2.3:a:oracle:application_testing_suite:13.2:*:*:*:*:*:*:* cpe:2.3:a:oracle:communications_element_manager:8.2.1:*:*:*:*:*:*:* cpe:2.3:a:oracle:policy_automation:*:*:*:*:*:*:*:* versions from (including) 12.2.0; versions up to (including) 12.2.15 cpe:2.3:a:oracle:retail_point-of-service:14.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:financial_services_liquidity_risk_management:8.0.2:*:*:*:*:*:*:* cpe:2.3:a:oracle:jdeveloper:12.2.1.4.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:communications_operations_monitor:4.1.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:tape_library_acsls:8.5:*:*:*:*:*:*:* cpe:2.3:a:oracle:banking_platform:*:*:*:*:*:*:*:* versions from (including) 2.4.0; versions up to (including) 2.10.0 cpe:2.3:a:oracle:rest_data_services:11.2.0.4:*:*:*:-:*:*:* cpe:2.3:a:oracle:financial_services_balance_sheet_planning:8.0.8:*:*:*:*:*:*:* cpe:2.3:a:netapp:snapcenter:-:*:*:*:*:*:*:* cpe:2.3:a:oracle:retail_central_office:14.1:*:*:*:*:*:*:* cpe:2.3:a:oracle:communications_diameter_signaling_router:8.2.1:*:*:*:*:*:*:* cpe:2.3:a:oracle:insurance_performance_insight:8.0.7:*:*:*:*:*:*:* cpe:2.3:a:oracle:storagetek_tape_analytics_sw_tool:2.3.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:communications_billing_and_revenue_management:12.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:financial_services_market_risk_measurement_and_management:8.0.6:*:*:*:*:*:*:* cpe:2.3:a:oracle:retail_customer_insights:15.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:financial_services_liquidity_risk_measurement_and_management:8.0.7:*:*:*:*:*:*:* cpe:2.3:a:oracle:communications_session_route_manager:8.1.1:*:*:*:*:*:*:* cpe:2.3:a:oracle:banking_digital_experience:20.1:*:*:*:*:*:*:* cpe:2.3:a:oracle:communications_operations_monitor:*:*:*:*:*:*:*:* versions from (including) 4.1; versions up to (including) 4.3 cpe:2.3:a:oracle:financial_services_data_integration_hub:8.1.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:webcenter_sites:12.2.1.3.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:banking_digital_experience:18.2:*:*:*:*:*:*:* cpe:2.3:a:oracle:financial_services_profitability_management:*:*:*:*:*:*:*:* versions from (including) 8.0.4; versions up to (including) 8.0.7 cpe:2.3:a:oracle:financial_services_hedge_management_and_ifrs_valuations:*:*:*:*:*:*:*:* versions from (including) 8.0.4; versions up to (including) 8.0.7 cpe:2.3:a:oracle:jd_edwards_enterpriseone_tools:9.2:*:*:*:*:*:*:* cpe:2.3:a:oracle:financial_services_price_creation_and_discovery:*:*:*:*:*:*:*:* versions from (including) 8.0.4; versions up to (including) 8.0.7 cpe:2.3:a:oracle:primavera_gateway:*:*:*:*:*:*:*:* versions from (including) 18.8.0; versions up to (including) 18.8.9 cpe:2.3:a:oracle:insurance_allocation_manager_for_enterprise_profitability:8.0.8:*:*:*:*:*:*:* cpe:2.3:a:oracle:communications_session_report_manager:8.2.1:*:*:*:*:*:*:* cpe:2.3:a:oracle:communications_session_route_manager:8.2.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:financial_services_retail_performance_analytics:8.0.6:*:*:*:*:*:*:* cpe:2.3:a:oracle:healthcare_foundation:7.2.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:enterprise_manager_ops_center:12.4.0.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:system_utilities:19.1:*:*:*:*:*:*:* cpe:2.3:a:oracle:financial_services_basel_regulatory_capital_basic:8.1.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:banking_enterprise_collections:*:*:*:*:*:*:*:* versions from (including) 2.7.0; versions up to (including) 2.8.0 cpe:2.3:a:oracle:financial_services_market_risk_measurement_and_management:8.0.8:*:*:*:*:*:*:* cpe:2.3:a:oracle:financial_services_regulatory_reporting_for_european_banking_authority:8.0.7:*:*:*:*:*:*:* cpe:2.3:a:oracle:retail_returns_management:14.1:*:*:*:*:*:*:* cpe:2.3:a:oracle:agile_product_lifecycle_management_for_process:6.2.1.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:hospitality_guest_access:4.2.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:retail_customer_management_and_segmentation_foundation:18.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:insurance_ifrs_17_analyzer:8.0.7:*:*:*:*:*:*:* cpe:2.3:a:oracle:weblogic_server:10.3.6.0.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:primavera_unifier:18.8:*:*:*:*:*:*:* cpe:2.3:a:oracle:application_testing_suite:12.5.0.3:*:*:*:*:*:*:* cpe:2.3:a:joomla:joomla\!:*:*:*:*:*:*:*:* versions from (including) 3.0.0; versions up to (including) 3.9.4 cpe:2.3:a:oracle:insurance_ifrs_17_analyzer:8.0.6:*:*:*:*:*:*:* cpe:2.3:a:oracle:application_service_level_management:13.2.0.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:financial_services_liquidity_risk_measurement_and_management:8.1.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:hospitality_guest_access:4.2.1:*:*:*:*:*:*:* cpe:2.3:a:oracle:communications_operations_monitor:3.4:*:*:*:*:*:*:* cpe:2.3:a:oracle:service_bus:12.1.3.0.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:identity_manager:12.2.1.3.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:2.4.0.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:financial_services_enterprise_financial_performance_analytics:8.0.6:*:*:*:*:*:*:* cpe:2.3:a:oracle:communications_session_report_manager:8.1.1:*:*:*:*:*:*:* cpe:2.3:a:oracle:weblogic_server:12.2.1.4.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:healthcare_translational_research:3.2.1:*:*:*:*:*:*:* cpe:2.3:a:oracle:policy_automation:12.1.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:communications_billing_and_revenue_management:7.5.0.23.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:financial_services_regulatory_reporting_for_de_nederlandsche_bank:8.0.4:*:*:*:*:*:*:* cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:*:*:*:*:*:*:*:* versions from (including) 7.3.3; versions up to (including) 7.3.5 cpe:2.3:a:oracle:tape_library_acsls:8.5.1:*:*:*:*:*:*:* cpe:2.3:a:oracle:insurance_allocation_manager_for_enterprise_profitability:8.1.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:rest_data_services:19c:*:*:*:-:*:*:* cpe:2.3:a:oracle:hospitality_materials_control:18.1:*:*:*:*:*:*:* cpe:2.3:a:oracle:policy_automation_connector_for_siebel:10.4.6:*:*:*:*:*:*:* cpe:2.3:a:oracle:business_process_management_suite:12.2.1.3.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:communications_operations_monitor:4.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:agile_product_lifecycle_management_for_process:6.2.3.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:enterprise_manager_ops_center:12.3.3:*:*:*:*:*:*:* cpe:2.3:a:oracle:financial_services_liquidity_risk_management:8.0.0.1.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:financial_services_market_risk_measurement_and_management:8.0.5:*:*:*:*:*:*:* cpe:2.3:a:oracle:financial_services_institutional_performance_analytics:*:*:*:*:*:*:*:* versions from (including) 8.0.4; versions up to (including) 8.0.7 cpe:2.3:a:oracle:healthcare_translational_research:3.3.1:*:*:*:*:*:*:* cpe:2.3:a:oracle:siebel_ui_framework:20.8:*:*:*:*:*:*:* cpe:2.3:a:oracle:financial_services_loan_loss_forecasting_and_provisioning:8.1.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:application_service_level_management:13.3.0.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:agile_product_lifecycle_management_for_process:6.1:*:*:*:*:*:*:* cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:* versions from (including) 8.6.0; versions up to (excluding) 8.6.15 cpe:2.3:a:oracle:communications_analytics:12.1.1:*:*:*:*:*:*:* cpe:2.3:a:oracle:communications_interactive_session_recorder:*:*:*:*:*:*:*:* versions from (including) 6.0; versions up to (including) 6.4 cpe:2.3:a:oracle:communications_unified_inventory_management:7.3:*:*:*:*:*:*:* cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.58:*:*:*:*:*:*:* cpe:2.3:a:oracle:financial_services_analytical_applications_reconciliation_framework:*:*:*:*:*:*:*:* versions from (including) 8.0.4; versions up to (including) 8.0.7 cpe:2.3:a:oracle:financial_services_funds_transfer_pricing:*:*:*:*:*:*:*:* versions from (including) 8.0.4; versions up to (including) 8.0.7 cpe:2.3:a:oracle:primavera_unifier:16.2:*:*:*:*:*:*:* cpe:2.3:a:oracle:financial_services_liquidity_risk_management:8.0.5.0.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:insurance_insbridge_rating_and_underwriting:5.6.1.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:financial_services_basel_regulatory_capital_internal_ratings_based_approach:*:*:*:*:*:*:*:* versions from (including) 8.0.4; versions up to (including) 8.0.7 cpe:2.3:a:oracle:financial_services_profitability_management:8.1.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:policy_automation_for_mobile_devices:*:*:*:*:*:*:*:* versions from (including) 12.2.0; versions up to (including) 12.2.15 cpe:2.3:a:oracle:rest_data_services:12.1.0.2:*:*:*:-:*:*:* cpe:2.3:a:oracle:communications_session_report_manager:8.2.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:financial_services_hedge_management_and_ifrs_valuations:8.1.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:application_testing_suite:13.1.0.1:*:*:*:*:*:*:* cpe:2.3:a:oracle:communications_unified_inventory_management:7.4.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:healthcare_foundation:7.3.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:application_express:*:*:*:*:*:*:*:* versions up to (excluding) 19.1 cpe:2.3:a:oracle:transportation_management:1.4.3:*:*:*:*:*:*:* cpe:2.3:a:oracle:retail_returns_management:14.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:communications_session_route_manager:8.2.1:*:*:*:*:*:*:* cpe:2.3:a:oracle:retail_point-of-service:14.1:*:*:*:*:*:*:* cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:* versions up to (excluding) 3.4.0 cpe:2.3:a:oracle:financial_services_liquidity_risk_measurement_and_management:8.0.8:*:*:*:*:*:*:* cpe:2.3:a:oracle:diagnostic_assistant:2.12.36:*:*:*:*:*:*:* cpe:2.3:a:oracle:retail_customer_management_and_segmentation_foundation:19.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:agile_product_lifecycle_management_for_process:6.2.0.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:retail_central_office:14.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:retail_back_office:14.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.55:*:*:*:*:*:*:* cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:*:*:*:*:*:*:*:* versions from (including) 8.0.2; versions up to (including) 8.1.0 cpe:2.3:a:oracle:hospitality_simphony:18.2:*:*:*:*:*:*:* cpe:2.3:a:oracle:banking_digital_experience:18.3:*:*:*:*:*:*:* cpe:2.3:a:oracle:rest_data_services:18c:*:*:*:-:*:*:* cpe:2.3:a:oracle:application_testing_suite:13.2.0.1:*:*:*:*:*:*:* cpe:2.3:a:oracle:jdeveloper_and_adf:12.1.3.0.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:application_testing_suite:13.3:*:*:*:*:*:*:* cpe:2.3:a:oracle:financial_services_asset_liability_management:*:*:*:*:*:*:*:* versions from (including) 8.0.4; versions up to (including) 8.0.7 cpe:2.3:a:oracle:communications_application_session_controller:3.8m0:*:*:*:*:*:*:* cpe:2.3:a:oracle:weblogic_server:12.1.3.0.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:financial_services_funds_transfer_pricing:8.1.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:communications_element_manager:8.1.1:*:*:*:*:*:*:* cpe:2.3:a:oracle:weblogic_server:12.2.1.3.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:communications_billing_and_revenue_management:7.5:*:*:*:*:*:*:* cpe:2.3:a:oracle:communications_diameter_signaling_router:8.2:*:*:*:*:*:*:* cpe:2.3:a:oracle:communications_element_manager:8.2.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:financial_services_data_foundation:*:*:*:*:*:*:*:* versions from (including) 8.0.4; versions up to (including) 8.0.8 cpe:2.3:a:oracle:insurance_insbridge_rating_and_underwriting:*:*:*:*:*:*:*:* versions from (including) 5.0.0.0; versions up to (including) 5.6.0.0 cpe:2.3:a:oracle:financial_services_regulatory_reporting_for_european_banking_authority:8.0.6:*:*:*:*:*:*:* cpe:2.3:a:oracle:banking_digital_experience:19.2:*:*:*:*:*:*:* cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:* versions from (including) 7.0; versions up to (excluding) 7.66 cpe:2.3:a:oracle:financial_services_regulatory_reporting_for_us_federal_reserve:*:*:*:*:*:*:*:* versions from (including) 8.0.4; versions up to (including) 8.0.7 cpe:2.3:a:oracle:financial_services_basel_regulatory_capital_basic:*:*:*:*:*:*:*:* versions from (including) 8.0.4; versions up to (including) 8.0.7 cpe:2.3:a:oracle:retail_customer_insights:16.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:financial_services_retail_performance_analytics:8.0.7:*:*:*:*:*:*:* cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:2.4.0.1:*:*:*:*:*:*:* cpe:2.3:a:oracle:financial_services_liquidity_risk_management:8.0.4.0.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:business_process_management_suite:12.2.1.4.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:financial_services_loan_loss_forecasting_and_provisioning:*:*:*:*:*:*:*:* versions from (including) 8.0.2; versions up to (including) 8.0.7 cpe:2.3:a:oracle:jdeveloper_and_adf:11.1.1.9.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:agile_product_lifecycle_management_for_process:6.2.2.0:*:*:*:*:*:*:* cpe:2.3:a:redhat:cloudforms:4.7:*:*:*:*:*:*:* cpe:2.3:a:oracle:service_bus:11.1.1.9.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:primavera_gateway:*:*:*:*:*:*:*:* versions from (including) 19.12.0; versions up to (including) 19.12.4 cpe:2.3:a:oracle:financial_services_retail_customer_analytics:*:*:*:*:*:*:*:* versions from (including) 8.0.4; versions up to (including) 8.0.6 cpe:2.3:a:oracle:healthcare_foundation:7.2.2:*:*:*:*:*:*:* cpe:2.3:a:oracle:real-time_scheduler:*:*:*:*:*:*:*:* versions from (including) 2.3.0.1; versions up to (including) 2.3.0.3 cpe:2.3:a:oracle:rest_data_services:12.2.0.1:*:*:*:-:*:*:* cpe:2.3:a:oracle:healthcare_translational_research:3.1.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:service_bus:12.2.1.3.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:jdeveloper_and_adf:12.2.1.3.0:*:*:*:*:*:*:* cpe:2.3:a:redhat:virtualization_manager:4.3:*:*:*:*:*:*:* cpe:2.3:a:oracle:communications_diameter_signaling_router:8.0.0:*:*:*:*:*:*:* cpe:2.3:a:backdropcms:backdrop:*:*:*:*:*:*:*:* versions from (including) 1.11.0; versions up to (excluding) 1.11.9 cpe:2.3:a:oracle:bi_publisher:5.5.0.0.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:communications_webrtc_session_controller:7.2:*:*:*:*:*:*:* cpe:2.3:a:oracle:financial_services_analytical_applications_reconciliation_framework:8.1.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:financial_services_basel_regulatory_capital_internal_ratings_based_approach:8.1.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:financial_services_data_governance_for_us_regulatory_reporting:*:*:*:*:*:*:*:* versions from (including) 8.0.6; versions up to (including) 8.0.9 cpe:2.3:a:oracle:healthcare_translational_research:3.3.2:*:*:*:*:*:*:* cpe:2.3:a:oracle:banking_digital_experience:19.1:*:*:*:*:*:*:* cpe:2.3:a:oracle:jdeveloper:11.1.1.9.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:policy_automation:10.4.7:*:*:*:*:*:*:* cpe:2.3:a:oracle:application_testing_suite:13.3.0.1:*:*:*:*:*:*:* cpe:2.3:a:oracle:enterprise_manager_ops_center:12.4.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:healthcare_foundation:7.1.1:*:*:*:*:*:*:* cpe:2.3:a:oracle:big_data_discovery:1.6:*:*:*:*:*:*:* cpe:2.3:a:netapp:oncommand_system_manager:*:*:*:*:*:*:*:* versions from (including) 3.0; versions up to (including) 3.1.3 cpe:2.3:a:oracle:retail_back_office:14.1:*:*:*:*:*:*:* cpe:2.3:a:oracle:financial_services_liquidity_risk_management:8.0.6:*:*:*:*:*:*:* cpe:2.3:a:oracle:siebel_mobile_applications:*:*:*:*:*:*:*:* versions up to (including) 19.8 cpe:2.3:a:oracle:bi_publisher:12.2.1.4.0:*:*:*:*:*:*:* cpe:2.3:a:opensuse:backports_sle:15.0:sp1:*:*:*:*:*:* cpe:2.3:a:oracle:banking_digital_experience:18.1:*:*:*:*:*:*:* cpe:2.3:a:oracle:policy_automation:12.1.1:*:*:*:*:*:*:* cpe:2.3:a:backdropcms:backdrop:*:*:*:*:*:*:*:* versions from (including) 1.12.0; versions up to (excluding) 1.12.6 cpe:2.3:a:oracle:primavera_gateway:15.2.18:*:*:*:*:*:*:* cpe:2.3:a:oracle:fusion_middleware_mapviewer:12.2.1.3.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:primavera_unifier:16.1:*:*:*:*:*:*:* cpe:2.3:a:oracle:financial_services_enterprise_financial_performance_analytics:8.0.7:*:*:*:*:*:*:* cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.57:*:*:*:*:*:*:* cpe:2.3:a:oracle:utilities_mobile_workforce_management:*:*:*:*:*:*:*:* versions from (including) 2.3.0.1; versions up to (including) 2.3.0.3 cpe:2.3:a:oracle:primavera_gateway:*:*:*:*:*:*:*:* versions from (including) 16.2.0; versions up to (including) 16.2.11 cpe:2.3:a:oracle:knowledge:*:*:*:*:*:*:*:* versions from (including) 8.6.0; versions up to (including) 8.6.3 cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:* versions from (including) 8.5.0; versions up to (excluding) 8.5.15 cpe:2.3:a:oracle:enterprise_session_border_controller:8.4:*:*:*:*:*:*:* cpe:2.3:a:oracle:primavera_unifier:*:*:*:*:*:*:*:* versions from (including) 17.7; versions up to (including) 17.12 cpe:2.3:a:oracle:healthcare_translational_research:3.4.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:financial_services_data_integration_hub:*:*:*:*:*:*:*:* versions from (including) 8.0.5; versions up to (including) 8.0.7 cpe:2.3:a:oracle:insurance_data_foundation:*:*:*:*:*:*:*:* versions from (including) 8.0.4; versions up to (including) 8.0.7 cpe:2.3:a:oracle:insurance_accounting_analyzer:8.0.9:*:*:*:*:*:*:* cpe:2.3:a:oracle:weblogic_server:14.1.1.0.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:jdeveloper:12.2.1.3.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:financial_services_asset_liability_management:8.1.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:financial_services_institutional_performance_analytics:8.1.0:*:*:*:*:*:*:* CVE-2020-11022 suppress
In jQuery versions greater than or equal to 1.2 and before 3.5.0, passing HTML from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0. CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVSSv2:
Base Score: MEDIUM (4.3) Vector: /AV:N/AC:M/Au:N/C:N/I:P/A:N CVSSv3:
Base Score: MEDIUM (6.1) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N References:
Vulnerable Software & Versions (NVD):
cpe:2.3:a:oracle:hospitality_simphony:*:*:*:*:*:*:*:* versions from (including) 19.1.0; versions up to (including) 19.1.2 cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.56:*:*:*:*:*:*:* cpe:2.3:a:oracle:financial_services_hedge_management_and_ifrs_valuations:8.1.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:communications_billing_and_revenue_management:12.0.0.3.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:hospitality_simphony:18.1:*:*:*:*:*:*:* cpe:2.3:a:oracle:healthcare_foundation:7.3.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:financial_services_analytical_applications_reconciliation_framework:*:*:*:*:*:*:*:* versions from (including) 8.0.6; versions up to (including) 8.0.8 cpe:2.3:a:oracle:insurance_data_foundation:8.0.6-8.1.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:financial_services_basel_regulatory_capital_internal_ratings_based_approach:*:*:*:*:*:*:*:* versions from (including) 8.0.6; versions up to (including) 8.0.8 cpe:2.3:a:oracle:jdeveloper:12.2.1.4.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:communications_diameter_signaling_router_idih\::*:*:*:*:*:*:*:* versions from (including) 8.0.0; versions up to (including) 8.2.2 cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:* versions from (including) 8.8.0; versions up to (excluding) 8.8.6 cpe:2.3:a:oracle:retail_returns_management:14.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:financial_services_balance_sheet_planning:8.0.8:*:*:*:*:*:*:* cpe:2.3:a:oracle:financial_services_institutional_performance_analytics:8.0.7:*:*:*:*:*:*:* cpe:2.3:a:netapp:snapcenter:-:*:*:*:*:*:*:* cpe:2.3:a:oracle:financial_services_liquidity_risk_measurement_and_management:8.0.8:*:*:*:*:*:*:* cpe:2.3:a:oracle:retail_customer_management_and_segmentation_foundation:19.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:agile_product_lifecycle_management_for_process:6.2.0.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:financial_services_data_integration_hub:8.0.6:*:*:*:*:*:*:* cpe:2.3:a:oracle:financial_services_market_risk_measurement_and_management:8.0.6:*:*:*:*:*:*:* cpe:2.3:a:oracle:retail_back_office:14.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:hospitality_simphony:18.2:*:*:*:*:*:*:* cpe:2.3:a:oracle:banking_digital_experience:18.3:*:*:*:*:*:*:* cpe:2.3:a:oracle:financial_services_liquidity_risk_measurement_and_management:8.0.7:*:*:*:*:*:*:* cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:*:*:*:*:*:*:*:* versions from (including) 8.0.6; versions up to (including) 8.1.0 cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:* versions from (including) 8.7.0; versions up to (excluding) 8.7.14 cpe:2.3:a:oracle:banking_digital_experience:20.1:*:*:*:*:*:*:* cpe:2.3:a:oracle:financial_services_data_integration_hub:8.1.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:banking_digital_experience:18.2:*:*:*:*:*:*:* cpe:2.3:a:oracle:communications_application_session_controller:3.8m0:*:*:*:*:*:*:* cpe:2.3:a:oracle:weblogic_server:12.1.3.0.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:financial_services_funds_transfer_pricing:8.1.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:*:*:*:*:*:*:*:* versions from (including) 8.0.6.0.0; versions up to (including) 8.1.0.0.0 cpe:2.3:a:oracle:insurance_data_foundation:*:*:*:*:*:*:*:* versions from (including) 8.0.6; versions up to (including) 8.1.0 cpe:2.3:a:oracle:insurance_allocation_manager_for_enterprise_profitability:8.0.8:*:*:*:*:*:*:* cpe:2.3:a:oracle:healthcare_foundation:7.2.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:weblogic_server:12.2.1.3.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:agile_product_supplier_collaboration_for_process:6.2.0.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:enterprise_manager_ops_center:12.4.0.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:insurance_insbridge_rating_and_underwriting:*:*:*:*:*:*:*:* versions from (including) 5.0.0.0; versions up to (including) 5.6.0.0 cpe:2.3:a:oracle:banking_digital_experience:19.2:*:*:*:*:*:*:* cpe:2.3:a:oracle:financial_services_basel_regulatory_capital_basic:8.1.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:financial_services_market_risk_measurement_and_management:8.0.8:*:*:*:*:*:*:* cpe:2.3:a:netapp:snap_creator_framework:-:*:*:*:*:*:*:* cpe:2.3:a:oracle:hospitality_simphony:19.1.0-19.1.2:*:*:*:*:*:*:* cpe:2.3:a:oracle:retail_returns_management:14.1:*:*:*:*:*:*:* cpe:2.3:a:oracle:policy_automation_for_mobile_devices:*:*:*:*:*:*:*:* versions from (including) 12.2.0; versions up to (including) 12.2.20 cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:* versions from (including) 7.0; versions up to (excluding) 7.70 cpe:2.3:a:oracle:financial_services_regulatory_reporting_for_us_federal_reserve:*:*:*:*:*:*:*:* versions from (including) 8.0.6; versions up to (including) 8.0.9 cpe:2.3:a:oracle:financial_services_price_creation_and_discovery:8.0.7:*:*:*:*:*:*:* cpe:2.3:a:oracle:weblogic_server:10.3.6.0.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:financial_services_price_creation_and_discovery:8.0.6:*:*:*:*:*:*:* cpe:2.3:a:oracle:healthcare_foundation:7.2.1:*:*:*:*:*:*:* cpe:2.3:a:oracle:financial_services_liquidity_risk_measurement_and_management:8.1.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:communications_webrtc_session_controller:7.2:*:*:*:*:*:*:* cpe:2.3:a:oracle:financial_services_analytical_applications_reconciliation_framework:8.1.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:financial_services_basel_regulatory_capital_internal_ratings_based_approach:8.1.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:financial_services_funds_transfer_pricing:8.0.6:*:*:*:*:*:*:* cpe:2.3:a:oracle:weblogic_server:12.2.1.4.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:communications_billing_and_revenue_management:7.5.0.23.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:financial_services_data_governance_for_us_regulatory_reporting:*:*:*:*:*:*:*:* versions from (including) 8.0.6; versions up to (including) 8.0.9 cpe:2.3:a:tenable:log_correlation_engine:*:*:*:*:*:*:*:* versions up to (excluding) 6.0.9 cpe:2.3:a:oracle:financial_services_asset_liability_management:8.0.7:*:*:*:*:*:*:* cpe:2.3:a:oracle:financial_services_hedge_management_and_ifrs_valuations:*:*:*:*:*:*:*:* versions from (including) 8.0.6; versions up to (including) 8.0.8 cpe:2.3:a:oracle:banking_digital_experience:19.1:*:*:*:*:*:*:* cpe:2.3:a:oracle:insurance_allocation_manager_for_enterprise_profitability:8.1.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:jdeveloper:11.1.1.9.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:financial_services_asset_liability_management:8.0.6:*:*:*:*:*:*:* cpe:2.3:a:oracle:policy_automation:*:*:*:*:*:*:*:* versions from (including) 12.2.0; versions up to (including) 12.2.20 cpe:2.3:a:oracle:financial_services_profitability_management:8.0.6:*:*:*:*:*:*:* cpe:2.3:a:oracle:hospitality_materials_control:18.1:*:*:*:*:*:*:* cpe:2.3:a:oracle:application_testing_suite:13.3.0.1:*:*:*:*:*:*:* cpe:2.3:a:oracle:policy_automation_connector_for_siebel:10.4.6:*:*:*:*:*:*:* cpe:2.3:a:oracle:healthcare_foundation:7.1.1:*:*:*:*:*:*:* cpe:2.3:a:oracle:banking_digital_experience:*:*:*:*:*:*:*:* versions from (including) 18.1; versions up to (including) 20.1 cpe:2.3:a:netapp:oncommand_system_manager:*:*:*:*:*:*:*:* versions from (including) 3.0; versions up to (including) 3.1.3 cpe:2.3:a:oracle:retail_back_office:14.1:*:*:*:*:*:*:* cpe:2.3:a:oracle:financial_services_liquidity_risk_management:8.0.6:*:*:*:*:*:*:* cpe:2.3:a:oracle:financial_services_profitability_management:8.0.7:*:*:*:*:*:*:* cpe:2.3:a:oracle:financial_services_institutional_performance_analytics:8.0.6:*:*:*:*:*:*:* cpe:2.3:a:oracle:siebel_ui_framework:20.8:*:*:*:*:*:*:* cpe:2.3:a:oracle:financial_services_basel_regulatory_capital_basic:*:*:*:*:*:*:*:* versions from (including) 8.0.6; versions up to (including) 8.0.8 cpe:2.3:a:oracle:financial_services_loan_loss_forecasting_and_provisioning:8.1.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:banking_digital_experience:18.1:*:*:*:*:*:*:* cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:* cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.57:*:*:*:*:*:*:* cpe:2.3:a:oracle:financial_services_loan_loss_forecasting_and_provisioning:*:*:*:*:*:*:*:* versions from (including) 8.0.6; versions up to (including) 8.0.8 cpe:2.3:a:netapp:max_data:-:*:*:*:*:*:*:* cpe:2.3:a:oracle:financial_services_funds_transfer_pricing:8.0.7:*:*:*:*:*:*:* cpe:2.3:a:oracle:financial_services_data_integration_hub:8.0.7:*:*:*:*:*:*:* cpe:2.3:a:oracle:financial_services_regulatory_reporting_for_european_banking_authority:*:*:*:*:*:*:*:* versions from (including) 8.0.6; versions up to (including) 8.1.0 cpe:2.3:a:oracle:financial_services_data_foundation:*:*:*:*:*:*:*:* versions from (including) 8.0.6; versions up to (including) 8.1.0 cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:* versions from (including) 1.2; versions up to (excluding) 3.5.0 cpe:2.3:a:oracle:enterprise_session_border_controller:8.4:*:*:*:*:*:*:* cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.58:*:*:*:*:*:*:* cpe:2.3:a:oracle:insurance_accounting_analyzer:8.0.9:*:*:*:*:*:*:* cpe:2.3:a:oracle:insurance_insbridge_rating_and_underwriting:5.6.1.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:weblogic_server:14.1.1.0.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:jdeveloper:12.2.1.3.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:financial_services_profitability_management:8.1.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:financial_services_asset_liability_management:8.1.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:financial_services_institutional_performance_analytics:8.1.0:*:*:*:*:*:*:* CVE-2020-11023 suppress
In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, passing HTML containing <option> elements from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0. CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVSSv2:
Base Score: MEDIUM (4.3) Vector: /AV:N/AC:M/Au:N/C:N/I:P/A:N CVSSv3:
Base Score: MEDIUM (6.1) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N References:
Vulnerable Software & Versions (NVD):
cpe:2.3:a:oracle:communications_operations_monitor:3.4:*:*:*:*:*:*:* cpe:2.3:a:oracle:communications_session_report_manager:8.2.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:primavera_gateway:*:*:*:*:*:*:*:* versions from (including) 17.12.0; versions up to (including) 17.12.7 cpe:2.3:a:oracle:communications_element_manager:8.2.1:*:*:*:*:*:*:* cpe:2.3:a:oracle:communications_session_report_manager:8.1.1:*:*:*:*:*:*:* cpe:2.3:a:oracle:health_sciences_inform:6.3.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:weblogic_server:12.2.1.4.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:healthcare_translational_research:3.2.1:*:*:*:*:*:*:* cpe:2.3:a:oracle:financial_services_regulatory_reporting_for_de_nederlandsche_bank:8.0.4:*:*:*:*:*:*:* cpe:2.3:a:oracle:healthcare_translational_research:3.3.2:*:*:*:*:*:*:* cpe:2.3:a:oracle:hyperion_financial_reporting:11.1.2.4:*:*:*:*:*:*:* cpe:2.3:a:tenable:log_correlation_engine:*:*:*:*:*:*:*:* versions up to (excluding) 6.0.9 cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:* versions from (including) 8.8.0; versions up to (excluding) 8.8.6 cpe:2.3:a:oracle:peoplesoft_enterprise_human_capital_management_resources:9.2:*:*:*:*:*:*:* cpe:2.3:a:oracle:banking_platform:*:*:*:*:*:*:*:* versions from (including) 2.4.0; versions up to (including) 2.10.0 cpe:2.3:a:oracle:communications_session_route_manager:8.2.1:*:*:*:*:*:*:* cpe:2.3:a:oracle:rest_data_services:19c:*:*:*:-:*:*:* cpe:2.3:a:oracle:rest_data_services:11.2.0.4:*:*:*:-:*:*:* cpe:2.3:a:oracle:financial_services_revenue_management_and_billing_analytics:2.7:*:*:*:*:*:*:* cpe:2.3:a:oracle:application_testing_suite:13.3.0.1:*:*:*:*:*:*:* cpe:2.3:a:oracle:application_express:*:*:*:*:*:*:*:* versions up to (excluding) 20.2 cpe:2.3:a:netapp:snapcenter_server:-:*:*:*:*:*:*:* cpe:2.3:a:oracle:rest_data_services:18c:*:*:*:-:*:*:* cpe:2.3:a:oracle:storagetek_tape_analytics_sw_tool:2.3.1:*:*:*:*:*:*:* cpe:2.3:a:oracle:communications_session_route_manager:8.1.1:*:*:*:*:*:*:* cpe:2.3:a:netapp:oncommand_system_manager:*:*:*:*:*:*:*:* versions from (including) 3.0; versions up to (including) 3.1.3 cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:* versions from (including) 8.7.0; versions up to (excluding) 8.7.14 cpe:2.3:a:oracle:communications_operations_monitor:*:*:*:*:*:*:*:* versions from (including) 4.1; versions up to (including) 4.3 cpe:2.3:a:oracle:webcenter_sites:12.2.1.3.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:financial_services_revenue_management_and_billing_analytics:2.8:*:*:*:*:*:*:* cpe:2.3:a:oracle:healthcare_translational_research:3.3.1:*:*:*:*:*:*:* cpe:2.3:a:oracle:weblogic_server:12.1.3.0.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:jd_edwards_enterpriseone_orchestrator:*:*:*:*:*:*:*:* versions up to (excluding) 9.2.5.0 cpe:2.3:a:oracle:primavera_gateway:*:*:*:*:*:*:*:* versions from (including) 18.8.0; versions up to (including) 18.8.9 cpe:2.3:a:oracle:webcenter_sites:12.2.1.4.0:*:*:*:*:*:*:* cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:* cpe:2.3:a:oracle:communications_element_manager:8.1.1:*:*:*:*:*:*:* cpe:2.3:a:oracle:communications_session_report_manager:8.2.1:*:*:*:*:*:*:* cpe:2.3:a:oracle:communications_session_route_manager:8.2.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:primavera_gateway:*:*:*:*:*:*:*:* versions from (including) 16.2; versions up to (including) 16.2.11 cpe:2.3:a:oracle:weblogic_server:12.2.1.3.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:communications_element_manager:8.2.0:*:*:*:*:*:*:* cpe:2.3:a:netapp:max_data:-:*:*:*:*:*:*:* cpe:2.3:a:oracle:banking_enterprise_collections:*:*:*:*:*:*:*:* versions from (including) 2.7.0; versions up to (including) 2.8.0 cpe:2.3:a:netapp:snap_creator_framework:-:*:*:*:*:*:*:* cpe:2.3:a:oracle:communications_analytics:12.1.1:*:*:*:*:*:*:* cpe:2.3:a:oracle:communications_interactive_session_recorder:*:*:*:*:*:*:*:* versions from (including) 6.1; versions up to (including) 6.4 cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:* versions from (including) 1.0.3; versions up to (excluding) 3.5.0 cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:* versions from (including) 7.0; versions up to (excluding) 7.70 cpe:2.3:a:oracle:oss_support_tools:*:*:*:*:*:*:*:* versions up to (excluding) 2.12.41 cpe:2.3:a:oracle:healthcare_translational_research:3.4.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:primavera_gateway:*:*:*:*:*:*:*:* versions from (including) 19.12.0; versions up to (including) 19.12.4 cpe:2.3:a:oracle:weblogic_server:14.1.1.0.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:rest_data_services:12.2.0.1:*:*:*:-:*:*:* cpe:2.3:a:oracle:siebel_mobile:*:*:*:*:*:*:*:* versions up to (including) 20.12 cpe:2.3:a:oracle:jd_edwards_enterpriseone_tools:*:*:*:*:*:*:*:* versions up to (excluding) 9.2.5.0 cpe:2.3:a:oracle:rest_data_services:12.1.0.2:*:*:*:-:*:*:* testng-6.9.10.jar: testng-reports.jsFile Path: /Volumes/Users/fritz/LocalData/Business/Tidalwave/Projects/WorkAreas/tidalwave.bitbucket.io/repository/org/testng/testng/6.9.10/testng-6.9.10.jar/testng-reports.jsMD5: 4311beca6e78e253ebd35f4f8c46166dSHA1: f40c090d15e2e6eb179b4eb3919c365afe882adeSHA256: 45616558165413f0bc3f315e6bd52f7f4238d384169b3355e2e0465a611642cbReferenced In Project/Scope: TheseFoolishThings :: Test Utilities:compile
Evidence Type Source Name Value Confidence
txw2-2.3.1.jarDescription:
TXW is a library that allows you to write XML documents.
File Path: /Volumes/Users/fritz/LocalData/Business/Tidalwave/Projects/WorkAreas/tidalwave.bitbucket.io/repository/org/glassfish/jaxb/txw2/2.3.1/txw2-2.3.1.jarMD5: 0fed730907ba86376ef392ee7eb42d5fSHA1: a09d2c48d3285f206fafbffe0e50619284e92126SHA256: 34975dde1c6920f1a39791142235689bc3cd357e24d05edd8ff93b885bd68d60Referenced In Project/Scope: TheseFoolishThings :: Examples :: Finder :: JPA Finder:compile
Evidence Type Source Name Value Confidence Vendor Manifest Implementation-Vendor Oracle High Vendor jar (hint) package name oracle Highest Vendor Manifest Implementation-Vendor-Id com.oracle Medium Vendor jar package name xml Highest Vendor pom parent-groupid com.sun.xml.bind.mvn Medium Vendor pom artifactid txw2 Low Vendor Manifest (hint) Implementation-Vendor sun High Vendor pom groupid org.glassfish.jaxb Highest Vendor jar package name txw Highest Vendor pom name TXW2 Runtime High Vendor pom groupid glassfish.jaxb Highest Vendor jar package name sun Highest Vendor Manifest git-revision ad5fa4c697632694cbcfa80177707db908cd98b2 Low Vendor pom parent-artifactid jaxb-txw-parent Low Vendor jar package name txw2 Highest Vendor file name txw2 High Product pom parent-artifactid jaxb-txw-parent Medium Product Manifest Implementation-Title TXW Runtime High Product jar package name xml Highest Product pom parent-groupid com.sun.xml.bind.mvn Medium Product pom artifactid txw2 Highest Product jar package name txw Highest Product Manifest specification-title Java Architecture for XML Binding Medium Product pom name TXW2 Runtime High Product pom groupid glassfish.jaxb Highest Product jar package name sun Highest Product Manifest git-revision ad5fa4c697632694cbcfa80177707db908cd98b2 Low Product jar package name txw2 Highest Product file name txw2 High Version Manifest major-version 2.3.1 Medium Version Manifest Implementation-Version 2.3.1 High Version file version 2.3.1 High Version Manifest build-id 2.3.1 Medium Version pom version 2.3.1 Highest
uuid-2.1.5.jarFile Path: /Volumes/Users/fritz/LocalData/Business/Tidalwave/Projects/WorkAreas/tidalwave.bitbucket.io/repository/com/eaio/uuid/2.1.5/uuid-2.1.5.jarMD5: aec8f2716d5e9abd040afb744bf4f32bSHA1: 69f75f7ff06261b00bcd77408bb457e5f80d29fdSHA256: d4cf42667d4f314931fb7a7fc8ea19ad3001764d769a174e78284a58677ec248Referenced In Project/Scope: TheseFoolishThings :: Actors:compile
Evidence Type Source Name Value Confidence Vendor pom groupid com.eaio Highest Vendor file name uuid High Vendor jar package name eaio Highest Vendor manifest: com/eaio/uuid Implementation-Vendor eaio (<http://eaio.com>) Medium Vendor jar package name uuid Highest Vendor pom groupid eaio Highest Vendor pom artifactid uuid Low Product pom artifactid uuid Highest Product file name uuid High Product jar package name eaio Highest Product jar package name uuid Highest Product pom groupid eaio Highest Product manifest: com/eaio/uuid Implementation-Title eaio: UUID - generate UUIDs (or GUIDs) in Java Medium Version pom version 2.1.5 Highest Version file version 2.1.5 High
xmlpull-1.1.3.1.jarLicense:
Public Domain: http://www.xmlpull.org/v1/download/unpacked/LICENSE.txt File Path: /Volumes/Users/fritz/LocalData/Business/Tidalwave/Projects/WorkAreas/tidalwave.bitbucket.io/repository/xmlpull/xmlpull/1.1.3.1/xmlpull-1.1.3.1.jar
MD5: cc57dacc720eca721a50e78934b822d2
SHA1: 2b8e230d2ab644e4ecaa94db7cdedbc40c805dfa
SHA256: 34e08ee62116071cbb69c0ed70d15a7a5b208d62798c59f2120bb8929324cb63
Referenced In Projects/Scopes: TheseFoolishThings :: Examples :: DCI :: Marshal XStream:compile TheseFoolishThings :: Examples :: DCI :: Displayable:compile Evidence Type Source Name Value Confidence Vendor jar package name xmlpull Highest Vendor jar package name xmlpull Low Vendor pom url http://www.xmlpull.org Highest Vendor pom artifactid xmlpull Low Vendor jar package name v1 Low Vendor file name xmlpull High Vendor pom groupid xmlpull Highest Vendor pom name XML Pull Parsing API High Product pom artifactid xmlpull Highest Product jar package name xmlpull Highest Product jar package name v1 Low Product file name xmlpull High Product pom groupid xmlpull Highest Product pom name XML Pull Parsing API High Product pom url http://www.xmlpull.org Medium Version pom version 1.1.3.1 Highest Version file version 1.1.3.1 High
xstream-1.4.18.jarDescription:
XStream is a serialization library from Java objects to XML and back. License:
BSD-3-Clause File Path: /Volumes/Users/fritz/LocalData/Business/Tidalwave/Projects/WorkAreas/tidalwave.bitbucket.io/repository/com/thoughtworks/xstream/xstream/1.4.18/xstream-1.4.18.jar
MD5: f7fe05e55a62b24900205f5298721c4a
SHA1: 12eb80b4c4b83b184b669866f510a0eae13f9475
SHA256: 0af1a39b127fb2cae0d13de95cf13aaa4c9a7af525964573d3d278c06c4ececd
Referenced In Projects/Scopes: TheseFoolishThings :: Examples :: DCI :: Marshal XStream:compile TheseFoolishThings :: Examples :: DCI :: Displayable:compile Evidence Type Source Name Value Confidence Vendor Manifest x-compile-target 1.4 Low Vendor Manifest x-compile-source 1.4 Low Vendor Manifest java_1_8_home /opt/oracle-jdk-bin-1.8.0.202 Low Vendor jar package name core Highest Vendor Manifest x-build-time 2021-08-22T11:58:11Z Low Vendor pom groupid com.thoughtworks.xstream Highest Vendor Manifest bundle-symbolicname xstream Medium Vendor pom groupid thoughtworks.xstream Highest Vendor file name xstream High Vendor Manifest x-builder Maven 3.8.1 Low Vendor Manifest x-build-os Linux Low Vendor Manifest specification-vendor XStream Low Vendor jar package name thoughtworks Highest Vendor pom artifactid xstream Low Vendor Manifest java_9_home /opt/oracle-jdk-bin-9.0.4 Low Vendor Manifest java_1_7_home /opt/oracle-jdk-bin-1.7.0.80 Low Vendor Manifest java_1_4_home /opt/blackdown-jdk-1.4.2.03 Low Vendor pom parent-artifactid xstream-parent Low Vendor pom parent-groupid com.thoughtworks.xstream Medium Vendor Manifest bundle-docurl http://x-stream.github.io Low Vendor Manifest Implementation-Vendor-Id com.thoughtworks.xstream Medium Vendor Manifest Implementation-Vendor XStream High Vendor Manifest java_1_5_home /opt/sun-jdk-1.5.0.22 Low Vendor jar package name xstream Highest Vendor Manifest java_1_6_home /opt/sun-jdk-1.6.0.45 Low Vendor pom name XStream Core High Product Manifest x-compile-target 1.4 Low Product Manifest x-compile-source 1.4 Low Product Manifest java_1_8_home /opt/oracle-jdk-bin-1.8.0.202 Low Product jar package name core Highest Product Manifest x-build-time 2021-08-22T11:58:11Z Low Product Manifest specification-title XStream Core Medium Product Manifest bundle-symbolicname xstream Medium Product pom groupid thoughtworks.xstream Highest Product file name xstream High Product Manifest x-builder Maven 3.8.1 Low Product Manifest x-build-os Linux Low Product jar package name thoughtworks Highest Product pom artifactid xstream Highest Product Manifest java_9_home /opt/oracle-jdk-bin-9.0.4 Low Product Manifest java_1_7_home /opt/oracle-jdk-bin-1.7.0.80 Low Product Manifest java_1_4_home /opt/blackdown-jdk-1.4.2.03 Low Product Manifest Bundle-Name XStream Core Medium Product pom parent-groupid com.thoughtworks.xstream Medium Product jar package name io Highest Product Manifest Implementation-Title XStream Core High Product Manifest bundle-docurl http://x-stream.github.io Low Product pom parent-artifactid xstream-parent Medium Product jar package name xml Highest Product Manifest java_1_5_home /opt/sun-jdk-1.5.0.22 Low Product jar package name xstream Highest Product Manifest java_1_6_home /opt/sun-jdk-1.6.0.45 Low Product pom name XStream Core High Version Manifest Bundle-Version 1.4.18 High Version pom version 1.4.18 Highest Version file version 1.4.18 High Version Manifest Implementation-Version 1.4.18 High