Press CTR-C to copy XML [help]


Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user’s risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report.

How to read the report | Suppressing false positives | Getting Help: github issues

 Sponsor

Project: psi-probe-tomcat9

com.github.psi-probe:psi-probe-tomcat9:4.1.5-SNAPSHOT

Scan Information (show all):

Summary

Display: Showing Vulnerable Dependencies (click to show all)

DependencyVulnerability IDsPackageHighest SeverityCVE CountConfidenceEvidence Count
byte-buddy-1.14.13.jarpkg:maven/net.bytebuddy/byte-buddy@1.14.13 029
checker-qual-3.42.0.jarpkg:maven/org.checkerframework/checker-qual@3.42.0 046
com.github.psi-probe:psi-probe-core:4.1.5-SNAPSHOTpkg:maven/com.github.psi-probe/psi-probe-core@4.1.5-SNAPSHOT 06
commons-beanutils-1.9.4.jarcpe:2.3:a:apache:commons_beanutils:1.9.4:*:*:*:*:*:*:*pkg:maven/commons-beanutils/commons-beanutils@1.9.4 0Highest168
commons-codec-1.15.jarpkg:maven/commons-codec/commons-codec@1.15 0108
commons-collections-3.2.2.jarcpe:2.3:a:apache:commons_collections:3.2.2:*:*:*:*:*:*:*pkg:maven/commons-collections/commons-collections@3.2.2 0Highest84
commons-io-2.16.0.jarcpe:2.3:a:apache:commons_io:2.16.0:*:*:*:*:*:*:*pkg:maven/commons-io/commons-io@2.16.0 0Highest125
commons-lang3-3.14.0.jarpkg:maven/org.apache.commons/commons-lang3@3.14.0 0145
commons-text-1.11.0.jarcpe:2.3:a:apache:commons_text:1.11.0:*:*:*:*:*:*:*pkg:maven/org.apache.commons/commons-text@1.11.0 0Highest73
error_prone_annotations-2.26.1.jarpkg:maven/com.google.errorprone/error_prone_annotations@2.26.1 029
failureaccess-1.0.2.jarpkg:maven/com.google.guava/failureaccess@1.0.2 032
geoip2-2.17.0.jarpkg:maven/com.maxmind.geoip2/geoip2@2.17.0 033
guava-33.1.0-jre.jarcpe:2.3:a:google:guava:33.1.0:*:*:*:*:*:*:*pkg:maven/com.google.guava/guava@33.1.0-jre 0Highest27
j2objc-annotations-3.0.0.jarpkg:maven/com.google.j2objc/j2objc-annotations@3.0.0 033
jackson-core-2.17.0.jarcpe:2.3:a:fasterxml:jackson-modules-java8:2.17.0:*:*:*:*:*:*:*pkg:maven/com.fasterxml.jackson.core/jackson-core@2.17.0 0Low47
jackson-databind-2.17.0.jarcpe:2.3:a:fasterxml:jackson-databind:2.17.0:*:*:*:*:*:*:*
cpe:2.3:a:fasterxml:jackson-modules-java8:2.17.0:*:*:*:*:*:*:*		pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.17.0 0Highest41
jakarta.activation-1.2.2.jarpkg:maven/com.sun.activation/jakarta.activation@1.2.2 033
jakarta.activation-api-1.2.2.jarpkg:maven/jakarta.activation/jakarta.activation-api@1.2.2 031
jakarta.inject-api-1.0.5.jarpkg:maven/jakarta.inject/jakarta.inject-api@1.0.5 056
jakarta.mail-1.6.7.jarpkg:maven/com.sun.mail/jakarta.mail@1.6.7 042
jfreechart-1.5.4.jarcpe:2.3:a:time_project:time:1.5.4:*:*:*:*:*:*:*pkg:maven/org.jfree/jfreechart@1.5.4 0Low37
jhighlight-1.1.0.jarpkg:maven/org.codelibs/jhighlight@1.1.0 021
jna-5.14.0.jarcpe:2.3:a:oracle:java_se:5.14.0:*:*:*:*:*:*:*pkg:maven/net.java.dev.jna/jna@5.14.0 0Low48
jna-5.14.0.jar: jnidispatch.dll 02
jna-5.14.0.jar: jnidispatch.dll 02
jna-5.14.0.jar: jnidispatch.dll 02
jna-platform-5.14.0.jarpkg:maven/net.java.dev.jna/jna-platform@5.14.0 044
jsr305-3.0.2.jarpkg:maven/com.google.code.findbugs/jsr305@3.0.2 017
listenablefuture-9999.0-empty-to-avoid-conflict-with-guava.jarpkg:maven/com.google.guava/listenablefuture@9999.0-empty-to-avoid-conflict-with-guava 013
logback-core-1.3.14.jarcpe:2.3:a:qos:logback:1.3.14:*:*:*:*:*:*:*pkg:maven/ch.qos.logback/logback-core@1.3.14 0Highest38
maxmind-db-2.1.0.jarpkg:maven/com.maxmind.db/maxmind-db@2.1.0 032
mxparser-1.2.2.jarpkg:maven/io.github.x-stream/mxparser@1.2.2 058
oshi-core-6.5.0.jarpkg:maven/com.github.oshi/oshi-core@6.5.0 049
quartz-2.4.0-rc2.jarcpe:2.3:a:softwareag:quartz:2.4.0:rc2:*:*:*:*:*:*pkg:maven/org.quartz-scheduler/quartz@2.4.0-rc2 0Highest30
sitemesh-2.5.2.jarcpe:2.3:a:4d:4d:2.5.2:*:*:*:*:*:*:*pkg:maven/com.github.hazendaz/sitemesh@2.5.2 0Low33
slf4j-api-2.0.12.jarpkg:maven/org.slf4j/slf4j-api@2.0.12 029
spotbugs-annotations-4.8.3.jarpkg:maven/com.github.spotbugs/spotbugs-annotations@4.8.3 053
spring-core-5.3.33.jarcpe:2.3:a:pivotal_software:spring_framework:5.3.33:*:*:*:*:*:*:*
cpe:2.3:a:springsource:spring_framework:5.3.33:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.3.33:*:*:*:*:*:*:*		pkg:maven/org.springframework/spring-core@5.3.33 0Highest37
spring-security-core-5.8.11.jarcpe:2.3:a:pivotal_software:spring_security:5.8.11:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_security:5.8.11:*:*:*:*:*:*:*		pkg:maven/org.springframework.security/spring-security-core@5.8.11 0Highest38
spring-security-crypto-5.8.11.jarcpe:2.3:a:pivotal_software:spring_security:5.8.11:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_security:5.8.11:*:*:*:*:*:*:*		pkg:maven/org.springframework.security/spring-security-crypto@5.8.11MEDIUM1Highest38
spring-security-web-5.8.11.jarcpe:2.3:a:pivotal_software:spring_security:5.8.11:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_security:5.8.11:*:*:*:*:*:*:*
cpe:2.3:a:web_project:web:5.8.11:*:*:*:*:*:*:*		pkg:maven/org.springframework.security/spring-security-web@5.8.11 0Highest38
spring-web-5.3.33.jarcpe:2.3:a:pivotal_software:spring_framework:5.3.33:*:*:*:*:*:*:*
cpe:2.3:a:springsource:spring_framework:5.3.33:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.3.33:*:*:*:*:*:*:*
cpe:2.3:a:web_project:web:5.3.33:*:*:*:*:*:*:*		pkg:maven/org.springframework/spring-web@5.3.33CRITICAL1Highest35
spring-webmvc-5.3.33.jarcpe:2.3:a:pivotal_software:spring_framework:5.3.33:*:*:*:*:*:*:*
cpe:2.3:a:springsource:spring_framework:5.3.33:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.3.33:*:*:*:*:*:*:*
cpe:2.3:a:web_project:web:5.3.33:*:*:*:*:*:*:*		pkg:maven/org.springframework/spring-webmvc@5.3.33 0Highest37
tomcat-annotations-api-9.0.87.jarcpe:2.3:a:www-sql_project:www-sql:9.0.87:*:*:*:*:*:*:*pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.87 0Low30
tomcat-api-9.0.87.jarcpe:2.3:a:apache:tomcat:9.0.87:*:*:*:*:*:*:*
cpe:2.3:a:apache_tomcat:apache_tomcat:9.0.87:*:*:*:*:*:*:*		pkg:maven/org.apache.tomcat/tomcat-api@9.0.87 0Highest24
tomcat-el-api-9.0.87.jarpkg:maven/org.apache.tomcat/tomcat-el-api@9.0.87 025
tomcat-jni-9.0.87.jarpkg:maven/org.apache.tomcat/tomcat-jni@9.0.87 026
tomcat-juli-9.0.87.jarpkg:maven/org.apache.tomcat/tomcat-juli@9.0.87 026
tomcat-servlet-api-9.0.87.jarpkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.87 039
xmlpull-1.1.3.1.jarpkg:maven/xmlpull/xmlpull@1.1.3.1 018
xstream-1.4.20.jarcpe:2.3:a:xstream_project:xstream:1.4.20:*:*:*:*:*:*:*pkg:maven/com.thoughtworks.xstream/xstream@1.4.20 0Highest55

Dependencies (vulnerable)

byte-buddy-1.14.13.jar

Description:

        Byte Buddy is a Java library for creating Java classes at run time.
        This artifact is a build of Byte Buddy with all ASM dependencies repackaged into its own name space.

License:

https://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /home/runner/.m2/repository/net/bytebuddy/byte-buddy/1.14.13/byte-buddy-1.14.13.jar
MD5: 7f4df0c9277f4c1c418a742cc3178ac9
SHA1: 45cf516d9a23485200950549ff72b204c307fc9d
SHA256:ba8254ff6d612af49acee4cac1108453ce3a417efa548b24f2f4f268cd2b441a
Referenced In Project/Scope: psi-probe-tomcat9:compile
byte-buddy-1.14.13.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.assertj/assertj-core@3.25.3

Identifiers

checker-qual-3.42.0.jar

Description:

checker-qual contains annotations (type qualifiers) that a programmer
writes to specify Java code for type-checking by the Checker Framework.

License:

The MIT License: http://opensource.org/licenses/MIT
File Path: /home/runner/.m2/repository/org/checkerframework/checker-qual/3.42.0/checker-qual-3.42.0.jar
MD5: 4c55448dcbfe9c3702f7758fc8fe0086
SHA1: 638ec33f363a94d41a4f03c3e7d3dcfba64e402d
SHA256:ccaedd33af0b7894d9f2f3b644f4d19e43928e32902e61ac4d10777830f5aac7
Referenced In Project/Scope: psi-probe-tomcat9:compile
checker-qual-3.42.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.github.psi-probe/psi-probe-core@4.1.5-SNAPSHOT

Identifiers

com.github.psi-probe:psi-probe-core:4.1.5-SNAPSHOT

Description:

PSI Probe Core - Core logic, data models, and controllers

License:

GNU General Public License, version 2 https://www.gnu.org/licenses/old-licenses/gpl-2.0.html
File Path: /home/runner/work/psi-probe/psi-probe/psi-probe-core/pom.xml

Referenced In Project/Scope: psi-probe-tomcat9
com.github.psi-probe:psi-probe-core:4.1.5-SNAPSHOT is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.github.psi-probe/psi-probe-tomcat9@4.1.5-SNAPSHOT

Identifiers

commons-beanutils-1.9.4.jar

Description:

Apache Commons BeanUtils provides an easy-to-use but flexible wrapper around reflection and introspection.

License:

https://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /home/runner/.m2/repository/commons-beanutils/commons-beanutils/1.9.4/commons-beanutils-1.9.4.jar
MD5: 07dc532ee316fe1f2f0323e9bd2f8df4
SHA1: d52b9abcd97f38c81342bb7e7ae1eee9b73cba51
SHA256:7d938c81789028045c08c065e94be75fc280527620d5bd62b519d5838532368a
Referenced In Project/Scope: psi-probe-tomcat9:compile
commons-beanutils-1.9.4.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.github.psi-probe/psi-probe-core@4.1.5-SNAPSHOT

Identifiers

commons-codec-1.15.jar

Description:

     The Apache Commons Codec package contains simple encoder and decoders for
     various formats such as Base64 and Hexadecimal.  In addition to these
     widely used encoders and decoders, the codec package also maintains a
     collection of phonetic encoding utilities.

License:

https://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /home/runner/.m2/repository/commons-codec/commons-codec/1.15/commons-codec-1.15.jar
MD5: 303baf002ce6d382198090aedd9d79a2
SHA1: 49d94806b6e3dc933dacbd8acb0fdbab8ebd1e5d
SHA256:b3e9f6d63a790109bf0d056611fbed1cf69055826defeb9894a71369d246ed63
Referenced In Project/Scope: psi-probe-tomcat9:compile
commons-codec-1.15.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.github.psi-probe/psi-probe-core@4.1.5-SNAPSHOT

Identifiers

commons-collections-3.2.2.jar

Description:

Types that extend and augment the Java Collections Framework.

License:

http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /home/runner/.m2/repository/commons-collections/commons-collections/3.2.2/commons-collections-3.2.2.jar
MD5: f54a8510f834a1a57166970bfc982e94
SHA1: 8ad72fe39fa8c91eaaf12aadb21e0c3661fe26d5
SHA256:eeeae917917144a68a741d4c0dff66aa5c5c5fd85593ff217bced3fc8ca783b8
Referenced In Project/Scope: psi-probe-tomcat9:compile
commons-collections-3.2.2.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.github.psi-probe/psi-probe-core@4.1.5-SNAPSHOT

Identifiers

commons-io-2.16.0.jar

Description:

The Apache Commons IO library contains utility classes, stream implementations, file filters,
file comparators, endian transformation classes, and much more.

License:

https://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /home/runner/.m2/repository/commons-io/commons-io/2.16.0/commons-io-2.16.0.jar
MD5: 4e115587dca5dd3c178e7c8f17a371b3
SHA1: 27875a7935f1ddcc13267eb6fae1f719e0409572
SHA256:d1e417901235fae3aa0cb9736baeaf5b74de7349817d1c72390d82e3d83d3a97
Referenced In Project/Scope: psi-probe-tomcat9:compile
commons-io-2.16.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.github.psi-probe/psi-probe-core@4.1.5-SNAPSHOT

Identifiers

commons-lang3-3.14.0.jar

Description:

  Apache Commons Lang, a package of Java utility classes for the
  classes that are in java.lang's hierarchy, or are considered to be so
  standard as to justify existence in java.lang.

License:

https://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /home/runner/.m2/repository/org/apache/commons/commons-lang3/3.14.0/commons-lang3-3.14.0.jar
MD5: 4e5c3f5e6b0b965ef241d7d72ac8971f
SHA1: 1ed471194b02f2c6cb734a0cd6f6f107c673afae
SHA256:7b96bf3ee68949abb5bc465559ac270e0551596fa34523fddf890ec418dde13c
Referenced In Project/Scope: psi-probe-tomcat9:compile
commons-lang3-3.14.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.github.psi-probe/psi-probe-core@4.1.5-SNAPSHOT

Identifiers

commons-text-1.11.0.jar

Description:

Apache Commons Text is a library focused on algorithms working on strings.

License:

https://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /home/runner/.m2/repository/org/apache/commons/commons-text/1.11.0/commons-text-1.11.0.jar
MD5: ebfec4f77cc595c518d655f7e68346be
SHA1: 2bb044b7717ec2eccaf9ea7769c1509054b50e9a
SHA256:2acf30a070b19163d5a480eae411a281341e870020e3534c6d5d4c8472739e30
Referenced In Project/Scope: psi-probe-tomcat9:compile
commons-text-1.11.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.github.psi-probe/psi-probe-core@4.1.5-SNAPSHOT

Identifiers

error_prone_annotations-2.26.1.jar

Description:

Error Prone is a static analysis tool for Java that catches common programming mistakes at compile-time.

License:

Apache 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /home/runner/.m2/repository/com/google/errorprone/error_prone_annotations/2.26.1/error_prone_annotations-2.26.1.jar
MD5: 64c623e550068e3b2708e5d901865c56
SHA1: c1fde57694bdc14e8618899aaa6e857d9465d7de
SHA256:de25f2d9a2156529bd765f51d8efdfc0dfa7301e04efb9cc75b7f10cf5d0e0fb
Referenced In Project/Scope: psi-probe-tomcat9:provided
error_prone_annotations-2.26.1.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.github.psi-probe/psi-probe-tomcat9@4.1.5-SNAPSHOT

Identifiers

failureaccess-1.0.2.jar

Description:

    Contains
    com.google.common.util.concurrent.internal.InternalFutureFailureAccess and
    InternalFutures. Most users will never need to use this artifact. Its
    classes are conceptually a part of Guava, but they're in this separate
    artifact so that Android libraries can use them without pulling in all of
    Guava (just as they can use ListenableFuture by depending on the
    listenablefuture artifact).

License:

http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /home/runner/.m2/repository/com/google/guava/failureaccess/1.0.2/failureaccess-1.0.2.jar
MD5: 3f75955b49b6758fd6d1e1bd9bf777b3
SHA1: c4a06a64e650562f30b7bf9aaec1bfed43aca12b
SHA256:8a8f81cf9b359e3f6dfa691a1e776985c061ef2f223c9b2c80753e1b458e8064
Referenced In Project/Scope: psi-probe-tomcat9:compile
failureaccess-1.0.2.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.github.psi-probe/psi-probe-core@4.1.5-SNAPSHOT

Identifiers

geoip2-2.17.0.jar

Description:

GeoIP2 webservice client and database reader

License:

Apache License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.html
File Path: /home/runner/.m2/repository/com/maxmind/geoip2/geoip2/2.17.0/geoip2-2.17.0.jar
MD5: 4fd0a1fff425a2c387d58d1dbb3e5fdd
SHA1: 13d744d9ac090ffa142a3448d336e0de01eede39
SHA256:aef858fc64d5fee65be249780ea18eb3eac0a29791b4c7de0515326bc5031fc0
Referenced In Project/Scope: psi-probe-tomcat9:compile
geoip2-2.17.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.github.psi-probe/psi-probe-core@4.1.5-SNAPSHOT

Identifiers

guava-33.1.0-jre.jar

Description:

    Guava is a suite of core and expanded libraries that include
    utility classes, Google's collections, I/O classes, and
    much more.

License:

http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /home/runner/.m2/repository/com/google/guava/guava/33.1.0-jre/guava-33.1.0-jre.jar
MD5: 4117dd61f73b1204fac466ce5c23d590
SHA1: 9b7ed39143d59e8eabcc6f91ffe4d23db2efe558
SHA256:346aec0eb8c8987360c8a264e70ff10c2fba760446eb27e8ab07e78e787a75fe
Referenced In Project/Scope: psi-probe-tomcat9:compile
guava-33.1.0-jre.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.github.psi-probe/psi-probe-core@4.1.5-SNAPSHOT

Identifiers

j2objc-annotations-3.0.0.jar

Description:

    A set of annotations that provide additional information to the J2ObjC
    translator to modify the result of translation.

License:

Apache License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /home/runner/.m2/repository/com/google/j2objc/j2objc-annotations/3.0.0/j2objc-annotations-3.0.0.jar
MD5: f59529b29202a5baf37f491ea5ec8627
SHA1: 7399e65dd7e9ff3404f4535b2f017093bdb134c7
SHA256:88241573467ddca44ffd4d74aa04c2bbfd11bf7c17e0c342c94c9de7a70a7c64
Referenced In Project/Scope: psi-probe-tomcat9:provided
j2objc-annotations-3.0.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.github.psi-probe/psi-probe-tomcat9@4.1.5-SNAPSHOT

Identifiers

jackson-core-2.17.0.jar

Description:

Core Jackson processing abstractions (aka Streaming API), implementation for JSON

License:

The Apache Software License, Version 2.0: https://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /home/runner/.m2/repository/com/fasterxml/jackson/core/jackson-core/2.17.0/jackson-core-2.17.0.jar
MD5: 3e4b82b6e29693927dd289a344c35e46
SHA1: a6e5058ef9720623c517252d17162f845306ff3a
SHA256:55be130f6a68038088a261856c4e383ce79957a0fc1a29ecb213a9efd6ef4389
Referenced In Project/Scope: psi-probe-tomcat9:compile
jackson-core-2.17.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.github.psi-probe/psi-probe-core@4.1.5-SNAPSHOT

Identifiers

jackson-databind-2.17.0.jar

Description:

General data-binding functionality for Jackson: works on core streaming API

License:

The Apache Software License, Version 2.0: https://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /home/runner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.17.0/jackson-databind-2.17.0.jar
MD5: 09dd83868b44c6a3dc48911f4b3bbbc1
SHA1: 7173e9e1d4bc6d7ca03bc4eeedcd548b8b580b34
SHA256:d0ed5b54cb1b0bbb0828e24ce752a43a006dc188b34e3a4ae3238acc7b637418
Referenced In Project/Scope: psi-probe-tomcat9:compile
jackson-databind-2.17.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.github.psi-probe/psi-probe-core@4.1.5-SNAPSHOT

Identifiers

jakarta.activation-1.2.2.jar

Description:

Jakarta Activation

License:

http://www.eclipse.org/org/documents/edl-v10.php
File Path: /home/runner/.m2/repository/com/sun/activation/jakarta.activation/1.2.2/jakarta.activation-1.2.2.jar
MD5: 0b8bee3bf29b9a015f8b992035581a7c
SHA1: 74548703f9851017ce2f556066659438019e7eb5
SHA256:02156773e4ae9d048d14a56ad35d644bee9f1052a791d072df3ded3c656e6e1a
Referenced In Project/Scope: psi-probe-tomcat9:compile
jakarta.activation-1.2.2.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.github.psi-probe/psi-probe-tomcat9@4.1.5-SNAPSHOT

Identifiers

jakarta.activation-api-1.2.2.jar

Description:

Jakarta Activation API jar

License:

http://www.eclipse.org/org/documents/edl-v10.php
File Path: /home/runner/.m2/repository/jakarta/activation/jakarta.activation-api/1.2.2/jakarta.activation-api-1.2.2.jar
MD5: 1cbb480310fa1987f9db7a3ed7118af7
SHA1: 99f53adba383cb1bf7c3862844488574b559621f
SHA256:a187a939103aef5849a7af84bd7e27be2d120c410af291437375ffe061f4f09d
Referenced In Project/Scope: psi-probe-tomcat9:compile
jakarta.activation-api-1.2.2.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.github.psi-probe/psi-probe-tomcat9@4.1.5-SNAPSHOT

Identifiers

jakarta.inject-api-1.0.5.jar

Description:

Jakarta Dependency Injection

License:

The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /home/runner/.m2/repository/jakarta/inject/jakarta.inject-api/1.0.5/jakarta.inject-api-1.0.5.jar
MD5: 2ef9822768fe9a182d21ae64f48a81ad
SHA1: a14342a10456b134f361c258698d568107a1bc4e
SHA256:a852b0971c589491e24334bd77e92760c048d2c102fc4c68e582e1cd53130f84
Referenced In Project/Scope: psi-probe-tomcat9:compile
jakarta.inject-api-1.0.5.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.github.psi-probe/psi-probe-core@4.1.5-SNAPSHOT

Identifiers

jakarta.mail-1.6.7.jar

Description:

Jakarta Mail API

License:

http://www.eclipse.org/legal/epl-2.0, https://www.gnu.org/software/classpath/license.html, http://www.eclipse.org/org/documents/edl-v10.php
File Path: /home/runner/.m2/repository/com/sun/mail/jakarta.mail/1.6.7/jakarta.mail-1.6.7.jar
MD5: 17eb378c9dd574be23e71014ce9d5d30
SHA1: 319df0e9d536c1a01acdfe49b6e82b97d2393073
SHA256:1b258ef45fae93059b65d0a0dd109e59ab93e8cd8a735ff66b2ba85f870d5150
Referenced In Project/Scope: psi-probe-tomcat9:compile
jakarta.mail-1.6.7.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.github.psi-probe/psi-probe-core@4.1.5-SNAPSHOT

Identifiers

jfreechart-1.5.4.jar

Description:

        JFreeChart is a class library, written in Java, for generating charts. 
        Utilising the Java2D API, it supports a wide range of chart types including
        bar charts, pie charts, line charts, XY-plots, time series plots, Sankey charts
        and more.

License:

GNU Lesser General Public Licence: http://www.gnu.org/licenses/lgpl.txt
File Path: /home/runner/.m2/repository/org/jfree/jfreechart/1.5.4/jfreechart-1.5.4.jar
MD5: 36e760314d688997c7e5ad135a3efc44
SHA1: 9a5edddb05a3ca4fbc0628c594e6641a6f36a3b4
SHA256:cd0649b04b64f2638b55c7c3ac24788ff064b777bbbaf1b952f82ee078ed8b81
Referenced In Project/Scope: psi-probe-tomcat9:compile
jfreechart-1.5.4.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.github.psi-probe/psi-probe-core@4.1.5-SNAPSHOT

Identifiers

jhighlight-1.1.0.jar

Description:

    JHighlight is an embeddable pure Java syntax highlighting
    library that supports Java, HTML, XHTML, XML and LZX
    languages and outputs to XHTML.
    
    It also supports RIFE templates tags and highlights them
    clearly so that you can easily identify the difference
    between your RIFE markup and the actual marked up source.

License:

CDDL, v1.0: http://www.opensource.org/licenses/cddl1.php
LGPL, v2.1 or later: http://www.opensource.org/licenses/lgpl-license.php
File Path: /home/runner/.m2/repository/org/codelibs/jhighlight/1.1.0/jhighlight-1.1.0.jar
MD5: 849a2714c0bcd777a51c79ecf333e4f0
SHA1: 8ae20cc1eadb26bbc721611d509b808bf41d1a14
SHA256:2f7d5c92db46e76a7564dd98d4d00b822d808e21b01a2c9b60e8249c41351ed1
Referenced In Project/Scope: psi-probe-tomcat9:compile
jhighlight-1.1.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.github.psi-probe/psi-probe-core@4.1.5-SNAPSHOT

Identifiers

jna-5.14.0.jar

Description:

Java Native Access

License:

LGPL-2.1-or-later: https://www.gnu.org/licenses/old-licenses/lgpl-2.1
Apache-2.0: https://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /home/runner/.m2/repository/net/java/dev/jna/jna/5.14.0/jna-5.14.0.jar
MD5: 8b3cc652920435ad9f801e6d9b2a3497
SHA1: 67bf3eaea4f0718cb376a181a629e5f88fa1c9dd
SHA256:34ed1e1f27fa896bca50dbc4e99cf3732967cec387a7a0d5e3486c09673fe8c6
Referenced In Project/Scope: psi-probe-tomcat9:compile
jna-5.14.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.github.psi-probe/psi-probe-core@4.1.5-SNAPSHOT

Identifiers

jna-5.14.0.jar: jnidispatch.dll

File Path: /home/runner/.m2/repository/net/java/dev/jna/jna/5.14.0/jna-5.14.0.jar/com/sun/jna/win32-aarch64/jnidispatch.dll
MD5: f6bef568e690d361a5dcc165f5ad4b1f
SHA1: 05638a4aaafa689a6c246530823afdc18d3fd438
SHA256:b9d1479b9619b7ece4a36b6ae31365ffaf15a1355d4f6da02f8b5f09df2fa82f
Referenced In Project/Scope: psi-probe-tomcat9:compile

Identifiers

  • None

jna-5.14.0.jar: jnidispatch.dll

File Path: /home/runner/.m2/repository/net/java/dev/jna/jna/5.14.0/jna-5.14.0.jar/com/sun/jna/win32-x86-64/jnidispatch.dll
MD5: 719d6ba1946c25aa61ce82f90d77ffd5
SHA1: 94d2191378cac5719daecc826fc116816284c406
SHA256:69c45175ecfd25af023f96ac0bb2c45e6a95e3ba8a5a50ee7969ccab14825c44
Referenced In Project/Scope: psi-probe-tomcat9:compile

Identifiers

  • None

jna-5.14.0.jar: jnidispatch.dll

File Path: /home/runner/.m2/repository/net/java/dev/jna/jna/5.14.0/jna-5.14.0.jar/com/sun/jna/win32-x86/jnidispatch.dll
MD5: e15183ef9c6c255b76fda73d01ca7ecb
SHA1: f816f998c43204230d9ea3eecffb5f8372a32c2e
SHA256:38650a0612730c52580c9f32ff766b44b1c5a426d52e7dd7a53687bf3389ac2c
Referenced In Project/Scope: psi-probe-tomcat9:compile

Identifiers

  • None

jna-platform-5.14.0.jar

Description:

Java Native Access Platform

License:

LGPL-2.1-or-later: https://www.gnu.org/licenses/old-licenses/lgpl-2.1
Apache-2.0: https://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /home/runner/.m2/repository/net/java/dev/jna/jna-platform/5.14.0/jna-platform-5.14.0.jar
MD5: 3bc3f09a698e6ad250dd093f64fbb8a7
SHA1: 28934d48aed814f11e4c584da55c49fa7032b31b
SHA256:ae4caceb3840730c2537f9b7fb55a01baba580286b4122951488bcee558c2449
Referenced In Project/Scope: psi-probe-tomcat9:compile
jna-platform-5.14.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.github.psi-probe/psi-probe-core@4.1.5-SNAPSHOT

Identifiers

jsr305-3.0.2.jar

Description:

JSR305 Annotations for Findbugs

License:

The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /home/runner/.m2/repository/com/google/code/findbugs/jsr305/3.0.2/jsr305-3.0.2.jar
MD5: dd83accb899363c32b07d7a1b2e4ce40
SHA1: 25ea2e8b0c338a877313bd4672d3fe056ea78f0d
SHA256:766ad2a0783f2687962c8ad74ceecc38a28b9f72a2d085ee438b7813e928d0c7
Referenced In Project/Scope: psi-probe-tomcat9:compile
jsr305-3.0.2.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.github.spotbugs/spotbugs-annotations@4.8.3

Identifiers

listenablefuture-9999.0-empty-to-avoid-conflict-with-guava.jar

Description:

    An empty artifact that Guava depends on to signal that it is providing
    ListenableFuture -- but is also available in a second "version" that
    contains com.google.common.util.concurrent.ListenableFuture class, without
    any other Guava classes. The idea is:

    - If users want only ListenableFuture, they depend on listenablefuture-1.0.

    - If users want all of Guava, they depend on guava, which, as of Guava
    27.0, depends on
    listenablefuture-9999.0-empty-to-avoid-conflict-with-guava. The 9999.0-...
    version number is enough for some build systems (notably, Gradle) to select
    that empty artifact over the "real" listenablefuture-1.0 -- avoiding a
    conflict with the copy of ListenableFuture in guava itself. If users are
    using an older version of Guava or a build system other than Gradle, they
    may see class conflicts. If so, they can solve them by manually excluding
    the listenablefuture artifact or manually forcing their build systems to
    use 9999.0-....

File Path: /home/runner/.m2/repository/com/google/guava/listenablefuture/9999.0-empty-to-avoid-conflict-with-guava/listenablefuture-9999.0-empty-to-avoid-conflict-with-guava.jar
MD5: d094c22570d65e132c19cea5d352e381
SHA1: b421526c5f297295adef1c886e5246c39d4ac629
SHA256:b372a037d4230aa57fbeffdef30fd6123f9c0c2db85d0aced00c91b974f33f99
Referenced In Project/Scope: psi-probe-tomcat9:compile
listenablefuture-9999.0-empty-to-avoid-conflict-with-guava.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.github.psi-probe/psi-probe-core@4.1.5-SNAPSHOT

Identifiers

logback-core-1.3.14.jar

Description:

logback-core module

License:

http://www.eclipse.org/legal/epl-v10.html, http://www.gnu.org/licenses/old-licenses/lgpl-2.1.html
File Path: /home/runner/.m2/repository/ch/qos/logback/logback-core/1.3.14/logback-core-1.3.14.jar
MD5: f016f8ad4fa11803dc18fc83eb45badf
SHA1: 0436bd0d56730df756cff6d12d0f97df6f275e4a
SHA256:9f53159af18a9d438bc398c970db3bb7e17ddb07b04bbb3b01dfe3454dd18862
Referenced In Project/Scope: psi-probe-tomcat9:compile
logback-core-1.3.14.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.github.psi-probe/psi-probe-core@4.1.5-SNAPSHOT

Identifiers

maxmind-db-2.1.0.jar

Description:

Reader for MaxMind DB

License:

Apache License 2.0: http://www.apache.org/licenses/LICENSE-2.0.html
File Path: /home/runner/.m2/repository/com/maxmind/db/maxmind-db/2.1.0/maxmind-db-2.1.0.jar
MD5: e365d939445ef5ab91669a1c175d4e66
SHA1: 5fb0a7c4677ba725149ed557df9d0809d1836b80
SHA256:04a7281ddb9f96ab9eacacbe35bb4c8583a8369973d8883acf5faae91f851572
Referenced In Project/Scope: psi-probe-tomcat9:compile
maxmind-db-2.1.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.github.psi-probe/psi-probe-core@4.1.5-SNAPSHOT

Identifiers

mxparser-1.2.2.jar

Description:

    MXParser is a fork of xpp3_min 1.1.7 containing only the parser with merged changes of the Plexus fork.

License:

Indiana University Extreme! Lab Software License: https://raw.githubusercontent.com/x-stream/mxparser/master/LICENSE.txt
File Path: /home/runner/.m2/repository/io/github/x-stream/mxparser/1.2.2/mxparser-1.2.2.jar
MD5: 9d7e42409dfdcee9bd17903015bdeae2
SHA1: 476fb3b3bb3716cad797cd054ce45f89445794e9
SHA256:aeeee23a3303d811bca8790ea7f25b534314861c03cff36dafdcc2180969eb97
Referenced In Project/Scope: psi-probe-tomcat9:compile
mxparser-1.2.2.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.github.psi-probe/psi-probe-core@4.1.5-SNAPSHOT

Identifiers

oshi-core-6.5.0.jar

Description:

A JNA-based (native) operating system information library for Java that aims to provide a         cross-platform implementation to retrieve system information, such as version, memory, CPU, disk, battery, etc.

License:

"SPDX-License-Identifier: MIT";link="https://opensource.org/licenses/MIT"
File Path: /home/runner/.m2/repository/com/github/oshi/oshi-core/6.5.0/oshi-core-6.5.0.jar
MD5: 77773687adb2e0892ba07b24471702ea
SHA1: ddd2e5c05e48f7e124b53e77e031bd52dc89f00f
SHA256:eff5662764e6723e3c011c87486228181d88e5ddb10c5d4eb51e2a33ea0a3f19
Referenced In Project/Scope: psi-probe-tomcat9:compile
oshi-core-6.5.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.github.psi-probe/psi-probe-core@4.1.5-SNAPSHOT

Identifiers

quartz-2.4.0-rc2.jar

Description:

Quartz Enterprise Job Scheduler

License:

The Apache License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /home/runner/.m2/repository/org/quartz-scheduler/quartz/2.4.0-rc2/quartz-2.4.0-rc2.jar
MD5: 73f3170c74f95bb0781650070eff0bf7
SHA1: 8f9a2fbaea7516014215933910a8ef8bf685821b
SHA256:76cd6979586bec66d4a6b847a6588c48113004fb00d3f14affbd1fd9c73f471f
Referenced In Project/Scope: psi-probe-tomcat9:compile
quartz-2.4.0-rc2.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.github.psi-probe/psi-probe-core@4.1.5-SNAPSHOT

Identifiers

sitemesh-2.5.2.jar

Description:

Sitemesh web-page layout system.

License:

The Apache Software License, Version 2.0: https://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /home/runner/.m2/repository/com/github/hazendaz/sitemesh/2.5.2/sitemesh-2.5.2.jar
MD5: 329509502712bcb39e1a14cf047a4be6
SHA1: e6b46ce070b75b8474bb2c7a9235ad97407fee7f
SHA256:bea74cfd8232d438a26c5f32183f368201c1b0cdd0eb0477d83f4c10b594ce72
Referenced In Project/Scope: psi-probe-tomcat9:compile
sitemesh-2.5.2.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.github.psi-probe/psi-probe-core@4.1.5-SNAPSHOT

Identifiers

slf4j-api-2.0.12.jar

Description:

The slf4j API

License:

http://www.opensource.org/licenses/mit-license.php
File Path: /home/runner/.m2/repository/org/slf4j/slf4j-api/2.0.12/slf4j-api-2.0.12.jar
MD5: 86eb051f2e2d6497a3a57810c963a9d6
SHA1: 48f109a2a6d8f446c794f3e3fa0d86df0cdfa312
SHA256:a79502b8abdfbd722846a27691226a4088682d6d35654f9b80e2a9ccacf7ed47
Referenced In Project/Scope: psi-probe-tomcat9:compile
slf4j-api-2.0.12.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.github.hazendaz/javabean-tester@2.6.3

Identifiers

spotbugs-annotations-4.8.3.jar

Description:

Annotations the SpotBugs tool supports

License:

GNU LESSER GENERAL PUBLIC LICENSE, Version 2.1: https://www.gnu.org/licenses/old-licenses/lgpl-2.1.en.html
File Path: /home/runner/.m2/repository/com/github/spotbugs/spotbugs-annotations/4.8.3/spotbugs-annotations-4.8.3.jar
MD5: cd5917b77643c3a7ba5420aea78f940c
SHA1: 05d2dc4ca5b632976371155252499819aea372ed
SHA256:e5d4f60be8e57595766ba7f1d4535dc46aebf98dae05e16372a4d4120d3ebb6b
Referenced In Project/Scope: psi-probe-tomcat9:provided
spotbugs-annotations-4.8.3.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.github.psi-probe/psi-probe-tomcat9@4.1.5-SNAPSHOT

Identifiers

spring-core-5.3.33.jar

Description:

Spring Core

License:

Apache License, Version 2.0: https://www.apache.org/licenses/LICENSE-2.0
File Path: /home/runner/.m2/repository/org/springframework/spring-core/5.3.33/spring-core-5.3.33.jar
MD5: 4a4f38cb9cc75e5da40b3fae8fd959cc
SHA1: 9aadb3ad15b7144134cfbc809236286796637a49
SHA256:cafc9d875acbbbf07331b5e9525a54a7b4bab9b58cdca47b9fcf4c02a5dc6b4a
Referenced In Project/Scope: psi-probe-tomcat9:compile
spring-core-5.3.33.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.github.psi-probe/psi-probe-core@4.1.5-SNAPSHOT

Identifiers

spring-security-core-5.8.11.jar

Description:

Spring Security

License:

Apache License, Version 2.0: https://www.apache.org/licenses/LICENSE-2.0
File Path: /home/runner/.m2/repository/org/springframework/security/spring-security-core/5.8.11/spring-security-core-5.8.11.jar
MD5: a076f0a12790d21eaa09c7a34920f11b
SHA1: 2df20a96bb0d920f7abd8f284180bc88d82035d8
SHA256:ba4ca9d44da93ff5b09220731819b2a29cad6681473b7ccc87a59ffdeac138f8
Referenced In Project/Scope: psi-probe-tomcat9:compile
spring-security-core-5.8.11.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.github.psi-probe/psi-probe-core@4.1.5-SNAPSHOT

Identifiers

spring-security-crypto-5.8.11.jar

Description:

Spring Security

License:

Apache License, Version 2.0: https://www.apache.org/licenses/LICENSE-2.0
File Path: /home/runner/.m2/repository/org/springframework/security/spring-security-crypto/5.8.11/spring-security-crypto-5.8.11.jar
MD5: 36a8f9de7a937dc2caf82e4d6f4225eb
SHA1: 1a70da6e79c6d8817311ecf1f832bff60b7cc815
SHA256:2c5a426d2f928098b1f90cc1e8d61e042c6a240d595d7e1e12771104c54e904e
Referenced In Project/Scope: psi-probe-tomcat9:compile
spring-security-crypto-5.8.11.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.github.psi-probe/psi-probe-core@4.1.5-SNAPSHOT

Identifiers

CVE-2020-5408 (OSSINDEX)  

Spring Security versions 5.3.x prior to 5.3.2, 5.2.x prior to 5.2.4, 5.1.x prior to 5.1.10, 5.0.x prior to 5.0.16 and 4.2.x prior to 4.2.16 use a fixed null initialization vector with CBC Mode in the implementation of the queryable text encryptor. A malicious user with access to the data that has been encrypted using such an encryptor may be able to derive the unencrypted values using a dictionary attack.

Sonatype's research suggests that this CVE's details differ from those defined at NVD. See https://ossindex.sonatype.org/vulnerability/CVE-2020-5408 for details
CWE-330 Use of Insufficiently Random Values

CVSSv3:
  • Base Score: MEDIUM (6.5)
  • Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

References:

Vulnerable Software & Versions (OSSINDEX):

  • cpe:2.3:a:org.springframework.security:spring-security-crypto:5.8.11:*:*:*:*:*:*:*

spring-security-web-5.8.11.jar

Description:

Spring Security

License:

Apache License, Version 2.0: https://www.apache.org/licenses/LICENSE-2.0
File Path: /home/runner/.m2/repository/org/springframework/security/spring-security-web/5.8.11/spring-security-web-5.8.11.jar
MD5: eac64ea5d63f2d1476b8e23b4a651f70
SHA1: 9a959177cbe68640f524b5a0386184e19acc248d
SHA256:d68374e0d9bcfa9048d5b9fa7bbaf3aa24706e930c91b7da7fd32175d4f8c3b8
Referenced In Project/Scope: psi-probe-tomcat9:compile
spring-security-web-5.8.11.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.github.psi-probe/psi-probe-core@4.1.5-SNAPSHOT

Identifiers

spring-web-5.3.33.jar

Description:

Spring Web

License:

Apache License, Version 2.0: https://www.apache.org/licenses/LICENSE-2.0
File Path: /home/runner/.m2/repository/org/springframework/spring-web/5.3.33/spring-web-5.3.33.jar
MD5: 865197571b912d8aba6ba94218e2bd6f
SHA1: dc3bd82ba847474d37eb06f1b5924a76069cb666
SHA256:6e7825e4a2234d826fd9a417947235a64950241f5d8365b5ef7fabba2b1bee1a
Referenced In Project/Scope: psi-probe-tomcat9:compile
spring-web-5.3.33.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.github.psi-probe/psi-probe-core@4.1.5-SNAPSHOT

Identifiers

CVE-2016-1000027  

Pivotal Spring Framework through 5.3.16 suffers from a potential remote code execution (RCE) issue if used for Java deserialization of untrusted data. Depending on how the library is implemented within a product, this issue may or not occur, and authentication may be required. NOTE: the vendor's position is that untrusted data is not an intended use case. The product's behavior will not be changed because some users rely on deserialization of trusted data.
CWE-502 Deserialization of Untrusted Data

CVSSv2:
  • Base Score: HIGH (7.5)
  • Vector: /AV:N/AC:L/Au:N/C:P/I:P/A:P
CVSSv3:
  • Base Score: CRITICAL (9.8)
  • Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:3.9/RC:R/MAV:A

References:

Vulnerable Software & Versions:

spring-webmvc-5.3.33.jar

Description:

Spring Web MVC

License:

Apache License, Version 2.0: https://www.apache.org/licenses/LICENSE-2.0
File Path: /home/runner/.m2/repository/org/springframework/spring-webmvc/5.3.33/spring-webmvc-5.3.33.jar
MD5: a796f234b5cfb376a389fd5a299a298a
SHA1: 0ba421d5cb1c9e8d8c03ea6056524655c7b83b97
SHA256:8f5f93eb6a82c0cf6d6e0673b4b583f016e4b876cc7be92567c674cda6d21b75
Referenced In Project/Scope: psi-probe-tomcat9:compile
spring-webmvc-5.3.33.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.github.psi-probe/psi-probe-core@4.1.5-SNAPSHOT

Identifiers

tomcat-annotations-api-9.0.87.jar

Description:

Annotations Package

License:

Apache License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /home/runner/.m2/repository/org/apache/tomcat/tomcat-annotations-api/9.0.87/tomcat-annotations-api-9.0.87.jar
MD5: 645195f17981827f08409c024d275cd3
SHA1: ad8a48b4cb463e4b2fcd64688b54e7f2dad5924a
SHA256:a29ab8c8d1ccae45040692fb1eecb0ba968999f7367c3bb17e8da51b2de2eb77
Referenced In Project/Scope: psi-probe-tomcat9:provided
tomcat-annotations-api-9.0.87.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.87

Identifiers

tomcat-api-9.0.87.jar

Description:

Definition of interfaces shared by Catalina and Jasper

License:

Apache License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /home/runner/.m2/repository/org/apache/tomcat/tomcat-api/9.0.87/tomcat-api-9.0.87.jar
MD5: 508e91e6c150e68c1bd3448fba5415eb
SHA1: ca2b02b250e17f7ec53a281b0fea85abe5ab1365
SHA256:076a16c8785d0e59b776d7cd964076e054217a8709df4ab3dfd308db288fec8d
Referenced In Project/Scope: psi-probe-tomcat9:provided
tomcat-api-9.0.87.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.87

Identifiers

tomcat-el-api-9.0.87.jar

Description:

Expression language package

License:

Apache License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /home/runner/.m2/repository/org/apache/tomcat/tomcat-el-api/9.0.87/tomcat-el-api-9.0.87.jar
MD5: c6659b45c0121518cd32434c88b9cd45
SHA1: 0f750733b3b51f00b0f7c03d79580a4251794cf4
SHA256:6bb4202c2953a0e6d2cc20c064dc08b1c72a5cce7a3565362f959bbe284089c7
Referenced In Project/Scope: psi-probe-tomcat9:provided
tomcat-el-api-9.0.87.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.87

Identifiers

tomcat-jni-9.0.87.jar

Description:

Interface code to the native connector

License:

Apache License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /home/runner/.m2/repository/org/apache/tomcat/tomcat-jni/9.0.87/tomcat-jni-9.0.87.jar
MD5: 58dd32d97ad2702f31c94507f07c1a08
SHA1: b4388284d104682413b7ff7bf04c02d4d3af019f
SHA256:2c36f330fa38b1e42637e452369e9a1c9156f5147f1d69164abdba082509f3cd
Referenced In Project/Scope: psi-probe-tomcat9:provided
tomcat-jni-9.0.87.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.87

Identifiers

tomcat-juli-9.0.87.jar

Description:

Tomcat Core Logging Package

License:

Apache License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /home/runner/.m2/repository/org/apache/tomcat/tomcat-juli/9.0.87/tomcat-juli-9.0.87.jar
MD5: 9f15311a37e4092d64c0d262fcc4d6b8
SHA1: 4be0e8b6236223c20a1ee5adfac53c032e17b5f8
SHA256:8dd5cc869e8c387efc9f26ee1d48f7d2ea4f96039f197b5c5e941981a8f8470f
Referenced In Project/Scope: psi-probe-tomcat9:provided
tomcat-juli-9.0.87.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.87

Identifiers

tomcat-servlet-api-9.0.87.jar

Description:

javax.servlet package

License:

        Apache License, Version 2.0 and
        Common Development And Distribution License (CDDL) Version 1.0
      : 
        http://www.apache.org/licenses/LICENSE-2.0.txt and
        http://www.opensource.org/licenses/cddl1.txt
File Path: /home/runner/.m2/repository/org/apache/tomcat/tomcat-servlet-api/9.0.87/tomcat-servlet-api-9.0.87.jar
MD5: f4ec6378c2405c415e0f532939a08cc5
SHA1: a48f11f98577ba24434a1e14d1d85e9e295d1f5a
SHA256:c8293ebb687b53139bf1798778e180ce3b20429f5786881ac1f4f0888c15dc50
Referenced In Project/Scope: psi-probe-tomcat9:provided
tomcat-servlet-api-9.0.87.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.87

Identifiers

xmlpull-1.1.3.1.jar

License:

Public Domain: http://www.xmlpull.org/v1/download/unpacked/LICENSE.txt
File Path: /home/runner/.m2/repository/xmlpull/xmlpull/1.1.3.1/xmlpull-1.1.3.1.jar
MD5: cc57dacc720eca721a50e78934b822d2
SHA1: 2b8e230d2ab644e4ecaa94db7cdedbc40c805dfa
SHA256:34e08ee62116071cbb69c0ed70d15a7a5b208d62798c59f2120bb8929324cb63
Referenced In Project/Scope: psi-probe-tomcat9:compile
xmlpull-1.1.3.1.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.github.psi-probe/psi-probe-core@4.1.5-SNAPSHOT

Identifiers

xstream-1.4.20.jar

Description:

XStream is a serialization library from Java objects to XML and back.

License:

BSD-3-Clause
File Path: /home/runner/.m2/repository/com/thoughtworks/xstream/xstream/1.4.20/xstream-1.4.20.jar
MD5: 1e816f33b1eb780a309789478051faeb
SHA1: 0e2315b8b2e95e9f21697833c8e56cdd9c98a5ee
SHA256:87df0f0be57c92037d0110fbb225a30b651702dc275653d285afcfef31bc2e81
Referenced In Project/Scope: psi-probe-tomcat9:compile
xstream-1.4.20.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.github.psi-probe/psi-probe-core@4.1.5-SNAPSHOT

Identifiers



This report contains data retrieved from the National Vulnerability Database.
This report may contain data retrieved from the CISA Known Exploited Vulnerability Catalog.
This report may contain data retrieved from the Github Advisory Database (via NPM Audit API).
This report may contain data retrieved from RetireJS.
This report may contain data retrieved from the Sonatype OSS Index.