Press CTR-C to copy XML [help]


Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user’s risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report.

How to read the report | Suppressing false positives | Getting Help: github issues

Project: Struts BOM

org.apache.struts:struts2-bom:7.1.2-SNAPSHOT

Scan Information (show all):

Summary

Summary of Vulnerable Dependencies (click to show all)

DependencyVulnerability IDsPackageHighest SeverityCVE CountConfidenceEvidence Count
antlr-2.7.7.jarpkg:maven/antlr/antlr@2.7.7 024
asm-9.9.jarpkg:maven/org.ow2.asm/asm@9.9 054
asm-commons-9.9.jarpkg:maven/org.ow2.asm/asm-commons@9.9 058
asm-tree-9.9.jarpkg:maven/org.ow2.asm/asm-tree@9.9 058
aspectjweaver-1.9.22.1.jarpkg:maven/org.aspectj/aspectjweaver@1.9.22.1 049
batik-css-1.18.jarcpe:2.3:a:apache:batik:1.18:*:*:*:*:*:*:*
cpe:2.3:a:apache:xml_graphics_batik:1.18:*:*:*:*:*:*:*		pkg:maven/org.apache.xmlgraphics/batik-css@1.18 0Highest23
batik-i18n-1.18.jarpkg:maven/org.apache.xmlgraphics/batik-i18n@1.18 021
bootstrap.min.jspkg:javascript/bootstrap@3.3.4MEDIUM83
caffeine-3.2.3.jarpkg:maven/com.github.ben-manes.caffeine/caffeine@3.2.3 033
cglib-2.2.2.jarpkg:maven/cglib/cglib@2.2.2 032
classmate-1.5.1.jarpkg:maven/com.fasterxml/classmate@1.5.1 054
commons-beanutils-1.11.0.jarcpe:2.3:a:apache:commons_beanutils:1.11.0:*:*:*:*:*:*:*pkg:maven/commons-beanutils/commons-beanutils@1.11.0 0Highest170
commons-collections-3.2.2.jarcpe:2.3:a:apache:commons_collections:3.2.2:*:*:*:*:*:*:*pkg:maven/commons-collections/commons-collections@3.2.2 0Highest84
commons-collections4-4.5.0.jarcpe:2.3:a:apache:commons_collections:4.5.0:*:*:*:*:*:*:*pkg:maven/org.apache.commons/commons-collections4@4.5.0 0Highest113
commons-digester3-3.2.jarpkg:maven/org.apache.commons/commons-digester3@3.2 0105
commons-fileupload2-core-2.0.0-M4.jarcpe:2.3:a:apache:commons_fileupload:2.0.0:m4:*:*:*:*:*:*pkg:maven/org.apache.commons/commons-fileupload2-core@2.0.0-M4 0Highest35
commons-io-2.20.0.jarcpe:2.3:a:apache:commons_io:2.20.0:*:*:*:*:*:*:*pkg:maven/commons-io/commons-io@2.20.0 0Highest125
commons-jci-fam-1.1.jarpkg:maven/org.apache.commons/commons-jci-fam@1.1 032
commons-lang3-3.20.0.jarcpe:2.3:a:apache:commons_lang:3.20.0:*:*:*:*:*:*:*pkg:maven/org.apache.commons/commons-lang3@3.20.0 0Highest145
commons-logging-1.3.5.jarpkg:maven/commons-logging/commons-logging@1.3.5 0129
commons-text-1.14.0.jarcpe:2.3:a:apache:commons_text:1.14.0:*:*:*:*:*:*:*pkg:maven/org.apache.commons/commons-text@1.14.0 0Highest73
domTT.js 00
error_prone_annotations-2.43.0.jarpkg:maven/com.google.errorprone/error_prone_annotations@2.43.0 029
freemarker-2.3.34.jarpkg:maven/org.freemarker/freemarker@2.3.34 041
groovy-3.0.25.jarcpe:2.3:a:apache:groovy:3.0.25:*:*:*:*:*:*:*pkg:maven/org.codehaus.groovy/groovy@3.0.25 0Highest291
groovy-jsr223-3.0.25.jarcpe:2.3:a:apache:groovy:3.0.25:*:*:*:*:*:*:*pkg:maven/org.codehaus.groovy/groovy-jsr223@3.0.25 0High289
hamcrest-core-1.3.jarpkg:maven/org.hamcrest/hamcrest-core@1.3 024
hibernate-commons-annotations-5.1.2.Final.jarpkg:maven/org.hibernate.common/hibernate-commons-annotations@5.1.2.Final 044
hibernate-core-5.6.15.Final.jarcpe:2.3:a:hibernate:hibernate_orm:5.6.15:*:*:*:*:*:*:*pkg:maven/org.hibernate/hibernate-core@5.6.15.Final 0Low44
hibernate-validator-8.0.2.Final.jarcpe:2.3:a:hibernate:hibernate-validator:8.0.2:*:*:*:*:*:*:*
cpe:2.3:a:redhat:hibernate_validator:8.0.2:*:*:*:*:*:*:*		pkg:maven/org.hibernate.validator/hibernate-validator@8.0.2.Final 0Highest34
inputtransferselect.js 00
istack-commons-runtime-4.1.2.jarpkg:maven/com.sun.istack/istack-commons-runtime@4.1.2 029
jackson-core-2.19.1.jarcpe:2.3:a:fasterxml:jackson-modules-java8:2.19.1:*:*:*:*:*:*:*pkg:maven/com.fasterxml.jackson.core/jackson-core@2.19.1 0Low47
jackson-databind-2.19.1.jarcpe:2.3:a:fasterxml:jackson-databind:2.19.1:*:*:*:*:*:*:*
cpe:2.3:a:fasterxml:jackson-modules-java8:2.19.1:*:*:*:*:*:*:*		pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.19.1 0Highest41
jackson-dataformat-xml-2.19.1.jarcpe:2.3:a:fasterxml:jackson-dataformat-xml:2.19.1:*:*:*:*:*:*:*pkg:maven/com.fasterxml.jackson.dataformat/jackson-dataformat-xml@2.19.1 0Highest41
jakarta.activation-api-2.1.0.jarpkg:maven/jakarta.activation/jakarta.activation-api@2.1.0 045
jakarta.validation-api-3.0.2.jarpkg:maven/jakarta.validation/jakarta.validation-api@3.0.2 056
jakarta.xml.bind-api-4.0.0.jarpkg:maven/jakarta.xml.bind/jakarta.xml.bind-api@4.0.0 031
jandex-2.4.2.Final.jarpkg:maven/org.jboss/jandex@2.4.2.Final 042
jasperreports-7.0.3.jarcpe:2.3:a:cloud:jasperreports_library:7.0.3:*:*:*:*:*:*:*pkg:maven/net.sf.jasperreports/jasperreports@7.0.3HIGH1Low63
jasperreports-pdf-7.0.3.jarcpe:2.3:a:jaspersoft:jasperreports:7.0.3:*:*:*:*:*:*:*pkg:maven/net.sf.jasperreports/jasperreports-pdf@7.0.3 0Medium65
javassist-3.29.0-GA.jarpkg:maven/org.javassist/javassist@3.29.0-GA 056
javax.activation-api-1.2.0.jarpkg:maven/javax.activation/javax.activation-api@1.2.0 039
javax.persistence-api-2.2.jarpkg:maven/javax.persistence/javax.persistence-api@2.2 031
jaxb-api-2.3.1.jarpkg:maven/javax.xml.bind/jaxb-api@2.3.1 035
jaxb-core-4.0.6.jarpkg:maven/org.glassfish.jaxb/jaxb-core@4.0.6 040
jaxb-runtime-4.0.6.jarpkg:maven/org.glassfish.jaxb/jaxb-runtime@4.0.6 042
jboss-logging-3.4.3.Final.jarpkg:maven/org.jboss.logging/jboss-logging@3.4.3.Final 043
jboss-transaction-api_1.2_spec-1.1.1.Final.jarpkg:maven/org.jboss.spec.javax.transaction/jboss-transaction-api_1.2_spec@1.1.1.Final 039
jcommander-1.83.jarpkg:maven/org.jcommander/jcommander@1.83 025
jquery-2.1.4.min.jspkg:javascript/jquery@2.1.4.minMEDIUM43
jshint.conf.js 00
json-simple-3.0.2.jarpkg:maven/com.github.cliftonlabs/json-simple@3.0.2 033
jspecify-1.0.0.jarpkg:maven/org.jspecify/jspecify@1.0.0 032
juneau-marshall-8.1.3.jarpkg:maven/org.apache.juneau/juneau-marshall@8.1.3 027
junit-4.13.2.jarcpe:2.3:a:junit:junit4:4.13.2:*:*:*:*:*:*:*pkg:maven/junit/junit@4.13.2 0Low53
log4j-core-2.25.2.jarcpe:2.3:a:apache:log4j:2.25.2:*:*:*:*:*:*:*pkg:maven/org.apache.logging.log4j/log4j-core@2.25.2 0Highest42
log4j-slf4j-impl-2.25.2.jarpkg:maven/org.apache.logging.log4j/log4j-slf4j-impl@2.25.2 038
micrometer-commons-1.14.12.jarpkg:maven/io.micrometer/micrometer-commons@1.14.12 065
micrometer-observation-1.14.12.jarpkg:maven/io.micrometer/micrometer-observation@1.14.12 065
ognl-3.3.5.jarcpe:2.3:a:ognl_project:ognl:3.3.5:*:*:*:*:*:*:*pkg:maven/ognl/ognl@3.3.5 0Highest27
openpdf-1.3.32.jarpkg:maven/com.github.librepdf/openpdf@1.3.32 022
optiontransferselect.js 00
org.apache.struts:struts2-async-plugin:7.1.2-SNAPSHOTcpe:2.3:a:apache:struts:7.1.2:snapshot:*:*:*:*:*:*pkg:maven/org.apache.struts/struts2-async-plugin@7.1.2-SNAPSHOT 0Highest6
org.apache.struts:struts2-bean-validation-plugin:7.1.2-SNAPSHOTcpe:2.3:a:apache:struts:7.1.2:snapshot:*:*:*:*:*:*pkg:maven/org.apache.struts/struts2-bean-validation-plugin@7.1.2-SNAPSHOT 0Highest6
org.apache.struts:struts2-cdi-plugin:7.1.2-SNAPSHOTcpe:2.3:a:apache:struts:7.1.2:snapshot:*:*:*:*:*:*pkg:maven/org.apache.struts/struts2-cdi-plugin@7.1.2-SNAPSHOT 0Highest6
org.apache.struts:struts2-config-browser-plugin:7.1.2-SNAPSHOTcpe:2.3:a:apache:struts:7.1.2:snapshot:*:*:*:*:*:*pkg:maven/org.apache.struts/struts2-config-browser-plugin@7.1.2-SNAPSHOT 0Highest6
org.apache.struts:struts2-convention-plugin:7.1.2-SNAPSHOTcpe:2.3:a:apache:struts:7.1.2:snapshot:*:*:*:*:*:*pkg:maven/org.apache.struts/struts2-convention-plugin@7.1.2-SNAPSHOT 0Highest6
org.apache.struts:struts2-core:7.1.2-SNAPSHOTcpe:2.3:a:apache:struts:7.1.2:snapshot:*:*:*:*:*:*pkg:maven/org.apache.struts/struts2-core@7.1.2-SNAPSHOT 0Highest6
org.apache.struts:struts2-jasperreports-plugin:7.1.2-SNAPSHOTcpe:2.3:a:apache:struts:7.1.2:snapshot:*:*:*:*:*:*pkg:maven/org.apache.struts/struts2-jasperreports-plugin@7.1.2-SNAPSHOT 0Highest6
org.apache.struts:struts2-jasperreports7-plugin:7.1.2-SNAPSHOTcpe:2.3:a:apache:struts:7.1.2:snapshot:*:*:*:*:*:*pkg:maven/org.apache.struts/struts2-jasperreports7-plugin@7.1.2-SNAPSHOT 0Highest6
org.apache.struts:struts2-javatemplates-plugin:7.1.2-SNAPSHOTcpe:2.3:a:apache:struts:7.1.2:snapshot:*:*:*:*:*:*pkg:maven/org.apache.struts/struts2-javatemplates-plugin@7.1.2-SNAPSHOT 0Highest6
org.apache.struts:struts2-jfreechart-plugin:7.1.2-SNAPSHOTcpe:2.3:a:apache:struts:7.1.2:snapshot:*:*:*:*:*:*pkg:maven/org.apache.struts/struts2-jfreechart-plugin@7.1.2-SNAPSHOT 0Highest6
org.apache.struts:struts2-json-plugin:7.1.2-SNAPSHOTcpe:2.3:a:apache:struts:7.1.2:snapshot:*:*:*:*:*:*pkg:maven/org.apache.struts/struts2-json-plugin@7.1.2-SNAPSHOT 0Highest6
org.apache.struts:struts2-junit-plugin:7.1.2-SNAPSHOTcpe:2.3:a:apache:struts:7.1.2:snapshot:*:*:*:*:*:*pkg:maven/org.apache.struts/struts2-junit-plugin@7.1.2-SNAPSHOT 0Highest6
org.apache.struts:struts2-rest-plugin:7.1.2-SNAPSHOTcpe:2.3:a:apache:struts:7.1.2:snapshot:*:*:*:*:*:*pkg:maven/org.apache.struts/struts2-rest-plugin@7.1.2-SNAPSHOT 0Highest6
org.apache.struts:struts2-spring-plugin:7.1.2-SNAPSHOTcpe:2.3:a:apache:struts:7.1.2:snapshot:*:*:*:*:*:*pkg:maven/org.apache.struts/struts2-spring-plugin@7.1.2-SNAPSHOT 0Highest6
org.apache.struts:struts2-testng-plugin:7.1.2-SNAPSHOTcpe:2.3:a:apache:struts:7.1.2:snapshot:*:*:*:*:*:*pkg:maven/org.apache.struts/struts2-testng-plugin@7.1.2-SNAPSHOT 0Highest6
org.apache.struts:struts2-tiles-plugin:7.1.2-SNAPSHOTcpe:2.3:a:apache:struts:7.1.2:snapshot:*:*:*:*:*:*
cpe:2.3:a:apache:tiles:7.1.2:snapshot:*:*:*:*:*:*		pkg:maven/org.apache.struts/struts2-tiles-plugin@7.1.2-SNAPSHOTHIGH1Highest6
org.apache.struts:struts2-velocity-plugin:7.1.2-SNAPSHOTcpe:2.3:a:apache:struts:7.1.2:snapshot:*:*:*:*:*:*pkg:maven/org.apache.struts/struts2-velocity-plugin@7.1.2-SNAPSHOT 0Highest6
org.apache.struts:struts2-velocity-tools-jsp-jakarta:7.1.2-SNAPSHOTcpe:2.3:a:apache:struts:7.1.2:snapshot:*:*:*:*:*:*
cpe:2.3:a:apache:velocity_tools:7.1.2:snapshot:*:*:*:*:*:*		pkg:maven/org.apache.struts/struts2-velocity-tools-jsp-jakarta@7.1.2-SNAPSHOT 0Highest6
org.apache.struts:struts2-velocity-tools-view-jakarta:7.1.2-SNAPSHOTcpe:2.3:a:apache:struts:7.1.2:snapshot:*:*:*:*:*:*
cpe:2.3:a:apache:velocity_tools:7.1.2:snapshot:*:*:*:*:*:*		pkg:maven/org.apache.struts/struts2-velocity-tools-view-jakarta@7.1.2-SNAPSHOT 0Highest6
org.apache.struts:struts2-xslt-plugin:7.1.2-SNAPSHOTcpe:2.3:a:apache:struts:7.1.2:snapshot:*:*:*:*:*:*pkg:maven/org.apache.struts/struts2-xslt-plugin@7.1.2-SNAPSHOT 0Highest6
prettify.js 00
sitemesh-3.2.2.jarpkg:maven/org.sitemesh/sitemesh@3.2.2 033
slf4j-api-2.0.17.jarpkg:maven/org.slf4j/slf4j-api@2.0.17 029
spring-core-6.2.12.jarcpe:2.3:a:pivotal_software:spring_framework:6.2.12:*:*:*:*:*:*:*
cpe:2.3:a:springsource:spring_framework:6.2.12:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:6.2.12:*:*:*:*:*:*:*		pkg:maven/org.springframework/spring-core@6.2.12 0Highest41
stax2-api-4.2.2.jarpkg:maven/org.codehaus.woodstox/stax2-api@4.2.2 052
struts-annotations-2.0.jarpkg:maven/org.apache.struts/struts-annotations@2.0 029
testng-7.11.0.jarcpe:2.3:a:testng_project:testng:7.11.0:*:*:*:*:*:*:*pkg:maven/org.testng/testng@7.11.0 0Highest47
testng-7.11.0.jar: jquery-3.6.0.min.js 00
testng-7.11.0.jar: testng-reports.js 00
testng-7.11.0.jar: testng-reports2.js 00
txw2-4.0.6.jarpkg:maven/org.glassfish.jaxb/txw2@4.0.6 034
utils.js 00
validation.js 00
validation.js 00
velocity-engine-core-2.4.1.jarcpe:2.3:a:apache:velocity_engine:2.4.1:*:*:*:*:*:*:*pkg:maven/org.apache.velocity/velocity-engine-core@2.4.1 0Highest31
velocity-tools-generic-3.1.jarcpe:2.3:a:apache:velocity_tools:3.1:*:*:*:*:*:*:*pkg:maven/org.apache.velocity.tools/velocity-tools-generic@3.1 0Highest28
webconsole.js 00
woodstox-core-7.1.1.jar (shaded: com.sun.xml.bind.jaxb:isorelax:20090621)pkg:maven/com.sun.xml.bind.jaxb/isorelax@20090621 012
woodstox-core-7.1.1.jar (shaded: net.java.dev.msv:xsdlib:2022.7)cpe:2.3:a:xml_library_project:xml_library:2022.7:*:*:*:*:*:*:*pkg:maven/net.java.dev.msv/xsdlib@2022.7 0Low9
woodstox-core-7.1.1.jarcpe:2.3:a:fasterxml:woodstox:7.1.1:*:*:*:*:*:*:*pkg:maven/com.fasterxml.woodstox/woodstox-core@7.1.1 0Highest56
xml-apis-ext-1.3.04.jarcpe:2.3:a:apache:commons_lang:1.3.04:*:*:*:*:*:*:*pkg:maven/xml-apis/xml-apis-ext@1.3.04 0Low35
xmlgraphics-commons-2.10.jarcpe:2.3:a:apache:xmlgraphics_commons:2.10:*:*:*:*:*:*:*pkg:maven/org.apache.xmlgraphics/xmlgraphics-commons@2.10 0Highest29
xmpcore-6.1.11.jarpkg:maven/com.adobe.xmp/xmpcore@6.1.11 031
xstream-1.4.21.jarcpe:2.3:a:xstream:xstream:1.4.21:*:*:*:*:*:*:*pkg:maven/com.thoughtworks.xstream/xstream@1.4.21 0Highest55

Dependencies (vulnerable)

antlr-2.7.7.jar

Description:

    A framework for constructing recognizers, compilers,
    and translators from grammatical descriptions containing
    Java, C#, C++, or Python actions.

License:

BSD License: http://www.antlr.org/license.html
File Path: /Users/lukaszlenart/.m2/repository/antlr/antlr/2.7.7/antlr-2.7.7.jar
MD5: f8f1352c52a4c6a500b597596501fc64
SHA1: 83cd2cd674a217ade95a4bb83a8a14f351f48bd0
SHA256:88fbda4b912596b9f56e8e12e580cc954bacfb51776ecfddd3e18fc1cf56dc4c
Referenced In Project/Scope: Struts 2 Core:compile
antlr-2.7.7.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.hibernate/hibernate-core@5.6.15.Final

Identifiers

  • pkg:maven/antlr/antlr@2.7.7  (Confidence:High)

asm-9.9.jar

Description:

ASM, a very small and fast Java bytecode manipulation framework

License:

BSD-3-Clause: https://asm.ow2.io/license.html
File Path: /Users/lukaszlenart/.m2/repository/org/ow2/asm/asm/9.9/asm-9.9.jar
MD5: 6d1dd0482c03a6dc1807d9d004456021
SHA1: c29635c8a7afa03d74b33c1884df8abb2b3f3dcc
SHA256:03d99a74ad1ee5c71334ef67437f4ef4fe3488caa7c96d8645abc73c8e2017d4
Referenced In Projects/Scopes:
  • Struts 2 Convention Plugin:compile
  • Struts 2 Rest Showcase Webapp:compile
  • Struts 2 Showcase Webapp:compile
  • Struts 2 Assembly:compile

asm-9.9.jar is in the transitive dependency tree of the listed items.Included by:
  • pkg:maven/org.apache.struts/struts2-convention-plugin@7.1.2-SNAPSHOT
  • pkg:maven/org.apache.struts/struts2-convention-plugin@7.1.2-SNAPSHOT
  • pkg:maven/org.apache.struts/struts2-convention-plugin@7.1.2-SNAPSHOT
  • pkg:maven/org.apache.struts/struts2-convention-plugin@7.1.2-SNAPSHOT

Identifiers

  • pkg:maven/org.ow2.asm/asm@9.9  (Confidence:High)

asm-commons-9.9.jar

Description:

Usefull class adapters based on ASM, a very small and fast Java bytecode manipulation framework

License:

BSD-3-Clause: https://asm.ow2.io/license.html
File Path: /Users/lukaszlenart/.m2/repository/org/ow2/asm/asm-commons/9.9/asm-commons-9.9.jar
MD5: 8103b3de8f48fb4c7f97efdaa46ce809
SHA1: db9165a3bf908ded6b08612d583a15d1d0c7bda0
SHA256:db2f6f26150bbe7c126606b4a1151836bcc22a1e05a423b3585698bece995ff8
Referenced In Projects/Scopes:
  • Struts 2 Convention Plugin:compile
  • Struts 2 Rest Showcase Webapp:compile
  • Struts 2 Showcase Webapp:compile
  • Struts 2 Assembly:compile

asm-commons-9.9.jar is in the transitive dependency tree of the listed items.Included by:
  • pkg:maven/org.apache.struts/struts2-convention-plugin@7.1.2-SNAPSHOT
  • pkg:maven/org.apache.struts/struts2-convention-plugin@7.1.2-SNAPSHOT
  • pkg:maven/org.apache.struts/struts2-convention-plugin@7.1.2-SNAPSHOT
  • pkg:maven/org.apache.struts/struts2-convention-plugin@7.1.2-SNAPSHOT

Identifiers

  • pkg:maven/org.ow2.asm/asm-commons@9.9  (Confidence:High)

asm-tree-9.9.jar

Description:

Tree API of ASM, a very small and fast Java bytecode manipulation framework

License:

BSD-3-Clause: https://asm.ow2.io/license.html
File Path: /Users/lukaszlenart/.m2/repository/org/ow2/asm/asm-tree/9.9/asm-tree-9.9.jar
MD5: 912eeaba1a63d574ffc66c651c7c6725
SHA1: f8de6eead6d24dd0f45bd065bbe112b2cda6ea21
SHA256:42178f3775c9c63f9e5e1446747d29b4eca4d91bd6e75e5c43cfa372a47d38c6
Referenced In Projects/Scopes:
  • Struts 2 Convention Plugin:compile
  • Struts 2 Rest Showcase Webapp:compile
  • Struts 2 Showcase Webapp:compile
  • Struts 2 Assembly:compile

asm-tree-9.9.jar is in the transitive dependency tree of the listed items.Included by:
  • pkg:maven/org.ow2.asm/asm-commons@9.9
  • pkg:maven/org.apache.struts/struts2-convention-plugin@7.1.2-SNAPSHOT
  • pkg:maven/org.apache.struts/struts2-convention-plugin@7.1.2-SNAPSHOT
  • pkg:maven/org.apache.struts/struts2-convention-plugin@7.1.2-SNAPSHOT

Identifiers

  • pkg:maven/org.ow2.asm/asm-tree@9.9  (Confidence:High)

aspectjweaver-1.9.22.1.jar

Description:

The AspectJ weaver applies aspects to Java classes. It can be used as a Java agent in order to apply load-time
		weaving (LTW) during class-loading and also contains the AspectJ runtime classes.

License:

Eclipse Public License - v 2.0: https://www.eclipse.org/org/documents/epl-2.0/EPL-2.0.txt
File Path: /Users/lukaszlenart/.m2/repository/org/aspectj/aspectjweaver/1.9.22.1/aspectjweaver-1.9.22.1.jar
MD5: f2edbc088126174a11b68279bd26c6eb
SHA1: bca243d0af0db4758fbae45c5f4995cb5dabb612
SHA256:cd2dd01ec2424c05669df4d557f6c6cd7ed87b05257ee3c866b4c5b116b18a78
Referenced In Project/Scope: Struts 2 Spring Plugin:compile
aspectjweaver-1.9.22.1.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.springframework/spring-aspects@6.2.12

Identifiers

  • pkg:maven/org.aspectj/aspectjweaver@1.9.22.1  (Confidence:High)

batik-css-1.18.jar

Description:

Batik CSS engine

File Path: /Users/lukaszlenart/.m2/repository/org/apache/xmlgraphics/batik-css/1.18/batik-css-1.18.jar
MD5: 3c84f96ad95b3f2ff868f4fca2e599e5
SHA1: 639787c5503d058420eddc663f06ea8e05cc712d
SHA256:3d62a9b1f492fea44b36e9947367ee22501009da262d818df5a33b1808b1e09f
Referenced In Projects/Scopes:

  • Struts 2 Jasper Reports 7 Plugin [EXPERIMENTAL]:compile
  • Struts 2 Assembly:compile

batik-css-1.18.jar is in the transitive dependency tree of the listed items.Included by:
  • pkg:maven/net.sf.jasperreports/jasperreports@7.0.3
  • pkg:maven/org.apache.struts/struts2-jasperreports7-plugin@7.1.2-SNAPSHOT

Identifiers

batik-i18n-1.18.jar

Description:

Batik i18n library

File Path: /Users/lukaszlenart/.m2/repository/org/apache/xmlgraphics/batik-i18n/1.18/batik-i18n-1.18.jar
MD5: 32c60445f4efa48aa8f93c144f2668d7
SHA1: 816b3f791b95cc0a0cec616028a869ecc790dd4d
SHA256:cc4a2a50380a6e6295f59ef6468d351e6771e3adf68c12d79c6007e4b1cb25cc
Referenced In Projects/Scopes:

  • Struts 2 Jasper Reports 7 Plugin [EXPERIMENTAL]:compile
  • Struts 2 Assembly:compile

batik-i18n-1.18.jar is in the transitive dependency tree of the listed items.Included by:
  • pkg:maven/org.apache.struts/struts2-jasperreports7-plugin@7.1.2-SNAPSHOT
  • pkg:maven/net.sf.jasperreports/jasperreports@7.0.3

Identifiers

  • pkg:maven/org.apache.xmlgraphics/batik-i18n@1.18  (Confidence:High)

bootstrap.min.js

File Path: /Users/lukaszlenart/Projects/Apache/struts-site/target/struts/apps/showcase/src/main/webapp/js/bootstrap.min.js
MD5: 8c237312864d2e4c4f03544cd4f9b195
SHA1: 253711c6d825de55a8360552573be950da180614
SHA256:d5fd173d00d9733900834e0e1083de86b532e048b15c0420ba5c2db0623644b8
Referenced In Project/Scope: Struts 2 Showcase Webapp

Identifiers

  • pkg:javascript/bootstrap@3.3.4  (Confidence:Highest)

CVE-2016-10735  

In Bootstrap 3.x before 3.4.0 and 4.x-beta before 4.0.0-beta.2, XSS is possible in the data-target attribute, a different vulnerability than CVE-2018-14041.
CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

CVSSv3:
  • Base Score: MEDIUM (6.1)
  • Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:2.8/RC:R/MAV:A
CVSSv2:
  • Base Score: MEDIUM (4.3)
  • Vector: /AV:N/AC:M/Au:N/C:N/I:P/A:N

References:

Vulnerable Software & Versions (NVD):

  • cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:* versions from (including) 3.0.0; versions up to (excluding) 3.4.0
  • cpe:2.3:a:getbootstrap:bootstrap:4.0.0:beta:*:*:*:*:*:*

CVE-2018-14041  

In Bootstrap before 4.1.2, XSS is possible in the data-target property of scrollspy.
CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

CVSSv3:
  • Base Score: MEDIUM (6.1)
  • Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:2.8/RC:R/MAV:A
CVSSv2:
  • Base Score: MEDIUM (4.3)
  • Vector: /AV:N/AC:M/Au:N/C:N/I:P/A:N

References:

Vulnerable Software & Versions (NVD):

  • cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:* versions from (including) 4.0.0; versions up to (excluding) 4.1.2
  • cpe:2.3:a:getbootstrap:bootstrap:4.0.0:alpha:*:*:*:*:*:*
  • cpe:2.3:a:getbootstrap:bootstrap:4.0.0:alpha2:*:*:*:*:*:*
  • cpe:2.3:a:getbootstrap:bootstrap:4.0.0:alpha3:*:*:*:*:*:*
  • cpe:2.3:a:getbootstrap:bootstrap:4.0.0:alpha4:*:*:*:*:*:*
  • cpe:2.3:a:getbootstrap:bootstrap:4.0.0:alpha5:*:*:*:*:*:*
  • cpe:2.3:a:getbootstrap:bootstrap:4.0.0:alpha6:*:*:*:*:*:*
  • cpe:2.3:a:getbootstrap:bootstrap:4.0.0:beta:*:*:*:*:*:*
  • cpe:2.3:a:getbootstrap:bootstrap:4.0.0:beta2:*:*:*:*:*:*
  • cpe:2.3:a:getbootstrap:bootstrap:4.0.0:beta3:*:*:*:*:*:*

CVE-2018-14042  

In Bootstrap before 4.1.2, XSS is possible in the data-container property of tooltip.
CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

CVSSv3:
  • Base Score: MEDIUM (6.1)
  • Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:2.8/RC:R/MAV:A
CVSSv2:
  • Base Score: MEDIUM (4.3)
  • Vector: /AV:N/AC:M/Au:N/C:N/I:P/A:N

References:

Vulnerable Software & Versions (NVD):

  • cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:* versions up to (excluding) 3.4.0
  • cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:* versions from (including) 4.0.0; versions up to (excluding) 4.1.2
  • cpe:2.3:a:getbootstrap:bootstrap:4.0.0:alpha:*:*:*:*:*:*
  • cpe:2.3:a:getbootstrap:bootstrap:4.0.0:alpha2:*:*:*:*:*:*
  • cpe:2.3:a:getbootstrap:bootstrap:4.0.0:alpha3:*:*:*:*:*:*
  • cpe:2.3:a:getbootstrap:bootstrap:4.0.0:alpha4:*:*:*:*:*:*
  • cpe:2.3:a:getbootstrap:bootstrap:4.0.0:alpha5:*:*:*:*:*:*
  • cpe:2.3:a:getbootstrap:bootstrap:4.0.0:alpha6:*:*:*:*:*:*
  • cpe:2.3:a:getbootstrap:bootstrap:4.0.0:beta:*:*:*:*:*:*
  • cpe:2.3:a:getbootstrap:bootstrap:4.0.0:beta2:*:*:*:*:*:*
  • cpe:2.3:a:getbootstrap:bootstrap:4.0.0:beta3:*:*:*:*:*:*

CVE-2018-20676  

In Bootstrap before 3.4.0, XSS is possible in the tooltip data-viewport attribute.
CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

CVSSv3:
  • Base Score: MEDIUM (6.1)
  • Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:2.8/RC:R/MAV:A
CVSSv2:
  • Base Score: MEDIUM (4.3)
  • Vector: /AV:N/AC:M/Au:N/C:N/I:P/A:N

References:

Vulnerable Software & Versions (NVD):

  • cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:* versions up to (excluding) 3.4.0

CVE-2018-20677  

In Bootstrap before 3.4.0, XSS is possible in the affix configuration target property.
CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

CVSSv3:
  • Base Score: MEDIUM (6.1)
  • Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:2.8/RC:R/MAV:A
CVSSv2:
  • Base Score: MEDIUM (4.3)
  • Vector: /AV:N/AC:M/Au:N/C:N/I:P/A:N

References:

Vulnerable Software & Versions (NVD):

  • cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:* versions up to (excluding) 3.4.0

CVE-2019-8331  

In Bootstrap before 3.4.1 and 4.3.x before 4.3.1, XSS is possible in the tooltip or popover data-template attribute.
CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

CVSSv3:
  • Base Score: MEDIUM (6.1)
  • Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:2.8/RC:R/MAV:A
CVSSv2:
  • Base Score: MEDIUM (4.3)
  • Vector: /AV:N/AC:M/Au:N/C:N/I:P/A:N

References:

Vulnerable Software & Versions (NVD):

  • cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:* versions from (including) 12.1.0; versions up to (excluding) 12.1.5.1
  • cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:* versions from (including) 13.0.0; versions up to (excluding) 13.1.3.4
  • cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:* versions from (including) 14.0.0; versions up to (excluding) 14.1.2.5
  • cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:* versions from (including) 15.0.0; versions up to (excluding) 15.1.0
  • cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:* versions from (including) 12.1.0; versions up to (excluding) 12.1.5.1
  • cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:* versions from (including) 13.0.0; versions up to (excluding) 13.1.3.4
  • cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:* versions from (including) 14.0.0; versions up to (excluding) 14.1.2.5
  • cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:* versions from (including) 15.0.0; versions up to (excluding) 15.1.0
  • cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:* versions from (including) 12.1.0; versions up to (excluding) 12.1.5.1
  • cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:* versions from (including) 13.0.0; versions up to (excluding) 13.1.3.4
  • cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:* versions from (including) 14.0.0; versions up to (excluding) 14.1.2.5
  • cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:* versions from (including) 15.0.0; versions up to (excluding) 15.1.0
  • cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:* versions from (including) 12.1.0; versions up to (excluding) 12.1.5.1
  • cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:* versions from (including) 13.0.0; versions up to (excluding) 13.1.3.4
  • cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:* versions from (including) 14.0.0; versions up to (excluding) 14.1.2.5
  • cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:* versions from (including) 15.0.0; versions up to (excluding) 15.1.0
  • cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:* versions from (including) 12.1.0; versions up to (excluding) 12.1.5.1
  • cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:* versions from (including) 13.0.0; versions up to (excluding) 13.1.3.4
  • cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:* versions from (including) 14.0.0; versions up to (excluding) 14.1.2.5
  • cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:* versions from (including) 15.0.0; versions up to (excluding) 15.1.0
  • cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:* versions from (including) 12.1.0; versions up to (excluding) 12.1.5.1
  • cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:* versions from (including) 13.0.0; versions up to (excluding) 13.1.3.4
  • cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:* versions from (including) 14.0.0; versions up to (excluding) 14.1.2.5
  • cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:* versions from (including) 15.0.0; versions up to (excluding) 15.1.0
  • cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:* versions from (including) 12.1.0; versions up to (excluding) 12.1.5.1
  • cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:* versions from (including) 13.0.0; versions up to (excluding) 13.1.3.4
  • cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:* versions from (including) 14.0.0; versions up to (excluding) 14.1.2.5
  • cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:* versions from (including) 15.0.0; versions up to (excluding) 15.1.0
  • cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:* versions from (including) 12.1.0; versions up to (excluding) 12.1.5.1
  • cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:* versions from (including) 13.0.0; versions up to (excluding) 13.1.3.4
  • cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:* versions from (including) 14.0.0; versions up to (excluding) 14.1.2.5
  • cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:* versions from (including) 15.0.0; versions up to (excluding) 15.1.0
  • cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:* versions from (including) 12.1.0; versions up to (excluding) 12.1.5.1
  • cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:* versions from (including) 13.0.0; versions up to (excluding) 13.1.3.4
  • cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:* versions from (including) 14.0.0; versions up to (excluding) 14.1.2.5
  • cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:* versions from (including) 15.0.0; versions up to (excluding) 15.1.0
  • cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:* versions from (including) 12.1.0; versions up to (excluding) 12.1.5.1
  • cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:* versions from (including) 13.0.0; versions up to (excluding) 13.1.3.4
  • cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:* versions from (including) 14.0.0; versions up to (excluding) 14.1.2.5
  • cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:* versions from (including) 15.0.0; versions up to (excluding) 15.1.0
  • cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:* versions from (including) 12.1.0; versions up to (excluding) 12.1.5.1
  • cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:* versions from (including) 13.0.0; versions up to (excluding) 13.1.3.4
  • cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:* versions from (including) 14.0.0; versions up to (excluding) 14.1.2.5
  • cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:* versions from (including) 15.0.0; versions up to (excluding) 15.1.0
  • cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:* versions from (including) 12.1.0; versions up to (excluding) 12.1.5.1
  • cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:* versions from (including) 13.0.0; versions up to (excluding) 13.1.3.4
  • cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:* versions from (including) 14.0.0; versions up to (excluding) 14.1.2.5
  • cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:* versions from (including) 15.0.0; versions up to (excluding) 15.1.0
  • cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:* versions from (including) 12.1.0; versions up to (excluding) 12.1.5.1
  • cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:* versions from (including) 13.0.0; versions up to (excluding) 13.1.3.4
  • cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:* versions from (including) 14.0.0; versions up to (excluding) 14.1.2.5
  • cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:* versions from (including) 15.0.0; versions up to (excluding) 15.1.0
  • cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:* versions up to (excluding) 3.4.1
  • cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:* versions from (including) 4.3.0; versions up to (excluding) 4.3.1
  • cpe:2.3:a:redhat:virtualization_manager:4.3:*:*:*:*:*:*:*
  • cpe:2.3:a:tenable:tenable.sc:*:*:*:*:*:*:*:* versions up to (excluding) 5.19.0

CVE-2024-6485 (RETIREJS)  

Unscored:

  • Severity: medium

References:

Bootstrap before 4.0.0 is end-of-life and no longer maintained. (RETIREJS)  

Bootstrap before 4.0.0 is end-of-life and no longer maintained.
Unscored:
  • Severity: low

References:

caffeine-3.2.3.jar

Description:

A high performance caching library

License:

Apache License, Version 2.0: https://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /Users/lukaszlenart/.m2/repository/com/github/ben-manes/caffeine/caffeine/3.2.3/caffeine-3.2.3.jar
MD5: 0258f45d43968523cc11beeb01b240f2
SHA1: c097f0f6d21a0e6db88ea55836e26419b30dfe19
SHA256:ca70c90a5d1ce1511880ce9c93d4ad22108f61111d3daf91eb52762b571bd179
Referenced In Projects/Scopes:
  • Struts 2 Rest Showcase Webapp:compile
  • Struts 2 Webapps:compile
  • Struts 2 Showcase Webapp:compile
  • Struts 2 Assembly:compile
  • Struts 2 Core:compile

caffeine-3.2.3.jar is in the transitive dependency tree of the listed items.Included by:
  • pkg:maven/org.apache.struts/struts2-core@7.1.2-SNAPSHOT
  • pkg:maven/org.apache.struts/struts2-core@7.1.2-SNAPSHOT
  • pkg:maven/org.apache.struts/struts2-core@7.1.2-SNAPSHOT
  • pkg:maven/org.apache.struts/struts2-core@7.1.2-SNAPSHOT
  • pkg:maven/org.apache.struts/struts2-core@7.1.2-SNAPSHOT

Identifiers

  • pkg:maven/com.github.ben-manes.caffeine/caffeine@3.2.3  (Confidence:High)

cglib-2.2.2.jar

Description:

Code generation library

License:

ASF 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /Users/lukaszlenart/.m2/repository/cglib/cglib/2.2.2/cglib-2.2.2.jar
MD5: b3f681be48fce094cf01a045f5bdca6f
SHA1: a47a971686474124562bdd4a7ccbd8ac8c3e8b11
SHA256:a93e4485d274277177480c4afe6ddd8355cda1cacfe356c134e25d65193935fd
Referenced In Projects/Scopes:
  • Struts 2 Showcase Webapp:compile
  • Struts 2 Tiles Plugin:compile
  • Struts 2 Assembly:compile

cglib-2.2.2.jar is in the transitive dependency tree of the listed items.Included by:
  • pkg:maven/org.apache.struts/struts2-tiles-plugin@7.1.2-SNAPSHOT
  • pkg:maven/org.apache.struts/struts2-tiles-plugin@7.1.2-SNAPSHOT
  • pkg:maven/org.apache.commons/commons-digester3@3.2

Identifiers

  • pkg:maven/cglib/cglib@2.2.2  (Confidence:High)

classmate-1.5.1.jar

Description:

Library for introspecting types with full generic information
        including resolving of field and method types.

License:

Apache License, Version 2.0: https://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /Users/lukaszlenart/.m2/repository/com/fasterxml/classmate/1.5.1/classmate-1.5.1.jar
MD5: e91fcd30ba329fd1b0b6dc5321fd067c
SHA1: 3fe0bed568c62df5e89f4f174c101eab25345b6c
SHA256:aab4de3006808c09d25dd4ff4a3611cfb63c95463cfd99e73d2e1680d229a33b
Referenced In Projects/Scopes:
  • Struts 2 Showcase Webapp:compile
  • Struts 2 Core:compile

classmate-1.5.1.jar is in the transitive dependency tree of the listed items.Included by:
  • pkg:maven/org.hibernate/hibernate-core@5.6.15.Final
  • pkg:maven/org.hibernate.validator/hibernate-validator@8.0.2.Final

Identifiers

  • pkg:maven/com.fasterxml/classmate@1.5.1  (Confidence:High)

commons-beanutils-1.11.0.jar

Description:

Apache Commons BeanUtils provides an easy-to-use but flexible wrapper around reflection and introspection.

License:

https://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /Users/lukaszlenart/.m2/repository/commons-beanutils/commons-beanutils/1.11.0/commons-beanutils-1.11.0.jar
MD5: 32ed51f196dfda19e0dc1ce53eeed29e
SHA1: ac03ea606d13de04c2e4508227680faff151f491
SHA256:9e44ba68ec9a3f21286fa2a8bbb003b735c0f69101bb43144b79f4f8aaa74709
Referenced In Projects/Scopes:
  • Struts 2 Jasper Reports 7 Plugin [EXPERIMENTAL]:compile
  • Struts 2 REST Plugin:compile
  • Struts 2 Velocity Plugin:compile
  • Struts 2 Jakarta EE Compatible Velocity Tools Jsp:compile
  • Struts 2 Showcase Webapp:compile
  • Struts 2 Tiles Plugin:compile
  • Struts 2 Assembly:compile

commons-beanutils-1.11.0.jar is in the transitive dependency tree of the listed items.Included by:
  • pkg:maven/org.apache.velocity.tools/velocity-tools-generic@3.1
  • pkg:maven/org.apache.struts/struts2-tiles-plugin@7.1.2-SNAPSHOT
  • pkg:maven/org.apache.struts/struts2-jasperreports7-plugin@7.1.2-SNAPSHOT
  • pkg:maven/net.sf.jasperreports/jasperreports@7.0.3
  • pkg:maven/org.apache.commons/commons-digester3@3.2
  • pkg:maven/org.apache.struts/struts2-velocity-tools-jsp-jakarta@7.1.2-SNAPSHOT
  • pkg:maven/org.apache.struts/struts2-rest-plugin@7.1.2-SNAPSHOT

Identifiers

commons-collections-3.2.2.jar

Description:

Types that extend and augment the Java Collections Framework.

License:

http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /Users/lukaszlenart/.m2/repository/commons-collections/commons-collections/3.2.2/commons-collections-3.2.2.jar
MD5: f54a8510f834a1a57166970bfc982e94
SHA1: 8ad72fe39fa8c91eaaf12aadb21e0c3661fe26d5
SHA256:eeeae917917144a68a741d4c0dff66aa5c5c5fd85593ff217bced3fc8ca783b8
Referenced In Projects/Scopes:
  • Struts 2 Jasper Reports 7 Plugin [EXPERIMENTAL]:compile
  • Struts 2 REST Plugin:compile
  • Struts 2 Velocity Plugin:compile
  • Struts 2 Jakarta EE Compatible Velocity Tools Jsp:compile
  • Struts 2 Showcase Webapp:compile
  • Struts 2 Tiles Plugin:compile
  • Struts 2 Assembly:compile

commons-collections-3.2.2.jar is in the transitive dependency tree of the listed items.Included by:
  • pkg:maven/org.apache.struts/struts2-tiles-plugin@7.1.2-SNAPSHOT
  • pkg:maven/org.apache.velocity.tools/velocity-tools-generic@3.1
  • pkg:maven/org.apache.struts/struts2-jasperreports7-plugin@7.1.2-SNAPSHOT
  • pkg:maven/org.apache.commons/commons-digester3@3.2
  • pkg:maven/commons-beanutils/commons-beanutils@1.11.0
  • pkg:maven/org.apache.struts/struts2-velocity-tools-jsp-jakarta@7.1.2-SNAPSHOT
  • pkg:maven/net.sf.jasperreports/jasperreports@7.0.3

Identifiers

commons-collections4-4.5.0.jar

Description:

The Apache Commons Collections package contains types that extend and augment the Java Collections Framework.

License:

https://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /Users/lukaszlenart/.m2/repository/org/apache/commons/commons-collections4/4.5.0/commons-collections4-4.5.0.jar
MD5: d564105594035b363b193d8ce3c18b98
SHA1: e5cf89f0c6e132fc970bd9a465fdcb8dbe94f75a
SHA256:00f93263c267be201b8ae521b44a7137271b16688435340bf629db1bac0a5845
Referenced In Projects/Scopes:
  • Struts 2 Jasper Reports 7 Plugin [EXPERIMENTAL]:compile
  • Struts 2 Assembly:compile

commons-collections4-4.5.0.jar is in the transitive dependency tree of the listed items.Included by:
  • pkg:maven/org.apache.struts/struts2-jasperreports7-plugin@7.1.2-SNAPSHOT
  • pkg:maven/net.sf.jasperreports/jasperreports@7.0.3

Identifiers

commons-digester3-3.2.jar

Description:

    The Apache Commons Digester package lets you configure an XML to Java
    object mapping module which triggers certain actions called rules whenever
    a particular pattern of nested XML elements is recognized.

License:

http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /Users/lukaszlenart/.m2/repository/org/apache/commons/commons-digester3/3.2/commons-digester3-3.2.jar
MD5: 41d2c62c7aedafa7a3627794abc83f71
SHA1: c3f68c5ff25ec5204470fd8fdf4cb8feff5e8a79
SHA256:1c150e3d2df4b4237b47e28fea2079fb0da324578d5cca6a5fed2e37a62082ec
Referenced In Projects/Scopes:
  • Struts 2 Velocity Plugin:compile
  • Struts 2 Jakarta EE Compatible Velocity Tools Jsp:compile
  • Struts 2 Showcase Webapp:compile
  • Struts 2 Tiles Plugin:compile
  • Struts 2 Assembly:compile

commons-digester3-3.2.jar is in the transitive dependency tree of the listed items.Included by:
  • pkg:maven/org.apache.struts/struts2-tiles-plugin@7.1.2-SNAPSHOT
  • pkg:maven/org.apache.struts/struts2-tiles-plugin@7.1.2-SNAPSHOT
  • pkg:maven/org.apache.velocity.tools/velocity-tools-generic@3.1
  • pkg:maven/org.apache.struts/struts2-tiles-plugin@7.1.2-SNAPSHOT
  • pkg:maven/org.apache.struts/struts2-velocity-tools-jsp-jakarta@7.1.2-SNAPSHOT

Identifiers

  • pkg:maven/org.apache.commons/commons-digester3@3.2  (Confidence:High)

commons-fileupload2-core-2.0.0-M4.jar

Description:

    The Apache Commons FileUpload Core component provides the framework for a simple yet flexible means of adding support for multipart
    file upload functionality to servlets, portlets, and web applications.

License:

https://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /Users/lukaszlenart/.m2/repository/org/apache/commons/commons-fileupload2-core/2.0.0-M4/commons-fileupload2-core-2.0.0-M4.jar
MD5: e7fb1d376a2cab4732c3c12acf69413d
SHA1: 3284839791dc0130ad07d594a05c7c8750aa4dd6
SHA256:d285cd8cdde3d9466208b37c7750454b0b280ea773b19b050ae1e2ddb09e6991
Referenced In Projects/Scopes:
  • Struts 2 Rest Showcase Webapp:compile
  • Struts 2 Webapps:compile
  • Struts 2 Showcase Webapp:compile
  • Struts 2 Assembly:compile
  • Struts 2 Core:compile

commons-fileupload2-core-2.0.0-M4.jar is in the transitive dependency tree of the listed items.Included by:
  • pkg:maven/org.apache.struts/struts2-core@7.1.2-SNAPSHOT
  • pkg:maven/org.apache.struts/struts2-core@7.1.2-SNAPSHOT
  • pkg:maven/org.apache.struts/struts2-core@7.1.2-SNAPSHOT
  • pkg:maven/org.apache.commons/commons-fileupload2-jakarta-servlet6@2.0.0-M4
  • pkg:maven/org.apache.struts/struts2-core@7.1.2-SNAPSHOT

Identifiers

commons-io-2.20.0.jar

Description:

The Apache Commons IO library contains utility classes, stream implementations, file filters,
file comparators, endian transformation classes, and much more.

License:

https://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /Users/lukaszlenart/.m2/repository/commons-io/commons-io/2.20.0/commons-io-2.20.0.jar
MD5: 94e7e6b9b5fe82388687b584d3571081
SHA1: 36f3474daec2849c149e877614e7f979b2082cd2
SHA256:df90bba0fe3cb586b7f164e78fe8f8f4da3f2dd5c27fa645f888100ccc25dd72
Referenced In Projects/Scopes:
  • Struts 2 Jasper Reports 7 Plugin [EXPERIMENTAL]:compile
  • Struts 2 Rest Showcase Webapp:compile
  • Struts 2 Webapps:compile
  • Struts 2 Showcase Webapp:compile
  • Struts 2 Assembly:compile
  • Struts 2 Core:compile

commons-io-2.20.0.jar is in the transitive dependency tree of the listed items.Included by:
  • pkg:maven/org.apache.struts/struts2-core@7.1.2-SNAPSHOT
  • pkg:maven/org.htmlunit/htmlunit@4.17.0
  • pkg:maven/org.apache.struts/struts2-core@7.1.2-SNAPSHOT
  • pkg:maven/org.apache.struts/struts2-core@7.1.2-SNAPSHOT
  • pkg:maven/org.htmlunit/htmlunit@4.17.0
  • pkg:maven/org.apache.struts/struts2-core@7.1.2-SNAPSHOT

Identifiers

commons-jci-fam-1.1.jar

Description:

        Commons JCI FileAlterationMonitor (FAM) to monitor local filesystems and get notified about changes.

License:

http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /Users/lukaszlenart/.m2/repository/org/apache/commons/commons-jci-fam/1.1/commons-jci-fam-1.1.jar
MD5: 97f78ec23facfb57a63b8355fd90054f
SHA1: 32ae39163b0d71ad2487f71acf107a7ac2c67e5c
SHA256:b16da511a42f7454c0d28ecb5464c1a84bc7a41339112220c601f4db4cfcc85b
Referenced In Project/Scope: Struts 2 Spring Plugin:compile
commons-jci-fam-1.1.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.apache.struts/struts2-spring-plugin@7.1.2-SNAPSHOT

Identifiers

  • pkg:maven/org.apache.commons/commons-jci-fam@1.1  (Confidence:High)

commons-lang3-3.20.0.jar

Description:

  Apache Commons Lang, a package of Java utility classes for the
  classes that are in java.lang's hierarchy, or are considered to be so
  standard as to justify existence in java.lang.

  The code is tested using the latest revision of the JDK for supported
  LTS releases: 8, 11, 17, 21 and 25 currently.
  See https://github.com/apache/commons-lang/blob/master/.github/workflows/maven.yml
  
  Please ensure your build environment is up-to-date and kindly report any build issues.

License:

https://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /Users/lukaszlenart/.m2/repository/org/apache/commons/commons-lang3/3.20.0/commons-lang3-3.20.0.jar
MD5: 4b29562ded527aa074e1d44f8646dac5
SHA1: 65897b3e5731220962e659e001904af3c3cbeba9
SHA256:69e5c9fa35da7a51a5fd2099dfe56a2d8d32cf233e2f6d770e796146440263f4
Referenced In Projects/Scopes:
  • Struts 2 Rest Showcase Webapp:compile
  • Struts 2 Webapps:compile
  • Struts 2 Velocity Plugin:compile
  • Struts 2 Jakarta EE Compatible Velocity Tools Jsp:compile
  • Struts 2 Configuration Browser Plugin:compile
  • Struts 2 Showcase Webapp:compile
  • Struts 2 Tiles Plugin:compile
  • Struts 2 Assembly:compile
  • Struts 2 Core:compile

commons-lang3-3.20.0.jar is in the transitive dependency tree of the listed items.Included by:
  • pkg:maven/org.apache.velocity/velocity-engine-core@2.4.1
  • pkg:maven/org.htmlunit/htmlunit@4.17.0
  • pkg:maven/org.htmlunit/htmlunit@4.17.0
  • pkg:maven/org.apache.struts/struts2-core@7.1.2-SNAPSHOT
  • pkg:maven/org.apache.struts/struts2-core@7.1.2-SNAPSHOT
  • pkg:maven/org.apache.velocity.tools/velocity-tools-generic@3.1
  • pkg:maven/org.apache.struts/struts2-core@7.1.2-SNAPSHOT
  • pkg:maven/org.apache.velocity/velocity-engine-core@2.4.1
  • pkg:maven/org.apache.struts/struts2-core@7.1.2-SNAPSHOT

Identifiers

commons-logging-1.3.5.jar

Description:

Apache Commons Logging is a thin adapter allowing configurable bridging to other,
    well-known logging systems.

License:

https://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /Users/lukaszlenart/.m2/repository/commons-logging/commons-logging/1.3.5/commons-logging-1.3.5.jar
MD5: 9ca067b073153c86c2da350c0f2cdf70
SHA1: a3fcc5d3c29b2b03433aa2d2f2d2c1b1638924a1
SHA256:6d7a744e4027649fbb50895df9497d109f98c766a637062fe8d2eabbb3140ba4
Referenced In Projects/Scopes:
  • Struts 2 Jasper Reports 7 Plugin [EXPERIMENTAL]:compile
  • Struts 2 REST Plugin:compile
  • Struts 2 Velocity Plugin:compile
  • Struts 2 Jakarta EE Compatible Velocity Tools Jsp:compile
  • Struts 2 Showcase Webapp:compile
  • Struts 2 Spring Plugin:compile
  • Struts 2 Assembly:compile

commons-logging-1.3.5.jar is in the transitive dependency tree of the listed items.Included by:
  • pkg:maven/org.apache.commons/commons-jci-fam@1.1
  • pkg:maven/net.sf.jasperreports/jasperreports@7.0.3
  • pkg:maven/org.apache.struts/struts2-jasperreports7-plugin@7.1.2-SNAPSHOT
  • pkg:maven/org.apache.struts/struts2-velocity-tools-jsp-jakarta@7.1.2-SNAPSHOT
  • pkg:maven/org.apache.velocity.tools/velocity-tools-generic@3.1
  • pkg:maven/org.apache.logging.log4j/log4j-jcl@2.25.2
  • pkg:maven/commons-beanutils/commons-beanutils@1.11.0

Identifiers

  • pkg:maven/commons-logging/commons-logging@1.3.5  (Confidence:High)

commons-text-1.14.0.jar

Description:

Apache Commons Text is a set of utility functions and reusable components for processing
    and manipulating text in a Java environment.

License:

https://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /Users/lukaszlenart/.m2/repository/org/apache/commons/commons-text/1.14.0/commons-text-1.14.0.jar
MD5: 54960a12a82d52df3d5548d6934d87b2
SHA1: adcb0d4c67eabc79682604b47eb852aaff21138a
SHA256:121fce2282910c8f0c3ba793a5436b31beb710423cbe2d574a3fb7a73c508e92
Referenced In Projects/Scopes:
  • Struts 2 Rest Showcase Webapp:compile
  • Struts 2 Webapps:compile
  • Struts 2 Showcase Webapp:compile
  • Struts 2 Assembly:compile
  • Struts 2 Core:compile

commons-text-1.14.0.jar is in the transitive dependency tree of the listed items.Included by:
  • pkg:maven/org.apache.struts/struts2-core@7.1.2-SNAPSHOT
  • pkg:maven/org.apache.struts/struts2-core@7.1.2-SNAPSHOT
  • pkg:maven/org.apache.struts/struts2-core@7.1.2-SNAPSHOT
  • pkg:maven/org.apache.struts/struts2-core@7.1.2-SNAPSHOT
  • pkg:maven/org.apache.struts/struts2-core@7.1.2-SNAPSHOT

Identifiers

domTT.js

File Path: /Users/lukaszlenart/Projects/Apache/struts-site/target/struts/core/src/main/resources/org/apache/struts2/static/domTT.js
MD5: 44ed51154c7fa928005f39bbbed7d01a
SHA1: 5584aa1028220f041ff7d89c48e9e8ffeaa05256
SHA256:60c72fad5a9688fc6a143176d84814b9ea2c4c9c882b4799921b950c415b961e
Referenced In Project/Scope: Struts 2 Core

Identifiers

  • None

error_prone_annotations-2.43.0.jar

Description:

Error Prone is a static analysis tool for Java that catches common programming mistakes at compile-time.

License:

Apache 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /Users/lukaszlenart/.m2/repository/com/google/errorprone/error_prone_annotations/2.43.0/error_prone_annotations-2.43.0.jar
MD5: 59fe4a79ce3218423f4f8918f04ef22f
SHA1: a4f9062316c31850b03085e45717f564fd563ceb
SHA256:48272e75c16e1f7bdc7bd19529ccacd5ee170404701d7f5a23441bb5847957f5
Referenced In Projects/Scopes:
  • Struts 2 Rest Showcase Webapp:compile
  • Struts 2 Webapps:compile
  • Struts 2 Showcase Webapp:compile
  • Struts 2 Assembly:compile
  • Struts 2 Core:compile

error_prone_annotations-2.43.0.jar is in the transitive dependency tree of the listed items.Included by:
  • pkg:maven/org.apache.struts/struts2-core@7.1.2-SNAPSHOT
  • pkg:maven/org.apache.struts/struts2-core@7.1.2-SNAPSHOT
  • pkg:maven/com.github.ben-manes.caffeine/caffeine@3.2.3
  • pkg:maven/org.apache.struts/struts2-core@7.1.2-SNAPSHOT
  • pkg:maven/org.apache.struts/struts2-core@7.1.2-SNAPSHOT

Identifiers

  • pkg:maven/com.google.errorprone/error_prone_annotations@2.43.0  (Confidence:High)

freemarker-2.3.34.jar

Description:

    FreeMarker is a "template engine"; a generic tool to generate text output based on templates.

License:

Apache License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /Users/lukaszlenart/.m2/repository/org/freemarker/freemarker/2.3.34/freemarker-2.3.34.jar
MD5: 1704fd3c579385ca5fd0ebcdf50df73c
SHA1: c2fa47a1c3b6dcdfca90e952e51211967a4baa54
SHA256:9a9fb91cd64199232eb1ca9766148a5d30ef8944be5fac051018f96c70c8f6a3
Referenced In Projects/Scopes:
  • Struts 2 Rest Showcase Webapp:compile
  • Struts 2 Webapps:compile
  • Struts 2 Showcase Webapp:compile
  • Struts 2 Assembly:compile
  • Struts 2 Core:compile

freemarker-2.3.34.jar is in the transitive dependency tree of the listed items.Included by:
  • pkg:maven/org.apache.struts/struts2-core@7.1.2-SNAPSHOT
  • pkg:maven/org.apache.struts/struts2-core@7.1.2-SNAPSHOT
  • pkg:maven/org.apache.struts/struts2-core@7.1.2-SNAPSHOT
  • pkg:maven/org.apache.struts/struts2-core@7.1.2-SNAPSHOT
  • pkg:maven/org.apache.struts/struts2-core@7.1.2-SNAPSHOT

Identifiers

  • pkg:maven/org.freemarker/freemarker@2.3.34  (Confidence:High)

groovy-3.0.25.jar

Description:

Groovy: A powerful, dynamic language for the JVM

License:

The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /Users/lukaszlenart/.m2/repository/org/codehaus/groovy/groovy/3.0.25/groovy-3.0.25.jar
MD5: 820ab63272be6bfb864027ebac222874
SHA1: 0afc7f7a3b2e3e86482d1f636aa3c1733f9c7473
SHA256:ad009e985dd84e4f524f4ed1751866da5bef816b691851bfbcefa48a01180a07
Referenced In Project/Scope: Struts 2 Showcase Webapp:compile
groovy-3.0.25.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.codehaus.groovy/groovy-jsr223@3.0.25

Identifiers

groovy-jsr223-3.0.25.jar

Description:

Groovy: A powerful, dynamic language for the JVM

License:

The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /Users/lukaszlenart/.m2/repository/org/codehaus/groovy/groovy-jsr223/3.0.25/groovy-jsr223-3.0.25.jar
MD5: aaf5e98efc6699a4ad23bedf157800bb
SHA1: 556af05bbaa01b3ee01aa375ad730f5016502613
SHA256:7d703a1d484ac1135b78b24a4880f5653161cda83454c0f484fa09e29311d3bd
Referenced In Project/Scope: Struts 2 Showcase Webapp:compile
groovy-jsr223-3.0.25.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.apache.struts/struts2-showcase@7.1.2-SNAPSHOT

Identifiers

hamcrest-core-1.3.jar

Description:

    This is the core API of hamcrest matcher framework to be used by third-party framework providers. This includes the a foundation set of matcher implementations for common operations.

File Path: /Users/lukaszlenart/.m2/repository/org/hamcrest/hamcrest-core/1.3/hamcrest-core-1.3.jar
MD5: 6393363b47ddcbba82321110c3e07519
SHA1: 42a25dc3219429f0e5d060061f71acb49bf010a0
SHA256:66fdef91e9739348df7a096aa384a5685f4e875584cce89386a7a47251c4d8e9
Referenced In Projects/Scopes:

  • Struts 2 JUnit Plugin:compile
  • Struts 2 Core:compile

hamcrest-core-1.3.jar is in the transitive dependency tree of the listed items.Included by:
  • pkg:maven/junit/junit@4.13.2
  • pkg:maven/junit/junit@4.13.2

Identifiers

  • pkg:maven/org.hamcrest/hamcrest-core@1.3  (Confidence:High)

hibernate-commons-annotations-5.1.2.Final.jar

Description:

Common reflection code used in support of annotation processing

License:

GNU Library General Public License v2.1 or later: http://www.opensource.org/licenses/LGPL-2.1
File Path: /Users/lukaszlenart/.m2/repository/org/hibernate/common/hibernate-commons-annotations/5.1.2.Final/hibernate-commons-annotations-5.1.2.Final.jar
MD5: 2a2490b3eb8e7585a6a899d27d7ed43f
SHA1: e59ffdbc6ad09eeb33507b39ffcf287679a498c8
SHA256:1c7ce712b2679fea0a5441eb02a04144297125b768944819be0765befb996275
Referenced In Project/Scope: Struts 2 Core:compile
hibernate-commons-annotations-5.1.2.Final.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.hibernate/hibernate-core@5.6.15.Final

Identifiers

  • pkg:maven/org.hibernate.common/hibernate-commons-annotations@5.1.2.Final  (Confidence:High)

hibernate-core-5.6.15.Final.jar

Description:

Hibernate's core ORM functionality

License:

GNU Library General Public License v2.1 or later: https://www.opensource.org/licenses/LGPL-2.1
File Path: /Users/lukaszlenart/.m2/repository/org/hibernate/hibernate-core/5.6.15.Final/hibernate-core-5.6.15.Final.jar
MD5: 0bc0673435fbabce62a7a0d5fe967fd8
SHA1: ab14b7cef1fdff654ca81923048a6034d6c7cfa7
SHA256:9b5a7e1faf094d98c9e33b6a27c4cae42e52f65b139091c08b9a0b4a9858b207
Referenced In Project/Scope: Struts 2 Core:compile
hibernate-core-5.6.15.Final.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.apache.struts/struts2-core@7.1.2-SNAPSHOT

Identifiers

  • pkg:maven/org.hibernate/hibernate-core@5.6.15.Final  (Confidence:High)
  • cpe:2.3:a:hibernate:hibernate_orm:5.6.15:*:*:*:*:*:*:*  (Confidence:Low)  

hibernate-validator-8.0.2.Final.jar

Description:

Hibernate's Jakarta Bean Validation reference implementation.

License:

http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /Users/lukaszlenart/.m2/repository/org/hibernate/validator/hibernate-validator/8.0.2.Final/hibernate-validator-8.0.2.Final.jar
MD5: 1adda123292ba2627d03a696d8c7e76a
SHA1: 220e64815dd87535525331de20570017f899eb13
SHA256:2f2224a5a19bdcfa73540e9ff5c971b6c425ad80415876f305259fe873a15b2f
Referenced In Project/Scope: Struts 2 Showcase Webapp:compile
hibernate-validator-8.0.2.Final.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.apache.struts/struts2-showcase@7.1.2-SNAPSHOT

Identifiers

inputtransferselect.js

File Path: /Users/lukaszlenart/Projects/Apache/struts-site/target/struts/core/src/main/resources/org/apache/struts2/static/inputtransferselect.js
MD5: 2955e039eab5ef8216705c05d239f378
SHA1: 94316238b9eb45a97e2547fa66881cca27a5b6ee
SHA256:e5ef24f60cfb27a88880ee89ba6eb4664bbebe0c32d3dc1ce385cbe6d8b01194
Referenced In Project/Scope: Struts 2 Core

Identifiers

  • None

istack-commons-runtime-4.1.2.jar

Description:

istack common utility code

License:

http://www.eclipse.org/org/documents/edl-v10.php
File Path: /Users/lukaszlenart/.m2/repository/com/sun/istack/istack-commons-runtime/4.1.2/istack-commons-runtime-4.1.2.jar
MD5: 535154ef647af2a52478c4debec93659
SHA1: 18ec117c85f3ba0ac65409136afa8e42bc74e739
SHA256:7fd6792361f4dd00f8c56af4a20cecc0066deea4a8f3dec38348af23fc2296ee
Referenced In Project/Scope: Struts 2 Core:compile
istack-commons-runtime-4.1.2.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.hibernate/hibernate-core@5.6.15.Final

Identifiers

  • pkg:maven/com.sun.istack/istack-commons-runtime@4.1.2  (Confidence:High)

jackson-core-2.19.1.jar

Description:

Core Jackson processing abstractions (aka Streaming API), implementation for JSON

License:

The Apache Software License, Version 2.0: https://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /Users/lukaszlenart/.m2/repository/com/fasterxml/jackson/core/jackson-core/2.19.1/jackson-core-2.19.1.jar
MD5: 52aec5a03ab9fd81dcc8fee45952da17
SHA1: 6e5a8cb8a6cada322497cefb7726657d98aaee15
SHA256:c46369e1a21810100adbc92503b62f15a9ef1640427932f4fe1588ef7ce7e480
Referenced In Projects/Scopes:
  • Struts 2 Jasper Reports 7 Plugin [EXPERIMENTAL]:compile
  • Struts 2 Rest Showcase Webapp:compile
  • Struts 2 REST Plugin:compile
  • Struts 2 Assembly:compile

jackson-core-2.19.1.jar is in the transitive dependency tree of the listed items.Included by:
  • pkg:maven/org.apache.struts/struts2-rest-plugin@7.1.2-SNAPSHOT
  • pkg:maven/org.apache.struts/struts2-rest-plugin@7.1.2-SNAPSHOT
  • pkg:maven/org.apache.struts/struts2-rest-plugin@7.1.2-SNAPSHOT
  • pkg:maven/net.sf.jasperreports/jasperreports@7.0.3

Identifiers

  • pkg:maven/com.fasterxml.jackson.core/jackson-core@2.19.1  (Confidence:High)
  • cpe:2.3:a:fasterxml:jackson-modules-java8:2.19.1:*:*:*:*:*:*:*  (Confidence:Low)  

jackson-databind-2.19.1.jar

Description:

General data-binding functionality for Jackson: works on core streaming API

License:

The Apache Software License, Version 2.0: https://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /Users/lukaszlenart/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.19.1/jackson-databind-2.19.1.jar
MD5: c0afda7ea90602055f7ddca32f2c48ad
SHA1: e8cb8e76faea3e0791165f5d3614fc45933b2ee0
SHA256:0bc539401d52c6b14e668947c851dcc49f78a4ada3d1fc8e8f71440613fc26ce
Referenced In Projects/Scopes:
  • Struts 2 Jasper Reports 7 Plugin [EXPERIMENTAL]:compile
  • Struts 2 Rest Showcase Webapp:compile
  • Struts 2 REST Plugin:compile
  • Struts 2 Assembly:compile

jackson-databind-2.19.1.jar is in the transitive dependency tree of the listed items.Included by:
  • pkg:maven/org.apache.struts/struts2-rest-plugin@7.1.2-SNAPSHOT
  • pkg:maven/org.apache.struts/struts2-jasperreports7-plugin@7.1.2-SNAPSHOT
  • pkg:maven/org.apache.struts/struts2-jasperreports7-plugin@7.1.2-SNAPSHOT
  • pkg:maven/org.apache.struts/struts2-rest-plugin@7.1.2-SNAPSHOT

Identifiers

jackson-dataformat-xml-2.19.1.jar

Description:

Data format extension for Jackson to offer
alternative support for serializing POJOs as XML and deserializing XML as POJOs.

License:

http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /Users/lukaszlenart/.m2/repository/com/fasterxml/jackson/dataformat/jackson-dataformat-xml/2.19.1/jackson-dataformat-xml-2.19.1.jar
MD5: 82833923be90c6f32c83b3ce701e9902
SHA1: 0aa0165cd647b6fbd2a69e4bf8cd10d54ec70304
SHA256:cc14e2159c2f78897e484d5dc2d10f029524e28ac57a3aa2f878445fd0cd912a
Referenced In Projects/Scopes:
  • Struts 2 Jasper Reports 7 Plugin [EXPERIMENTAL]:compile
  • Struts 2 Rest Showcase Webapp:compile
  • Struts 2 REST Plugin:compile
  • Struts 2 Assembly:compile

jackson-dataformat-xml-2.19.1.jar is in the transitive dependency tree of the listed items.Included by:
  • pkg:maven/net.sf.jasperreports/jasperreports@7.0.3
  • pkg:maven/org.apache.struts/struts2-jasperreports7-plugin@7.1.2-SNAPSHOT
  • pkg:maven/org.apache.struts/struts2-rest-showcase@7.1.2-SNAPSHOT
  • pkg:maven/org.apache.struts/struts2-rest-plugin@7.1.2-SNAPSHOT

Identifiers

jakarta.activation-api-2.1.0.jar

Description:

  Specification

License:

EDL 1.0: http://www.eclipse.org/org/documents/edl-v10.php
File Path: /Users/lukaszlenart/.m2/repository/jakarta/activation/jakarta.activation-api/2.1.0/jakarta.activation-api-2.1.0.jar
MD5: 7c79641566f97305e17c5f7b9bb33fc3
SHA1: a58861b5deac5e151140511cf57d6b80a83f2d20
SHA256:56e8d994095fe49c28138c60291482f66f18d12ac2b720e938697dce6a3135c7
Referenced In Project/Scope: Struts 2 Core:compile
jakarta.activation-api-2.1.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.hibernate/hibernate-core@5.6.15.Final

Identifiers

  • pkg:maven/jakarta.activation/jakarta.activation-api@2.1.0  (Confidence:High)

jakarta.validation-api-3.0.2.jar

Description:

        Jakarta Bean Validation API

License:

Apache License 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /Users/lukaszlenart/.m2/repository/jakarta/validation/jakarta.validation-api/3.0.2/jakarta.validation-api-3.0.2.jar
MD5: 3a1ee6efca3e41e3320599790f54c5eb
SHA1: 92b6631659ba35ca09e44874d3eb936edfeee532
SHA256:291c25e6910cc6a7ebd96d4c6baebf6d7c37676c5482c2d96146e901b62c1fc9
Referenced In Projects/Scopes:
  • Struts 2 Bean Validation Plugin:compile
  • Struts 2 Showcase Webapp:compile
  • Struts 2 Assembly:compile

jakarta.validation-api-3.0.2.jar is in the transitive dependency tree of the listed items.Included by:
  • pkg:maven/org.apache.struts/struts2-bean-validation-plugin@7.1.2-SNAPSHOT
  • pkg:maven/org.apache.struts/struts2-bean-validation-plugin@7.1.2-SNAPSHOT
  • pkg:maven/org.apache.struts/struts2-bean-validation-plugin@7.1.2-SNAPSHOT

Identifiers

  • pkg:maven/jakarta.validation/jakarta.validation-api@3.0.2  (Confidence:High)

jakarta.xml.bind-api-4.0.0.jar

Description:

Jakarta XML Binding API 4.0 Design Specification

License:

http://www.eclipse.org/org/documents/edl-v10.php
File Path: /Users/lukaszlenart/.m2/repository/jakarta/xml/bind/jakarta.xml.bind-api/4.0.0/jakarta.xml.bind-api-4.0.0.jar
MD5: b5132a66e2d3a60904f8035a1f8a34a8
SHA1: bbb399208d288b15ec101fa4fcfc4bd77cedc97a
SHA256:57e3796ad5753640088f5f9d3c53c183f2c250b7dad90529ea3e19a5515aa122
Referenced In Project/Scope: Struts 2 Core:compile
jakarta.xml.bind-api-4.0.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.hibernate/hibernate-core@5.6.15.Final

Identifiers

  • pkg:maven/jakarta.xml.bind/jakarta.xml.bind-api@4.0.0  (Confidence:High)

jandex-2.4.2.Final.jar

Description:

Parent POM for JBoss projects. Provides default project build configuration.

License:

Apache License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /Users/lukaszlenart/.m2/repository/org/jboss/jandex/2.4.2.Final/jandex-2.4.2.Final.jar
MD5: 489f7a97d2ed7ae34ea56d01b3566d57
SHA1: 1e1c385990b258ff1a24c801e84aebbacf70eb39
SHA256:3f2ce55c7d71e744581488dc5105806aa8084c08e6e916a019bab8f8698994f0
Referenced In Project/Scope: Struts 2 Core:compile
jandex-2.4.2.Final.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.hibernate/hibernate-core@5.6.15.Final

Identifiers

  • pkg:maven/org.jboss/jandex@2.4.2.Final  (Confidence:High)

jasperreports-7.0.3.jar

Description:

Free Java Reporting Library

License:

GNU Lesser General Public License: http://jasperreports.sourceforge.net/license.html
File Path: /Users/lukaszlenart/.m2/repository/net/sf/jasperreports/jasperreports/7.0.3/jasperreports-7.0.3.jar
MD5: f5e2b14e0e0d97df710b40eb6ba147f4
SHA1: 08c5b906c4d361584976f5c59cbcd9be2a4bc6f6
SHA256:1aab0a784251407c5b738cd74e7ade278272cb74e59e5594d52e6ed2e40ae735
Referenced In Projects/Scopes:
  • Struts 2 Jasper Reports 7 Plugin [EXPERIMENTAL]:compile
  • Struts 2 Assembly:compile

jasperreports-7.0.3.jar is in the transitive dependency tree of the listed items.Included by:
  • pkg:maven/org.apache.struts/struts2-jasperreports7-plugin@7.1.2-SNAPSHOT
  • pkg:maven/org.apache.struts/struts2-jasperreports7-plugin@7.1.2-SNAPSHOT

Identifiers

  • pkg:maven/net.sf.jasperreports/jasperreports@7.0.3  (Confidence:High)
  • cpe:2.3:a:cloud:jasperreports_library:7.0.3:*:*:*:*:*:*:*  (Confidence:Low)  

CVE-2025-10492  

A Java deserialisation vulnerability has been discovered in Jaspersoft Library. Improper handling of externally supplied data may allow attackers to execute arbitrary code remotely on systems that use the affected library
CWE-502 Deserialization of Untrusted Data

CVSSv4:
  • Base Score: HIGH (8.7)
  • Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:N/V:X/RE:X/U:X
CVSSv3:
  • Base Score: CRITICAL (9.8)
  • Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:3.9/RC:R/MAV:A

References:

Vulnerable Software & Versions: (show all)

jasperreports-pdf-7.0.3.jar

Description:

JasperReports PDF

License:

GNU Lesser General Public License: http://jasperreports.sourceforge.net/license.html
File Path: /Users/lukaszlenart/.m2/repository/net/sf/jasperreports/jasperreports-pdf/7.0.3/jasperreports-pdf-7.0.3.jar
MD5: 3031be9ed67b2854b203119eca261057
SHA1: f658a51414806895ed2aacb27d7b5e04fb0f3b7e
SHA256:a6c3abe359b852eca590032849c231023b4a133e525af9db2d81c9af467f1c2c
Referenced In Project/Scope: Struts 2 Jasper Reports 7 Plugin [EXPERIMENTAL]:compile
jasperreports-pdf-7.0.3.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.apache.struts/struts2-jasperreports7-plugin@7.1.2-SNAPSHOT

Identifiers

javassist-3.29.0-GA.jar

Description:

  	Javassist (JAVA programming ASSISTant) makes Java bytecode manipulation
    simple.  It is a class library for editing bytecodes in Java.

License:

MPL 1.1: http://www.mozilla.org/MPL/MPL-1.1.html
LGPL 2.1: http://www.gnu.org/licenses/lgpl-2.1.html
Apache License 2.0: https://www.apache.org/licenses/LICENSE-2.0
File Path: /Users/lukaszlenart/.m2/repository/org/javassist/javassist/3.29.0-GA/javassist-3.29.0-GA.jar
MD5: aefc94eda66e54b96825ffc807cfbafd
SHA1: d3959fa7e00bf04dbe519228a23213d2afb625d8
SHA256:62d4065362e8969ce654f2b5541de1efb5b5bca6c146dbd38a595ea4df64cd31
Referenced In Projects/Scopes:
  • Struts 2 Rest Showcase Webapp:compile
  • Struts 2 Webapps:compile
  • Struts 2 Showcase Webapp:compile
  • Struts 2 Assembly:compile
  • Struts 2 Core:compile

javassist-3.29.0-GA.jar is in the transitive dependency tree of the listed items.Included by:
  • pkg:maven/org.apache.struts/struts2-core@7.1.2-SNAPSHOT
  • pkg:maven/org.apache.struts/struts2-core@7.1.2-SNAPSHOT
  • pkg:maven/org.apache.struts/struts2-core@7.1.2-SNAPSHOT
  • pkg:maven/ognl/ognl@3.3.5
  • pkg:maven/org.apache.struts/struts2-core@7.1.2-SNAPSHOT

Identifiers

  • pkg:maven/org.javassist/javassist@3.29.0-GA  (Confidence:High)

javax.activation-api-1.2.0.jar

Description:

JavaBeans Activation Framework API jar

License:

https://github.com/javaee/activation/blob/master/LICENSE.txt
File Path: /Users/lukaszlenart/.m2/repository/javax/activation/javax.activation-api/1.2.0/javax.activation-api-1.2.0.jar
MD5: 5e50e56bcf4a3ef3bc758f69f7643c3b
SHA1: 85262acf3ca9816f9537ca47d5adeabaead7cb16
SHA256:43fdef0b5b6ceb31b0424b208b930c74ab58fac2ceeb7b3f6fd3aeb8b5ca4393
Referenced In Project/Scope: Struts 2 Core:compile
javax.activation-api-1.2.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.hibernate/hibernate-core@5.6.15.Final

Identifiers

  • pkg:maven/javax.activation/javax.activation-api@1.2.0  (Confidence:High)

javax.persistence-api-2.2.jar

Description:

Java(TM) Persistence API

License:

Eclipse Public License v1.0: http://www.eclipse.org/legal/epl-v10.html
Eclipse Distribution License v. 1.0: http://www.eclipse.org/org/documents/edl-v10.php
File Path: /Users/lukaszlenart/.m2/repository/javax/persistence/javax.persistence-api/2.2/javax.persistence-api-2.2.jar
MD5: e6520b3435f5b6d58eee415b5542abf8
SHA1: 25665ac8c0b62f50e6488173233239120fc52c96
SHA256:5578b71b37999a5eaed3fea0d14aa61c60c6ec6328256f2b63472f336318baf4
Referenced In Project/Scope: Struts 2 Core:compile
javax.persistence-api-2.2.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.hibernate/hibernate-core@5.6.15.Final

Identifiers

  • pkg:maven/javax.persistence/javax.persistence-api@2.2  (Confidence:High)

jaxb-api-2.3.1.jar

Description:

JAXB (JSR 222) API

License:

https://oss.oracle.com/licenses/CDDL+GPL-1.1, https://oss.oracle.com/licenses/CDDL+GPL-1.1
File Path: /Users/lukaszlenart/.m2/repository/javax/xml/bind/jaxb-api/2.3.1/jaxb-api-2.3.1.jar
MD5: bcf270d320f645ad19f5edb60091e87f
SHA1: 8531ad5ac454cc2deb9d4d32c40c4d7451939b5d
SHA256:88b955a0df57880a26a74708bc34f74dcaf8ebf4e78843a28b50eae945732b06
Referenced In Project/Scope: Struts 2 Core:compile
jaxb-api-2.3.1.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.hibernate/hibernate-core@5.6.15.Final

Identifiers

  • pkg:maven/javax.xml.bind/jaxb-api@2.3.1  (Confidence:High)

jaxb-core-4.0.6.jar

Description:

JAXB Core module. Contains sources required by XJC, JXC and Runtime modules.

License:

http://www.eclipse.org/org/documents/edl-v10.php
File Path: /Users/lukaszlenart/.m2/repository/org/glassfish/jaxb/jaxb-core/4.0.6/jaxb-core-4.0.6.jar
MD5: e36c915cf47342b4fe31ffba3407b928
SHA1: 8e61282303777fc98a00cc3affd0560d68748a75
SHA256:ebbd274207b4860d0dc6e2d44d6dbdb5945cede01222d2e50661d45f5d46c0f7
Referenced In Project/Scope: Struts 2 Core:compile
jaxb-core-4.0.6.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.hibernate/hibernate-core@5.6.15.Final

Identifiers

  • pkg:maven/org.glassfish.jaxb/jaxb-core@4.0.6  (Confidence:High)

jaxb-runtime-4.0.6.jar

Description:

JAXB (JSR 222) Reference Implementation

License:

http://www.eclipse.org/org/documents/edl-v10.php
File Path: /Users/lukaszlenart/.m2/repository/org/glassfish/jaxb/jaxb-runtime/4.0.6/jaxb-runtime-4.0.6.jar
MD5: 0e600d639f3a09ddd6fa91623a12b634
SHA1: fb95ebb62564657b2fedfe165b859789ef3a8711
SHA256:1c0d57f8c25f9605d5a2f7ad0a87581893776ac85b00b101b2651258edaa9118
Referenced In Project/Scope: Struts 2 Core:compile
jaxb-runtime-4.0.6.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.hibernate/hibernate-core@5.6.15.Final

Identifiers

  • pkg:maven/org.glassfish.jaxb/jaxb-runtime@4.0.6  (Confidence:High)

jboss-logging-3.4.3.Final.jar

Description:

The JBoss Logging Framework

License:

Apache License, version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /Users/lukaszlenart/.m2/repository/org/jboss/logging/jboss-logging/3.4.3.Final/jboss-logging-3.4.3.Final.jar
MD5: b298d4b79e591843c1eb1458ea79f070
SHA1: c4bd7e12a745c0e7f6cf98c45cdcdf482fd827ea
SHA256:0b324cca4d550060e51e70cc0045a6cce62f264278ec1f5082aafeb670fcac49
Referenced In Projects/Scopes:
  • Struts 2 Showcase Webapp:compile
  • Struts 2 Core:compile

jboss-logging-3.4.3.Final.jar is in the transitive dependency tree of the listed items.Included by:
  • pkg:maven/org.hibernate.validator/hibernate-validator@8.0.2.Final
  • pkg:maven/org.hibernate/hibernate-core@5.6.15.Final

Identifiers

  • pkg:maven/org.jboss.logging/jboss-logging@3.4.3.Final  (Confidence:High)

jboss-transaction-api_1.2_spec-1.1.1.Final.jar

Description:

The Java Transaction 1.2 API classes

License:

Common Development and Distribution License: http://repository.jboss.org/licenses/cddl.txt
GNU General Public License, Version 2 with the Classpath Exception: http://repository.jboss.org/licenses/gpl-2.0-ce.txt
File Path: /Users/lukaszlenart/.m2/repository/org/jboss/spec/javax/transaction/jboss-transaction-api_1.2_spec/1.1.1.Final/jboss-transaction-api_1.2_spec-1.1.1.Final.jar
MD5: 1e633c47138aba999d39692a31a1a124
SHA1: a8485cab9484dda36e9a8c319e76b5cc18797b58
SHA256:a310a50b9bdc44aaf36362dc9bb212235a147ffa8ef72dc9544a39c329eabbc3
Referenced In Project/Scope: Struts 2 Core:compile
jboss-transaction-api_1.2_spec-1.1.1.Final.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.hibernate/hibernate-core@5.6.15.Final

Identifiers

  • pkg:maven/org.jboss.spec.javax.transaction/jboss-transaction-api_1.2_spec@1.1.1.Final  (Confidence:High)

jcommander-1.83.jar

Description:

Command line parsing library for Java

License:

Apache License, Version 2.0: https://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /Users/lukaszlenart/.m2/repository/org/jcommander/jcommander/1.83/jcommander-1.83.jar
MD5: c07a0e3e078249f596a2009c1943af8e
SHA1: c342a2ad17ec08db105146e27c7ba9c535c9bb46
SHA256:e65f49c2119a1859b9076061e561fb5958a2fa6ffdb49f051ca8d59a0b3f87e4
Referenced In Project/Scope: Struts 2 TestNG Plugin:compile
jcommander-1.83.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.testng/testng@7.11.0

Identifiers

  • pkg:maven/org.jcommander/jcommander@1.83  (Confidence:High)

jquery-2.1.4.min.js

File Path: /Users/lukaszlenart/Projects/Apache/struts-site/target/struts/apps/showcase/src/main/webapp/js/jquery-2.1.4.min.js
MD5: f9c7afd05729f10f55b689f36bb20172
SHA1: 43dc554608df885a59ddeece1598c6ace434d747
SHA256:f16ab224bb962910558715c82f58c10c3ed20f153ddfaa199029f141b5b0255c
Referenced In Project/Scope: Struts 2 Showcase Webapp

Identifiers

  • pkg:javascript/jquery@2.1.4.min  (Confidence:Highest)

CVE-2015-9251  

jQuery before 3.0.0 is vulnerable to Cross-site Scripting (XSS) attacks when a cross-domain Ajax request is performed without the dataType option, causing text/javascript responses to be executed.
CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

CVSSv3:
  • Base Score: MEDIUM (6.1)
  • Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:2.8/RC:R/MAV:A
CVSSv2:
  • Base Score: MEDIUM (4.3)
  • Vector: /AV:N/AC:M/Au:N/C:N/I:P/A:N

References:

Vulnerable Software & Versions (NVD):

  • cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:* versions up to (excluding) 3.0.0
  • cpe:2.3:a:oracle:agile_product_lifecycle_management_for_process:6.2.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:agile_product_lifecycle_management_for_process:6.2.1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:agile_product_lifecycle_management_for_process:6.2.2.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:agile_product_lifecycle_management_for_process:6.2.3.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:agile_product_lifecycle_management_for_process:6.2.3.1:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:banking_platform:2.6.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:banking_platform:2.6.1:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:banking_platform:2.6.2:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:business_process_management_suite:11.1.1.9.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:business_process_management_suite:12.1.3.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:business_process_management_suite:12.2.1.3.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:communications_converged_application_server:*:*:*:*:*:*:*:* versions up to (excluding) 7.0.0.1
  • cpe:2.3:a:oracle:communications_interactive_session_recorder:6.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:communications_interactive_session_recorder:6.1:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:communications_interactive_session_recorder:6.2:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:communications_services_gatekeeper:*:*:*:*:*:*:*:* versions up to (excluding) 6.1.0.4.0
  • cpe:2.3:a:oracle:communications_webrtc_session_controller:*:*:*:*:*:*:*:* versions up to (excluding) 7.2
  • cpe:2.3:a:oracle:endeca_information_discovery_studio:3.1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:endeca_information_discovery_studio:3.2.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:enterprise_manager_ops_center:12.2.2:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:enterprise_manager_ops_center:12.3.3:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:enterprise_operations_monitor:3.4:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:enterprise_operations_monitor:4.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:*:*:*:*:*:*:*:* versions from (including) 7.3.3; versions up to (including) 7.3.5
  • cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:*:*:*:*:*:*:*:* versions from (including) 8.0.0; versions up to (including) 8.0.7
  • cpe:2.3:a:oracle:financial_services_asset_liability_management:*:*:*:*:*:*:*:* versions from (including) 8.0.4; versions up to (including) 8.0.7
  • cpe:2.3:a:oracle:financial_services_data_integration_hub:*:*:*:*:*:*:*:* versions from (including) 8.0.5; versions up to (including) 8.0.7
  • cpe:2.3:a:oracle:financial_services_funds_transfer_pricing:*:*:*:*:*:*:*:* versions from (including) 8.0.4; versions up to (including) 8.0.7
  • cpe:2.3:a:oracle:financial_services_hedge_management_and_ifrs_valuations:*:*:*:*:*:*:*:* versions from (including) 8.0.4; versions up to (including) 8.0.7
  • cpe:2.3:a:oracle:financial_services_liquidity_risk_management:*:*:*:*:*:*:*:* versions from (including) 8.0.2; versions up to (including) 8.0.6
  • cpe:2.3:a:oracle:financial_services_loan_loss_forecasting_and_provisioning:*:*:*:*:*:*:*:* versions from (including) 8.0.2; versions up to (including) 8.0.7
  • cpe:2.3:a:oracle:financial_services_market_risk_measurement_and_management:8.0.5:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:financial_services_market_risk_measurement_and_management:8.0.6:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:financial_services_profitability_management:*:*:*:*:*:*:*:* versions from (including) 8.0.4; versions up to (including) 8.0.6
  • cpe:2.3:a:oracle:financial_services_reconciliation_framework:8.0.5:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:financial_services_reconciliation_framework:8.0.6:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:fusion_middleware_mapviewer:12.2.1.3.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:healthcare_foundation:7.1:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:healthcare_foundation:7.2:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:healthcare_translational_research:3.1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:hospitality_cruise_fleet_management:9.0.11:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:hospitality_guest_access:4.2.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:hospitality_guest_access:4.2.1:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:hospitality_materials_control:18.1:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:hospitality_reporting_and_analytics:9.1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:insurance_insbridge_rating_and_underwriting:5.2:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:insurance_insbridge_rating_and_underwriting:5.4:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:insurance_insbridge_rating_and_underwriting:5.5:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:jd_edwards_enterpriseone_tools:9.2:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:jdeveloper:11.1.1.9.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:jdeveloper:12.1.3.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:jdeveloper:12.2.1.3.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:oss_support_tools:19.1:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.55:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.56:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.57:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:primavera_gateway:15.2:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:primavera_gateway:16.2:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:primavera_gateway:17.12:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:primavera_unifier:*:*:*:*:*:*:*:* versions from (including) 17.1; versions up to (including) 17.12
  • cpe:2.3:a:oracle:primavera_unifier:16.1:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:primavera_unifier:16.2:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:primavera_unifier:18.8:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:real-time_scheduler:2.3.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:retail_allocation:15.0.2:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:retail_customer_insights:15.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:retail_customer_insights:16.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:retail_invoice_matching:15.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:retail_sales_audit:15.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:retail_workforce_management_software:1.60.9:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:retail_workforce_management_software:1.64.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:service_bus:12.1.3.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:service_bus:12.2.1.3.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:siebel_ui_framework:18.10:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:siebel_ui_framework:18.11:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:utilities_framework:*:*:*:*:*:*:*:* versions from (including) 4.3.0.1; versions up to (including) 4.3.0.4
  • cpe:2.3:a:oracle:utilities_mobile_workforce_management:2.3.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:webcenter_sites:11.1.1.8.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:weblogic_server:12.1.3.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:weblogic_server:12.2.1.3:*:*:*:*:*:*:*

CVE-2019-11358  

jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerable __proto__ property, it could extend the native Object.prototype.
CWE-1321 Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')

CVSSv3:
  • Base Score: MEDIUM (6.1)
  • Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:2.8/RC:R/MAV:A
CVSSv2:
  • Base Score: MEDIUM (4.3)
  • Vector: /AV:N/AC:M/Au:N/C:N/I:P/A:N

References:

Vulnerable Software & Versions (NVD):

  • cpe:2.3:a:backdropcms:backdrop:*:*:*:*:*:*:*:* versions from (including) 1.11.0; versions up to (excluding) 1.11.9
  • cpe:2.3:a:backdropcms:backdrop:*:*:*:*:*:*:*:* versions from (including) 1.12.0; versions up to (excluding) 1.12.6
  • cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:* versions from (including) 7.0; versions up to (excluding) 7.66
  • cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:* versions from (including) 8.5.0; versions up to (excluding) 8.5.15
  • cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:* versions from (including) 8.6.0; versions up to (excluding) 8.6.15
  • cpe:2.3:a:joomla:joomla\!:*:*:*:*:*:*:*:* versions from (including) 3.0.0; versions up to (including) 3.9.4
  • cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:* versions up to (excluding) 3.4.0
  • cpe:2.3:a:netapp:oncommand_system_manager:*:*:*:*:*:*:*:* versions from (including) 3.0; versions up to (including) 3.1.3
  • cpe:2.3:a:netapp:snapcenter:-:*:*:*:*:*:*:*
  • cpe:2.3:a:opensuse:backports_sle:15.0:sp1:*:*:*:*:*:*
  • cpe:2.3:a:oracle:agile_product_lifecycle_management_for_process:6.1:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:agile_product_lifecycle_management_for_process:6.2.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:agile_product_lifecycle_management_for_process:6.2.1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:agile_product_lifecycle_management_for_process:6.2.2.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:agile_product_lifecycle_management_for_process:6.2.3.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:application_express:*:*:*:*:*:*:*:* versions up to (excluding) 19.1
  • cpe:2.3:a:oracle:application_service_level_management:13.2.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:application_service_level_management:13.3.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:application_testing_suite:12.5.0.3:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:application_testing_suite:13.1.0.1:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:application_testing_suite:13.2:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:application_testing_suite:13.2.0.1:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:application_testing_suite:13.3:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:application_testing_suite:13.3.0.1:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:banking_digital_experience:18.1:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:banking_digital_experience:18.2:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:banking_digital_experience:18.3:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:banking_digital_experience:19.1:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:banking_digital_experience:19.2:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:banking_digital_experience:20.1:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:banking_enterprise_collections:*:*:*:*:*:*:*:* versions from (including) 2.7.0; versions up to (including) 2.8.0
  • cpe:2.3:a:oracle:banking_platform:*:*:*:*:*:*:*:* versions from (including) 2.4.0; versions up to (including) 2.10.0
  • cpe:2.3:a:oracle:bi_publisher:5.5.0.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:bi_publisher:12.2.1.3.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:bi_publisher:12.2.1.4.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:big_data_discovery:1.6:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:business_process_management_suite:12.2.1.3.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:business_process_management_suite:12.2.1.4.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:communications_analytics:12.1.1:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:communications_application_session_controller:3.8m0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:communications_billing_and_revenue_management:7.5:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:communications_billing_and_revenue_management:7.5.0.23.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:communications_billing_and_revenue_management:12.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:communications_billing_and_revenue_management:12.0.0.3.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:communications_diameter_signaling_router:8.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:communications_diameter_signaling_router:8.1:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:communications_diameter_signaling_router:8.2:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:communications_diameter_signaling_router:8.2.1:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:communications_eagle_application_processor:*:*:*:*:*:*:*:* versions from (including) 16.1.0; versions up to (including) 16.4.0
  • cpe:2.3:a:oracle:communications_element_manager:8.1.1:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:communications_element_manager:8.2.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:communications_element_manager:8.2.1:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:communications_interactive_session_recorder:*:*:*:*:*:*:*:* versions from (including) 6.0; versions up to (including) 6.4
  • cpe:2.3:a:oracle:communications_operations_monitor:*:*:*:*:*:*:*:* versions from (including) 4.1; versions up to (including) 4.3
  • cpe:2.3:a:oracle:communications_operations_monitor:3.4:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:communications_operations_monitor:4.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:communications_operations_monitor:4.1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:communications_services_gatekeeper:7.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:communications_session_report_manager:8.1.1:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:communications_session_report_manager:8.2.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:communications_session_report_manager:8.2.1:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:communications_session_route_manager:8.1.1:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:communications_session_route_manager:8.2.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:communications_session_route_manager:8.2.1:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:communications_unified_inventory_management:7.3:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:communications_unified_inventory_management:7.4.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:communications_webrtc_session_controller:7.2:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:diagnostic_assistant:2.12.36:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:enterprise_manager_ops_center:12.3.3:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:enterprise_manager_ops_center:12.4.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:enterprise_manager_ops_center:12.4.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:enterprise_session_border_controller:8.4:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:*:*:*:*:*:*:*:* versions from (including) 7.3.3; versions up to (including) 7.3.5
  • cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:*:*:*:*:*:*:*:* versions from (including) 8.0.2; versions up to (including) 8.1.0
  • cpe:2.3:a:oracle:financial_services_analytical_applications_reconciliation_framework:*:*:*:*:*:*:*:* versions from (including) 8.0.4; versions up to (including) 8.0.7
  • cpe:2.3:a:oracle:financial_services_analytical_applications_reconciliation_framework:8.1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:financial_services_asset_liability_management:*:*:*:*:*:*:*:* versions from (including) 8.0.4; versions up to (including) 8.0.7
  • cpe:2.3:a:oracle:financial_services_asset_liability_management:8.1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:financial_services_balance_sheet_planning:8.0.8:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:financial_services_basel_regulatory_capital_basic:*:*:*:*:*:*:*:* versions from (including) 8.0.4; versions up to (including) 8.0.7
  • cpe:2.3:a:oracle:financial_services_basel_regulatory_capital_basic:8.1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:financial_services_basel_regulatory_capital_internal_ratings_based_approach:*:*:*:*:*:*:*:* versions from (including) 8.0.4; versions up to (including) 8.0.7
  • cpe:2.3:a:oracle:financial_services_basel_regulatory_capital_internal_ratings_based_approach:8.1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:financial_services_data_foundation:*:*:*:*:*:*:*:* versions from (including) 8.0.4; versions up to (including) 8.0.8
  • cpe:2.3:a:oracle:financial_services_data_governance_for_us_regulatory_reporting:*:*:*:*:*:*:*:* versions from (including) 8.0.6; versions up to (including) 8.0.9
  • cpe:2.3:a:oracle:financial_services_data_integration_hub:*:*:*:*:*:*:*:* versions from (including) 8.0.5; versions up to (including) 8.0.7
  • cpe:2.3:a:oracle:financial_services_data_integration_hub:8.1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:financial_services_enterprise_financial_performance_analytics:8.0.6:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:financial_services_enterprise_financial_performance_analytics:8.0.7:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:financial_services_funds_transfer_pricing:*:*:*:*:*:*:*:* versions from (including) 8.0.4; versions up to (including) 8.0.7
  • cpe:2.3:a:oracle:financial_services_funds_transfer_pricing:8.1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:financial_services_hedge_management_and_ifrs_valuations:*:*:*:*:*:*:*:* versions from (including) 8.0.4; versions up to (including) 8.0.7
  • cpe:2.3:a:oracle:financial_services_hedge_management_and_ifrs_valuations:8.1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:financial_services_institutional_performance_analytics:*:*:*:*:*:*:*:* versions from (including) 8.0.4; versions up to (including) 8.0.7
  • cpe:2.3:a:oracle:financial_services_institutional_performance_analytics:8.1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:financial_services_liquidity_risk_management:8.0.0.1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:financial_services_liquidity_risk_management:8.0.2:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:financial_services_liquidity_risk_management:8.0.4.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:financial_services_liquidity_risk_management:8.0.5.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:financial_services_liquidity_risk_management:8.0.6:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:financial_services_liquidity_risk_measurement_and_management:8.0.7:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:financial_services_liquidity_risk_measurement_and_management:8.0.8:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:financial_services_liquidity_risk_measurement_and_management:8.1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:financial_services_loan_loss_forecasting_and_provisioning:*:*:*:*:*:*:*:* versions from (including) 8.0.2; versions up to (including) 8.0.7
  • cpe:2.3:a:oracle:financial_services_loan_loss_forecasting_and_provisioning:8.1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:financial_services_market_risk_measurement_and_management:8.0.5:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:financial_services_market_risk_measurement_and_management:8.0.6:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:financial_services_market_risk_measurement_and_management:8.0.8:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:financial_services_price_creation_and_discovery:*:*:*:*:*:*:*:* versions from (including) 8.0.4; versions up to (including) 8.0.7
  • cpe:2.3:a:oracle:financial_services_profitability_management:*:*:*:*:*:*:*:* versions from (including) 8.0.4; versions up to (including) 8.0.7
  • cpe:2.3:a:oracle:financial_services_profitability_management:8.1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:financial_services_regulatory_reporting_for_de_nederlandsche_bank:8.0.4:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:financial_services_regulatory_reporting_for_european_banking_authority:8.0.6:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:financial_services_regulatory_reporting_for_european_banking_authority:8.0.7:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:financial_services_regulatory_reporting_for_us_federal_reserve:*:*:*:*:*:*:*:* versions from (including) 8.0.4; versions up to (including) 8.0.7
  • cpe:2.3:a:oracle:financial_services_retail_customer_analytics:*:*:*:*:*:*:*:* versions from (including) 8.0.4; versions up to (including) 8.0.6
  • cpe:2.3:a:oracle:financial_services_retail_performance_analytics:8.0.6:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:financial_services_retail_performance_analytics:8.0.7:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:2.4.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:2.4.0.1:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:fusion_middleware_mapviewer:12.2.1.3.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:healthcare_foundation:7.1.1:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:healthcare_foundation:7.2.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:healthcare_foundation:7.2.2:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:healthcare_foundation:7.3.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:healthcare_translational_research:3.1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:healthcare_translational_research:3.2.1:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:healthcare_translational_research:3.3.1:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:healthcare_translational_research:3.3.2:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:healthcare_translational_research:3.4.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:hospitality_guest_access:4.2.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:hospitality_guest_access:4.2.1:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:hospitality_materials_control:18.1:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:hospitality_simphony:*:*:*:*:*:*:*:* versions from (including) 19.1.0; versions up to (including) 19.1.2
  • cpe:2.3:a:oracle:hospitality_simphony:18.1:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:hospitality_simphony:18.2:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:identity_manager:12.2.1.3.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:insurance_accounting_analyzer:8.0.9:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:insurance_allocation_manager_for_enterprise_profitability:8.0.8:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:insurance_allocation_manager_for_enterprise_profitability:8.1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:insurance_data_foundation:*:*:*:*:*:*:*:* versions from (including) 8.0.4; versions up to (including) 8.0.7
  • cpe:2.3:a:oracle:insurance_ifrs_17_analyzer:8.0.6:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:insurance_ifrs_17_analyzer:8.0.7:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:insurance_insbridge_rating_and_underwriting:*:*:*:*:*:*:*:* versions from (including) 5.0.0.0; versions up to (including) 5.6.0.0
  • cpe:2.3:a:oracle:insurance_insbridge_rating_and_underwriting:5.6.1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:insurance_performance_insight:8.0.7:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:jd_edwards_enterpriseone_tools:9.2:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:jdeveloper:11.1.1.9.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:jdeveloper:12.2.1.3.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:jdeveloper:12.2.1.4.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:jdeveloper_and_adf:11.1.1.9.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:jdeveloper_and_adf:12.1.3.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:jdeveloper_and_adf:12.2.1.3.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:knowledge:*:*:*:*:*:*:*:* versions from (including) 8.6.0; versions up to (including) 8.6.3
  • cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.55:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.56:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.57:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.58:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:policy_automation:*:*:*:*:*:*:*:* versions from (including) 12.2.0; versions up to (including) 12.2.15
  • cpe:2.3:a:oracle:policy_automation:10.4.7:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:policy_automation:12.1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:policy_automation:12.1.1:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:policy_automation_connector_for_siebel:10.4.6:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:policy_automation_for_mobile_devices:*:*:*:*:*:*:*:* versions from (including) 12.2.0; versions up to (including) 12.2.15
  • cpe:2.3:a:oracle:primavera_gateway:*:*:*:*:*:*:*:* versions from (including) 16.2.0; versions up to (including) 16.2.11
  • cpe:2.3:a:oracle:primavera_gateway:*:*:*:*:*:*:*:* versions from (including) 17.12.0; versions up to (including) 17.12.7
  • cpe:2.3:a:oracle:primavera_gateway:*:*:*:*:*:*:*:* versions from (including) 18.8.0; versions up to (including) 18.8.9
  • cpe:2.3:a:oracle:primavera_gateway:*:*:*:*:*:*:*:* versions from (including) 19.12.0; versions up to (including) 19.12.4
  • cpe:2.3:a:oracle:primavera_gateway:15.2.18:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:primavera_unifier:*:*:*:*:*:*:*:* versions from (including) 17.7; versions up to (including) 17.12
  • cpe:2.3:a:oracle:primavera_unifier:16.1:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:primavera_unifier:16.2:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:primavera_unifier:18.8:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:real-time_scheduler:*:*:*:*:*:*:*:* versions from (including) 2.3.0.1; versions up to (including) 2.3.0.3
  • cpe:2.3:a:oracle:rest_data_services:11.2.0.4:*:*:*:-:*:*:*
  • cpe:2.3:a:oracle:rest_data_services:12.1.0.2:*:*:*:-:*:*:*
  • cpe:2.3:a:oracle:rest_data_services:12.2.0.1:*:*:*:-:*:*:*
  • cpe:2.3:a:oracle:rest_data_services:18c:*:*:*:-:*:*:*
  • cpe:2.3:a:oracle:rest_data_services:19c:*:*:*:-:*:*:*
  • cpe:2.3:a:oracle:retail_back_office:14.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:retail_back_office:14.1:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:retail_central_office:14.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:retail_central_office:14.1:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:retail_customer_insights:15.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:retail_customer_insights:16.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:retail_customer_management_and_segmentation_foundation:18.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:retail_customer_management_and_segmentation_foundation:19.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:retail_point-of-service:14.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:retail_point-of-service:14.1:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:retail_returns_management:14.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:retail_returns_management:14.1:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:service_bus:11.1.1.9.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:service_bus:12.1.3.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:service_bus:12.2.1.3.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:siebel_mobile_applications:*:*:*:*:*:*:*:* versions up to (including) 19.8
  • cpe:2.3:a:oracle:siebel_ui_framework:20.8:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:storagetek_tape_analytics_sw_tool:2.3.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:system_utilities:19.1:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:tape_library_acsls:8.5:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:tape_library_acsls:8.5.1:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:transportation_management:1.4.3:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:utilities_mobile_workforce_management:*:*:*:*:*:*:*:* versions from (including) 2.3.0.1; versions up to (including) 2.3.0.3
  • cpe:2.3:a:oracle:webcenter_sites:12.2.1.3.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:weblogic_server:10.3.6.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:weblogic_server:12.1.3.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:weblogic_server:12.2.1.3.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:weblogic_server:12.2.1.4.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:weblogic_server:14.1.1.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:redhat:cloudforms:4.7:*:*:*:*:*:*:*
  • cpe:2.3:a:redhat:virtualization_manager:4.3:*:*:*:*:*:*:*

jquery issue: 11974 (RETIREJS)  

parseHTML() executes scripts in event handlers
Unscored:
  • Severity: medium

References:

jquery issue: 162 (RETIREJS)  

jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates
Unscored:
  • Severity: low

References:

jshint.conf.js

File Path: /Users/lukaszlenart/Projects/Apache/struts-site/target/struts/core/src/main/resources/jshint.conf.js
MD5: 7b7c2d7894e972b45298ea8d533008d7
SHA1: 5a88e8d212d51cdc3ac0305978dfc483ce25fa25
SHA256:15942ecb04925afc65666d3d8f758ed0e65f90f7b5faec2b7381e29e397200c6
Referenced In Project/Scope: Struts 2 Core

Identifiers

  • None

json-simple-3.0.2.jar

Description:

Java 7+ toolkit to quickly develop RFC 4627 JSON compatible applications.

License:

The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /Users/lukaszlenart/.m2/repository/com/github/cliftonlabs/json-simple/3.0.2/json-simple-3.0.2.jar
MD5: 148c0d1bdc1bcb24394627d6930ee9ad
SHA1: 2337afdb06134a12fc0239299c3ceb2e9c209516
SHA256:fda65a9ad0e1ac0c88987106e89aa4d8b2a2495e7e042371efa83813f65b7295
Referenced In Projects/Scopes:
  • Struts 2 Velocity Plugin:compile
  • Struts 2 Jakarta EE Compatible Velocity Tools Jsp:compile
  • Struts 2 Showcase Webapp:compile
  • Struts 2 Tiles Plugin:compile

json-simple-3.0.2.jar is in the transitive dependency tree of the listed items.Included by:
  • pkg:maven/org.apache.struts/struts2-velocity-tools-jsp-jakarta@7.1.2-SNAPSHOT
  • pkg:maven/org.apache.struts/struts2-velocity-tools-jsp-jakarta@7.1.2-SNAPSHOT
  • pkg:maven/org.apache.struts/struts2-velocity-tools-jsp-jakarta@7.1.2-SNAPSHOT
  • pkg:maven/org.apache.velocity.tools/velocity-tools-generic@3.1

Identifiers

  • pkg:maven/com.github.cliftonlabs/json-simple@3.0.2  (Confidence:High)

jspecify-1.0.0.jar

Description:

An artifact of well-named and well-specified annotations to power static analysis checks

License:

The Apache License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /Users/lukaszlenart/.m2/repository/org/jspecify/jspecify/1.0.0/jspecify-1.0.0.jar
MD5: 9133aba420d0ca3b001dbb6ae9992cf6
SHA1: 7425a601c1c7ec76645a78d22b8c6a627edee507
SHA256:1fad6e6be7557781e4d33729d49ae1cdc8fdda6fe477bb0cc68ce351eafdfbab
Referenced In Projects/Scopes:
  • Struts 2 Rest Showcase Webapp:compile
  • Struts 2 Webapps:compile
  • Struts 2 Showcase Webapp:compile
  • Struts 2 Assembly:compile
  • Struts 2 Core:compile

jspecify-1.0.0.jar is in the transitive dependency tree of the listed items.Included by:
  • pkg:maven/org.apache.struts/struts2-core@7.1.2-SNAPSHOT
  • pkg:maven/org.apache.struts/struts2-core@7.1.2-SNAPSHOT
  • pkg:maven/org.apache.struts/struts2-core@7.1.2-SNAPSHOT
  • pkg:maven/com.github.ben-manes.caffeine/caffeine@3.2.3
  • pkg:maven/org.apache.struts/struts2-core@7.1.2-SNAPSHOT

Identifiers

  • pkg:maven/org.jspecify/jspecify@1.0.0  (Confidence:High)

juneau-marshall-8.1.3.jar

Description:

Apache Juneau Marshall API

License:

https://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /Users/lukaszlenart/.m2/repository/org/apache/juneau/juneau-marshall/8.1.3/juneau-marshall-8.1.3.jar
MD5: ea60a00e21ed59dd8ad7b2b9b919c8a8
SHA1: f1e06cee7b3da2ba627166690765b0d6e6a3c104
SHA256:d0c5dbf783581a767e857341daff6928d5a76a1627b7980a8b34622ee522995d
Referenced In Project/Scope: Struts 2 REST Plugin:compile
juneau-marshall-8.1.3.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.apache.struts/struts2-rest-plugin@7.1.2-SNAPSHOT

Identifiers

  • pkg:maven/org.apache.juneau/juneau-marshall@8.1.3  (Confidence:High)

junit-4.13.2.jar

Description:

JUnit is a unit testing framework for Java, created by Erich Gamma and Kent Beck.

License:

Eclipse Public License 1.0: http://www.eclipse.org/legal/epl-v10.html
File Path: /Users/lukaszlenart/.m2/repository/junit/junit/4.13.2/junit-4.13.2.jar
MD5: d98a9a02a99a9acd22d7653cbcc1f31f
SHA1: 8ac9e16d933b6fb43bc7f576336b8f4d7eb5ba12
SHA256:8e495b634469d64fb8acfa3495a065cbacc8a0fff55ce1e31007be4c16dc57d3
Referenced In Projects/Scopes:
  • Struts 2 JUnit Plugin:compile
  • Struts 2 Core:compile

junit-4.13.2.jar is in the transitive dependency tree of the listed items.Included by:
  • pkg:maven/org.apache.struts/struts2-junit-plugin@7.1.2-SNAPSHOT
  • pkg:maven/org.apache.struts/struts2-core@7.1.2-SNAPSHOT

Identifiers

  • pkg:maven/junit/junit@4.13.2  (Confidence:High)
  • cpe:2.3:a:junit:junit4:4.13.2:*:*:*:*:*:*:*  (Confidence:Low)  

log4j-core-2.25.2.jar

Description:

A versatile, industrial-grade, and reference implementation of the Log4j API.
    It bundles a rich set of components to assist various use cases:
    Appenders targeting files, network sockets, databases, SMTP servers;
    Layouts that can render CSV, HTML, JSON, Syslog, etc. formatted outputs;
    Filters that can be configured using log event rates, regular expressions, scripts, time, etc.
    It contains several extension points to introduce custom components, if needed.

License:

Apache-2.0: https://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /Users/lukaszlenart/.m2/repository/org/apache/logging/log4j/log4j-core/2.25.2/log4j-core-2.25.2.jar
MD5: e8e63b9bfc776fdf80d90567884932d5
SHA1: d4d0ad2e51e03e531f784891fbfff1bae1e13a12
SHA256:e50db7701430ff907981850ef527a41d51a53dd0017f53a0860afcbab8570277
Referenced In Projects/Scopes:
  • Struts 2 Rest Showcase Webapp:compile
  • Struts 2 Showcase Webapp:compile

log4j-core-2.25.2.jar is in the transitive dependency tree of the listed items.Included by:
  • pkg:maven/org.apache.struts/struts2-rest-showcase@7.1.2-SNAPSHOT
  • pkg:maven/org.apache.struts/struts2-showcase@7.1.2-SNAPSHOT

Identifiers

log4j-slf4j-impl-2.25.2.jar

Description:

SLF4J 1 binding (provider) for the Log4j API.
    It forwards SLF4J 1 calls to the Log4j API.
    (Refer to the `log4j-to-slf4j` artifact for forwarding the Log4j API to SLF4J.)

License:

Apache-2.0: https://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /Users/lukaszlenart/.m2/repository/org/apache/logging/log4j/log4j-slf4j-impl/2.25.2/log4j-slf4j-impl-2.25.2.jar
MD5: 1c210c3b9ea7deab60f83b5f94bdbfd4
SHA1: e1f9b977b021cdc37e874076f4f400913ff6aba2
SHA256:3ca2e24cc2b18104828414f260e84a97b8f5fa8a1408d3d6b1ee5c372aff2915
Referenced In Project/Scope: Struts 2 Showcase Webapp:compile
log4j-slf4j-impl-2.25.2.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.apache.struts/struts2-showcase@7.1.2-SNAPSHOT

Identifiers

  • pkg:maven/org.apache.logging.log4j/log4j-slf4j-impl@2.25.2  (Confidence:High)

micrometer-commons-1.14.12.jar

Description:

Module containing common code

License:

The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /Users/lukaszlenart/.m2/repository/io/micrometer/micrometer-commons/1.14.12/micrometer-commons-1.14.12.jar
MD5: 73d02817a01558776dbc5a43b1774add
SHA1: 86459b0c760a1ab5fc17da330203f25ba36f642b
SHA256:83408660d54149650da3658fa65b055158115ac91c900b3812022e1a24a35483
Referenced In Projects/Scopes:
  • Struts 2 JUnit Plugin:compile
  • Struts 2 REST Plugin:compile
  • Struts 2 Showcase Webapp:compile
  • Struts 2 Spring Plugin:compile
  • Struts 2 Assembly:compile

micrometer-commons-1.14.12.jar is in the transitive dependency tree of the listed items.Included by:
  • pkg:maven/org.springframework/spring-context@6.2.12
  • pkg:maven/org.apache.struts/struts2-junit-plugin@7.1.2-SNAPSHOT
  • pkg:maven/org.springframework/spring-web@6.2.12
  • pkg:maven/org.apache.struts/struts2-spring-plugin@7.1.2-SNAPSHOT
  • pkg:maven/org.springframework/spring-context@6.2.12

Identifiers

  • pkg:maven/io.micrometer/micrometer-commons@1.14.12  (Confidence:High)

micrometer-observation-1.14.12.jar

Description:

Module containing Observation related code

License:

The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /Users/lukaszlenart/.m2/repository/io/micrometer/micrometer-observation/1.14.12/micrometer-observation-1.14.12.jar
MD5: 8b63abb3fb62f7ff52f3f20f5f3c7b86
SHA1: 5e20ee1facc4414938f57d6546b3dbd94c10b642
SHA256:430be17d568533f3bb4234d1a7ab3018509967c582c2212770e81bcf933a99b8
Referenced In Projects/Scopes:
  • Struts 2 JUnit Plugin:compile
  • Struts 2 REST Plugin:compile
  • Struts 2 Showcase Webapp:compile
  • Struts 2 Spring Plugin:compile
  • Struts 2 Assembly:compile

micrometer-observation-1.14.12.jar is in the transitive dependency tree of the listed items.Included by:
  • pkg:maven/org.apache.struts/struts2-junit-plugin@7.1.2-SNAPSHOT
  • pkg:maven/org.springframework/spring-context@6.2.12
  • pkg:maven/org.springframework/spring-web@6.2.12
  • pkg:maven/org.apache.struts/struts2-spring-plugin@7.1.2-SNAPSHOT
  • pkg:maven/org.springframework/spring-context@6.2.12

Identifiers

  • pkg:maven/io.micrometer/micrometer-observation@1.14.12  (Confidence:High)

ognl-3.3.5.jar

Description:

OGNL - Object Graph Navigation Library

License:

The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /Users/lukaszlenart/.m2/repository/ognl/ognl/3.3.5/ognl-3.3.5.jar
MD5: 96cdcc579451cd7f2b16e0e57815a98b
SHA1: b4cb896a364038c1b71a8eec7d0554df7bcae464
SHA256:586b0e1d534b482c60a03d9cd5fdec89b76ac89823d86292921d3b9f755cfd82
Referenced In Projects/Scopes:
  • Struts 2 Rest Showcase Webapp:compile
  • Struts 2 Webapps:compile
  • Struts 2 Showcase Webapp:compile
  • Struts 2 Assembly:compile
  • Struts 2 Core:compile

ognl-3.3.5.jar is in the transitive dependency tree of the listed items.Included by:
  • pkg:maven/org.apache.struts/struts2-core@7.1.2-SNAPSHOT
  • pkg:maven/org.apache.struts/struts2-core@7.1.2-SNAPSHOT
  • pkg:maven/org.apache.struts/struts2-core@7.1.2-SNAPSHOT
  • pkg:maven/org.apache.struts/struts2-core@7.1.2-SNAPSHOT
  • pkg:maven/org.apache.struts/struts2-core@7.1.2-SNAPSHOT

Identifiers

openpdf-1.3.32.jar

Description:

Open and Free PDF library.

License:

https://www.gnu.org/licenses/old-licenses/lgpl-2.1.html, https://www.mozilla.org/en-US/MPL/2.0/
File Path: /Users/lukaszlenart/.m2/repository/com/github/librepdf/openpdf/1.3.32/openpdf-1.3.32.jar
MD5: 9ca6f73dc1d1990f17f22b5fe9b9dd95
SHA1: d3c9b7c514fed64ae348c07adff4a98a4e74a49e
SHA256:6eb2241ac9bc2636b599ceb8d4f353bcb22d1828db45ff83b09577428f6ac4f0
Referenced In Project/Scope: Struts 2 Jasper Reports 7 Plugin [EXPERIMENTAL]:compile
openpdf-1.3.32.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/net.sf.jasperreports/jasperreports-pdf@7.0.3

Identifiers

  • pkg:maven/com.github.librepdf/openpdf@1.3.32  (Confidence:High)

optiontransferselect.js

File Path: /Users/lukaszlenart/Projects/Apache/struts-site/target/struts/core/src/main/resources/org/apache/struts2/static/optiontransferselect.js
MD5: f4194635b442cd6a9354132eb1f5c544
SHA1: 51fd3c3d66bed260a48bcc1bc9f56c799acab501
SHA256:2028278976d9adfaa90186556cca99bbd476df3818155161d877272b738cc762
Referenced In Project/Scope: Struts 2 Core

Identifiers

  • None

org.apache.struts:struts2-async-plugin:7.1.2-SNAPSHOT

Description:

Apache Struts

License:

The Apache Software License, Version 2.0 https://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /Users/lukaszlenart/Projects/Apache/struts-site/target/struts/plugins/async/pom.xml

Referenced In Project/Scope: Struts 2 Showcase Webapp
org.apache.struts:struts2-async-plugin:7.1.2-SNAPSHOT is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.apache.struts/struts2-showcase@7.1.2-SNAPSHOT

Identifiers

org.apache.struts:struts2-bean-validation-plugin:7.1.2-SNAPSHOT

Description:

Apache Struts

License:

The Apache Software License, Version 2.0 https://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /Users/lukaszlenart/Projects/Apache/struts-site/target/struts/plugins/bean-validation/pom.xml

Referenced In Projects/Scopes:
  • Struts 2 Showcase Webapp
  • Struts 2 Assembly

org.apache.struts:struts2-bean-validation-plugin:7.1.2-SNAPSHOT is in the transitive dependency tree of the listed items.Included by:
  • pkg:maven/org.apache.struts/struts2-assembly@7.1.2-SNAPSHOT
  • pkg:maven/org.apache.struts/struts2-showcase@7.1.2-SNAPSHOT

Identifiers

org.apache.struts:struts2-cdi-plugin:7.1.2-SNAPSHOT

Description:

Apache Struts

License:

The Apache Software License, Version 2.0 https://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /Users/lukaszlenart/Projects/Apache/struts-site/target/struts/plugins/cdi/pom.xml

Referenced In Project/Scope: Struts 2 Assembly
org.apache.struts:struts2-cdi-plugin:7.1.2-SNAPSHOT is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.apache.struts/struts2-assembly@7.1.2-SNAPSHOT

Identifiers

org.apache.struts:struts2-config-browser-plugin:7.1.2-SNAPSHOT

Description:

Apache Struts

License:

The Apache Software License, Version 2.0 https://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /Users/lukaszlenart/Projects/Apache/struts-site/target/struts/plugins/config-browser/pom.xml

Referenced In Projects/Scopes:
  • Struts 2 Showcase Webapp
  • Struts 2 Rest Showcase Webapp
  • Struts 2 Assembly

org.apache.struts:struts2-config-browser-plugin:7.1.2-SNAPSHOT is in the transitive dependency tree of the listed items.Included by:
  • pkg:maven/org.apache.struts/struts2-showcase@7.1.2-SNAPSHOT
  • pkg:maven/org.apache.struts/struts2-assembly@7.1.2-SNAPSHOT
  • pkg:maven/org.apache.struts/struts2-rest-showcase@7.1.2-SNAPSHOT

Identifiers

org.apache.struts:struts2-convention-plugin:7.1.2-SNAPSHOT

Description:

Apache Struts

License:

The Apache Software License, Version 2.0 https://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /Users/lukaszlenart/Projects/Apache/struts-site/target/struts/plugins/convention/pom.xml

Referenced In Projects/Scopes:
  • Struts 2 Showcase Webapp
  • Struts 2 Rest Showcase Webapp
  • Struts 2 Assembly

org.apache.struts:struts2-convention-plugin:7.1.2-SNAPSHOT is in the transitive dependency tree of the listed items.Included by:
  • pkg:maven/org.apache.struts/struts2-showcase@7.1.2-SNAPSHOT
  • pkg:maven/org.apache.struts/struts2-rest-showcase@7.1.2-SNAPSHOT
  • pkg:maven/org.apache.struts/struts2-assembly@7.1.2-SNAPSHOT

Identifiers

org.apache.struts:struts2-core:7.1.2-SNAPSHOT

Description:

Apache Struts

License:

The Apache Software License, Version 2.0 https://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /Users/lukaszlenart/Projects/Apache/struts-site/target/struts/core/pom.xml

Referenced In Projects/Scopes:
  • Struts 2 Webapps
  • Struts 2 Showcase Webapp
  • Struts 2 Rest Showcase Webapp
  • Struts 2 Assembly

org.apache.struts:struts2-core:7.1.2-SNAPSHOT is in the transitive dependency tree of the listed items.Included by:
  • pkg:maven/org.apache.struts/struts2-apps@7.1.2-SNAPSHOT
  • pkg:maven/org.apache.struts/struts2-rest-showcase@7.1.2-SNAPSHOT
  • pkg:maven/org.apache.struts/struts2-assembly@7.1.2-SNAPSHOT
  • pkg:maven/org.apache.struts/struts2-showcase@7.1.2-SNAPSHOT

Identifiers

org.apache.struts:struts2-jasperreports-plugin:7.1.2-SNAPSHOT

Description:

Apache Struts

License:

The Apache Software License, Version 2.0 https://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /Users/lukaszlenart/Projects/Apache/struts-site/target/struts/plugins/jasperreports/pom.xml

Referenced In Project/Scope: Struts 2 Assembly
org.apache.struts:struts2-jasperreports-plugin:7.1.2-SNAPSHOT is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.apache.struts/struts2-assembly@7.1.2-SNAPSHOT

Identifiers

org.apache.struts:struts2-jasperreports7-plugin:7.1.2-SNAPSHOT

Description:

Apache Struts

License:

The Apache Software License, Version 2.0 https://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /Users/lukaszlenart/Projects/Apache/struts-site/target/struts/plugins/jasperreports7/pom.xml

Referenced In Project/Scope: Struts 2 Assembly
org.apache.struts:struts2-jasperreports7-plugin:7.1.2-SNAPSHOT is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.apache.struts/struts2-assembly@7.1.2-SNAPSHOT

Identifiers

org.apache.struts:struts2-javatemplates-plugin:7.1.2-SNAPSHOT

Description:

Apache Struts

License:

The Apache Software License, Version 2.0 https://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /Users/lukaszlenart/Projects/Apache/struts-site/target/struts/plugins/javatemplates/pom.xml

Referenced In Project/Scope: Struts 2 Assembly
org.apache.struts:struts2-javatemplates-plugin:7.1.2-SNAPSHOT is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.apache.struts/struts2-assembly@7.1.2-SNAPSHOT

Identifiers

org.apache.struts:struts2-jfreechart-plugin:7.1.2-SNAPSHOT

Description:

Apache Struts

License:

The Apache Software License, Version 2.0 https://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /Users/lukaszlenart/Projects/Apache/struts-site/target/struts/plugins/jfreechart/pom.xml

Referenced In Project/Scope: Struts 2 Assembly
org.apache.struts:struts2-jfreechart-plugin:7.1.2-SNAPSHOT is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.apache.struts/struts2-assembly@7.1.2-SNAPSHOT

Identifiers

org.apache.struts:struts2-json-plugin:7.1.2-SNAPSHOT

Description:

Apache Struts

License:

The Apache Software License, Version 2.0 https://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /Users/lukaszlenart/Projects/Apache/struts-site/target/struts/plugins/json/pom.xml

Referenced In Projects/Scopes:
  • Struts 2 Showcase Webapp
  • Struts 2 Assembly

org.apache.struts:struts2-json-plugin:7.1.2-SNAPSHOT is in the transitive dependency tree of the listed items.Included by:
  • pkg:maven/org.apache.struts/struts2-showcase@7.1.2-SNAPSHOT
  • pkg:maven/org.apache.struts/struts2-assembly@7.1.2-SNAPSHOT

Identifiers

org.apache.struts:struts2-junit-plugin:7.1.2-SNAPSHOT

Description:

Apache Struts

License:

The Apache Software License, Version 2.0 https://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /Users/lukaszlenart/Projects/Apache/struts-site/target/struts/plugins/junit/pom.xml

Referenced In Project/Scope: Struts 2 Assembly
org.apache.struts:struts2-junit-plugin:7.1.2-SNAPSHOT is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.apache.struts/struts2-assembly@7.1.2-SNAPSHOT

Identifiers

org.apache.struts:struts2-rest-plugin:7.1.2-SNAPSHOT

Description:

Apache Struts

License:

The Apache Software License, Version 2.0 https://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /Users/lukaszlenart/Projects/Apache/struts-site/target/struts/plugins/rest/pom.xml

Referenced In Projects/Scopes:
  • Struts 2 Rest Showcase Webapp
  • Struts 2 Assembly

org.apache.struts:struts2-rest-plugin:7.1.2-SNAPSHOT is in the transitive dependency tree of the listed items.Included by:
  • pkg:maven/org.apache.struts/struts2-rest-showcase@7.1.2-SNAPSHOT
  • pkg:maven/org.apache.struts/struts2-assembly@7.1.2-SNAPSHOT

Identifiers

org.apache.struts:struts2-spring-plugin:7.1.2-SNAPSHOT

Description:

Apache Struts

License:

The Apache Software License, Version 2.0 https://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /Users/lukaszlenart/Projects/Apache/struts-site/target/struts/plugins/spring/pom.xml

Referenced In Projects/Scopes:
  • Struts 2 Showcase Webapp
  • Struts 2 JUnit Plugin
  • Struts 2 Assembly

org.apache.struts:struts2-spring-plugin:7.1.2-SNAPSHOT is in the transitive dependency tree of the listed items.Included by:
  • pkg:maven/org.apache.struts/struts2-showcase@7.1.2-SNAPSHOT
  • pkg:maven/org.apache.struts/struts2-assembly@7.1.2-SNAPSHOT
  • pkg:maven/org.apache.struts/struts2-junit-plugin@7.1.2-SNAPSHOT

Identifiers

org.apache.struts:struts2-testng-plugin:7.1.2-SNAPSHOT

Description:

Apache Struts

License:

The Apache Software License, Version 2.0 https://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /Users/lukaszlenart/Projects/Apache/struts-site/target/struts/plugins/testng/pom.xml

Referenced In Project/Scope: Struts 2 Assembly
org.apache.struts:struts2-testng-plugin:7.1.2-SNAPSHOT is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.apache.struts/struts2-assembly@7.1.2-SNAPSHOT

Identifiers

org.apache.struts:struts2-tiles-plugin:7.1.2-SNAPSHOT

Description:

Apache Struts

License:

The Apache Software License, Version 2.0 https://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /Users/lukaszlenart/Projects/Apache/struts-site/target/struts/plugins/tiles/pom.xml

Referenced In Projects/Scopes:
  • Struts 2 Showcase Webapp
  • Struts 2 Assembly

org.apache.struts:struts2-tiles-plugin:7.1.2-SNAPSHOT is in the transitive dependency tree of the listed items.Included by:
  • pkg:maven/org.apache.struts/struts2-showcase@7.1.2-SNAPSHOT
  • pkg:maven/org.apache.struts/struts2-assembly@7.1.2-SNAPSHOT

Identifiers

CVE-2023-49735  

** UNSUPPORTED WHEN ASSIGNED **

The value set as the DefaultLocaleResolver.LOCALE_KEY attribute on the session was not validated while resolving XML definition files, leading to possible path traversal and eventually SSRF/XXE when passing user-controlled data to this key. Passing user-controlled data to this key may be relatively common, as it was also used like that to set the language in the 'tiles-test' application shipped with Tiles.

This issue affects Apache Tiles from version 2 onwards.

NOTE: This vulnerability only affects products that are no longer supported by the maintainer.
CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

CVSSv3:
  • Base Score: HIGH (7.5)
  • Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:3.9/RC:R/MAV:A

References:

Vulnerable Software & Versions:

org.apache.struts:struts2-velocity-plugin:7.1.2-SNAPSHOT

Description:

Apache Struts

License:

The Apache Software License, Version 2.0 https://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /Users/lukaszlenart/Projects/Apache/struts-site/target/struts/plugins/velocity/pom.xml

Referenced In Projects/Scopes:
  • Struts 2 Configuration Browser Plugin
  • Struts 2 Showcase Webapp
  • Struts 2 Rest Showcase Webapp
  • Struts 2 Assembly

org.apache.struts:struts2-velocity-plugin:7.1.2-SNAPSHOT is in the transitive dependency tree of the listed items.Included by:
  • pkg:maven/org.apache.struts/struts2-assembly@7.1.2-SNAPSHOT
  • pkg:maven/org.apache.struts/struts2-config-browser-plugin@7.1.2-SNAPSHOT
  • pkg:maven/org.apache.struts/struts2-rest-showcase@7.1.2-SNAPSHOT
  • pkg:maven/org.apache.struts/struts2-showcase@7.1.2-SNAPSHOT

Identifiers

org.apache.struts:struts2-velocity-tools-jsp-jakarta:7.1.2-SNAPSHOT

Description:

Apache Struts

License:

The Apache Software License, Version 2.0 https://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /Users/lukaszlenart/Projects/Apache/struts-site/target/struts/jakarta/velocity-tools-jsp-jakarta/pom.xml

Referenced In Projects/Scopes:
  • Struts 2 Velocity Plugin
  • Struts 2 Showcase Webapp
  • Struts 2 Tiles Plugin

org.apache.struts:struts2-velocity-tools-jsp-jakarta:7.1.2-SNAPSHOT is in the transitive dependency tree of the listed items.Included by:
  • pkg:maven/org.apache.struts/struts2-showcase@7.1.2-SNAPSHOT
  • pkg:maven/org.apache.struts/struts2-tiles-plugin@7.1.2-SNAPSHOT
  • pkg:maven/org.apache.struts/struts2-velocity-plugin@7.1.2-SNAPSHOT

Identifiers

org.apache.struts:struts2-velocity-tools-view-jakarta:7.1.2-SNAPSHOT

Description:

Apache Struts

License:

The Apache Software License, Version 2.0 https://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /Users/lukaszlenart/Projects/Apache/struts-site/target/struts/jakarta/velocity-tools-view-jakarta/pom.xml

Referenced In Projects/Scopes:
  • Struts 2 Velocity Plugin
  • Struts 2 Showcase Webapp
  • Struts 2 Tiles Plugin

org.apache.struts:struts2-velocity-tools-view-jakarta:7.1.2-SNAPSHOT is in the transitive dependency tree of the listed items.Included by:
  • pkg:maven/org.apache.struts/struts2-velocity-plugin@7.1.2-SNAPSHOT
  • pkg:maven/org.apache.struts/struts2-tiles-plugin@7.1.2-SNAPSHOT
  • pkg:maven/org.apache.struts/struts2-showcase@7.1.2-SNAPSHOT

Identifiers

org.apache.struts:struts2-xslt-plugin:7.1.2-SNAPSHOT

Description:

Apache Struts

License:

The Apache Software License, Version 2.0 https://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /Users/lukaszlenart/Projects/Apache/struts-site/target/struts/plugins/xslt/pom.xml

Referenced In Project/Scope: Struts 2 Showcase Webapp
org.apache.struts:struts2-xslt-plugin:7.1.2-SNAPSHOT is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.apache.struts/struts2-showcase@7.1.2-SNAPSHOT

Identifiers

prettify.js

File Path: /Users/lukaszlenart/Projects/Apache/struts-site/target/struts/apps/showcase/src/main/webapp/js/prettify.js
MD5: 709bfcc456c694bfe8ee86d184a1c360
SHA1: a4e5934397f97f79b8066984475c90af8a970a36
SHA256:e2e576e3bc607cd179ff511947010f645d3441a35313aec0dbd06c4437f83b77
Referenced In Project/Scope: Struts 2 Showcase Webapp

Identifiers

  • None

sitemesh-3.2.2.jar

Description:

SiteMesh is a web-page layout and decoration framework and web- application integration framework to aid in creating sites consisting of many pages for which a consistent look/feel, navigation and layout scheme is required.

License:

The Apache Software License, Version 2.0: https://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /Users/lukaszlenart/.m2/repository/org/sitemesh/sitemesh/3.2.2/sitemesh-3.2.2.jar
MD5: 3d6fba37330040ce9d17b2c852073154
SHA1: d47af3d745c32df861d0a6900d6a0e0a768c4959
SHA256:8e10de1d332d6eec698e3aeafab8e88ed366758d04203bf38c9bd387c6ee0187
Referenced In Project/Scope: Struts 2 Showcase Webapp:compile
sitemesh-3.2.2.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.apache.struts/struts2-showcase@7.1.2-SNAPSHOT

Identifiers

  • pkg:maven/org.sitemesh/sitemesh@3.2.2  (Confidence:High)

slf4j-api-2.0.17.jar

Description:

The slf4j API

License:

https://opensource.org/license/mit
File Path: /Users/lukaszlenart/.m2/repository/org/slf4j/slf4j-api/2.0.17/slf4j-api-2.0.17.jar
MD5: b6480d114a23683498ac3f746f959d2f
SHA1: d9e58ac9c7779ba3bf8142aff6c830617a7fe60f
SHA256:7b751d952061954d5abfed7181c1f645d336091b679891591d63329c622eb832
Referenced In Projects/Scopes:
  • Struts 2 Rest Showcase Webapp:compile
  • Struts 2 TestNG Plugin:compile
  • Struts 2 Velocity Plugin:compile
  • Struts 2 Jakarta EE Compatible Velocity Tools Jsp:compile
  • Struts 2 Configuration Browser Plugin:compile
  • Struts 2 Showcase Webapp:compile
  • Struts 2 Tiles Plugin:compile
  • Struts 2 Assembly:compile
  • Struts 2 Core:compile

slf4j-api-2.0.17.jar is in the transitive dependency tree of the listed items.Included by:
  • pkg:maven/net.sourceforge.jwebunit/jwebunit-htmlunit-plugin@3.3
  • pkg:maven/org.apache.struts/struts2-testng-plugin@7.1.2-SNAPSHOT
  • pkg:maven/org.apache.velocity.tools/velocity-tools-generic@3.1
  • pkg:maven/org.apache.velocity/velocity-engine-core@2.4.1
  • pkg:maven/org.apache.velocity/velocity-engine-core@2.4.1
  • pkg:maven/org.apache.struts/struts2-velocity-plugin@7.1.2-SNAPSHOT
  • pkg:maven/org.testng/testng@7.11.0
  • pkg:maven/org.apache.logging.log4j/log4j-slf4j-impl@2.25.2
  • pkg:maven/org.apache.struts/struts2-core@7.1.2-SNAPSHOT

Identifiers

  • pkg:maven/org.slf4j/slf4j-api@2.0.17  (Confidence:High)

spring-core-6.2.12.jar

Description:

Spring Core

License:

Apache License, Version 2.0: https://www.apache.org/licenses/LICENSE-2.0
File Path: /Users/lukaszlenart/.m2/repository/org/springframework/spring-core/6.2.12/spring-core-6.2.12.jar
MD5: 5495c7d311d73ddaf6fdf3d198b7bab1
SHA1: 298bd954610442d54b276f911d3490372ab62117
SHA256:bddc5a5be2d94191ebcfbadc672fa4d81e6ab51e38a9eaf41d5d035cb17548d4
Referenced In Projects/Scopes:
  • Struts 2 JUnit Plugin:compile
  • Struts 2 TestNG Plugin:compile
  • Struts 2 REST Plugin:compile
  • Struts 2 Showcase Webapp:compile
  • Struts 2 Spring Plugin:compile
  • Struts 2 Assembly:compile
  • Struts 2 Core:compile

spring-core-6.2.12.jar is in the transitive dependency tree of the listed items.Included by:
  • pkg:maven/org.apache.struts/struts2-spring-plugin@7.1.2-SNAPSHOT
  • pkg:maven/org.apache.struts/struts2-junit-plugin@7.1.2-SNAPSHOT
  • pkg:maven/org.apache.struts/struts2-rest-plugin@7.1.2-SNAPSHOT
  • pkg:maven/org.apache.struts/struts2-spring-plugin@7.1.2-SNAPSHOT
  • pkg:maven/org.apache.struts/struts2-junit-plugin@7.1.2-SNAPSHOT
  • pkg:maven/org.apache.struts/struts2-testng-plugin@7.1.2-SNAPSHOT
  • pkg:maven/org.springframework/spring-aop@6.2.12

Identifiers

stax2-api-4.2.2.jar

Description:

Stax2 API is an extension to basic Stax 1.0 API that adds significant new functionality, such as full-featured bi-direction validation interface and high-performance Typed Access API.

License:

The BSD 2-Clause License: http://www.opensource.org/licenses/bsd-license.php
File Path: /Users/lukaszlenart/.m2/repository/org/codehaus/woodstox/stax2-api/4.2.2/stax2-api-4.2.2.jar
MD5: 6949cace015c0f408f0b846e3735d301
SHA1: b0d746cadea928e5264f2ea294ea9a1bf815bbde
SHA256:a61c48d553efad78bc01fffc4ac528bebbae64cbaec170b2a5e39cf61eb51abe
Referenced In Projects/Scopes:
  • Struts 2 Jasper Reports 7 Plugin [EXPERIMENTAL]:compile
  • Struts 2 Rest Showcase Webapp:compile
  • Struts 2 REST Plugin:compile
  • Struts 2 Assembly:compile

stax2-api-4.2.2.jar is in the transitive dependency tree of the listed items.Included by:
  • pkg:maven/org.apache.struts/struts2-jasperreports7-plugin@7.1.2-SNAPSHOT
  • pkg:maven/com.fasterxml.jackson.dataformat/jackson-dataformat-xml@2.19.1
  • pkg:maven/com.fasterxml.jackson.dataformat/jackson-dataformat-xml@2.19.1
  • pkg:maven/net.sf.jasperreports/jasperreports@7.0.3

Identifiers

  • pkg:maven/org.codehaus.woodstox/stax2-api@4.2.2  (Confidence:High)

struts-annotations-2.0.jar

Description:

        struts-annotations adds annotations processor support for struts based annotated projects,
        such as TLD and documentation generation from annotated component classes as used in struts2

File Path: /Users/lukaszlenart/.m2/repository/org/apache/struts/struts-annotations/2.0/struts-annotations-2.0.jar
MD5: 2f8b9f3a3e30970f45b618ea233bb0cb
SHA1: e92748259d93dc18dbf482e75c474685fb7fdb73
SHA256:fcd58835a7eafe146b6a2a060dfbd7d9daa7a7be1c7ecbd0daa2d54aba3a8ebf
Referenced In Project/Scope: Struts 2 Core:compile
struts-annotations-2.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.apache.struts/struts2-core@7.1.2-SNAPSHOT

Identifiers

  • pkg:maven/org.apache.struts/struts-annotations@2.0  (Confidence:High)

testng-7.11.0.jar

Description:

Testing framework for Java

License:

Apache License, Version 2.0: https://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /Users/lukaszlenart/.m2/repository/org/testng/testng/7.11.0/testng-7.11.0.jar
MD5: ff1df83a699e68ebad51809d3eb760c1
SHA1: c75ee639e6fc9c0a406d32608d532d9ee9341941
SHA256:2edbe6b2211186d8f5439cba7998697cce883432e5f14e0696f6b59d0d58582b
Referenced In Project/Scope: Struts 2 TestNG Plugin:compile
testng-7.11.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.apache.struts/struts2-testng-plugin@7.1.2-SNAPSHOT

Identifiers

testng-7.11.0.jar: jquery-3.6.0.min.js

File Path: /Users/lukaszlenart/.m2/repository/org/testng/testng/7.11.0/testng-7.11.0.jar/org/testng/jquery-3.6.0.min.js
MD5: 8fb8fee4fcc3cc86ff6c724154c49c42
SHA1: b82d238d4e31fdf618bae8ac11a6c812c03dd0d4
SHA256:ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
Referenced In Project/Scope: Struts 2 TestNG Plugin:compile

Identifiers

  • None

testng-7.11.0.jar: testng-reports.js

File Path: /Users/lukaszlenart/.m2/repository/org/testng/testng/7.11.0/testng-7.11.0.jar/org/testng/testng-reports.js
MD5: e18bdeef11d95e4802ca1e74ce8f4813
SHA1: 8e530ffd7c6528b0a47b4405b241181c09ed3534
SHA256:88d2a0988765ed96e51e5b0c5c63d6b9d25169a12d3c49003c2e87d98d0bdee2
Referenced In Project/Scope: Struts 2 TestNG Plugin:compile

Identifiers

  • None

testng-7.11.0.jar: testng-reports2.js

File Path: /Users/lukaszlenart/.m2/repository/org/testng/testng/7.11.0/testng-7.11.0.jar/org/testng/testng-reports2.js
MD5: b45815e612fdfbeeffd1909e6551c84d
SHA1: 99dc7548ca6d9add4cc8d1022f392ccac385583b
SHA256:0cd0609bd983faf69e9eec6091de6a6e45400292a4f182fb9aa35a12acb7e852
Referenced In Project/Scope: Struts 2 TestNG Plugin:compile

Identifiers

  • None

txw2-4.0.6.jar

Description:

        TXW is a library that allows you to write XML documents.

File Path: /Users/lukaszlenart/.m2/repository/org/glassfish/jaxb/txw2/4.0.6/txw2-4.0.6.jar
MD5: 0bf7070aee3bb53640d2ea6441e059fb
SHA1: 4f4cd53b5ff9a2c5aa1211f15ed2569c57dfb044
SHA256:fcc749785412ef3806fde1ce70f93ef5a0065dcc47fe449bc871db0795cb11af
Referenced In Project/Scope: Struts 2 Core:compile
txw2-4.0.6.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.hibernate/hibernate-core@5.6.15.Final

Identifiers

  • pkg:maven/org.glassfish.jaxb/txw2@4.0.6  (Confidence:High)

utils.js

File Path: /Users/lukaszlenart/Projects/Apache/struts-site/target/struts/core/src/main/resources/org/apache/struts2/static/utils.js
MD5: a1287feb0882f494dc6ebfbdcb2c8d6a
SHA1: 61201962d41fec8139c940c5a1468796d49a6139
SHA256:309abee1bddd03fe16c196e2cc00b58318ff707764824d9b71a38f667736720d
Referenced In Project/Scope: Struts 2 Core

Identifiers

  • None

validation.js

File Path: /Users/lukaszlenart/Projects/Apache/struts-site/target/struts/core/src/main/resources/template/css_xhtml/validation.js
MD5: c66d23a2391879f74077a1af7888ede7
SHA1: c4c980b34207fbca373f2032c770371606220da2
SHA256:ec4dc0658f00c3a64e9a890565a3dfb71678babb484d2960c22f123c10f2c03c
Referenced In Project/Scope: Struts 2 Core

Identifiers

  • None

validation.js

File Path: /Users/lukaszlenart/Projects/Apache/struts-site/target/struts/core/src/main/resources/template/xhtml/validation.js
MD5: e9bde0e955b274cda502656a05f0d7a0
SHA1: 50ce94909b1cf19da01fc407682d16b3d8897259
SHA256:a3c07fd48595720fca6c54fbaf0f3440202065d01d7511e21f07a948502f9b83
Referenced In Project/Scope: Struts 2 Core

Identifiers

  • None

velocity-engine-core-2.4.1.jar

Description:

Apache Velocity is a general purpose template engine.

License:

https://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /Users/lukaszlenart/.m2/repository/org/apache/velocity/velocity-engine-core/2.4.1/velocity-engine-core-2.4.1.jar
MD5: 41a3757dc9d701590be703d1f2bd2462
SHA1: 0b662837e8006d5c383bd128503ea86ef5b4d361
SHA256:1c19157d1171d560088e485be97c93a7a2f7e9f56e517f0a30273c5c39df6231
Referenced In Projects/Scopes:
  • Struts 2 Rest Showcase Webapp:compile
  • Struts 2 Velocity Plugin:compile
  • Struts 2 Jakarta EE Compatible Velocity Tools Jsp:compile
  • Struts 2 Configuration Browser Plugin:compile
  • Struts 2 Showcase Webapp:compile
  • Struts 2 Tiles Plugin:compile
  • Struts 2 Assembly:compile

velocity-engine-core-2.4.1.jar is in the transitive dependency tree of the listed items.Included by:
  • pkg:maven/org.apache.struts/struts2-config-browser-plugin@7.1.2-SNAPSHOT
  • pkg:maven/org.apache.velocity.tools/velocity-tools-generic@3.1
  • pkg:maven/org.apache.struts/struts2-config-browser-plugin@7.1.2-SNAPSHOT
  • pkg:maven/org.apache.struts/struts2-velocity-plugin@7.1.2-SNAPSHOT
  • pkg:maven/org.apache.struts/struts2-tiles-plugin@7.1.2-SNAPSHOT
  • pkg:maven/org.apache.struts/struts2-velocity-plugin@7.1.2-SNAPSHOT
  • pkg:maven/org.apache.struts/struts2-velocity-plugin@7.1.2-SNAPSHOT

Identifiers

velocity-tools-generic-3.1.jar

Description:

Generic tools that can be used in any context.

File Path: /Users/lukaszlenart/.m2/repository/org/apache/velocity/tools/velocity-tools-generic/3.1/velocity-tools-generic-3.1.jar
MD5: 76f13879ead8693fd4d5751a8a236089
SHA1: 07aaa49086a64cd9dab967a8437cc03abbfad655
SHA256:8258cfdcaa16127f35ffe610a3fa4f76b7ebe51b88922c73c4ee39ce8f378ce5
Referenced In Projects/Scopes:

  • Struts 2 Velocity Plugin:compile
  • Struts 2 Jakarta EE Compatible Velocity Tools Jsp:compile
  • Struts 2 Showcase Webapp:compile
  • Struts 2 Tiles Plugin:compile

velocity-tools-generic-3.1.jar is in the transitive dependency tree of the listed items.Included by:
  • pkg:maven/org.apache.struts/struts2-velocity-tools-jsp-jakarta@7.1.2-SNAPSHOT
  • pkg:maven/org.apache.struts/struts2-velocity-tools-jsp-jakarta@7.1.2-SNAPSHOT
  • pkg:maven/org.apache.struts/struts2-velocity-tools-jsp-jakarta@7.1.2-SNAPSHOT
  • pkg:maven/org.apache.struts/struts2-velocity-tools-jsp-jakarta@7.1.2-SNAPSHOT

Identifiers

webconsole.js

File Path: /Users/lukaszlenart/Projects/Apache/struts-site/target/struts/core/src/main/resources/org/apache/struts2/interceptor/debugging/webconsole.js
MD5: a7202aefd2637c63ee607db0a608c6de
SHA1: 5618fb1f032d4972287158e5754570992448695d
SHA256:9ab03200e9abb3ddb95ee83321b518d660ba0734683c3a6844c633a5c5dbabfd
Referenced In Project/Scope: Struts 2 Core

Identifiers

  • None

woodstox-core-7.1.1.jar (shaded: com.sun.xml.bind.jaxb:isorelax:20090621)

Description:

Unknown version of isorelax library used in JAXB project

File Path: /Users/lukaszlenart/.m2/repository/com/fasterxml/woodstox/woodstox-core/7.1.1/woodstox-core-7.1.1.jar/META-INF/maven/com.sun.xml.bind.jaxb/isorelax/pom.xml
MD5: 6fbb4bc95fbf2072bc6e3b790553fe81
SHA1: 314ec72948d5c1fc71d553cbbd7a130caa6f9f13
SHA256:cda6451d0231a973352b592ff950e39224ba6ba1a2f35eeab66511b5c225dff1
Referenced In Projects/Scopes:

  • Struts 2 Jasper Reports 7 Plugin [EXPERIMENTAL]:compile
  • Struts 2 Rest Showcase Webapp:compile
  • Struts 2 REST Plugin:compile
  • Struts 2 Assembly:compile

Identifiers

  • pkg:maven/com.sun.xml.bind.jaxb/isorelax@20090621  (Confidence:High)

woodstox-core-7.1.1.jar (shaded: net.java.dev.msv:xsdlib:2022.7)

Description:

XML Schema datatypes library

License:

BSD
File Path: /Users/lukaszlenart/.m2/repository/com/fasterxml/woodstox/woodstox-core/7.1.1/woodstox-core-7.1.1.jar/META-INF/maven/net.java.dev.msv/xsdlib/pom.xml
MD5: f82c4c4c46c8a27ee68f031373064bf9
SHA1: 1b9b8fe3901f3556ed99a477af66f0f645c16cf0
SHA256:8649b880ac5dbb3549022c40eff4053930ea209c4aaf998925fb3d6dd75fb6c3
Referenced In Projects/Scopes:
  • Struts 2 Jasper Reports 7 Plugin [EXPERIMENTAL]:compile
  • Struts 2 Rest Showcase Webapp:compile
  • Struts 2 REST Plugin:compile
  • Struts 2 Assembly:compile

Identifiers

  • pkg:maven/net.java.dev.msv/xsdlib@2022.7  (Confidence:High)
  • cpe:2.3:a:xml_library_project:xml_library:2022.7:*:*:*:*:*:*:*  (Confidence:Low)  

woodstox-core-7.1.1.jar

Description:

Woodstox is a high-performance XML processor that implements Stax (JSR-173),
SAX2 and Stax2 APIs

License:

The Apache License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /Users/lukaszlenart/.m2/repository/com/fasterxml/woodstox/woodstox-core/7.1.1/woodstox-core-7.1.1.jar
MD5: 971ff236679f7b35a7c13c0d02c0170e
SHA1: 76baad1b94513ea896e0a17388890a4c81edd0e0
SHA256:02b9d022e9d47704ff8a7a859a0dbfd3b2882a8311eb7ff1e180f760ccda2712
Referenced In Projects/Scopes:
  • Struts 2 Jasper Reports 7 Plugin [EXPERIMENTAL]:compile
  • Struts 2 Rest Showcase Webapp:compile
  • Struts 2 REST Plugin:compile
  • Struts 2 Assembly:compile

woodstox-core-7.1.1.jar is in the transitive dependency tree of the listed items.Included by:
  • pkg:maven/com.fasterxml.jackson.dataformat/jackson-dataformat-xml@2.19.1
  • pkg:maven/net.sf.jasperreports/jasperreports@7.0.3
  • pkg:maven/org.apache.struts/struts2-jasperreports7-plugin@7.1.2-SNAPSHOT
  • pkg:maven/com.fasterxml.jackson.dataformat/jackson-dataformat-xml@2.19.1

Identifiers

xml-apis-ext-1.3.04.jar

Description:

xml-commons provides an Apache-hosted set of DOM, SAX, and 
    JAXP interfaces for use in other xml-based projects. Our hope is that we 
    can standardize on both a common version and packaging scheme for these 
    critical XML standards interfaces to make the lives of both our developers 
    and users easier. The External Components portion of xml-commons contains 
    interfaces that are defined by external standards organizations. For DOM, 
    that's the W3C; for SAX it's David Megginson and sax.sourceforge.net; for 
    JAXP it's Sun.

File Path: /Users/lukaszlenart/.m2/repository/xml-apis/xml-apis-ext/1.3.04/xml-apis-ext-1.3.04.jar
MD5: bcb07d3b8d2397db7a3013b6465d347b
SHA1: 41a8b86b358e87f3f13cf46069721719105aff66
SHA256:d0b4887dc34d57de49074a58affad439a013d0baffa1a8034f8ef2a5ea191646
Referenced In Projects/Scopes:

  • Struts 2 Jasper Reports 7 Plugin [EXPERIMENTAL]:compile
  • Struts 2 Assembly:compile

xml-apis-ext-1.3.04.jar is in the transitive dependency tree of the listed items.Included by:
  • pkg:maven/net.sf.jasperreports/jasperreports@7.0.3
  • pkg:maven/org.apache.struts/struts2-jasperreports7-plugin@7.1.2-SNAPSHOT

Identifiers

  • pkg:maven/xml-apis/xml-apis-ext@1.3.04  (Confidence:High)
  • cpe:2.3:a:apache:commons_lang:1.3.04:*:*:*:*:*:*:*  (Confidence:Low)  

xmlgraphics-commons-2.10.jar

Description:

    Apache XML Graphics Commons is a library that consists of several reusable 
    components used by Apache Batik and Apache FOP. Many of these components 
    can easily be used separately outside the domains of SVG and XSL-FO.

License:

The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /Users/lukaszlenart/.m2/repository/org/apache/xmlgraphics/xmlgraphics-commons/2.10/xmlgraphics-commons-2.10.jar
MD5: 92c1ad0e6513acfe797a48baa108a8f3
SHA1: ee7fce93d437d489a323addd1f63f0587b5c4a97
SHA256:857af2d06d002ce217532504244ea8ee831aeb094feb0a47b2697f19496711ea
Referenced In Projects/Scopes:
  • Struts 2 Jasper Reports 7 Plugin [EXPERIMENTAL]:compile
  • Struts 2 Assembly:compile

xmlgraphics-commons-2.10.jar is in the transitive dependency tree of the listed items.Included by:
  • pkg:maven/net.sf.jasperreports/jasperreports@7.0.3
  • pkg:maven/org.apache.struts/struts2-jasperreports7-plugin@7.1.2-SNAPSHOT

Identifiers

xmpcore-6.1.11.jar

Description:

The Adobe XMP Core library

License:

The BSD 3-Clause License (BSD3): https://opensource.org/licenses/BSD-3-Clause
File Path: /Users/lukaszlenart/.m2/repository/com/adobe/xmp/xmpcore/6.1.11/xmpcore-6.1.11.jar
MD5: 37892425fcfeffe88554b3d66dd084ca
SHA1: 852f14101381e527e6d43339d7db1698c970436c
SHA256:8f7033c579b99fa0d9d6ddcb9448875b5e4b577c350002278ce46997d678b737
Referenced In Project/Scope: Struts 2 Jasper Reports 7 Plugin [EXPERIMENTAL]:compile
xmpcore-6.1.11.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/net.sf.jasperreports/jasperreports-pdf@7.0.3

Identifiers

  • pkg:maven/com.adobe.xmp/xmpcore@6.1.11  (Confidence:High)

xstream-1.4.21.jar

Description:

XStream is a serialization library from Java objects to XML and back.

License:

BSD-3-Clause
File Path: /Users/lukaszlenart/.m2/repository/com/thoughtworks/xstream/xstream/1.4.21/xstream-1.4.21.jar
MD5: 767be88fc6ec4bb96e2906a17aab8e5b
SHA1: 65cb3e7f809b18b9aab43f2338ee5b320f72d7bd
SHA256:f56586f3de59ae2a49430acbc9f27942b8c5cebec9245c869fae7136733333ec
Referenced In Projects/Scopes:
  • Struts 2 Rest Showcase Webapp:compile
  • Struts 2 REST Plugin:compile
  • Struts 2 Tiles Plugin:compile
  • Struts 2 Assembly:compile

xstream-1.4.21.jar is in the transitive dependency tree of the listed items.Included by:
  • pkg:maven/org.apache.struts/struts2-rest-plugin@7.1.2-SNAPSHOT
  • pkg:maven/org.apache.struts/struts2-tiles-plugin@7.1.2-SNAPSHOT
  • pkg:maven/org.apache.struts/struts2-rest-plugin@7.1.2-SNAPSHOT
  • pkg:maven/org.apache.struts/struts2-rest-plugin@7.1.2-SNAPSHOT

Identifiers



This report contains data retrieved from the National Vulnerability Database.
This report may contain data retrieved from the CISA Known Exploited Vulnerability Catalog.
This report may contain data retrieved from the Github Advisory Database (via NPM Audit API).
This report may contain data retrieved from RetireJS.
This report may contain data retrieved from the Sonatype OSS Index.