Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies;
false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and
the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties,
implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided
is at the user’s risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever
arising out of or in connection with the use of this tool, the analysis performed, or the resulting report.
Scan Information (
show all ):
dependency-check version : 8.2.1Report Generated On : Tue, 2 Apr 2024 16:29:04 +0200Dependencies Scanned : 2999 (1272 unique)Vulnerable Dependencies : 74 Vulnerabilities Found : 189Vulnerabilities Suppressed : 0... NVD CVE Checked : 2024-04-02T16:26:56NVD CVE Modified : 2024-04-02T16:00:01VersionCheckOn : 2024-03-19T11:21:01kev.checked : 1712068044Summary Display:
Showing Vulnerable Dependencies (click to show all) * indicates the dependency has a known exploited vulnerability
Dependencies @aashutoshrathi/word-wrap:1.2.6Description:
Wrap words to a specified length. License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?optionator:0.9.3/@aashutoshrathi/word-wrap:^1.2.3
Referenced In Projects/Scopes: simplicite-js:5.2.54/optionator:0.9.3 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author Jon Schlinkert (https://github.com/jonschlinkert) Highest Vendor package.json bugs.url https://github.com/aashutoshrathi/word-wrap/issues Highest Vendor package.json description Wrap words to a specified length. Highest Vendor package.json homepage https://github.com/aashutoshrathi/word-wrap Highest Vendor package.json name @aashutoshrathi/word-wrap Highest Vendor package.json name @aashutoshrathi/word-wrap_project Highest Product package.json name @aashutoshrathi/word-wrap Highest Version package.json version 1.2.6 Highest
Related Dependencies @aashutoshrathi/word-wrap:1.2.6File Path: /var/simplicite/simplicite-5.2/package-lock.json?/@aashutoshrathi/word-wrap:1.2.6 pkg:npm/%40aashutoshrathi%2Fword-wrap@1.2.6 @ampproject/remapping:2.2.1Description:
Remap sequential sourcemaps through transformations to point at the original source code License:
Apache-2.0 File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/core:7.23.9/@ampproject/remapping:^2.2.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/@babel/core:7.23.9 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author Justin Ridgewell <jridgewell@google.com> Highest Vendor package.json description Remap sequential sourcemaps through transformations to point at the original source code Highest Vendor package.json name @ampproject/remapping Highest Vendor package.json name @ampproject/remapping_project Highest Product package.json name @ampproject/remapping Highest Version package.json version 2.2.1 Highest
Related Dependencies @ampproject/remapping:2.2.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?/@ampproject/remapping:2.2.1 pkg:npm/%40ampproject%2Fremapping@2.2.1 @babel/cli:7.23.9Description:
Babel command line. License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/@babel/cli:7.23.9
Referenced In Project/Scope: simplicite-js:5.2.54
Evidence Type Source Name Value Confidence Vendor package.json author The Babel Team (https://babel.dev/team) Highest Vendor package.json bugs https://github.com/babel/babel/issues?utf8=%E2%9C%93&q=is%3Aissue+label%3A%22pkg%3A%20cli%22+is%3Aopen Highest Vendor package.json description Babel command line. Highest Vendor package.json homepage https://babel.dev/docs/en/next/babel-cli Highest Vendor package.json name @babel/cli Highest Vendor package.json name @babel/cli_project Highest Product package.json name @babel/cli Highest Version package.json version 7.23.9 Highest
@babel/code-frame:7.23.5Description:
Generate errors that contain a code frame that point to source locations. License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?parse-json:5.2.0/@babel/code-frame:^7.0.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/@babel/traverse:7.23.9 simplicite-js:5.2.54/@babel/template:7.23.9 simplicite-js:5.2.54/@babel/core:7.23.9 simplicite-js:5.2.54 simplicite-js:5.2.54/parse-json:5.2.0 Evidence Type Source Name Value Confidence Vendor package.json author The Babel Team (https://babel.dev/team) Highest Vendor package.json bugs https://github.com/babel/babel/issues?utf8=%E2%9C%93&q=is%3Aissue+is%3Aopen Highest Vendor package.json description Generate errors that contain a code frame that point to source locations. Highest Vendor package.json homepage https://babel.dev/docs/en/next/babel-code-frame Highest Vendor package.json name @babel/code-frame Highest Vendor package.json name @babel/code-frame_project Highest Product package.json name @babel/code-frame Highest Version package.json version 7.23.5 Highest
Related Dependencies @babel/code-frame:7.23.5File Path: /var/simplicite/simplicite-5.2/package-lock.json?/@babel/code-frame:7.23.5 pkg:npm/%40babel%2Fcode-frame@7.23.5 @babel/code-frame:7.23.5File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/core:7.23.9/@babel/code-frame:^7.23.5 pkg:npm/%40babel%2Fcode-frame@7.23.5 @babel/code-frame:7.23.5File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/template:7.23.9/@babel/code-frame:^7.23.5 pkg:npm/%40babel%2Fcode-frame@7.23.5 @babel/code-frame:7.23.5File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/traverse:7.23.9/@babel/code-frame:^7.23.5 pkg:npm/%40babel%2Fcode-frame@7.23.5 @babel/compat-data:7.23.5License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?babel-plugin-polyfill-corejs2:0.4.8/@babel/compat-data:^7.22.6
Referenced In Projects/Scopes: simplicite-js:5.2.54/@babel/helper-compilation-targets:7.23.6 simplicite-js:5.2.54/babel-plugin-polyfill-corejs2:0.4.8 simplicite-js:5.2.54/@babel/plugin-transform-object-rest-spread:7.23.4 simplicite-js:5.2.54/@babel/preset-env:7.23.9 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author The Babel Team (https://babel.dev/team) Highest Vendor package.json description Highest Vendor package.json name @babel/compat-data Highest Vendor package.json name @babel/compat-data_project Highest Product package.json name @babel/compat-data Highest Version package.json version 7.23.5 Highest
Related Dependencies @babel/compat-data:7.23.5File Path: /var/simplicite/simplicite-5.2/package-lock.json?/@babel/compat-data:7.23.5 pkg:npm/%40babel%2Fcompat-data@7.23.5 @babel/compat-data:7.23.5File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/helper-compilation-targets:7.23.6/@babel/compat-data:^7.23.5 pkg:npm/%40babel%2Fcompat-data@7.23.5 @babel/compat-data:7.23.5File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/plugin-transform-object-rest-spread:7.23.4/@babel/compat-data:^7.23.3 pkg:npm/%40babel%2Fcompat-data@7.23.5 @babel/compat-data:7.23.5File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/preset-env:7.23.9/@babel/compat-data:^7.23.5 pkg:npm/%40babel%2Fcompat-data@7.23.5 @babel/core:7.23.9Description:
Babel compiler core. License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/@babel/core:7.23.9
Referenced In Project/Scope: simplicite-js:5.2.54
Evidence Type Source Name Value Confidence Vendor package.json author The Babel Team (https://babel.dev/team) Highest Vendor package.json bugs https://github.com/babel/babel/issues?utf8=%E2%9C%93&q=is%3Aissue+label%3A%22pkg%3A%20core%22+is%3Aopen Highest Vendor package.json description Babel compiler core. Highest Vendor package.json homepage https://babel.dev/docs/en/next/babel-core Highest Vendor package.json name @babel/core Highest Vendor package.json name @babel/core_project Highest Product package.json name @babel/core Highest Version package.json version 7.23.9 Highest
@babel/generator:7.23.6Description:
Turns an AST into code. License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/traverse:7.23.9/@babel/generator:^7.23.6
Referenced In Projects/Scopes: simplicite-js:5.2.54/@babel/traverse:7.23.9 simplicite-js:5.2.54/@babel/core:7.23.9 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author The Babel Team (https://babel.dev/team) Highest Vendor package.json bugs https://github.com/babel/babel/issues?utf8=%E2%9C%93&q=is%3Aissue+label%3A%22pkg%3A%20generator%22+is%3Aopen Highest Vendor package.json description Turns an AST into code. Highest Vendor package.json homepage https://babel.dev/docs/en/next/babel-generator Highest Vendor package.json name @babel/generator Highest Vendor package.json name @babel/generator_project Highest Product package.json name @babel/generator Highest Version package.json version 7.23.6 Highest
Related Dependencies @babel/generator:7.23.6File Path: /var/simplicite/simplicite-5.2/package-lock.json?/@babel/generator:7.23.6 pkg:npm/%40babel%2Fgenerator@7.23.6 @babel/generator:7.23.6File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/core:7.23.9/@babel/generator:^7.23.6 pkg:npm/%40babel%2Fgenerator@7.23.6 @babel/helper-annotate-as-pure:7.22.5Description:
Helper function to annotate paths and nodes with #__PURE__ comment License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/plugin-transform-private-property-in-object:7.23.4/@babel/helper-annotate-as-pure:^7.22.5
Referenced In Projects/Scopes: simplicite-js:5.2.54/@babel/plugin-transform-classes:7.23.8 simplicite-js:5.2.54/@babel/helper-create-regexp-features-plugin:7.22.15 simplicite-js:5.2.54/@babel/helper-create-class-features-plugin:7.23.10 simplicite-js:5.2.54/@babel/helper-remap-async-to-generator:7.22.20 simplicite-js:5.2.54 simplicite-js:5.2.54/@babel/plugin-transform-private-property-in-object:7.23.4 Evidence Type Source Name Value Confidence Vendor package.json author The Babel Team (https://babel.dev/team) Highest Vendor package.json description Helper function to annotate paths and nodes with #__PURE__ comment Highest Vendor package.json homepage https://babel.dev/docs/en/next/babel-helper-annotate-as-pure Highest Vendor package.json name @babel/helper-annotate-as-pure Highest Vendor package.json name @babel/helper-annotate-as-pure_project Highest Product package.json name @babel/helper-annotate-as-pure Highest Version package.json version 7.22.5 Highest
Related Dependencies @babel/helper-annotate-as-pure:7.22.5File Path: /var/simplicite/simplicite-5.2/package-lock.json?/@babel/helper-annotate-as-pure:7.22.5 pkg:npm/%40babel%2Fhelper-annotate-as-pure@7.22.5 @babel/helper-annotate-as-pure:7.22.5File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/helper-create-class-features-plugin:7.23.10/@babel/helper-annotate-as-pure:^7.22.5 pkg:npm/%40babel%2Fhelper-annotate-as-pure@7.22.5 @babel/helper-annotate-as-pure:7.22.5File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/helper-create-regexp-features-plugin:7.22.15/@babel/helper-annotate-as-pure:^7.22.5 pkg:npm/%40babel%2Fhelper-annotate-as-pure@7.22.5 @babel/helper-annotate-as-pure:7.22.5File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/helper-remap-async-to-generator:7.22.20/@babel/helper-annotate-as-pure:^7.22.5 pkg:npm/%40babel%2Fhelper-annotate-as-pure@7.22.5 @babel/helper-annotate-as-pure:7.22.5File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/plugin-transform-classes:7.23.8/@babel/helper-annotate-as-pure:^7.22.5 pkg:npm/%40babel%2Fhelper-annotate-as-pure@7.22.5 @babel/helper-builder-binary-assignment-operator-visitor:7.22.15Description:
Helper function to build binary assignment operator visitors License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/plugin-transform-exponentiation-operator:7.23.3/@babel/helper-builder-binary-assignment-operator-visitor:^7.22.15
Referenced In Projects/Scopes: simplicite-js:5.2.54/@babel/plugin-transform-exponentiation-operator:7.23.3 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author The Babel Team (https://babel.dev/team) Highest Vendor package.json description Helper function to build binary assignment operator visitors Highest Vendor package.json homepage https://babel.dev/docs/en/next/babel-helper-builder-binary-assignment-operator-visitor Highest Vendor package.json name @babel/helper-builder-binary-assignment-operator-visitor Highest Vendor package.json name @babel/helper-builder-binary-assignment-operator-visitor_project Highest Product package.json name @babel/helper-builder-binary-assignment-operator-visitor Highest Version package.json version 7.22.15 Highest
Related Dependencies @babel/helper-builder-binary-assignment-operator-visitor:7.22.15File Path: /var/simplicite/simplicite-5.2/package-lock.json?/@babel/helper-builder-binary-assignment-operator-visitor:7.22.15 pkg:npm/%40babel%2Fhelper-builder-binary-assignment-operator-visitor@7.22.15 @babel/helper-compilation-targets:7.23.6Description:
Helper functions on Babel compilation targets License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/preset-env:7.23.9/@babel/helper-compilation-targets:^7.23.6
Referenced In Projects/Scopes: simplicite-js:5.2.54/@babel/plugin-transform-function-name:7.23.3 simplicite-js:5.2.54/@babel/plugin-transform-classes:7.23.8 simplicite-js:5.2.54/@babel/plugin-transform-object-rest-spread:7.23.4 simplicite-js:5.2.54/@babel/preset-env:7.23.9 simplicite-js:5.2.54/@babel/helper-define-polyfill-provider:0.5.0 simplicite-js:5.2.54/@babel/core:7.23.9 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author The Babel Team (https://babel.dev/team) Highest Vendor package.json description Helper functions on Babel compilation targets Highest Vendor package.json name @babel/helper-compilation-targets Highest Vendor package.json name @babel/helper-compilation-targets_project Highest Product package.json name @babel/helper-compilation-targets Highest Version package.json version 7.23.6 Highest
Related Dependencies @babel/helper-compilation-targets:7.23.6File Path: /var/simplicite/simplicite-5.2/package-lock.json?/@babel/helper-compilation-targets:7.23.6 pkg:npm/%40babel%2Fhelper-compilation-targets@7.23.6 @babel/helper-compilation-targets:7.23.6File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/core:7.23.9/@babel/helper-compilation-targets:^7.23.6 pkg:npm/%40babel%2Fhelper-compilation-targets@7.23.6 @babel/helper-compilation-targets:7.23.6File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/helper-define-polyfill-provider:0.5.0/@babel/helper-compilation-targets:^7.22.6 pkg:npm/%40babel%2Fhelper-compilation-targets@7.23.6 @babel/helper-compilation-targets:7.23.6File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/plugin-transform-classes:7.23.8/@babel/helper-compilation-targets:^7.23.6 pkg:npm/%40babel%2Fhelper-compilation-targets@7.23.6 @babel/helper-compilation-targets:7.23.6File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/plugin-transform-function-name:7.23.3/@babel/helper-compilation-targets:^7.22.15 pkg:npm/%40babel%2Fhelper-compilation-targets@7.23.6 @babel/helper-compilation-targets:7.23.6File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/plugin-transform-object-rest-spread:7.23.4/@babel/helper-compilation-targets:^7.22.15 pkg:npm/%40babel%2Fhelper-compilation-targets@7.23.6 @babel/helper-create-class-features-plugin:7.23.10Description:
Compile class public and private fields, private methods and decorators to ES6 License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/plugin-transform-private-property-in-object:7.23.4/@babel/helper-create-class-features-plugin:^7.22.15
Referenced In Projects/Scopes: simplicite-js:5.2.54/@babel/plugin-transform-class-static-block:7.23.4 simplicite-js:5.2.54/@babel/plugin-transform-private-methods:7.23.3 simplicite-js:5.2.54/@babel/plugin-transform-class-properties:7.23.3 simplicite-js:5.2.54 simplicite-js:5.2.54/@babel/plugin-transform-private-property-in-object:7.23.4 Evidence Type Source Name Value Confidence Vendor package.json author The Babel Team (https://babel.dev/team) Highest Vendor package.json description Compile class public and private fields, private methods and decorators to ES6 Highest Vendor package.json name @babel/helper-create-class-features-plugin Highest Vendor package.json name @babel/helper-create-class-features-plugin_project Highest Product package.json name @babel/helper-create-class-features-plugin Highest Version package.json version 7.23.10 Highest
Related Dependencies @babel/helper-create-class-features-plugin:7.23.10File Path: /var/simplicite/simplicite-5.2/package-lock.json?/@babel/helper-create-class-features-plugin:7.23.10 pkg:npm/%40babel%2Fhelper-create-class-features-plugin@7.23.10 @babel/helper-create-class-features-plugin:7.23.10File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/plugin-transform-class-properties:7.23.3/@babel/helper-create-class-features-plugin:^7.22.15 pkg:npm/%40babel%2Fhelper-create-class-features-plugin@7.23.10 @babel/helper-create-class-features-plugin:7.23.10File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/plugin-transform-class-static-block:7.23.4/@babel/helper-create-class-features-plugin:^7.22.15 pkg:npm/%40babel%2Fhelper-create-class-features-plugin@7.23.10 @babel/helper-create-class-features-plugin:7.23.10File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/plugin-transform-private-methods:7.23.3/@babel/helper-create-class-features-plugin:^7.22.15 pkg:npm/%40babel%2Fhelper-create-class-features-plugin@7.23.10 @babel/helper-create-regexp-features-plugin:7.22.15Description:
Compile ESNext Regular Expressions to ES5 License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/plugin-transform-unicode-sets-regex:7.23.3/@babel/helper-create-regexp-features-plugin:^7.22.15
Referenced In Projects/Scopes: simplicite-js:5.2.54/@babel/plugin-transform-unicode-regex:7.23.3 simplicite-js:5.2.54/@babel/plugin-transform-unicode-property-regex:7.23.3 simplicite-js:5.2.54/@babel/plugin-transform-dotall-regex:7.23.3 simplicite-js:5.2.54/@babel/plugin-transform-named-capturing-groups-regex:7.22.5 simplicite-js:5.2.54/@babel/plugin-transform-unicode-sets-regex:7.23.3 simplicite-js:5.2.54 simplicite-js:5.2.54/@babel/plugin-syntax-unicode-sets-regex:7.18.6 Evidence Type Source Name Value Confidence Vendor package.json author The Babel Team (https://babel.dev/team) Highest Vendor package.json description Compile ESNext Regular Expressions to ES5 Highest Vendor package.json name @babel/helper-create-regexp-features-plugin Highest Vendor package.json name @babel/helper-create-regexp-features-plugin_project Highest Product package.json name @babel/helper-create-regexp-features-plugin Highest Version package.json version 7.22.15 Highest
Related Dependencies @babel/helper-create-regexp-features-plugin:7.22.15File Path: /var/simplicite/simplicite-5.2/package-lock.json?/@babel/helper-create-regexp-features-plugin:7.22.15 pkg:npm/%40babel%2Fhelper-create-regexp-features-plugin@7.22.15 @babel/helper-create-regexp-features-plugin:7.22.15File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/plugin-syntax-unicode-sets-regex:7.18.6/@babel/helper-create-regexp-features-plugin:^7.18.6 pkg:npm/%40babel%2Fhelper-create-regexp-features-plugin@7.22.15 @babel/helper-create-regexp-features-plugin:7.22.15File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/plugin-transform-dotall-regex:7.23.3/@babel/helper-create-regexp-features-plugin:^7.22.15 pkg:npm/%40babel%2Fhelper-create-regexp-features-plugin@7.22.15 @babel/helper-create-regexp-features-plugin:7.22.15File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/plugin-transform-named-capturing-groups-regex:7.22.5/@babel/helper-create-regexp-features-plugin:^7.22.5 pkg:npm/%40babel%2Fhelper-create-regexp-features-plugin@7.22.15 @babel/helper-create-regexp-features-plugin:7.22.15File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/plugin-transform-unicode-property-regex:7.23.3/@babel/helper-create-regexp-features-plugin:^7.22.15 pkg:npm/%40babel%2Fhelper-create-regexp-features-plugin@7.22.15 @babel/helper-create-regexp-features-plugin:7.22.15File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/plugin-transform-unicode-regex:7.23.3/@babel/helper-create-regexp-features-plugin:^7.22.15 pkg:npm/%40babel%2Fhelper-create-regexp-features-plugin@7.22.15 @babel/helper-define-polyfill-provider:0.5.0Description:
Babel helper to create your own polyfill provider License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?babel-plugin-polyfill-regenerator:0.5.5/@babel/helper-define-polyfill-provider:^0.5.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/babel-plugin-polyfill-regenerator:0.5.5 simplicite-js:5.2.54/babel-plugin-polyfill-corejs2:0.4.8 simplicite-js:5.2.54 simplicite-js:5.2.54/babel-plugin-polyfill-corejs3:0.9.0 Evidence Type Source Name Value Confidence Vendor package.json description Babel helper to create your own polyfill provider Highest Vendor package.json name @babel/helper-define-polyfill-provider Highest Vendor package.json name @babel/helper-define-polyfill-provider_project Highest Product package.json name @babel/helper-define-polyfill-provider Highest Version package.json version 0.5.0 Highest
Related Dependencies @babel/helper-define-polyfill-provider:0.5.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?/@babel/helper-define-polyfill-provider:0.5.0 pkg:npm/%40babel%2Fhelper-define-polyfill-provider@0.5.0 @babel/helper-define-polyfill-provider:0.5.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?babel-plugin-polyfill-corejs2:0.4.8/@babel/helper-define-polyfill-provider:^0.5.0 pkg:npm/%40babel%2Fhelper-define-polyfill-provider@0.5.0 @babel/helper-define-polyfill-provider:0.5.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?babel-plugin-polyfill-corejs3:0.9.0/@babel/helper-define-polyfill-provider:^0.5.0 pkg:npm/%40babel%2Fhelper-define-polyfill-provider@0.5.0 @babel/helper-environment-visitor:7.22.20Description:
Helper visitor to only visit nodes in the current 'this' context License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/traverse:7.23.9/@babel/helper-environment-visitor:^7.22.20
Referenced In Projects/Scopes: simplicite-js:5.2.54/@babel/plugin-transform-classes:7.23.8 simplicite-js:5.2.54/@babel/traverse:7.23.9 simplicite-js:5.2.54/@babel/helper-create-class-features-plugin:7.23.10 simplicite-js:5.2.54/@babel/helper-replace-supers:7.22.20 simplicite-js:5.2.54/@babel/helper-module-transforms:7.23.3 simplicite-js:5.2.54/@babel/plugin-transform-async-generator-functions:7.23.9 simplicite-js:5.2.54/@babel/helper-remap-async-to-generator:7.22.20 simplicite-js:5.2.54 simplicite-js:5.2.54/@babel/plugin-bugfix-v8-static-class-fields-redefine-readonly:7.23.7 Evidence Type Source Name Value Confidence Vendor package.json author The Babel Team (https://babel.dev/team) Highest Vendor package.json description Helper visitor to only visit nodes in the current 'this' context Highest Vendor package.json homepage https://babel.dev/docs/en/next/babel-helper-environment-visitor Highest Vendor package.json name @babel/helper-environment-visitor Highest Vendor package.json name @babel/helper-environment-visitor_project Highest Product package.json name @babel/helper-environment-visitor Highest Version package.json version 7.22.20 Highest
Related Dependencies @babel/helper-environment-visitor:7.22.20File Path: /var/simplicite/simplicite-5.2/package-lock.json?/@babel/helper-environment-visitor:7.22.20 pkg:npm/%40babel%2Fhelper-environment-visitor@7.22.20 @babel/helper-environment-visitor:7.22.20File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/helper-create-class-features-plugin:7.23.10/@babel/helper-environment-visitor:^7.22.20 pkg:npm/%40babel%2Fhelper-environment-visitor@7.22.20 @babel/helper-environment-visitor:7.22.20File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/helper-module-transforms:7.23.3/@babel/helper-environment-visitor:^7.22.20 pkg:npm/%40babel%2Fhelper-environment-visitor@7.22.20 @babel/helper-environment-visitor:7.22.20File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/helper-remap-async-to-generator:7.22.20/@babel/helper-environment-visitor:^7.22.20 pkg:npm/%40babel%2Fhelper-environment-visitor@7.22.20 @babel/helper-environment-visitor:7.22.20File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/helper-replace-supers:7.22.20/@babel/helper-environment-visitor:^7.22.20 pkg:npm/%40babel%2Fhelper-environment-visitor@7.22.20 @babel/helper-environment-visitor:7.22.20File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/plugin-bugfix-v8-static-class-fields-redefine-readonly:7.23.7/@babel/helper-environment-visitor:^7.22.20 pkg:npm/%40babel%2Fhelper-environment-visitor@7.22.20 @babel/helper-environment-visitor:7.22.20File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/plugin-transform-async-generator-functions:7.23.9/@babel/helper-environment-visitor:^7.22.20 pkg:npm/%40babel%2Fhelper-environment-visitor@7.22.20 @babel/helper-environment-visitor:7.22.20File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/plugin-transform-classes:7.23.8/@babel/helper-environment-visitor:^7.22.20 pkg:npm/%40babel%2Fhelper-environment-visitor@7.22.20 @babel/helper-function-name:7.23.0Description:
Helper function to change the property 'name' of every function License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/traverse:7.23.9/@babel/helper-function-name:^7.23.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/@babel/plugin-transform-function-name:7.23.3 simplicite-js:5.2.54/@babel/plugin-transform-classes:7.23.8 simplicite-js:5.2.54/@babel/helper-wrap-function:7.22.20 simplicite-js:5.2.54/@babel/traverse:7.23.9 simplicite-js:5.2.54/@babel/helper-create-class-features-plugin:7.23.10 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author The Babel Team (https://babel.dev/team) Highest Vendor package.json description Helper function to change the property 'name' of every function Highest Vendor package.json homepage https://babel.dev/docs/en/next/babel-helper-function-name Highest Vendor package.json name @babel/helper-function-name Highest Vendor package.json name @babel/helper-function-name_project Highest Product package.json name @babel/helper-function-name Highest Version package.json version 7.23.0 Highest
Related Dependencies @babel/helper-function-name:7.23.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?/@babel/helper-function-name:7.23.0 pkg:npm/%40babel%2Fhelper-function-name@7.23.0 @babel/helper-function-name:7.23.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/helper-create-class-features-plugin:7.23.10/@babel/helper-function-name:^7.23.0 pkg:npm/%40babel%2Fhelper-function-name@7.23.0 @babel/helper-function-name:7.23.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/helper-wrap-function:7.22.20/@babel/helper-function-name:^7.22.5 pkg:npm/%40babel%2Fhelper-function-name@7.23.0 @babel/helper-function-name:7.23.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/plugin-transform-classes:7.23.8/@babel/helper-function-name:^7.23.0 pkg:npm/%40babel%2Fhelper-function-name@7.23.0 @babel/helper-function-name:7.23.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/plugin-transform-function-name:7.23.3/@babel/helper-function-name:^7.23.0 pkg:npm/%40babel%2Fhelper-function-name@7.23.0 @babel/helper-hoist-variables:7.22.5Description:
Helper function to hoist variables License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/traverse:7.23.9/@babel/helper-hoist-variables:^7.22.5
Referenced In Projects/Scopes: simplicite-js:5.2.54/@babel/plugin-transform-modules-systemjs:7.23.9 simplicite-js:5.2.54/@babel/traverse:7.23.9 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author The Babel Team (https://babel.dev/team) Highest Vendor package.json description Helper function to hoist variables Highest Vendor package.json homepage https://babel.dev/docs/en/next/babel-helper-hoist-variables Highest Vendor package.json name @babel/helper-hoist-variables Highest Vendor package.json name @babel/helper-hoist-variables_project Highest Product package.json name @babel/helper-hoist-variables Highest Version package.json version 7.22.5 Highest
Related Dependencies @babel/helper-hoist-variables:7.22.5File Path: /var/simplicite/simplicite-5.2/package-lock.json?/@babel/helper-hoist-variables:7.22.5 pkg:npm/%40babel%2Fhelper-hoist-variables@7.22.5 @babel/helper-hoist-variables:7.22.5File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/plugin-transform-modules-systemjs:7.23.9/@babel/helper-hoist-variables:^7.22.5 pkg:npm/%40babel%2Fhelper-hoist-variables@7.22.5 @babel/helper-member-expression-to-functions:7.23.0Description:
Helper function to replace certain member expressions with function calls License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/helper-replace-supers:7.22.20/@babel/helper-member-expression-to-functions:^7.22.15
Referenced In Projects/Scopes: simplicite-js:5.2.54/@babel/helper-create-class-features-plugin:7.23.10 simplicite-js:5.2.54/@babel/helper-replace-supers:7.22.20 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author The Babel Team (https://babel.dev/team) Highest Vendor package.json description Helper function to replace certain member expressions with function calls Highest Vendor package.json homepage https://babel.dev/docs/en/next/babel-helper-member-expression-to-functions Highest Vendor package.json name @babel/helper-member-expression-to-functions Highest Vendor package.json name @babel/helper-member-expression-to-functions_project Highest Product package.json name @babel/helper-member-expression-to-functions Highest Version package.json version 7.23.0 Highest
Related Dependencies @babel/helper-member-expression-to-functions:7.23.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?/@babel/helper-member-expression-to-functions:7.23.0 pkg:npm/%40babel%2Fhelper-member-expression-to-functions@7.23.0 @babel/helper-member-expression-to-functions:7.23.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/helper-create-class-features-plugin:7.23.10/@babel/helper-member-expression-to-functions:^7.23.0 pkg:npm/%40babel%2Fhelper-member-expression-to-functions@7.23.0 @babel/helper-module-imports:7.22.15Description:
Babel helper functions for inserting module loads License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/plugin-transform-async-to-generator:7.23.3/@babel/helper-module-imports:^7.22.15
Referenced In Projects/Scopes: simplicite-js:5.2.54/@babel/plugin-transform-async-to-generator:7.23.3 simplicite-js:5.2.54/@babel/helper-module-transforms:7.23.3 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author The Babel Team (https://babel.dev/team) Highest Vendor package.json description Babel helper functions for inserting module loads Highest Vendor package.json homepage https://babel.dev/docs/en/next/babel-helper-module-imports Highest Vendor package.json name @babel/helper-module-imports Highest Vendor package.json name @babel/helper-module-imports_project Highest Product package.json name @babel/helper-module-imports Highest Version package.json version 7.22.15 Highest
Related Dependencies @babel/helper-module-imports:7.22.15File Path: /var/simplicite/simplicite-5.2/package-lock.json?/@babel/helper-module-imports:7.22.15 pkg:npm/%40babel%2Fhelper-module-imports@7.22.15 @babel/helper-module-imports:7.22.15File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/helper-module-transforms:7.23.3/@babel/helper-module-imports:^7.22.15 pkg:npm/%40babel%2Fhelper-module-imports@7.22.15 @babel/helper-module-transforms:7.23.3Description:
Babel helper functions for implementing ES6 module transformations License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/plugin-transform-modules-umd:7.23.3/@babel/helper-module-transforms:^7.23.3
Referenced In Projects/Scopes: simplicite-js:5.2.54/@babel/plugin-transform-modules-systemjs:7.23.9 simplicite-js:5.2.54/@babel/plugin-transform-modules-amd:7.23.3 simplicite-js:5.2.54/@babel/plugin-transform-modules-commonjs:7.23.3 simplicite-js:5.2.54/@babel/plugin-transform-modules-umd:7.23.3 simplicite-js:5.2.54/@babel/core:7.23.9 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author The Babel Team (https://babel.dev/team) Highest Vendor package.json description Babel helper functions for implementing ES6 module transformations Highest Vendor package.json homepage https://babel.dev/docs/en/next/babel-helper-module-transforms Highest Vendor package.json name @babel/helper-module-transforms Highest Vendor package.json name @babel/helper-module-transforms_project Highest Product package.json name @babel/helper-module-transforms Highest Version package.json version 7.23.3 Highest
Related Dependencies @babel/helper-module-transforms:7.23.3File Path: /var/simplicite/simplicite-5.2/package-lock.json?/@babel/helper-module-transforms:7.23.3 pkg:npm/%40babel%2Fhelper-module-transforms@7.23.3 @babel/helper-module-transforms:7.23.3File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/core:7.23.9/@babel/helper-module-transforms:^7.23.3 pkg:npm/%40babel%2Fhelper-module-transforms@7.23.3 @babel/helper-module-transforms:7.23.3File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/plugin-transform-modules-amd:7.23.3/@babel/helper-module-transforms:^7.23.3 pkg:npm/%40babel%2Fhelper-module-transforms@7.23.3 @babel/helper-module-transforms:7.23.3File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/plugin-transform-modules-commonjs:7.23.3/@babel/helper-module-transforms:^7.23.3 pkg:npm/%40babel%2Fhelper-module-transforms@7.23.3 @babel/helper-module-transforms:7.23.3File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/plugin-transform-modules-systemjs:7.23.9/@babel/helper-module-transforms:^7.23.3 pkg:npm/%40babel%2Fhelper-module-transforms@7.23.3 @babel/helper-optimise-call-expression:7.22.5Description:
Helper function to optimise call expression License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/helper-replace-supers:7.22.20/@babel/helper-optimise-call-expression:^7.22.5
Referenced In Projects/Scopes: simplicite-js:5.2.54/@babel/helper-create-class-features-plugin:7.23.10 simplicite-js:5.2.54/@babel/helper-replace-supers:7.22.20 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author The Babel Team (https://babel.dev/team) Highest Vendor package.json description Helper function to optimise call expression Highest Vendor package.json homepage https://babel.dev/docs/en/next/babel-helper-optimise-call-expression Highest Vendor package.json name @babel/helper-optimise-call-expression Highest Vendor package.json name @babel/helper-optimise-call-expression_project Highest Product package.json name @babel/helper-optimise-call-expression Highest Version package.json version 7.22.5 Highest
Related Dependencies @babel/helper-optimise-call-expression:7.22.5File Path: /var/simplicite/simplicite-5.2/package-lock.json?/@babel/helper-optimise-call-expression:7.22.5 pkg:npm/%40babel%2Fhelper-optimise-call-expression@7.22.5 @babel/helper-optimise-call-expression:7.22.5File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/helper-create-class-features-plugin:7.23.10/@babel/helper-optimise-call-expression:^7.22.5 pkg:npm/%40babel%2Fhelper-optimise-call-expression@7.22.5 @babel/helper-plugin-utils:7.22.5Description:
General utilities for plugins to use License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/preset-modules:0.1.6-no-external-plugins/@babel/helper-plugin-utils:^7.0.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/@babel/plugin-transform-reserved-words:7.23.3 simplicite-js:5.2.54/@babel/plugin-syntax-numeric-separator:7.10.4 simplicite-js:5.2.54/@babel/plugin-syntax-logical-assignment-operators:7.10.4 simplicite-js:5.2.54/@babel/plugin-transform-new-target:7.23.3 simplicite-js:5.2.54/@babel/plugin-transform-modules-commonjs:7.23.3 simplicite-js:5.2.54/@babel/plugin-transform-block-scoped-functions:7.23.3 simplicite-js:5.2.54/@babel/plugin-bugfix-v8-spread-parameters-in-optional-chaining:7.23.3 simplicite-js:5.2.54/@babel/plugin-syntax-optional-chaining:7.8.3 simplicite-js:5.2.54/@babel/plugin-syntax-import-assertions:7.23.3 simplicite-js:5.2.54/@babel/plugin-transform-unicode-property-regex:7.23.3 simplicite-js:5.2.54/@babel/plugin-transform-destructuring:7.23.3 simplicite-js:5.2.54/@babel/plugin-transform-classes:7.23.8 simplicite-js:5.2.54/@babel/plugin-syntax-object-rest-spread:7.8.3 simplicite-js:5.2.54/@babel/plugin-transform-shorthand-properties:7.23.3 simplicite-js:5.2.54/@babel/plugin-transform-logical-assignment-operators:7.23.4 simplicite-js:5.2.54/@babel/plugin-transform-dynamic-import:7.23.4 simplicite-js:5.2.54/@babel/plugin-syntax-top-level-await:7.14.5 simplicite-js:5.2.54/@babel/helper-define-polyfill-provider:0.5.0 simplicite-js:5.2.54/@babel/plugin-transform-typeof-symbol:7.23.3 simplicite-js:5.2.54/@babel/plugin-syntax-async-generators:7.8.4 simplicite-js:5.2.54/@babel/plugin-syntax-optional-catch-binding:7.8.3 simplicite-js:5.2.54/@babel/plugin-transform-parameters:7.23.3 simplicite-js:5.2.54/@babel/plugin-syntax-class-static-block:7.14.5 simplicite-js:5.2.54/@babel/plugin-transform-object-super:7.23.3 simplicite-js:5.2.54/@babel/plugin-transform-function-name:7.23.3 simplicite-js:5.2.54/@babel/preset-modules:0.1.6-no-external-plugins simplicite-js:5.2.54/@babel/plugin-transform-spread:7.23.3 simplicite-js:5.2.54/@babel/plugin-transform-for-of:7.23.6 simplicite-js:5.2.54/@babel/plugin-transform-async-to-generator:7.23.3 simplicite-js:5.2.54/@babel/plugin-transform-export-namespace-from:7.23.4 simplicite-js:5.2.54/@babel/plugin-transform-computed-properties:7.23.3 simplicite-js:5.2.54/@babel/plugin-transform-async-generator-functions:7.23.9 simplicite-js:5.2.54/@babel/plugin-transform-duplicate-keys:7.23.3 simplicite-js:5.2.54/@babel/plugin-syntax-json-strings:7.8.3 simplicite-js:5.2.54/@babel/plugin-transform-named-capturing-groups-regex:7.22.5 simplicite-js:5.2.54/@babel/plugin-transform-optional-catch-binding:7.23.4 simplicite-js:5.2.54/@babel/plugin-transform-modules-amd:7.23.3 simplicite-js:5.2.54/@babel/plugin-transform-class-static-block:7.23.4 simplicite-js:5.2.54/@babel/plugin-bugfix-safari-id-destructuring-collision-in-function-expression:7.23.3 simplicite-js:5.2.54/@babel/plugin-transform-object-rest-spread:7.23.4 simplicite-js:5.2.54/@babel/plugin-transform-literals:7.23.3 simplicite-js:5.2.54/@babel/plugin-syntax-import-meta:7.10.4 simplicite-js:5.2.54/@babel/plugin-syntax-import-attributes:7.23.3 simplicite-js:5.2.54/@babel/plugin-transform-private-property-in-object:7.23.4 simplicite-js:5.2.54/@babel/plugin-transform-unicode-regex:7.23.3 simplicite-js:5.2.54/@babel/plugin-transform-unicode-escapes:7.23.3 simplicite-js:5.2.54/@babel/plugin-transform-regenerator:7.23.3 simplicite-js:5.2.54/@babel/plugin-transform-exponentiation-operator:7.23.3 simplicite-js:5.2.54/@babel/plugin-transform-json-strings:7.23.4 simplicite-js:5.2.54/@babel/plugin-transform-member-expression-literals:7.23.3 simplicite-js:5.2.54/@babel/plugin-transform-numeric-separator:7.23.4 simplicite-js:5.2.54/@babel/preset-env:7.23.9 simplicite-js:5.2.54/@babel/plugin-transform-modules-umd:7.23.3 simplicite-js:5.2.54/@babel/plugin-bugfix-v8-static-class-fields-redefine-readonly:7.23.7 simplicite-js:5.2.54/@babel/plugin-transform-nullish-coalescing-operator:7.23.4 simplicite-js:5.2.54/@babel/plugin-transform-optional-chaining:7.23.4 simplicite-js:5.2.54/@babel/plugin-syntax-export-namespace-from:7.8.3 simplicite-js:5.2.54/@babel/plugin-syntax-private-property-in-object:7.14.5 simplicite-js:5.2.54/@babel/plugin-syntax-nullish-coalescing-operator:7.8.3 simplicite-js:5.2.54/@babel/plugin-transform-private-methods:7.23.3 simplicite-js:5.2.54 simplicite-js:5.2.54/@babel/plugin-syntax-unicode-sets-regex:7.18.6 simplicite-js:5.2.54/@babel/plugin-transform-template-literals:7.23.3 simplicite-js:5.2.54/@babel/plugin-transform-dotall-regex:7.23.3 simplicite-js:5.2.54/@babel/plugin-transform-arrow-functions:7.23.3 simplicite-js:5.2.54/@babel/plugin-transform-modules-systemjs:7.23.9 simplicite-js:5.2.54/@babel/plugin-transform-block-scoping:7.23.4 simplicite-js:5.2.54/@babel/plugin-transform-unicode-sets-regex:7.23.3 simplicite-js:5.2.54/@babel/plugin-syntax-dynamic-import:7.8.3 simplicite-js:5.2.54/@babel/plugin-syntax-class-properties:7.12.13 simplicite-js:5.2.54/@babel/plugin-transform-class-properties:7.23.3 simplicite-js:5.2.54/@babel/plugin-transform-property-literals:7.23.3 simplicite-js:5.2.54/@babel/plugin-transform-sticky-regex:7.23.3 Evidence Type Source Name Value Confidence Vendor package.json author The Babel Team (https://babel.dev/team) Highest Vendor package.json description General utilities for plugins to use Highest Vendor package.json homepage https://babel.dev/docs/en/next/babel-helper-plugin-utils Highest Vendor package.json name @babel/helper-plugin-utils Highest Vendor package.json name @babel/helper-plugin-utils_project Highest Product package.json name @babel/helper-plugin-utils Highest Version package.json version 7.22.5 Highest
Related Dependencies @babel/helper-remap-async-to-generator:7.22.20Description:
Helper function to remap async functions to generators License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/plugin-transform-async-to-generator:7.23.3/@babel/helper-remap-async-to-generator:^7.22.20
Referenced In Projects/Scopes: simplicite-js:5.2.54/@babel/plugin-transform-async-to-generator:7.23.3 simplicite-js:5.2.54/@babel/plugin-transform-async-generator-functions:7.23.9 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author The Babel Team (https://babel.dev/team) Highest Vendor package.json description Helper function to remap async functions to generators Highest Vendor package.json homepage https://babel.dev/docs/en/next/babel-helper-remap-async-to-generator Highest Vendor package.json name @babel/helper-remap-async-to-generator Highest Vendor package.json name @babel/helper-remap-async-to-generator_project Highest Product package.json name @babel/helper-remap-async-to-generator Highest Version package.json version 7.22.20 Highest
Related Dependencies @babel/helper-remap-async-to-generator:7.22.20File Path: /var/simplicite/simplicite-5.2/package-lock.json?/@babel/helper-remap-async-to-generator:7.22.20 pkg:npm/%40babel%2Fhelper-remap-async-to-generator@7.22.20 @babel/helper-remap-async-to-generator:7.22.20File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/plugin-transform-async-generator-functions:7.23.9/@babel/helper-remap-async-to-generator:^7.22.20 pkg:npm/%40babel%2Fhelper-remap-async-to-generator@7.22.20 @babel/helper-replace-supers:7.22.20Description:
Helper function to replace supers License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/plugin-transform-object-super:7.23.3/@babel/helper-replace-supers:^7.22.20
Referenced In Projects/Scopes: simplicite-js:5.2.54/@babel/plugin-transform-object-super:7.23.3 simplicite-js:5.2.54/@babel/plugin-transform-classes:7.23.8 simplicite-js:5.2.54/@babel/helper-create-class-features-plugin:7.23.10 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author The Babel Team (https://babel.dev/team) Highest Vendor package.json description Helper function to replace supers Highest Vendor package.json homepage https://babel.dev/docs/en/next/babel-helper-replace-supers Highest Vendor package.json name @babel/helper-replace-supers Highest Vendor package.json name @babel/helper-replace-supers_project Highest Product package.json name @babel/helper-replace-supers Highest Version package.json version 7.22.20 Highest
Related Dependencies @babel/helper-replace-supers:7.22.20File Path: /var/simplicite/simplicite-5.2/package-lock.json?/@babel/helper-replace-supers:7.22.20 pkg:npm/%40babel%2Fhelper-replace-supers@7.22.20 @babel/helper-replace-supers:7.22.20File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/helper-create-class-features-plugin:7.23.10/@babel/helper-replace-supers:^7.22.20 pkg:npm/%40babel%2Fhelper-replace-supers@7.22.20 @babel/helper-replace-supers:7.22.20File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/plugin-transform-classes:7.23.8/@babel/helper-replace-supers:^7.22.20 pkg:npm/%40babel%2Fhelper-replace-supers@7.22.20 @babel/helper-simple-access:7.22.5Description:
Babel helper for ensuring that access to a given value is performed through simple accesses License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/plugin-transform-modules-commonjs:7.23.3/@babel/helper-simple-access:^7.22.5
Referenced In Projects/Scopes: simplicite-js:5.2.54/@babel/helper-module-transforms:7.23.3 simplicite-js:5.2.54/@babel/plugin-transform-modules-commonjs:7.23.3 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author The Babel Team (https://babel.dev/team) Highest Vendor package.json description Babel helper for ensuring that access to a given value is performed through simple accesses Highest Vendor package.json homepage https://babel.dev/docs/en/next/babel-helper-simple-access Highest Vendor package.json name @babel/helper-simple-access Highest Vendor package.json name @babel/helper-simple-access_project Highest Product package.json name @babel/helper-simple-access Highest Version package.json version 7.22.5 Highest
Related Dependencies @babel/helper-simple-access:7.22.5File Path: /var/simplicite/simplicite-5.2/package-lock.json?/@babel/helper-simple-access:7.22.5 pkg:npm/%40babel%2Fhelper-simple-access@7.22.5 @babel/helper-simple-access:7.22.5File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/helper-module-transforms:7.23.3/@babel/helper-simple-access:^7.22.5 pkg:npm/%40babel%2Fhelper-simple-access@7.22.5 @babel/helper-skip-transparent-expression-wrappers:7.22.5Description:
Helper which skips types and parentheses License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/plugin-transform-spread:7.23.3/@babel/helper-skip-transparent-expression-wrappers:^7.22.5
Referenced In Projects/Scopes: simplicite-js:5.2.54/@babel/plugin-transform-optional-chaining:7.23.4 simplicite-js:5.2.54/@babel/plugin-transform-spread:7.23.3 simplicite-js:5.2.54/@babel/plugin-transform-for-of:7.23.6 simplicite-js:5.2.54/@babel/helper-create-class-features-plugin:7.23.10 simplicite-js:5.2.54/@babel/plugin-bugfix-v8-spread-parameters-in-optional-chaining:7.23.3 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author The Babel Team (https://babel.dev/team) Highest Vendor package.json description Helper which skips types and parentheses Highest Vendor package.json name @babel/helper-skip-transparent-expression-wrappers Highest Vendor package.json name @babel/helper-skip-transparent-expression-wrappers_project Highest Product package.json name @babel/helper-skip-transparent-expression-wrappers Highest Version package.json version 7.22.5 Highest
Related Dependencies @babel/helper-skip-transparent-expression-wrappers:7.22.5File Path: /var/simplicite/simplicite-5.2/package-lock.json?/@babel/helper-skip-transparent-expression-wrappers:7.22.5 pkg:npm/%40babel%2Fhelper-skip-transparent-expression-wrappers@7.22.5 @babel/helper-skip-transparent-expression-wrappers:7.22.5File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/helper-create-class-features-plugin:7.23.10/@babel/helper-skip-transparent-expression-wrappers:^7.22.5 pkg:npm/%40babel%2Fhelper-skip-transparent-expression-wrappers@7.22.5 @babel/helper-skip-transparent-expression-wrappers:7.22.5File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/plugin-bugfix-v8-spread-parameters-in-optional-chaining:7.23.3/@babel/helper-skip-transparent-expression-wrappers:^7.22.5 pkg:npm/%40babel%2Fhelper-skip-transparent-expression-wrappers@7.22.5 @babel/helper-skip-transparent-expression-wrappers:7.22.5File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/plugin-transform-for-of:7.23.6/@babel/helper-skip-transparent-expression-wrappers:^7.22.5 pkg:npm/%40babel%2Fhelper-skip-transparent-expression-wrappers@7.22.5 @babel/helper-skip-transparent-expression-wrappers:7.22.5File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/plugin-transform-optional-chaining:7.23.4/@babel/helper-skip-transparent-expression-wrappers:^7.22.5 pkg:npm/%40babel%2Fhelper-skip-transparent-expression-wrappers@7.22.5 @babel/helper-split-export-declaration:7.22.6License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/traverse:7.23.9/@babel/helper-split-export-declaration:^7.22.6
Referenced In Projects/Scopes: simplicite-js:5.2.54/@babel/plugin-transform-classes:7.23.8 simplicite-js:5.2.54/@babel/traverse:7.23.9 simplicite-js:5.2.54/@babel/helper-create-class-features-plugin:7.23.10 simplicite-js:5.2.54/@babel/helper-module-transforms:7.23.3 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author The Babel Team (https://babel.dev/team) Highest Vendor package.json description Highest Vendor package.json homepage https://babel.dev/docs/en/next/babel-helper-split-export-declaration Highest Vendor package.json name @babel/helper-split-export-declaration Highest Vendor package.json name @babel/helper-split-export-declaration_project Highest Product package.json name @babel/helper-split-export-declaration Highest Version package.json version 7.22.6 Highest
Related Dependencies @babel/helper-split-export-declaration:7.22.6File Path: /var/simplicite/simplicite-5.2/package-lock.json?/@babel/helper-split-export-declaration:7.22.6 pkg:npm/%40babel%2Fhelper-split-export-declaration@7.22.6 @babel/helper-split-export-declaration:7.22.6File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/helper-create-class-features-plugin:7.23.10/@babel/helper-split-export-declaration:^7.22.6 pkg:npm/%40babel%2Fhelper-split-export-declaration@7.22.6 @babel/helper-split-export-declaration:7.22.6File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/helper-module-transforms:7.23.3/@babel/helper-split-export-declaration:^7.22.6 pkg:npm/%40babel%2Fhelper-split-export-declaration@7.22.6 @babel/helper-split-export-declaration:7.22.6File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/plugin-transform-classes:7.23.8/@babel/helper-split-export-declaration:^7.22.6 pkg:npm/%40babel%2Fhelper-split-export-declaration@7.22.6 @babel/helper-string-parser:7.23.4Description:
A utility package to parse strings License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/types:7.23.9/@babel/helper-string-parser:^7.23.4
Referenced In Projects/Scopes: simplicite-js:5.2.54/@babel/types:7.23.9 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author The Babel Team (https://babel.dev/team) Highest Vendor package.json description A utility package to parse strings Highest Vendor package.json homepage https://babel.dev/docs/en/next/babel-helper-string-parser Highest Vendor package.json name @babel/helper-string-parser Highest Vendor package.json name @babel/helper-string-parser_project Highest Product package.json name @babel/helper-string-parser Highest Version package.json version 7.23.4 Highest
Related Dependencies @babel/helper-string-parser:7.23.4File Path: /var/simplicite/simplicite-5.2/package-lock.json?/@babel/helper-string-parser:7.23.4 pkg:npm/%40babel%2Fhelper-string-parser@7.23.4 @babel/helper-validator-identifier:7.22.20Description:
Validate identifier/keywords name License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/types:7.23.9/@babel/helper-validator-identifier:^7.22.20
Referenced In Projects/Scopes: simplicite-js:5.2.54/@babel/plugin-transform-modules-systemjs:7.23.9 simplicite-js:5.2.54/@babel/highlight:7.23.4 simplicite-js:5.2.54/@babel/helper-module-transforms:7.23.3 simplicite-js:5.2.54/@babel/types:7.23.9 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author The Babel Team (https://babel.dev/team) Highest Vendor package.json description Validate identifier/keywords name Highest Vendor package.json name @babel/helper-validator-identifier Highest Vendor package.json name @babel/helper-validator-identifier_project Highest Product package.json name @babel/helper-validator-identifier Highest Version package.json version 7.22.20 Highest
Related Dependencies @babel/helper-validator-identifier:7.22.20File Path: /var/simplicite/simplicite-5.2/package-lock.json?/@babel/helper-validator-identifier:7.22.20 pkg:npm/%40babel%2Fhelper-validator-identifier@7.22.20 @babel/helper-validator-identifier:7.22.20File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/helper-module-transforms:7.23.3/@babel/helper-validator-identifier:^7.22.20 pkg:npm/%40babel%2Fhelper-validator-identifier@7.22.20 @babel/helper-validator-identifier:7.22.20File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/highlight:7.23.4/@babel/helper-validator-identifier:^7.22.20 pkg:npm/%40babel%2Fhelper-validator-identifier@7.22.20 @babel/helper-validator-identifier:7.22.20File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/plugin-transform-modules-systemjs:7.23.9/@babel/helper-validator-identifier:^7.22.20 pkg:npm/%40babel%2Fhelper-validator-identifier@7.22.20 @babel/helper-validator-option:7.23.5Description:
Validate plugin/preset options License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/preset-env:7.23.9/@babel/helper-validator-option:^7.23.5
Referenced In Projects/Scopes: simplicite-js:5.2.54/@babel/helper-compilation-targets:7.23.6 simplicite-js:5.2.54/@babel/preset-env:7.23.9 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author The Babel Team (https://babel.dev/team) Highest Vendor package.json description Validate plugin/preset options Highest Vendor package.json name @babel/helper-validator-option Highest Vendor package.json name @babel/helper-validator-option_project Highest Product package.json name @babel/helper-validator-option Highest Version package.json version 7.23.5 Highest
Related Dependencies @babel/helper-validator-option:7.23.5File Path: /var/simplicite/simplicite-5.2/package-lock.json?/@babel/helper-validator-option:7.23.5 pkg:npm/%40babel%2Fhelper-validator-option@7.23.5 @babel/helper-validator-option:7.23.5File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/helper-compilation-targets:7.23.6/@babel/helper-validator-option:^7.23.5 pkg:npm/%40babel%2Fhelper-validator-option@7.23.5 @babel/helper-wrap-function:7.22.20Description:
Helper to wrap functions inside a function call. License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/@babel/helper-wrap-function:7.22.20
Referenced In Projects/Scopes: simplicite-js:5.2.54 simplicite-js:5.2.54/@babel/helper-remap-async-to-generator:7.22.20 Evidence Type Source Name Value Confidence Vendor package.json author The Babel Team (https://babel.dev/team) Highest Vendor package.json description Helper to wrap functions inside a function call. Highest Vendor package.json homepage https://babel.dev/docs/en/next/babel-helper-wrap-function Highest Vendor package.json name @babel/helper-wrap-function Highest Vendor package.json name @babel/helper-wrap-function_project Highest Product package.json name @babel/helper-wrap-function Highest Version package.json version 7.22.20 Highest
Related Dependencies @babel/helper-wrap-function:7.22.20File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/helper-remap-async-to-generator:7.22.20/@babel/helper-wrap-function:^7.22.20 pkg:npm/%40babel%2Fhelper-wrap-function@7.22.20 @babel/helpers:7.23.9Description:
Collection of helper functions used by Babel transforms. License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/@babel/helpers:7.23.9
Referenced In Projects/Scopes: simplicite-js:5.2.54/@babel/core:7.23.9 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author The Babel Team (https://babel.dev/team) Highest Vendor package.json description Collection of helper functions used by Babel transforms. Highest Vendor package.json homepage https://babel.dev/docs/en/next/babel-helpers Highest Vendor package.json name @babel/helpers Highest Vendor package.json name @babel/helpers_project Highest Product package.json name @babel/helpers Highest Version package.json version 7.23.9 Highest
Related Dependencies @babel/helpers:7.23.9File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/core:7.23.9/@babel/helpers:^7.23.9 pkg:npm/%40babel%2Fhelpers@7.23.9 @babel/highlight:7.23.4Description:
Syntax highlight JavaScript strings for output in terminals. License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/@babel/highlight:7.23.4
Referenced In Projects/Scopes: simplicite-js:5.2.54 simplicite-js:5.2.54/@babel/code-frame:7.23.5 Evidence Type Source Name Value Confidence Vendor package.json author The Babel Team (https://babel.dev/team) Highest Vendor package.json description Syntax highlight JavaScript strings for output in terminals. Highest Vendor package.json homepage https://babel.dev/docs/en/next/babel-highlight Highest Vendor package.json name @babel/highlight Highest Vendor package.json name @babel/highlight_project Highest Product package.json name @babel/highlight Highest Version package.json version 7.23.4 Highest
Related Dependencies @babel/highlight:7.23.4File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/code-frame:7.23.5/@babel/highlight:^7.23.4 pkg:npm/%40babel%2Fhighlight@7.23.4 @babel/node:7.23.9Description:
Babel command line License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/@babel/node:7.23.9
Referenced In Project/Scope: simplicite-js:5.2.54
Evidence Type Source Name Value Confidence Vendor package.json author The Babel Team (https://babel.dev/team) Highest Vendor package.json description Babel command line Highest Vendor package.json homepage https://babel.dev/docs/en/next/babel-node Highest Vendor package.json name @babel/node Highest Vendor package.json name @babel/node_project Highest Product package.json name @babel/node Highest Version package.json version 7.23.9 Highest
@babel/parser:7.16.4Description:
A JavaScript parser License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/@babel/parser:7.16.4
Referenced In Projects/Scopes: simplicite-js:5.2.54 simplicite-js:5.2.54/depcheck:1.4.3 Evidence Type Source Name Value Confidence Vendor package.json author The Babel Team (https://babel.dev/team) Highest Vendor package.json bugs https://github.com/babel/babel/issues?utf8=%E2%9C%93&q=is%3Aissue+label%3A%22pkg%3A+parser+%28babylon%29%22+is%3Aopen Highest Vendor package.json description A JavaScript parser Highest Vendor package.json homepage https://babel.dev/docs/en/next/babel-parser Highest Vendor package.json name @babel/parser Highest Vendor package.json name @babel/parser_project Highest Product package.json name @babel/parser Highest Version package.json version 7.16.4 Highest
Related Dependencies @babel/parser:7.16.4File Path: /var/simplicite/simplicite-5.2/package-lock.json?depcheck:1.4.3/@babel/parser:7.16.4 pkg:npm/%40babel%2Fparser@7.16.4 @babel/parser:7.23.9Description:
A JavaScript parser License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?jsdoc:4.0.2/@babel/parser:^7.20.15
Referenced In Projects/Scopes: simplicite-js:5.2.54/@vue/compiler-sfc:3.3.4 simplicite-js:5.2.54/jsdoc:4.0.2 simplicite-js:5.2.54/@vue/compiler-core:3.3.4 simplicite-js:5.2.54/@babel/traverse:7.23.9 simplicite-js:5.2.54/@vue/reactivity-transform:3.3.4 simplicite-js:5.2.54/@babel/template:7.23.9 simplicite-js:5.2.54/@babel/core:7.23.9 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author The Babel Team (https://babel.dev/team) Highest Vendor package.json bugs https://github.com/babel/babel/issues?utf8=%E2%9C%93&q=is%3Aissue+label%3A%22pkg%3A+parser+%28babylon%29%22+is%3Aopen Highest Vendor package.json description A JavaScript parser Highest Vendor package.json homepage https://babel.dev/docs/en/next/babel-parser Highest Vendor package.json name @babel/parser Highest Vendor package.json name @babel/parser_project Highest Product package.json name @babel/parser Highest Version package.json version 7.23.9 Highest
Related Dependencies @babel/parser:7.23.9File Path: /var/simplicite/simplicite-5.2/package-lock.json?/@babel/parser:7.23.9 pkg:npm/%40babel%2Fparser@7.23.9 @babel/parser:7.23.9File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/core:7.23.9/@babel/parser:^7.23.9 pkg:npm/%40babel%2Fparser@7.23.9 @babel/parser:7.23.9File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/template:7.23.9/@babel/parser:^7.23.9 pkg:npm/%40babel%2Fparser@7.23.9 @babel/parser:7.23.9File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/traverse:7.23.9/@babel/parser:^7.23.9 pkg:npm/%40babel%2Fparser@7.23.9 @babel/parser:7.23.9File Path: /var/simplicite/simplicite-5.2/package-lock.json?@vue/compiler-core:3.3.4/@babel/parser:^7.21.3 pkg:npm/%40babel%2Fparser@7.23.9 @babel/parser:7.23.9File Path: /var/simplicite/simplicite-5.2/package-lock.json?@vue/compiler-sfc:3.3.4/@babel/parser:^7.20.15 pkg:npm/%40babel%2Fparser@7.23.9 @babel/parser:7.23.9File Path: /var/simplicite/simplicite-5.2/package-lock.json?@vue/reactivity-transform:3.3.4/@babel/parser:^7.20.15 pkg:npm/%40babel%2Fparser@7.23.9 @babel/plugin-bugfix-safari-id-destructuring-collision-in-function-expression:7.23.3Description:
Rename destructuring parameter to workaround https://bugs.webkit.org/show_bug.cgi?id=220517 License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/preset-env:7.23.9/@babel/plugin-bugfix-safari-id-destructuring-collision-in-function-expression:^7.23.3
Referenced In Projects/Scopes: simplicite-js:5.2.54/@babel/preset-env:7.23.9 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author The Babel Team (https://babel.dev/team) Highest Vendor package.json description Rename destructuring parameter to workaround https://bugs.webkit.org/show_bug.cgi?id=220517 Highest Vendor package.json homepage https://babel.dev/docs/en/next/babel-plugin-bugfix-safari-id-destructuring-collision-in-function-expression Highest Vendor package.json name @babel/plugin-bugfix-safari-id-destructuring-collision-in-function-expression Highest Vendor package.json name @babel/plugin-bugfix-safari-id-destructuring-collision-in-function-expression_project Highest Product package.json name @babel/plugin-bugfix-safari-id-destructuring-collision-in-function-expression Highest Version package.json version 7.23.3 Highest
Related Dependencies @babel/plugin-bugfix-safari-id-destructuring-collision-in-function-expression:7.23.3File Path: /var/simplicite/simplicite-5.2/package-lock.json?/@babel/plugin-bugfix-safari-id-destructuring-collision-in-function-expression:7.23.3 pkg:npm/%40babel%2Fplugin-bugfix-safari-id-destructuring-collision-in-function-expression@7.23.3 @babel/plugin-bugfix-v8-spread-parameters-in-optional-chaining:7.23.3Description:
Transform optional chaining operators to workaround https://crbug.com/v8/11558 License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/preset-env:7.23.9/@babel/plugin-bugfix-v8-spread-parameters-in-optional-chaining:^7.23.3
Referenced In Projects/Scopes: simplicite-js:5.2.54/@babel/preset-env:7.23.9 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author The Babel Team (https://babel.dev/team) Highest Vendor package.json description Transform optional chaining operators to workaround https://crbug.com/v8/11558 Highest Vendor package.json homepage https://babel.dev/docs/en/next/babel-plugin-bugfix-v8-spread-parameters-in-optional-chaining Highest Vendor package.json name @babel/plugin-bugfix-v8-spread-parameters-in-optional-chaining Highest Vendor package.json name @babel/plugin-bugfix-v8-spread-parameters-in-optional-chaining_project Highest Product package.json name @babel/plugin-bugfix-v8-spread-parameters-in-optional-chaining Highest Version package.json version 7.23.3 Highest
Related Dependencies @babel/plugin-bugfix-v8-spread-parameters-in-optional-chaining:7.23.3File Path: /var/simplicite/simplicite-5.2/package-lock.json?/@babel/plugin-bugfix-v8-spread-parameters-in-optional-chaining:7.23.3 pkg:npm/%40babel%2Fplugin-bugfix-v8-spread-parameters-in-optional-chaining@7.23.3 @babel/plugin-bugfix-v8-static-class-fields-redefine-readonly:7.23.7Description:
Transform static class fields assignments that are affected by https://crbug.com/v8/12421 License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/preset-env:7.23.9/@babel/plugin-bugfix-v8-static-class-fields-redefine-readonly:^7.23.7
Referenced In Projects/Scopes: simplicite-js:5.2.54/@babel/preset-env:7.23.9 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author The Babel Team (https://babel.dev/team) Highest Vendor package.json description Transform static class fields assignments that are affected by https://crbug.com/v8/12421 Highest Vendor package.json homepage https://babel.dev/docs/en/next/babel-plugin-bugfix-v8-static-class-fields-redefine-readonly Highest Vendor package.json name @babel/plugin-bugfix-v8-static-class-fields-redefine-readonly Highest Vendor package.json name @babel/plugin-bugfix-v8-static-class-fields-redefine-readonly_project Highest Product package.json name @babel/plugin-bugfix-v8-static-class-fields-redefine-readonly Highest Version package.json version 7.23.7 Highest
Related Dependencies @babel/plugin-bugfix-v8-static-class-fields-redefine-readonly:7.23.7File Path: /var/simplicite/simplicite-5.2/package-lock.json?/@babel/plugin-bugfix-v8-static-class-fields-redefine-readonly:7.23.7 pkg:npm/%40babel%2Fplugin-bugfix-v8-static-class-fields-redefine-readonly@7.23.7 @babel/plugin-proposal-private-property-in-object:7.21.0-placeholder-for-preset-env.2Description:
This plugin transforms checks for a private property in an object License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/preset-env:7.23.9/@babel/plugin-proposal-private-property-in-object:7.21.0-placeholder-for-preset-env.2
Referenced In Projects/Scopes: simplicite-js:5.2.54/@babel/preset-env:7.23.9 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author The Babel Team (https://babel.dev/team) Highest Vendor package.json description This plugin transforms checks for a private property in an object Highest Vendor package.json homepage https://babel.dev/docs/en/next/babel-plugin-proposal-private-property-in-object Highest Vendor package.json name @babel/plugin-proposal-private-property-in-object Highest Vendor package.json name @babel/plugin-proposal-private-property-in-object_project Highest Product package.json name @babel/plugin-proposal-private-property-in-object Highest Version package.json version 7.21.0-placeholder-for-preset-env.2 Highest
Related Dependencies @babel/plugin-proposal-private-property-in-object:7.21.0-placeholder-for-preset-env.2File Path: /var/simplicite/simplicite-5.2/package-lock.json?/@babel/plugin-proposal-private-property-in-object:7.21.0-placeholder-for-preset-env.2 pkg:npm/%40babel%2Fplugin-proposal-private-property-in-object@7.21.0-placeholder-for-preset-env.2 @babel/plugin-syntax-async-generators:7.8.4Description:
Allow parsing of async generator functions License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/preset-env:7.23.9/@babel/plugin-syntax-async-generators:^7.8.4
Referenced In Projects/Scopes: simplicite-js:5.2.54/@babel/preset-env:7.23.9 simplicite-js:5.2.54/@babel/plugin-transform-async-generator-functions:7.23.9 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json description Allow parsing of async generator functions Highest Vendor package.json name @babel/plugin-syntax-async-generators Highest Vendor package.json name @babel/plugin-syntax-async-generators_project Highest Product package.json name @babel/plugin-syntax-async-generators Highest Version package.json version 7.8.4 Highest
Related Dependencies @babel/plugin-syntax-async-generators:7.8.4File Path: /var/simplicite/simplicite-5.2/package-lock.json?/@babel/plugin-syntax-async-generators:7.8.4 pkg:npm/%40babel%2Fplugin-syntax-async-generators@7.8.4 @babel/plugin-syntax-async-generators:7.8.4File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/plugin-transform-async-generator-functions:7.23.9/@babel/plugin-syntax-async-generators:^7.8.4 pkg:npm/%40babel%2Fplugin-syntax-async-generators@7.8.4 @babel/plugin-syntax-class-properties:7.12.13Description:
Allow parsing of class properties License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/preset-env:7.23.9/@babel/plugin-syntax-class-properties:^7.12.13
Referenced In Projects/Scopes: simplicite-js:5.2.54/@babel/preset-env:7.23.9 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json description Allow parsing of class properties Highest Vendor package.json homepage https://babel.dev/docs/en/next/babel-plugin-syntax-class-properties Highest Vendor package.json name @babel/plugin-syntax-class-properties Highest Vendor package.json name @babel/plugin-syntax-class-properties_project Highest Product package.json name @babel/plugin-syntax-class-properties Highest Version package.json version 7.12.13 Highest
Related Dependencies @babel/plugin-syntax-class-properties:7.12.13File Path: /var/simplicite/simplicite-5.2/package-lock.json?/@babel/plugin-syntax-class-properties:7.12.13 pkg:npm/%40babel%2Fplugin-syntax-class-properties@7.12.13 @babel/plugin-syntax-class-static-block:7.14.5Description:
Allow parsing of class static blocks License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/preset-env:7.23.9/@babel/plugin-syntax-class-static-block:^7.14.5
Referenced In Projects/Scopes: simplicite-js:5.2.54/@babel/plugin-transform-class-static-block:7.23.4 simplicite-js:5.2.54/@babel/preset-env:7.23.9 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author The Babel Team (https://babel.dev/team) Highest Vendor package.json description Allow parsing of class static blocks Highest Vendor package.json homepage https://babel.dev/docs/en/next/babel-plugin-syntax-class-static-block Highest Vendor package.json name @babel/plugin-syntax-class-static-block Highest Vendor package.json name @babel/plugin-syntax-class-static-block_project Highest Product package.json name @babel/plugin-syntax-class-static-block Highest Version package.json version 7.14.5 Highest
Related Dependencies @babel/plugin-syntax-class-static-block:7.14.5File Path: /var/simplicite/simplicite-5.2/package-lock.json?/@babel/plugin-syntax-class-static-block:7.14.5 pkg:npm/%40babel%2Fplugin-syntax-class-static-block@7.14.5 @babel/plugin-syntax-class-static-block:7.14.5File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/plugin-transform-class-static-block:7.23.4/@babel/plugin-syntax-class-static-block:^7.14.5 pkg:npm/%40babel%2Fplugin-syntax-class-static-block@7.14.5 @babel/plugin-syntax-dynamic-import:7.8.3Description:
Allow parsing of import() License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/preset-env:7.23.9/@babel/plugin-syntax-dynamic-import:^7.8.3
Referenced In Projects/Scopes: simplicite-js:5.2.54/@babel/plugin-transform-dynamic-import:7.23.4 simplicite-js:5.2.54/@babel/preset-env:7.23.9 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json description Allow parsing of import() Highest Vendor package.json name @babel/plugin-syntax-dynamic-import Highest Vendor package.json name @babel/plugin-syntax-dynamic-import_project Highest Product package.json name @babel/plugin-syntax-dynamic-import Highest Version package.json version 7.8.3 Highest
Related Dependencies @babel/plugin-syntax-dynamic-import:7.8.3File Path: /var/simplicite/simplicite-5.2/package-lock.json?/@babel/plugin-syntax-dynamic-import:7.8.3 pkg:npm/%40babel%2Fplugin-syntax-dynamic-import@7.8.3 @babel/plugin-syntax-dynamic-import:7.8.3File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/plugin-transform-dynamic-import:7.23.4/@babel/plugin-syntax-dynamic-import:^7.8.3 pkg:npm/%40babel%2Fplugin-syntax-dynamic-import@7.8.3 @babel/plugin-syntax-export-namespace-from:7.8.3Description:
Allow parsing of export namespace from License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/preset-env:7.23.9/@babel/plugin-syntax-export-namespace-from:^7.8.3
Referenced In Projects/Scopes: simplicite-js:5.2.54/@babel/plugin-transform-export-namespace-from:7.23.4 simplicite-js:5.2.54/@babel/preset-env:7.23.9 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json description Allow parsing of export namespace from Highest Vendor package.json name @babel/plugin-syntax-export-namespace-from Highest Vendor package.json name @babel/plugin-syntax-export-namespace-from_project Highest Product package.json name @babel/plugin-syntax-export-namespace-from Highest Version package.json version 7.8.3 Highest
Related Dependencies @babel/plugin-syntax-export-namespace-from:7.8.3File Path: /var/simplicite/simplicite-5.2/package-lock.json?/@babel/plugin-syntax-export-namespace-from:7.8.3 pkg:npm/%40babel%2Fplugin-syntax-export-namespace-from@7.8.3 @babel/plugin-syntax-export-namespace-from:7.8.3File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/plugin-transform-export-namespace-from:7.23.4/@babel/plugin-syntax-export-namespace-from:^7.8.3 pkg:npm/%40babel%2Fplugin-syntax-export-namespace-from@7.8.3 @babel/plugin-syntax-import-assertions:7.23.3Description:
Allow parsing of the module assertion attributes in the import statement License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/preset-env:7.23.9/@babel/plugin-syntax-import-assertions:^7.23.3
Referenced In Projects/Scopes: simplicite-js:5.2.54/@babel/preset-env:7.23.9 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author The Babel Team (https://babel.dev/team) Highest Vendor package.json description Allow parsing of the module assertion attributes in the import statement Highest Vendor package.json name @babel/plugin-syntax-import-assertions Highest Vendor package.json name @babel/plugin-syntax-import-assertions_project Highest Product package.json name @babel/plugin-syntax-import-assertions Highest Version package.json version 7.23.3 Highest
Related Dependencies @babel/plugin-syntax-import-assertions:7.23.3File Path: /var/simplicite/simplicite-5.2/package-lock.json?/@babel/plugin-syntax-import-assertions:7.23.3 pkg:npm/%40babel%2Fplugin-syntax-import-assertions@7.23.3 @babel/plugin-syntax-import-attributes:7.23.3Description:
Allow parsing of the module attributes in the import statement License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/preset-env:7.23.9/@babel/plugin-syntax-import-attributes:^7.23.3
Referenced In Projects/Scopes: simplicite-js:5.2.54/@babel/preset-env:7.23.9 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author The Babel Team (https://babel.dev/team) Highest Vendor package.json description Allow parsing of the module attributes in the import statement Highest Vendor package.json name @babel/plugin-syntax-import-attributes Highest Vendor package.json name @babel/plugin-syntax-import-attributes_project Highest Product package.json name @babel/plugin-syntax-import-attributes Highest Version package.json version 7.23.3 Highest
Related Dependencies @babel/plugin-syntax-import-attributes:7.23.3File Path: /var/simplicite/simplicite-5.2/package-lock.json?/@babel/plugin-syntax-import-attributes:7.23.3 pkg:npm/%40babel%2Fplugin-syntax-import-attributes@7.23.3 @babel/plugin-syntax-import-meta:7.10.4Description:
Allow parsing of import.meta License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/preset-env:7.23.9/@babel/plugin-syntax-import-meta:^7.10.4
Referenced In Projects/Scopes: simplicite-js:5.2.54/@babel/preset-env:7.23.9 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json description Allow parsing of import.meta Highest Vendor package.json name @babel/plugin-syntax-import-meta Highest Vendor package.json name @babel/plugin-syntax-import-meta_project Highest Product package.json name @babel/plugin-syntax-import-meta Highest Version package.json version 7.10.4 Highest
Related Dependencies @babel/plugin-syntax-import-meta:7.10.4File Path: /var/simplicite/simplicite-5.2/package-lock.json?/@babel/plugin-syntax-import-meta:7.10.4 pkg:npm/%40babel%2Fplugin-syntax-import-meta@7.10.4 @babel/plugin-syntax-json-strings:7.8.3Description:
Allow parsing of the U+2028 LINE SEPARATOR and U+2029 PARAGRAPH SEPARATOR in JS strings License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/preset-env:7.23.9/@babel/plugin-syntax-json-strings:^7.8.3
Referenced In Projects/Scopes: simplicite-js:5.2.54/@babel/preset-env:7.23.9 simplicite-js:5.2.54 simplicite-js:5.2.54/@babel/plugin-transform-json-strings:7.23.4 Evidence Type Source Name Value Confidence Vendor package.json description Allow parsing of the U+2028 LINE SEPARATOR and U+2029 PARAGRAPH SEPARATOR in JS strings Highest Vendor package.json name @babel/plugin-syntax-json-strings Highest Vendor package.json name @babel/plugin-syntax-json-strings_project Highest Product package.json name @babel/plugin-syntax-json-strings Highest Version package.json version 7.8.3 Highest
Related Dependencies @babel/plugin-syntax-json-strings:7.8.3File Path: /var/simplicite/simplicite-5.2/package-lock.json?/@babel/plugin-syntax-json-strings:7.8.3 pkg:npm/%40babel%2Fplugin-syntax-json-strings@7.8.3 @babel/plugin-syntax-json-strings:7.8.3File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/plugin-transform-json-strings:7.23.4/@babel/plugin-syntax-json-strings:^7.8.3 pkg:npm/%40babel%2Fplugin-syntax-json-strings@7.8.3 @babel/plugin-syntax-logical-assignment-operators:7.10.4Description:
Allow parsing of the logical assignment operators License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/preset-env:7.23.9/@babel/plugin-syntax-logical-assignment-operators:^7.10.4
Referenced In Projects/Scopes: simplicite-js:5.2.54/@babel/plugin-transform-logical-assignment-operators:7.23.4 simplicite-js:5.2.54/@babel/preset-env:7.23.9 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json description Allow parsing of the logical assignment operators Highest Vendor package.json name @babel/plugin-syntax-logical-assignment-operators Highest Vendor package.json name @babel/plugin-syntax-logical-assignment-operators_project Highest Product package.json name @babel/plugin-syntax-logical-assignment-operators Highest Version package.json version 7.10.4 Highest
Related Dependencies @babel/plugin-syntax-logical-assignment-operators:7.10.4File Path: /var/simplicite/simplicite-5.2/package-lock.json?/@babel/plugin-syntax-logical-assignment-operators:7.10.4 pkg:npm/%40babel%2Fplugin-syntax-logical-assignment-operators@7.10.4 @babel/plugin-syntax-logical-assignment-operators:7.10.4File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/plugin-transform-logical-assignment-operators:7.23.4/@babel/plugin-syntax-logical-assignment-operators:^7.10.4 pkg:npm/%40babel%2Fplugin-syntax-logical-assignment-operators@7.10.4 @babel/plugin-syntax-nullish-coalescing-operator:7.8.3Description:
Allow parsing of the nullish-coalescing operator License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/preset-env:7.23.9/@babel/plugin-syntax-nullish-coalescing-operator:^7.8.3
Referenced In Projects/Scopes: simplicite-js:5.2.54/@babel/plugin-transform-nullish-coalescing-operator:7.23.4 simplicite-js:5.2.54/@babel/preset-env:7.23.9 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json description Allow parsing of the nullish-coalescing operator Highest Vendor package.json name @babel/plugin-syntax-nullish-coalescing-operator Highest Vendor package.json name @babel/plugin-syntax-nullish-coalescing-operator_project Highest Product package.json name @babel/plugin-syntax-nullish-coalescing-operator Highest Version package.json version 7.8.3 Highest
Related Dependencies @babel/plugin-syntax-nullish-coalescing-operator:7.8.3File Path: /var/simplicite/simplicite-5.2/package-lock.json?/@babel/plugin-syntax-nullish-coalescing-operator:7.8.3 pkg:npm/%40babel%2Fplugin-syntax-nullish-coalescing-operator@7.8.3 @babel/plugin-syntax-nullish-coalescing-operator:7.8.3File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/plugin-transform-nullish-coalescing-operator:7.23.4/@babel/plugin-syntax-nullish-coalescing-operator:^7.8.3 pkg:npm/%40babel%2Fplugin-syntax-nullish-coalescing-operator@7.8.3 @babel/plugin-syntax-numeric-separator:7.10.4Description:
Allow parsing of Decimal, Binary, Hex and Octal literals that contain a Numeric Literal Separator License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/preset-env:7.23.9/@babel/plugin-syntax-numeric-separator:^7.10.4
Referenced In Projects/Scopes: simplicite-js:5.2.54/@babel/plugin-transform-numeric-separator:7.23.4 simplicite-js:5.2.54/@babel/preset-env:7.23.9 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json description Allow parsing of Decimal, Binary, Hex and Octal literals that contain a Numeric Literal Separator Highest Vendor package.json name @babel/plugin-syntax-numeric-separator Highest Vendor package.json name @babel/plugin-syntax-numeric-separator_project Highest Product package.json name @babel/plugin-syntax-numeric-separator Highest Version package.json version 7.10.4 Highest
Related Dependencies @babel/plugin-syntax-numeric-separator:7.10.4File Path: /var/simplicite/simplicite-5.2/package-lock.json?/@babel/plugin-syntax-numeric-separator:7.10.4 pkg:npm/%40babel%2Fplugin-syntax-numeric-separator@7.10.4 @babel/plugin-syntax-numeric-separator:7.10.4File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/plugin-transform-numeric-separator:7.23.4/@babel/plugin-syntax-numeric-separator:^7.10.4 pkg:npm/%40babel%2Fplugin-syntax-numeric-separator@7.10.4 @babel/plugin-syntax-object-rest-spread:7.8.3Description:
Allow parsing of object rest/spread License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/preset-env:7.23.9/@babel/plugin-syntax-object-rest-spread:^7.8.3
Referenced In Projects/Scopes: simplicite-js:5.2.54/@babel/plugin-transform-object-rest-spread:7.23.4 simplicite-js:5.2.54/@babel/preset-env:7.23.9 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json description Allow parsing of object rest/spread Highest Vendor package.json name @babel/plugin-syntax-object-rest-spread Highest Vendor package.json name @babel/plugin-syntax-object-rest-spread_project Highest Product package.json name @babel/plugin-syntax-object-rest-spread Highest Version package.json version 7.8.3 Highest
Related Dependencies @babel/plugin-syntax-object-rest-spread:7.8.3File Path: /var/simplicite/simplicite-5.2/package-lock.json?/@babel/plugin-syntax-object-rest-spread:7.8.3 pkg:npm/%40babel%2Fplugin-syntax-object-rest-spread@7.8.3 @babel/plugin-syntax-object-rest-spread:7.8.3File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/plugin-transform-object-rest-spread:7.23.4/@babel/plugin-syntax-object-rest-spread:^7.8.3 pkg:npm/%40babel%2Fplugin-syntax-object-rest-spread@7.8.3 @babel/plugin-syntax-optional-catch-binding:7.8.3Description:
Allow parsing of optional catch bindings License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/preset-env:7.23.9/@babel/plugin-syntax-optional-catch-binding:^7.8.3
Referenced In Projects/Scopes: simplicite-js:5.2.54/@babel/plugin-transform-optional-catch-binding:7.23.4 simplicite-js:5.2.54/@babel/preset-env:7.23.9 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json description Allow parsing of optional catch bindings Highest Vendor package.json name @babel/plugin-syntax-optional-catch-binding Highest Vendor package.json name @babel/plugin-syntax-optional-catch-binding_project Highest Product package.json name @babel/plugin-syntax-optional-catch-binding Highest Version package.json version 7.8.3 Highest
Related Dependencies @babel/plugin-syntax-optional-catch-binding:7.8.3File Path: /var/simplicite/simplicite-5.2/package-lock.json?/@babel/plugin-syntax-optional-catch-binding:7.8.3 pkg:npm/%40babel%2Fplugin-syntax-optional-catch-binding@7.8.3 @babel/plugin-syntax-optional-catch-binding:7.8.3File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/plugin-transform-optional-catch-binding:7.23.4/@babel/plugin-syntax-optional-catch-binding:^7.8.3 pkg:npm/%40babel%2Fplugin-syntax-optional-catch-binding@7.8.3 @babel/plugin-syntax-optional-chaining:7.8.3Description:
Allow parsing of optional properties License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/preset-env:7.23.9/@babel/plugin-syntax-optional-chaining:^7.8.3
Referenced In Projects/Scopes: simplicite-js:5.2.54/@babel/plugin-transform-optional-chaining:7.23.4 simplicite-js:5.2.54/@babel/preset-env:7.23.9 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json description Allow parsing of optional properties Highest Vendor package.json name @babel/plugin-syntax-optional-chaining Highest Vendor package.json name @babel/plugin-syntax-optional-chaining_project Highest Product package.json name @babel/plugin-syntax-optional-chaining Highest Version package.json version 7.8.3 Highest
Related Dependencies @babel/plugin-syntax-optional-chaining:7.8.3File Path: /var/simplicite/simplicite-5.2/package-lock.json?/@babel/plugin-syntax-optional-chaining:7.8.3 pkg:npm/%40babel%2Fplugin-syntax-optional-chaining@7.8.3 @babel/plugin-syntax-optional-chaining:7.8.3File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/plugin-transform-optional-chaining:7.23.4/@babel/plugin-syntax-optional-chaining:^7.8.3 pkg:npm/%40babel%2Fplugin-syntax-optional-chaining@7.8.3 @babel/plugin-syntax-private-property-in-object:7.14.5Description:
Allow parsing of '#foo in obj' brand checks License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/preset-env:7.23.9/@babel/plugin-syntax-private-property-in-object:^7.14.5
Referenced In Projects/Scopes: simplicite-js:5.2.54/@babel/preset-env:7.23.9 simplicite-js:5.2.54 simplicite-js:5.2.54/@babel/plugin-transform-private-property-in-object:7.23.4 Evidence Type Source Name Value Confidence Vendor package.json author The Babel Team (https://babel.dev/team) Highest Vendor package.json description Allow parsing of '#foo in obj' brand checks Highest Vendor package.json homepage https://babel.dev/docs/en/next/babel-plugin-syntax-private-property-in-object Highest Vendor package.json name @babel/plugin-syntax-private-property-in-object Highest Vendor package.json name @babel/plugin-syntax-private-property-in-object_project Highest Product package.json name @babel/plugin-syntax-private-property-in-object Highest Version package.json version 7.14.5 Highest
Related Dependencies @babel/plugin-syntax-private-property-in-object:7.14.5File Path: /var/simplicite/simplicite-5.2/package-lock.json?/@babel/plugin-syntax-private-property-in-object:7.14.5 pkg:npm/%40babel%2Fplugin-syntax-private-property-in-object@7.14.5 @babel/plugin-syntax-private-property-in-object:7.14.5File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/plugin-transform-private-property-in-object:7.23.4/@babel/plugin-syntax-private-property-in-object:^7.14.5 pkg:npm/%40babel%2Fplugin-syntax-private-property-in-object@7.14.5 @babel/plugin-syntax-top-level-await:7.14.5Description:
Allow parsing of top-level await in modules License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/preset-env:7.23.9/@babel/plugin-syntax-top-level-await:^7.14.5
Referenced In Projects/Scopes: simplicite-js:5.2.54/@babel/preset-env:7.23.9 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author The Babel Team (https://babel.dev/team) Highest Vendor package.json description Allow parsing of top-level await in modules Highest Vendor package.json homepage https://babel.dev/docs/en/next/babel-plugin-syntax-top-level-await Highest Vendor package.json name @babel/plugin-syntax-top-level-await Highest Vendor package.json name @babel/plugin-syntax-top-level-await_project Highest Product package.json name @babel/plugin-syntax-top-level-await Highest Version package.json version 7.14.5 Highest
Related Dependencies @babel/plugin-syntax-top-level-await:7.14.5File Path: /var/simplicite/simplicite-5.2/package-lock.json?/@babel/plugin-syntax-top-level-await:7.14.5 pkg:npm/%40babel%2Fplugin-syntax-top-level-await@7.14.5 @babel/plugin-syntax-unicode-sets-regex:7.18.6Description:
Parse regular expressions' unicodeSets (v) flag. License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/preset-env:7.23.9/@babel/plugin-syntax-unicode-sets-regex:^7.18.6
Referenced In Projects/Scopes: simplicite-js:5.2.54/@babel/preset-env:7.23.9 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author The Babel Team (https://babel.dev/team) Highest Vendor package.json bugs https://github.com/babel/babel/issues Highest Vendor package.json description Parse regular expressions' unicodeSets (v) flag. Highest Vendor package.json homepage https://babel.dev/docs/en/next/babel-plugin-syntax-unicode-sets-regex Highest Vendor package.json name @babel/plugin-syntax-unicode-sets-regex Highest Vendor package.json name @babel/plugin-syntax-unicode-sets-regex_project Highest Product package.json name @babel/plugin-syntax-unicode-sets-regex Highest Version package.json version 7.18.6 Highest
Related Dependencies @babel/plugin-syntax-unicode-sets-regex:7.18.6File Path: /var/simplicite/simplicite-5.2/package-lock.json?/@babel/plugin-syntax-unicode-sets-regex:7.18.6 pkg:npm/%40babel%2Fplugin-syntax-unicode-sets-regex@7.18.6 @babel/plugin-transform-arrow-functions:7.23.3Description:
Compile ES2015 arrow functions to ES5 License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/preset-env:7.23.9/@babel/plugin-transform-arrow-functions:^7.23.3
Referenced In Projects/Scopes: simplicite-js:5.2.54/@babel/preset-env:7.23.9 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author The Babel Team (https://babel.dev/team) Highest Vendor package.json description Compile ES2015 arrow functions to ES5 Highest Vendor package.json homepage https://babel.dev/docs/en/next/babel-plugin-transform-arrow-functions Highest Vendor package.json name @babel/plugin-transform-arrow-functions Highest Vendor package.json name @babel/plugin-transform-arrow-functions_project Highest Product package.json name @babel/plugin-transform-arrow-functions Highest Version package.json version 7.23.3 Highest
Related Dependencies @babel/plugin-transform-arrow-functions:7.23.3File Path: /var/simplicite/simplicite-5.2/package-lock.json?/@babel/plugin-transform-arrow-functions:7.23.3 pkg:npm/%40babel%2Fplugin-transform-arrow-functions@7.23.3 @babel/plugin-transform-async-generator-functions:7.23.9Description:
Turn async generator functions into ES2015 generators License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/preset-env:7.23.9/@babel/plugin-transform-async-generator-functions:^7.23.9
Referenced In Projects/Scopes: simplicite-js:5.2.54/@babel/preset-env:7.23.9 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author The Babel Team (https://babel.dev/team) Highest Vendor package.json description Turn async generator functions into ES2015 generators Highest Vendor package.json homepage https://babel.dev/docs/en/next/babel-plugin-transform-async-generator-functions Highest Vendor package.json name @babel/plugin-transform-async-generator-functions Highest Vendor package.json name @babel/plugin-transform-async-generator-functions_project Highest Product package.json name @babel/plugin-transform-async-generator-functions Highest Version package.json version 7.23.9 Highest
Related Dependencies @babel/plugin-transform-async-generator-functions:7.23.9File Path: /var/simplicite/simplicite-5.2/package-lock.json?/@babel/plugin-transform-async-generator-functions:7.23.9 pkg:npm/%40babel%2Fplugin-transform-async-generator-functions@7.23.9 @babel/plugin-transform-async-to-generator:7.23.3Description:
Turn async functions into ES2015 generators License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/preset-env:7.23.9/@babel/plugin-transform-async-to-generator:^7.23.3
Referenced In Projects/Scopes: simplicite-js:5.2.54/@babel/preset-env:7.23.9 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author The Babel Team (https://babel.dev/team) Highest Vendor package.json description Turn async functions into ES2015 generators Highest Vendor package.json homepage https://babel.dev/docs/en/next/babel-plugin-transform-async-to-generator Highest Vendor package.json name @babel/plugin-transform-async-to-generator Highest Vendor package.json name @babel/plugin-transform-async-to-generator_project Highest Product package.json name @babel/plugin-transform-async-to-generator Highest Version package.json version 7.23.3 Highest
Related Dependencies @babel/plugin-transform-async-to-generator:7.23.3File Path: /var/simplicite/simplicite-5.2/package-lock.json?/@babel/plugin-transform-async-to-generator:7.23.3 pkg:npm/%40babel%2Fplugin-transform-async-to-generator@7.23.3 @babel/plugin-transform-block-scoped-functions:7.23.3Description:
Babel plugin to ensure function declarations at the block level are block scoped License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/preset-env:7.23.9/@babel/plugin-transform-block-scoped-functions:^7.23.3
Referenced In Projects/Scopes: simplicite-js:5.2.54/@babel/preset-env:7.23.9 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author The Babel Team (https://babel.dev/team) Highest Vendor package.json description Babel plugin to ensure function declarations at the block level are block scoped Highest Vendor package.json homepage https://babel.dev/docs/en/next/babel-plugin-transform-block-scoped-functions Highest Vendor package.json name @babel/plugin-transform-block-scoped-functions Highest Vendor package.json name @babel/plugin-transform-block-scoped-functions_project Highest Product package.json name @babel/plugin-transform-block-scoped-functions Highest Version package.json version 7.23.3 Highest
Related Dependencies @babel/plugin-transform-block-scoped-functions:7.23.3File Path: /var/simplicite/simplicite-5.2/package-lock.json?/@babel/plugin-transform-block-scoped-functions:7.23.3 pkg:npm/%40babel%2Fplugin-transform-block-scoped-functions@7.23.3 @babel/plugin-transform-block-scoping:7.23.4Description:
Compile ES2015 block scoping (const and let) to ES5 License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/preset-env:7.23.9/@babel/plugin-transform-block-scoping:^7.23.4
Referenced In Projects/Scopes: simplicite-js:5.2.54/@babel/preset-env:7.23.9 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author The Babel Team (https://babel.dev/team) Highest Vendor package.json description Compile ES2015 block scoping (const and let) to ES5 Highest Vendor package.json homepage https://babel.dev/docs/en/next/babel-plugin-transform-block-scoping Highest Vendor package.json name @babel/plugin-transform-block-scoping Highest Vendor package.json name @babel/plugin-transform-block-scoping_project Highest Product package.json name @babel/plugin-transform-block-scoping Highest Version package.json version 7.23.4 Highest
Related Dependencies @babel/plugin-transform-block-scoping:7.23.4File Path: /var/simplicite/simplicite-5.2/package-lock.json?/@babel/plugin-transform-block-scoping:7.23.4 pkg:npm/%40babel%2Fplugin-transform-block-scoping@7.23.4 @babel/plugin-transform-class-properties:7.23.3Description:
This plugin transforms static class properties as well as properties declared with the property initializer syntax License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/preset-env:7.23.9/@babel/plugin-transform-class-properties:^7.23.3
Referenced In Projects/Scopes: simplicite-js:5.2.54/@babel/preset-env:7.23.9 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author The Babel Team (https://babel.dev/team) Highest Vendor package.json description This plugin transforms static class properties as well as properties declared with the property initializer syntax Highest Vendor package.json homepage https://babel.dev/docs/en/next/babel-plugin-transform-class-properties Highest Vendor package.json name @babel/plugin-transform-class-properties Highest Vendor package.json name @babel/plugin-transform-class-properties_project Highest Product package.json name @babel/plugin-transform-class-properties Highest Version package.json version 7.23.3 Highest
Related Dependencies @babel/plugin-transform-class-properties:7.23.3File Path: /var/simplicite/simplicite-5.2/package-lock.json?/@babel/plugin-transform-class-properties:7.23.3 pkg:npm/%40babel%2Fplugin-transform-class-properties@7.23.3 @babel/plugin-transform-class-static-block:7.23.4Description:
Transform class static blocks License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/preset-env:7.23.9/@babel/plugin-transform-class-static-block:^7.23.4
Referenced In Projects/Scopes: simplicite-js:5.2.54/@babel/preset-env:7.23.9 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author The Babel Team (https://babel.dev/team) Highest Vendor package.json description Transform class static blocks Highest Vendor package.json homepage https://babel.dev/docs/en/next/babel-plugin-transform-class-static-block Highest Vendor package.json name @babel/plugin-transform-class-static-block Highest Vendor package.json name @babel/plugin-transform-class-static-block_project Highest Product package.json name @babel/plugin-transform-class-static-block Highest Version package.json version 7.23.4 Highest
Related Dependencies @babel/plugin-transform-class-static-block:7.23.4File Path: /var/simplicite/simplicite-5.2/package-lock.json?/@babel/plugin-transform-class-static-block:7.23.4 pkg:npm/%40babel%2Fplugin-transform-class-static-block@7.23.4 @babel/plugin-transform-classes:7.23.8Description:
Compile ES2015 classes to ES5 License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/preset-env:7.23.9/@babel/plugin-transform-classes:^7.23.8
Referenced In Projects/Scopes: simplicite-js:5.2.54/@babel/preset-env:7.23.9 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author The Babel Team (https://babel.dev/team) Highest Vendor package.json description Compile ES2015 classes to ES5 Highest Vendor package.json homepage https://babel.dev/docs/en/next/babel-plugin-transform-classes Highest Vendor package.json name @babel/plugin-transform-classes Highest Vendor package.json name @babel/plugin-transform-classes_project Highest Product package.json name @babel/plugin-transform-classes Highest Version package.json version 7.23.8 Highest
Related Dependencies @babel/plugin-transform-classes:7.23.8File Path: /var/simplicite/simplicite-5.2/package-lock.json?/@babel/plugin-transform-classes:7.23.8 pkg:npm/%40babel%2Fplugin-transform-classes@7.23.8 @babel/plugin-transform-computed-properties:7.23.3Description:
Compile ES2015 computed properties to ES5 License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/preset-env:7.23.9/@babel/plugin-transform-computed-properties:^7.23.3
Referenced In Projects/Scopes: simplicite-js:5.2.54/@babel/preset-env:7.23.9 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author The Babel Team (https://babel.dev/team) Highest Vendor package.json description Compile ES2015 computed properties to ES5 Highest Vendor package.json homepage https://babel.dev/docs/en/next/babel-plugin-transform-computed-properties Highest Vendor package.json name @babel/plugin-transform-computed-properties Highest Vendor package.json name @babel/plugin-transform-computed-properties_project Highest Product package.json name @babel/plugin-transform-computed-properties Highest Version package.json version 7.23.3 Highest
Related Dependencies @babel/plugin-transform-computed-properties:7.23.3File Path: /var/simplicite/simplicite-5.2/package-lock.json?/@babel/plugin-transform-computed-properties:7.23.3 pkg:npm/%40babel%2Fplugin-transform-computed-properties@7.23.3 @babel/plugin-transform-destructuring:7.23.3Description:
Compile ES2015 destructuring to ES5 License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/preset-env:7.23.9/@babel/plugin-transform-destructuring:^7.23.3
Referenced In Projects/Scopes: simplicite-js:5.2.54/@babel/preset-env:7.23.9 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author The Babel Team (https://babel.dev/team) Highest Vendor package.json description Compile ES2015 destructuring to ES5 Highest Vendor package.json homepage https://babel.dev/docs/en/next/babel-plugin-transform-destructuring Highest Vendor package.json name @babel/plugin-transform-destructuring Highest Vendor package.json name @babel/plugin-transform-destructuring_project Highest Product package.json name @babel/plugin-transform-destructuring Highest Version package.json version 7.23.3 Highest
Related Dependencies @babel/plugin-transform-destructuring:7.23.3File Path: /var/simplicite/simplicite-5.2/package-lock.json?/@babel/plugin-transform-destructuring:7.23.3 pkg:npm/%40babel%2Fplugin-transform-destructuring@7.23.3 @babel/plugin-transform-dotall-regex:7.23.3Description:
Compile regular expressions using the `s` (`dotAll`) flag to ES5. License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/preset-env:7.23.9/@babel/plugin-transform-dotall-regex:^7.23.3
Referenced In Projects/Scopes: simplicite-js:5.2.54/@babel/preset-env:7.23.9 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author The Babel Team (https://babel.dev/team) Highest Vendor package.json bugs https://github.com/babel/babel/issues Highest Vendor package.json description Compile regular expressions using the `s` (`dotAll`) flag to ES5. Highest Vendor package.json homepage https://babel.dev/docs/en/next/babel-plugin-transform-dotall-regex Highest Vendor package.json name @babel/plugin-transform-dotall-regex Highest Vendor package.json name @babel/plugin-transform-dotall-regex_project Highest Product package.json name @babel/plugin-transform-dotall-regex Highest Version package.json version 7.23.3 Highest
Related Dependencies @babel/plugin-transform-dotall-regex:7.23.3File Path: /var/simplicite/simplicite-5.2/package-lock.json?/@babel/plugin-transform-dotall-regex:7.23.3 pkg:npm/%40babel%2Fplugin-transform-dotall-regex@7.23.3 @babel/plugin-transform-duplicate-keys:7.23.3Description:
Compile objects with duplicate keys to valid strict ES5 License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/preset-env:7.23.9/@babel/plugin-transform-duplicate-keys:^7.23.3
Referenced In Projects/Scopes: simplicite-js:5.2.54/@babel/preset-env:7.23.9 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author The Babel Team (https://babel.dev/team) Highest Vendor package.json description Compile objects with duplicate keys to valid strict ES5 Highest Vendor package.json homepage https://babel.dev/docs/en/next/babel-plugin-transform-duplicate-keys Highest Vendor package.json name @babel/plugin-transform-duplicate-keys Highest Vendor package.json name @babel/plugin-transform-duplicate-keys_project Highest Product package.json name @babel/plugin-transform-duplicate-keys Highest Version package.json version 7.23.3 Highest
Related Dependencies @babel/plugin-transform-duplicate-keys:7.23.3File Path: /var/simplicite/simplicite-5.2/package-lock.json?/@babel/plugin-transform-duplicate-keys:7.23.3 pkg:npm/%40babel%2Fplugin-transform-duplicate-keys@7.23.3 @babel/plugin-transform-dynamic-import:7.23.4Description:
Transform import() expressions License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/preset-env:7.23.9/@babel/plugin-transform-dynamic-import:^7.23.4
Referenced In Projects/Scopes: simplicite-js:5.2.54/@babel/preset-env:7.23.9 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author The Babel Team (https://babel.dev/team) Highest Vendor package.json description Transform import() expressions Highest Vendor package.json name @babel/plugin-transform-dynamic-import Highest Vendor package.json name @babel/plugin-transform-dynamic-import_project Highest Product package.json name @babel/plugin-transform-dynamic-import Highest Version package.json version 7.23.4 Highest
Related Dependencies @babel/plugin-transform-dynamic-import:7.23.4File Path: /var/simplicite/simplicite-5.2/package-lock.json?/@babel/plugin-transform-dynamic-import:7.23.4 pkg:npm/%40babel%2Fplugin-transform-dynamic-import@7.23.4 @babel/plugin-transform-exponentiation-operator:7.23.3Description:
Compile exponentiation operator to ES5 License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/preset-env:7.23.9/@babel/plugin-transform-exponentiation-operator:^7.23.3
Referenced In Projects/Scopes: simplicite-js:5.2.54/@babel/preset-env:7.23.9 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author The Babel Team (https://babel.dev/team) Highest Vendor package.json description Compile exponentiation operator to ES5 Highest Vendor package.json homepage https://babel.dev/docs/en/next/babel-plugin-transform-exponentiation-operator Highest Vendor package.json name @babel/plugin-transform-exponentiation-operator Highest Vendor package.json name @babel/plugin-transform-exponentiation-operator_project Highest Product package.json name @babel/plugin-transform-exponentiation-operator Highest Version package.json version 7.23.3 Highest
Related Dependencies @babel/plugin-transform-exponentiation-operator:7.23.3File Path: /var/simplicite/simplicite-5.2/package-lock.json?/@babel/plugin-transform-exponentiation-operator:7.23.3 pkg:npm/%40babel%2Fplugin-transform-exponentiation-operator@7.23.3 @babel/plugin-transform-export-namespace-from:7.23.4Description:
Compile export namespace to ES2015 License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/preset-env:7.23.9/@babel/plugin-transform-export-namespace-from:^7.23.4
Referenced In Projects/Scopes: simplicite-js:5.2.54/@babel/preset-env:7.23.9 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author The Babel Team (https://babel.dev/team) Highest Vendor package.json description Compile export namespace to ES2015 Highest Vendor package.json homepage https://babel.dev/docs/en/next/babel-plugin-transform-export-namespace-from Highest Vendor package.json name @babel/plugin-transform-export-namespace-from Highest Vendor package.json name @babel/plugin-transform-export-namespace-from_project Highest Product package.json name @babel/plugin-transform-export-namespace-from Highest Version package.json version 7.23.4 Highest
Related Dependencies @babel/plugin-transform-export-namespace-from:7.23.4File Path: /var/simplicite/simplicite-5.2/package-lock.json?/@babel/plugin-transform-export-namespace-from:7.23.4 pkg:npm/%40babel%2Fplugin-transform-export-namespace-from@7.23.4 @babel/plugin-transform-for-of:7.23.6Description:
Compile ES2015 for...of to ES5 License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/preset-env:7.23.9/@babel/plugin-transform-for-of:^7.23.6
Referenced In Projects/Scopes: simplicite-js:5.2.54/@babel/preset-env:7.23.9 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author The Babel Team (https://babel.dev/team) Highest Vendor package.json description Compile ES2015 for...of to ES5 Highest Vendor package.json homepage https://babel.dev/docs/en/next/babel-plugin-transform-for-of Highest Vendor package.json name @babel/plugin-transform-for-of Highest Vendor package.json name @babel/plugin-transform-for-of_project Highest Product package.json name @babel/plugin-transform-for-of Highest Version package.json version 7.23.6 Highest
Related Dependencies @babel/plugin-transform-for-of:7.23.6File Path: /var/simplicite/simplicite-5.2/package-lock.json?/@babel/plugin-transform-for-of:7.23.6 pkg:npm/%40babel%2Fplugin-transform-for-of@7.23.6 @babel/plugin-transform-function-name:7.23.3Description:
Apply ES2015 function.name semantics to all functions License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/preset-env:7.23.9/@babel/plugin-transform-function-name:^7.23.3
Referenced In Projects/Scopes: simplicite-js:5.2.54/@babel/preset-env:7.23.9 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author The Babel Team (https://babel.dev/team) Highest Vendor package.json description Apply ES2015 function.name semantics to all functions Highest Vendor package.json homepage https://babel.dev/docs/en/next/babel-plugin-transform-function-name Highest Vendor package.json name @babel/plugin-transform-function-name Highest Vendor package.json name @babel/plugin-transform-function-name_project Highest Product package.json name @babel/plugin-transform-function-name Highest Version package.json version 7.23.3 Highest
Related Dependencies @babel/plugin-transform-function-name:7.23.3File Path: /var/simplicite/simplicite-5.2/package-lock.json?/@babel/plugin-transform-function-name:7.23.3 pkg:npm/%40babel%2Fplugin-transform-function-name@7.23.3 @babel/plugin-transform-json-strings:7.23.4Description:
Escape U+2028 LINE SEPARATOR and U+2029 PARAGRAPH SEPARATOR in JS strings License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/preset-env:7.23.9/@babel/plugin-transform-json-strings:^7.23.4
Referenced In Projects/Scopes: simplicite-js:5.2.54/@babel/preset-env:7.23.9 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author The Babel Team (https://babel.dev/team) Highest Vendor package.json description Escape U+2028 LINE SEPARATOR and U+2029 PARAGRAPH SEPARATOR in JS strings Highest Vendor package.json homepage https://babel.dev/docs/en/next/babel-plugin-transform-json-strings Highest Vendor package.json name @babel/plugin-transform-json-strings Highest Vendor package.json name @babel/plugin-transform-json-strings_project Highest Product package.json name @babel/plugin-transform-json-strings Highest Version package.json version 7.23.4 Highest
Related Dependencies @babel/plugin-transform-json-strings:7.23.4File Path: /var/simplicite/simplicite-5.2/package-lock.json?/@babel/plugin-transform-json-strings:7.23.4 pkg:npm/%40babel%2Fplugin-transform-json-strings@7.23.4 @babel/plugin-transform-literals:7.23.3Description:
Compile ES2015 unicode string and number literals to ES5 License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/preset-env:7.23.9/@babel/plugin-transform-literals:^7.23.3
Referenced In Projects/Scopes: simplicite-js:5.2.54/@babel/preset-env:7.23.9 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author The Babel Team (https://babel.dev/team) Highest Vendor package.json description Compile ES2015 unicode string and number literals to ES5 Highest Vendor package.json homepage https://babel.dev/docs/en/next/babel-plugin-transform-literals Highest Vendor package.json name @babel/plugin-transform-literals Highest Vendor package.json name @babel/plugin-transform-literals_project Highest Product package.json name @babel/plugin-transform-literals Highest Version package.json version 7.23.3 Highest
Related Dependencies @babel/plugin-transform-literals:7.23.3File Path: /var/simplicite/simplicite-5.2/package-lock.json?/@babel/plugin-transform-literals:7.23.3 pkg:npm/%40babel%2Fplugin-transform-literals@7.23.3 @babel/plugin-transform-logical-assignment-operators:7.23.4Description:
Transforms logical assignment operators into short-circuited assignments License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/preset-env:7.23.9/@babel/plugin-transform-logical-assignment-operators:^7.23.4
Referenced In Projects/Scopes: simplicite-js:5.2.54/@babel/preset-env:7.23.9 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author The Babel Team (https://babel.dev/team) Highest Vendor package.json description Transforms logical assignment operators into short-circuited assignments Highest Vendor package.json homepage https://babel.dev/docs/en/next/babel-plugin-transform-logical-assignment-operators Highest Vendor package.json name @babel/plugin-transform-logical-assignment-operators Highest Vendor package.json name @babel/plugin-transform-logical-assignment-operators_project Highest Product package.json name @babel/plugin-transform-logical-assignment-operators Highest Version package.json version 7.23.4 Highest
Related Dependencies @babel/plugin-transform-logical-assignment-operators:7.23.4File Path: /var/simplicite/simplicite-5.2/package-lock.json?/@babel/plugin-transform-logical-assignment-operators:7.23.4 pkg:npm/%40babel%2Fplugin-transform-logical-assignment-operators@7.23.4 @babel/plugin-transform-member-expression-literals:7.23.3Description:
Ensure that reserved words are quoted in property accesses License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/preset-env:7.23.9/@babel/plugin-transform-member-expression-literals:^7.23.3
Referenced In Projects/Scopes: simplicite-js:5.2.54/@babel/preset-env:7.23.9 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author The Babel Team (https://babel.dev/team) Highest Vendor package.json description Ensure that reserved words are quoted in property accesses Highest Vendor package.json homepage https://babel.dev/docs/en/next/babel-plugin-transform-member-expression-literals Highest Vendor package.json name @babel/plugin-transform-member-expression-literals Highest Vendor package.json name @babel/plugin-transform-member-expression-literals_project Highest Product package.json name @babel/plugin-transform-member-expression-literals Highest Version package.json version 7.23.3 Highest
Related Dependencies @babel/plugin-transform-member-expression-literals:7.23.3File Path: /var/simplicite/simplicite-5.2/package-lock.json?/@babel/plugin-transform-member-expression-literals:7.23.3 pkg:npm/%40babel%2Fplugin-transform-member-expression-literals@7.23.3 @babel/plugin-transform-modules-amd:7.23.3Description:
This plugin transforms ES2015 modules to AMD License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/preset-env:7.23.9/@babel/plugin-transform-modules-amd:^7.23.3
Referenced In Projects/Scopes: simplicite-js:5.2.54/@babel/preset-env:7.23.9 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author The Babel Team (https://babel.dev/team) Highest Vendor package.json description This plugin transforms ES2015 modules to AMD Highest Vendor package.json homepage https://babel.dev/docs/en/next/babel-plugin-transform-modules-amd Highest Vendor package.json name @babel/plugin-transform-modules-amd Highest Vendor package.json name @babel/plugin-transform-modules-amd_project Highest Product package.json name @babel/plugin-transform-modules-amd Highest Version package.json version 7.23.3 Highest
Related Dependencies @babel/plugin-transform-modules-amd:7.23.3File Path: /var/simplicite/simplicite-5.2/package-lock.json?/@babel/plugin-transform-modules-amd:7.23.3 pkg:npm/%40babel%2Fplugin-transform-modules-amd@7.23.3 @babel/plugin-transform-modules-commonjs:7.23.3Description:
This plugin transforms ES2015 modules to CommonJS License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/preset-env:7.23.9/@babel/plugin-transform-modules-commonjs:^7.23.3
Referenced In Projects/Scopes: simplicite-js:5.2.54/@babel/preset-env:7.23.9 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author The Babel Team (https://babel.dev/team) Highest Vendor package.json description This plugin transforms ES2015 modules to CommonJS Highest Vendor package.json homepage https://babel.dev/docs/en/next/babel-plugin-transform-modules-commonjs Highest Vendor package.json name @babel/plugin-transform-modules-commonjs Highest Vendor package.json name @babel/plugin-transform-modules-commonjs_project Highest Product package.json name @babel/plugin-transform-modules-commonjs Highest Version package.json version 7.23.3 Highest
Related Dependencies @babel/plugin-transform-modules-commonjs:7.23.3File Path: /var/simplicite/simplicite-5.2/package-lock.json?/@babel/plugin-transform-modules-commonjs:7.23.3 pkg:npm/%40babel%2Fplugin-transform-modules-commonjs@7.23.3 @babel/plugin-transform-modules-systemjs:7.23.9Description:
This plugin transforms ES2015 modules to SystemJS License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/preset-env:7.23.9/@babel/plugin-transform-modules-systemjs:^7.23.9
Referenced In Projects/Scopes: simplicite-js:5.2.54/@babel/preset-env:7.23.9 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author The Babel Team (https://babel.dev/team) Highest Vendor package.json description This plugin transforms ES2015 modules to SystemJS Highest Vendor package.json homepage https://babel.dev/docs/en/next/babel-plugin-transform-modules-systemjs Highest Vendor package.json name @babel/plugin-transform-modules-systemjs Highest Vendor package.json name @babel/plugin-transform-modules-systemjs_project Highest Product package.json name @babel/plugin-transform-modules-systemjs Highest Version package.json version 7.23.9 Highest
Related Dependencies @babel/plugin-transform-modules-systemjs:7.23.9File Path: /var/simplicite/simplicite-5.2/package-lock.json?/@babel/plugin-transform-modules-systemjs:7.23.9 pkg:npm/%40babel%2Fplugin-transform-modules-systemjs@7.23.9 @babel/plugin-transform-modules-umd:7.23.3Description:
This plugin transforms ES2015 modules to UMD License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/preset-env:7.23.9/@babel/plugin-transform-modules-umd:^7.23.3
Referenced In Projects/Scopes: simplicite-js:5.2.54/@babel/preset-env:7.23.9 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author The Babel Team (https://babel.dev/team) Highest Vendor package.json description This plugin transforms ES2015 modules to UMD Highest Vendor package.json homepage https://babel.dev/docs/en/next/babel-plugin-transform-modules-umd Highest Vendor package.json name @babel/plugin-transform-modules-umd Highest Vendor package.json name @babel/plugin-transform-modules-umd_project Highest Product package.json name @babel/plugin-transform-modules-umd Highest Version package.json version 7.23.3 Highest
Related Dependencies @babel/plugin-transform-modules-umd:7.23.3File Path: /var/simplicite/simplicite-5.2/package-lock.json?/@babel/plugin-transform-modules-umd:7.23.3 pkg:npm/%40babel%2Fplugin-transform-modules-umd@7.23.3 @babel/plugin-transform-named-capturing-groups-regex:7.22.5Description:
Compile regular expressions using named groups to ES5. License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/preset-env:7.23.9/@babel/plugin-transform-named-capturing-groups-regex:^7.22.5
Referenced In Projects/Scopes: simplicite-js:5.2.54/@babel/preset-env:7.23.9 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author The Babel Team (https://babel.dev/team) Highest Vendor package.json bugs https://github.com/babel/babel/issues Highest Vendor package.json description Compile regular expressions using named groups to ES5. Highest Vendor package.json homepage https://babel.dev/docs/en/next/babel-plugin-transform-named-capturing-groups-regex Highest Vendor package.json name @babel/plugin-transform-named-capturing-groups-regex Highest Vendor package.json name @babel/plugin-transform-named-capturing-groups-regex_project Highest Product package.json name @babel/plugin-transform-named-capturing-groups-regex Highest Version package.json version 7.22.5 Highest
Related Dependencies @babel/plugin-transform-named-capturing-groups-regex:7.22.5File Path: /var/simplicite/simplicite-5.2/package-lock.json?/@babel/plugin-transform-named-capturing-groups-regex:7.22.5 pkg:npm/%40babel%2Fplugin-transform-named-capturing-groups-regex@7.22.5 @babel/plugin-transform-new-target:7.23.3Description:
Transforms new.target meta property License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/preset-env:7.23.9/@babel/plugin-transform-new-target:^7.23.3
Referenced In Projects/Scopes: simplicite-js:5.2.54/@babel/preset-env:7.23.9 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author The Babel Team (https://babel.dev/team) Highest Vendor package.json description Transforms new.target meta property Highest Vendor package.json homepage https://babel.dev/docs/en/next/babel-plugin-transform-new-target Highest Vendor package.json name @babel/plugin-transform-new-target Highest Vendor package.json name @babel/plugin-transform-new-target_project Highest Product package.json name @babel/plugin-transform-new-target Highest Version package.json version 7.23.3 Highest
Related Dependencies @babel/plugin-transform-new-target:7.23.3File Path: /var/simplicite/simplicite-5.2/package-lock.json?/@babel/plugin-transform-new-target:7.23.3 pkg:npm/%40babel%2Fplugin-transform-new-target@7.23.3 @babel/plugin-transform-nullish-coalescing-operator:7.23.4Description:
Remove nullish coalescing operator License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/preset-env:7.23.9/@babel/plugin-transform-nullish-coalescing-operator:^7.23.4
Referenced In Projects/Scopes: simplicite-js:5.2.54/@babel/preset-env:7.23.9 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author The Babel Team (https://babel.dev/team) Highest Vendor package.json description Remove nullish coalescing operator Highest Vendor package.json homepage https://babel.dev/docs/en/next/babel-plugin-transform-nullish-coalescing-operator Highest Vendor package.json name @babel/plugin-transform-nullish-coalescing-operator Highest Vendor package.json name @babel/plugin-transform-nullish-coalescing-operator_project Highest Product package.json name @babel/plugin-transform-nullish-coalescing-operator Highest Version package.json version 7.23.4 Highest
Related Dependencies @babel/plugin-transform-nullish-coalescing-operator:7.23.4File Path: /var/simplicite/simplicite-5.2/package-lock.json?/@babel/plugin-transform-nullish-coalescing-operator:7.23.4 pkg:npm/%40babel%2Fplugin-transform-nullish-coalescing-operator@7.23.4 @babel/plugin-transform-numeric-separator:7.23.4Description:
Remove numeric separators from Decimal, Binary, Hex and Octal literals License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/preset-env:7.23.9/@babel/plugin-transform-numeric-separator:^7.23.4
Referenced In Projects/Scopes: simplicite-js:5.2.54/@babel/preset-env:7.23.9 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author The Babel Team (https://babel.dev/team) Highest Vendor package.json description Remove numeric separators from Decimal, Binary, Hex and Octal literals Highest Vendor package.json homepage https://babel.dev/docs/en/next/babel-plugin-transform-numeric-separator Highest Vendor package.json name @babel/plugin-transform-numeric-separator Highest Vendor package.json name @babel/plugin-transform-numeric-separator_project Highest Product package.json name @babel/plugin-transform-numeric-separator Highest Version package.json version 7.23.4 Highest
Related Dependencies @babel/plugin-transform-numeric-separator:7.23.4File Path: /var/simplicite/simplicite-5.2/package-lock.json?/@babel/plugin-transform-numeric-separator:7.23.4 pkg:npm/%40babel%2Fplugin-transform-numeric-separator@7.23.4 @babel/plugin-transform-object-rest-spread:7.23.4Description:
Compile object rest and spread to ES5 License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/preset-env:7.23.9/@babel/plugin-transform-object-rest-spread:^7.23.4
Referenced In Projects/Scopes: simplicite-js:5.2.54/@babel/preset-env:7.23.9 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author The Babel Team (https://babel.dev/team) Highest Vendor package.json description Compile object rest and spread to ES5 Highest Vendor package.json homepage https://babel.dev/docs/en/next/babel-plugin-transform-object-rest-spread Highest Vendor package.json name @babel/plugin-transform-object-rest-spread Highest Vendor package.json name @babel/plugin-transform-object-rest-spread_project Highest Product package.json name @babel/plugin-transform-object-rest-spread Highest Version package.json version 7.23.4 Highest
Related Dependencies @babel/plugin-transform-object-rest-spread:7.23.4File Path: /var/simplicite/simplicite-5.2/package-lock.json?/@babel/plugin-transform-object-rest-spread:7.23.4 pkg:npm/%40babel%2Fplugin-transform-object-rest-spread@7.23.4 @babel/plugin-transform-object-super:7.23.3Description:
Compile ES2015 object super to ES5 License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/preset-env:7.23.9/@babel/plugin-transform-object-super:^7.23.3
Referenced In Projects/Scopes: simplicite-js:5.2.54/@babel/preset-env:7.23.9 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author The Babel Team (https://babel.dev/team) Highest Vendor package.json description Compile ES2015 object super to ES5 Highest Vendor package.json homepage https://babel.dev/docs/en/next/babel-plugin-transform-object-super Highest Vendor package.json name @babel/plugin-transform-object-super Highest Vendor package.json name @babel/plugin-transform-object-super_project Highest Product package.json name @babel/plugin-transform-object-super Highest Version package.json version 7.23.3 Highest
Related Dependencies @babel/plugin-transform-object-super:7.23.3File Path: /var/simplicite/simplicite-5.2/package-lock.json?/@babel/plugin-transform-object-super:7.23.3 pkg:npm/%40babel%2Fplugin-transform-object-super@7.23.3 @babel/plugin-transform-optional-catch-binding:7.23.4Description:
Compile optional catch bindings License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/preset-env:7.23.9/@babel/plugin-transform-optional-catch-binding:^7.23.4
Referenced In Projects/Scopes: simplicite-js:5.2.54/@babel/preset-env:7.23.9 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author The Babel Team (https://babel.dev/team) Highest Vendor package.json description Compile optional catch bindings Highest Vendor package.json homepage https://babel.dev/docs/en/next/babel-plugin-transform-optional-catch-binding Highest Vendor package.json name @babel/plugin-transform-optional-catch-binding Highest Vendor package.json name @babel/plugin-transform-optional-catch-binding_project Highest Product package.json name @babel/plugin-transform-optional-catch-binding Highest Version package.json version 7.23.4 Highest
Related Dependencies @babel/plugin-transform-optional-catch-binding:7.23.4File Path: /var/simplicite/simplicite-5.2/package-lock.json?/@babel/plugin-transform-optional-catch-binding:7.23.4 pkg:npm/%40babel%2Fplugin-transform-optional-catch-binding@7.23.4 @babel/plugin-transform-optional-chaining:7.23.4Description:
Transform optional chaining operators into a series of nil checks License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/preset-env:7.23.9/@babel/plugin-transform-optional-chaining:^7.23.4
Referenced In Projects/Scopes: simplicite-js:5.2.54/@babel/preset-env:7.23.9 simplicite-js:5.2.54 simplicite-js:5.2.54/@babel/plugin-bugfix-v8-spread-parameters-in-optional-chaining:7.23.3 Evidence Type Source Name Value Confidence Vendor package.json author The Babel Team (https://babel.dev/team) Highest Vendor package.json description Transform optional chaining operators into a series of nil checks Highest Vendor package.json homepage https://babel.dev/docs/en/next/babel-plugin-transform-optional-chaining Highest Vendor package.json name @babel/plugin-transform-optional-chaining Highest Vendor package.json name @babel/plugin-transform-optional-chaining_project Highest Product package.json name @babel/plugin-transform-optional-chaining Highest Version package.json version 7.23.4 Highest
Related Dependencies @babel/plugin-transform-optional-chaining:7.23.4File Path: /var/simplicite/simplicite-5.2/package-lock.json?/@babel/plugin-transform-optional-chaining:7.23.4 pkg:npm/%40babel%2Fplugin-transform-optional-chaining@7.23.4 @babel/plugin-transform-optional-chaining:7.23.4File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/plugin-bugfix-v8-spread-parameters-in-optional-chaining:7.23.3/@babel/plugin-transform-optional-chaining:^7.23.3 pkg:npm/%40babel%2Fplugin-transform-optional-chaining@7.23.4 @babel/plugin-transform-parameters:7.23.3Description:
Compile ES2015 default and rest parameters to ES5 License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/preset-env:7.23.9/@babel/plugin-transform-parameters:^7.23.3
Referenced In Projects/Scopes: simplicite-js:5.2.54/@babel/plugin-transform-object-rest-spread:7.23.4 simplicite-js:5.2.54/@babel/preset-env:7.23.9 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author The Babel Team (https://babel.dev/team) Highest Vendor package.json description Compile ES2015 default and rest parameters to ES5 Highest Vendor package.json homepage https://babel.dev/docs/en/next/babel-plugin-transform-parameters Highest Vendor package.json name @babel/plugin-transform-parameters Highest Vendor package.json name @babel/plugin-transform-parameters_project Highest Product package.json name @babel/plugin-transform-parameters Highest Version package.json version 7.23.3 Highest
Related Dependencies @babel/plugin-transform-parameters:7.23.3File Path: /var/simplicite/simplicite-5.2/package-lock.json?/@babel/plugin-transform-parameters:7.23.3 pkg:npm/%40babel%2Fplugin-transform-parameters@7.23.3 @babel/plugin-transform-parameters:7.23.3File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/plugin-transform-object-rest-spread:7.23.4/@babel/plugin-transform-parameters:^7.23.3 pkg:npm/%40babel%2Fplugin-transform-parameters@7.23.3 @babel/plugin-transform-private-methods:7.23.3Description:
This plugin transforms private class methods License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/preset-env:7.23.9/@babel/plugin-transform-private-methods:^7.23.3
Referenced In Projects/Scopes: simplicite-js:5.2.54/@babel/preset-env:7.23.9 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author The Babel Team (https://babel.dev/team) Highest Vendor package.json description This plugin transforms private class methods Highest Vendor package.json homepage https://babel.dev/docs/en/next/babel-plugin-transform-private-methods Highest Vendor package.json name @babel/plugin-transform-private-methods Highest Vendor package.json name @babel/plugin-transform-private-methods_project Highest Product package.json name @babel/plugin-transform-private-methods Highest Version package.json version 7.23.3 Highest
Related Dependencies @babel/plugin-transform-private-methods:7.23.3File Path: /var/simplicite/simplicite-5.2/package-lock.json?/@babel/plugin-transform-private-methods:7.23.3 pkg:npm/%40babel%2Fplugin-transform-private-methods@7.23.3 @babel/plugin-transform-private-property-in-object:7.23.4Description:
This plugin transforms checks for a private property in an object License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/preset-env:7.23.9/@babel/plugin-transform-private-property-in-object:^7.23.4
Referenced In Projects/Scopes: simplicite-js:5.2.54/@babel/preset-env:7.23.9 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author The Babel Team (https://babel.dev/team) Highest Vendor package.json description This plugin transforms checks for a private property in an object Highest Vendor package.json homepage https://babel.dev/docs/en/next/babel-plugin-transform-private-property-in-object Highest Vendor package.json name @babel/plugin-transform-private-property-in-object Highest Vendor package.json name @babel/plugin-transform-private-property-in-object_project Highest Product package.json name @babel/plugin-transform-private-property-in-object Highest Version package.json version 7.23.4 Highest
Related Dependencies @babel/plugin-transform-private-property-in-object:7.23.4File Path: /var/simplicite/simplicite-5.2/package-lock.json?/@babel/plugin-transform-private-property-in-object:7.23.4 pkg:npm/%40babel%2Fplugin-transform-private-property-in-object@7.23.4 @babel/plugin-transform-property-literals:7.23.3Description:
Ensure that reserved words are quoted in object property keys License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/preset-env:7.23.9/@babel/plugin-transform-property-literals:^7.23.3
Referenced In Projects/Scopes: simplicite-js:5.2.54/@babel/preset-env:7.23.9 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author The Babel Team (https://babel.dev/team) Highest Vendor package.json description Ensure that reserved words are quoted in object property keys Highest Vendor package.json homepage https://babel.dev/docs/en/next/babel-plugin-transform-property-literals Highest Vendor package.json name @babel/plugin-transform-property-literals Highest Vendor package.json name @babel/plugin-transform-property-literals_project Highest Product package.json name @babel/plugin-transform-property-literals Highest Version package.json version 7.23.3 Highest
Related Dependencies @babel/plugin-transform-property-literals:7.23.3File Path: /var/simplicite/simplicite-5.2/package-lock.json?/@babel/plugin-transform-property-literals:7.23.3 pkg:npm/%40babel%2Fplugin-transform-property-literals@7.23.3 @babel/plugin-transform-regenerator:7.23.3Description:
Explode async and generator functions into a state machine. License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/preset-env:7.23.9/@babel/plugin-transform-regenerator:^7.23.3
Referenced In Projects/Scopes: simplicite-js:5.2.54/@babel/preset-env:7.23.9 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author The Babel Team (https://babel.dev/team) Highest Vendor package.json description Explode async and generator functions into a state machine. Highest Vendor package.json homepage https://babel.dev/docs/en/next/babel-plugin-transform-regenerator Highest Vendor package.json name @babel/plugin-transform-regenerator Highest Vendor package.json name @babel/plugin-transform-regenerator_project Highest Product package.json name @babel/plugin-transform-regenerator Highest Version package.json version 7.23.3 Highest
Related Dependencies @babel/plugin-transform-regenerator:7.23.3File Path: /var/simplicite/simplicite-5.2/package-lock.json?/@babel/plugin-transform-regenerator:7.23.3 pkg:npm/%40babel%2Fplugin-transform-regenerator@7.23.3 @babel/plugin-transform-reserved-words:7.23.3Description:
Ensure that no reserved words are used. License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/preset-env:7.23.9/@babel/plugin-transform-reserved-words:^7.23.3
Referenced In Projects/Scopes: simplicite-js:5.2.54/@babel/preset-env:7.23.9 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author The Babel Team (https://babel.dev/team) Highest Vendor package.json description Ensure that no reserved words are used. Highest Vendor package.json homepage https://babel.dev/docs/en/next/babel-plugin-transform-reserved-words Highest Vendor package.json name @babel/plugin-transform-reserved-words Highest Vendor package.json name @babel/plugin-transform-reserved-words_project Highest Product package.json name @babel/plugin-transform-reserved-words Highest Version package.json version 7.23.3 Highest
Related Dependencies @babel/plugin-transform-reserved-words:7.23.3File Path: /var/simplicite/simplicite-5.2/package-lock.json?/@babel/plugin-transform-reserved-words:7.23.3 pkg:npm/%40babel%2Fplugin-transform-reserved-words@7.23.3 @babel/plugin-transform-shorthand-properties:7.23.3Description:
Compile ES2015 shorthand properties to ES5 License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/preset-env:7.23.9/@babel/plugin-transform-shorthand-properties:^7.23.3
Referenced In Projects/Scopes: simplicite-js:5.2.54/@babel/preset-env:7.23.9 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author The Babel Team (https://babel.dev/team) Highest Vendor package.json description Compile ES2015 shorthand properties to ES5 Highest Vendor package.json homepage https://babel.dev/docs/en/next/babel-plugin-transform-shorthand-properties Highest Vendor package.json name @babel/plugin-transform-shorthand-properties Highest Vendor package.json name @babel/plugin-transform-shorthand-properties_project Highest Product package.json name @babel/plugin-transform-shorthand-properties Highest Version package.json version 7.23.3 Highest
Related Dependencies @babel/plugin-transform-shorthand-properties:7.23.3File Path: /var/simplicite/simplicite-5.2/package-lock.json?/@babel/plugin-transform-shorthand-properties:7.23.3 pkg:npm/%40babel%2Fplugin-transform-shorthand-properties@7.23.3 @babel/plugin-transform-spread:7.23.3Description:
Compile ES2015 spread to ES5 License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/preset-env:7.23.9/@babel/plugin-transform-spread:^7.23.3
Referenced In Projects/Scopes: simplicite-js:5.2.54/@babel/preset-env:7.23.9 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author The Babel Team (https://babel.dev/team) Highest Vendor package.json description Compile ES2015 spread to ES5 Highest Vendor package.json homepage https://babel.dev/docs/en/next/babel-plugin-transform-spread Highest Vendor package.json name @babel/plugin-transform-spread Highest Vendor package.json name @babel/plugin-transform-spread_project Highest Product package.json name @babel/plugin-transform-spread Highest Version package.json version 7.23.3 Highest
Related Dependencies @babel/plugin-transform-spread:7.23.3File Path: /var/simplicite/simplicite-5.2/package-lock.json?/@babel/plugin-transform-spread:7.23.3 pkg:npm/%40babel%2Fplugin-transform-spread@7.23.3 @babel/plugin-transform-sticky-regex:7.23.3Description:
Compile ES2015 sticky regex to an ES5 RegExp constructor License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/preset-env:7.23.9/@babel/plugin-transform-sticky-regex:^7.23.3
Referenced In Projects/Scopes: simplicite-js:5.2.54/@babel/preset-env:7.23.9 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author The Babel Team (https://babel.dev/team) Highest Vendor package.json description Compile ES2015 sticky regex to an ES5 RegExp constructor Highest Vendor package.json homepage https://babel.dev/docs/en/next/babel-plugin-transform-sticky-regex Highest Vendor package.json name @babel/plugin-transform-sticky-regex Highest Vendor package.json name @babel/plugin-transform-sticky-regex_project Highest Product package.json name @babel/plugin-transform-sticky-regex Highest Version package.json version 7.23.3 Highest
Related Dependencies @babel/plugin-transform-sticky-regex:7.23.3File Path: /var/simplicite/simplicite-5.2/package-lock.json?/@babel/plugin-transform-sticky-regex:7.23.3 pkg:npm/%40babel%2Fplugin-transform-sticky-regex@7.23.3 @babel/plugin-transform-template-literals:7.23.3Description:
Compile ES2015 template literals to ES5 License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/preset-env:7.23.9/@babel/plugin-transform-template-literals:^7.23.3
Referenced In Projects/Scopes: simplicite-js:5.2.54/@babel/preset-env:7.23.9 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author The Babel Team (https://babel.dev/team) Highest Vendor package.json description Compile ES2015 template literals to ES5 Highest Vendor package.json homepage https://babel.dev/docs/en/next/babel-plugin-transform-template-literals Highest Vendor package.json name @babel/plugin-transform-template-literals Highest Vendor package.json name @babel/plugin-transform-template-literals_project Highest Product package.json name @babel/plugin-transform-template-literals Highest Version package.json version 7.23.3 Highest
Related Dependencies @babel/plugin-transform-template-literals:7.23.3File Path: /var/simplicite/simplicite-5.2/package-lock.json?/@babel/plugin-transform-template-literals:7.23.3 pkg:npm/%40babel%2Fplugin-transform-template-literals@7.23.3 @babel/plugin-transform-typeof-symbol:7.23.3Description:
This transformer wraps all typeof expressions with a method that replicates native behaviour. (ie. returning “symbol” for symbols) License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/preset-env:7.23.9/@babel/plugin-transform-typeof-symbol:^7.23.3
Referenced In Projects/Scopes: simplicite-js:5.2.54/@babel/preset-env:7.23.9 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author The Babel Team (https://babel.dev/team) Highest Vendor package.json description This transformer wraps all typeof expressions with a method that replicates native behaviour. (ie. returning “symbol” for symbols) Highest Vendor package.json homepage https://babel.dev/docs/en/next/babel-plugin-transform-typeof-symbol Highest Vendor package.json name @babel/plugin-transform-typeof-symbol Highest Vendor package.json name @babel/plugin-transform-typeof-symbol_project Highest Product package.json name @babel/plugin-transform-typeof-symbol Highest Version package.json version 7.23.3 Highest
Related Dependencies @babel/plugin-transform-typeof-symbol:7.23.3File Path: /var/simplicite/simplicite-5.2/package-lock.json?/@babel/plugin-transform-typeof-symbol:7.23.3 pkg:npm/%40babel%2Fplugin-transform-typeof-symbol@7.23.3 @babel/plugin-transform-unicode-escapes:7.23.3Description:
Compile ES2015 Unicode escapes to ES5 License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/preset-env:7.23.9/@babel/plugin-transform-unicode-escapes:^7.23.3
Referenced In Projects/Scopes: simplicite-js:5.2.54/@babel/preset-env:7.23.9 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author The Babel Team (https://babel.dev/team) Highest Vendor package.json description Compile ES2015 Unicode escapes to ES5 Highest Vendor package.json homepage https://babel.dev/docs/en/next/babel-plugin-transform-unicode-escapes Highest Vendor package.json name @babel/plugin-transform-unicode-escapes Highest Vendor package.json name @babel/plugin-transform-unicode-escapes_project Highest Product package.json name @babel/plugin-transform-unicode-escapes Highest Version package.json version 7.23.3 Highest
Related Dependencies @babel/plugin-transform-unicode-escapes:7.23.3File Path: /var/simplicite/simplicite-5.2/package-lock.json?/@babel/plugin-transform-unicode-escapes:7.23.3 pkg:npm/%40babel%2Fplugin-transform-unicode-escapes@7.23.3 @babel/plugin-transform-unicode-property-regex:7.23.3Description:
Compile Unicode property escapes in Unicode regular expressions to ES5. License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/preset-env:7.23.9/@babel/plugin-transform-unicode-property-regex:^7.23.3
Referenced In Projects/Scopes: simplicite-js:5.2.54/@babel/preset-env:7.23.9 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author The Babel Team (https://babel.dev/team) Highest Vendor package.json bugs https://github.com/babel/babel/issues Highest Vendor package.json description Compile Unicode property escapes in Unicode regular expressions to ES5. Highest Vendor package.json homepage https://babel.dev/docs/en/next/babel-plugin-transform-unicode-property-regex Highest Vendor package.json name @babel/plugin-transform-unicode-property-regex Highest Vendor package.json name @babel/plugin-transform-unicode-property-regex_project Highest Product package.json name @babel/plugin-transform-unicode-property-regex Highest Version package.json version 7.23.3 Highest
Related Dependencies @babel/plugin-transform-unicode-property-regex:7.23.3File Path: /var/simplicite/simplicite-5.2/package-lock.json?/@babel/plugin-transform-unicode-property-regex:7.23.3 pkg:npm/%40babel%2Fplugin-transform-unicode-property-regex@7.23.3 @babel/plugin-transform-unicode-regex:7.23.3Description:
Compile ES2015 Unicode regex to ES5 License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/preset-env:7.23.9/@babel/plugin-transform-unicode-regex:^7.23.3
Referenced In Projects/Scopes: simplicite-js:5.2.54/@babel/preset-env:7.23.9 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author The Babel Team (https://babel.dev/team) Highest Vendor package.json description Compile ES2015 Unicode regex to ES5 Highest Vendor package.json homepage https://babel.dev/docs/en/next/babel-plugin-transform-unicode-regex Highest Vendor package.json name @babel/plugin-transform-unicode-regex Highest Vendor package.json name @babel/plugin-transform-unicode-regex_project Highest Product package.json name @babel/plugin-transform-unicode-regex Highest Version package.json version 7.23.3 Highest
Related Dependencies @babel/plugin-transform-unicode-regex:7.23.3File Path: /var/simplicite/simplicite-5.2/package-lock.json?/@babel/plugin-transform-unicode-regex:7.23.3 pkg:npm/%40babel%2Fplugin-transform-unicode-regex@7.23.3 @babel/plugin-transform-unicode-sets-regex:7.23.3Description:
Compile regular expressions' unicodeSets (v) flag. License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/preset-env:7.23.9/@babel/plugin-transform-unicode-sets-regex:^7.23.3
Referenced In Projects/Scopes: simplicite-js:5.2.54/@babel/preset-env:7.23.9 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author The Babel Team (https://babel.dev/team) Highest Vendor package.json bugs https://github.com/babel/babel/issues Highest Vendor package.json description Compile regular expressions' unicodeSets (v) flag. Highest Vendor package.json homepage https://babel.dev/docs/en/next/babel-plugin-transform-unicode-sets-regex Highest Vendor package.json name @babel/plugin-transform-unicode-sets-regex Highest Vendor package.json name @babel/plugin-transform-unicode-sets-regex_project Highest Product package.json name @babel/plugin-transform-unicode-sets-regex Highest Version package.json version 7.23.3 Highest
Related Dependencies @babel/plugin-transform-unicode-sets-regex:7.23.3File Path: /var/simplicite/simplicite-5.2/package-lock.json?/@babel/plugin-transform-unicode-sets-regex:7.23.3 pkg:npm/%40babel%2Fplugin-transform-unicode-sets-regex@7.23.3 @babel/preset-env:7.23.9Description:
A Babel preset for each environment. License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/@babel/preset-env:7.23.9
Referenced In Project/Scope: simplicite-js:5.2.54
Evidence Type Source Name Value Confidence Vendor package.json author The Babel Team (https://babel.dev/team) Highest Vendor package.json bugs https://github.com/babel/babel/issues?utf8=%E2%9C%93&q=is%3Aissue+label%3A%22pkg%3A%20preset-env%22+is%3Aopen Highest Vendor package.json description A Babel preset for each environment. Highest Vendor package.json homepage https://babel.dev/docs/en/next/babel-preset-env Highest Vendor package.json name @babel/preset-env Highest Vendor package.json name @babel/preset-env_project Highest Product package.json name @babel/preset-env Highest Version package.json version 7.23.9 Highest
@babel/preset-modules:0.1.6-no-external-pluginsDescription:
A Babel preset that targets modern browsers by fixing engine bugs. License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/@babel/preset-modules:0.1.6-no-external-plugins
Referenced In Projects/Scopes: simplicite-js:5.2.54/@babel/preset-env:7.23.9 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json description A Babel preset that targets modern browsers by fixing engine bugs. Highest Vendor package.json name @babel/preset-modules Highest Vendor package.json name @babel/preset-modules_project Highest Product package.json name @babel/preset-modules Highest Version package.json version 0.1.6-no-external-plugins Highest
Related Dependencies @babel/preset-modules:0.1.6-no-external-pluginsFile Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/preset-env:7.23.9/@babel/preset-modules:0.1.6-no-external-plugins pkg:npm/%40babel%2Fpreset-modules@0.1.6-no-external-plugins @babel/register:7.23.7Description:
babel require hook License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/@babel/register:7.23.7
Referenced In Projects/Scopes: simplicite-js:5.2.54/@babel/node:7.23.9 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author The Babel Team (https://babel.dev/team) Highest Vendor package.json bugs https://github.com/babel/babel/issues?utf8=%E2%9C%93&q=is%3Aissue+label%3A%22pkg%3A%20register%22+is%3Aopen Highest Vendor package.json description babel require hook Highest Vendor package.json homepage https://babel.dev/docs/en/next/babel-register Highest Vendor package.json name @babel/register Highest Vendor package.json name @babel/register_project Highest Product package.json name @babel/register Highest Version package.json version 7.23.7 Highest
Related Dependencies @babel/register:7.23.7File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/node:7.23.9/@babel/register:^7.23.7 pkg:npm/%40babel%2Fregister@7.23.7 @babel/regjsgen:0.8.0Description:
Generate regular expressions from regjsparser’s AST. License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?regexpu-core:5.3.2/@babel/regjsgen:^0.8.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/regexpu-core:5.3.2 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author.name Benjamin Tan Highest Vendor package.json author.url https://ofcr.se/ Highest Vendor package.json bugs https://github.com/bnjmnt4n/regjsgen/issues Highest Vendor package.json description Generate regular expressions from regjsparser’s AST. Highest Vendor package.json homepage https://github.com/bnjmnt4n/regjsgen Highest Vendor package.json name @babel/regjsgen Highest Vendor package.json name @babel/regjsgen_project Highest Product package.json name @babel/regjsgen Highest Version package.json version 0.8.0 Highest
Related Dependencies @babel/regjsgen:0.8.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?/@babel/regjsgen:0.8.0 pkg:npm/%40babel%2Fregjsgen@0.8.0 @babel/runtime:7.23.9Description:
babel's modular runtime helpers License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?regenerator-transform:0.15.2/@babel/runtime:^7.8.4
Referenced In Projects/Scopes: simplicite-js:5.2.54/regenerator-transform:0.15.2 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author The Babel Team (https://babel.dev/team) Highest Vendor package.json description babel's modular runtime helpers Highest Vendor package.json homepage https://babel.dev/docs/en/next/babel-runtime Highest Vendor package.json name @babel/runtime Highest Vendor package.json name @babel/runtime_project Highest Product package.json name @babel/runtime Highest Version package.json version 7.23.9 Highest
Related Dependencies @babel/runtime:7.23.9File Path: /var/simplicite/simplicite-5.2/package-lock.json?/@babel/runtime:7.23.9 pkg:npm/%40babel%2Fruntime@7.23.9 @babel/template:7.23.9Description:
Generate an AST from a string template. License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/@babel/template:7.23.9
Referenced In Projects/Scopes: simplicite-js:5.2.54/@babel/helper-function-name:7.23.0 simplicite-js:5.2.54/@babel/helper-wrap-function:7.22.20 simplicite-js:5.2.54/@babel/plugin-transform-computed-properties:7.23.3 simplicite-js:5.2.54/@babel/core:7.23.9 simplicite-js:5.2.54 simplicite-js:5.2.54/@babel/helpers:7.23.9 Evidence Type Source Name Value Confidence Vendor package.json author The Babel Team (https://babel.dev/team) Highest Vendor package.json bugs https://github.com/babel/babel/issues?utf8=%E2%9C%93&q=is%3Aissue+label%3A%22pkg%3A%20template%22+is%3Aopen Highest Vendor package.json description Generate an AST from a string template. Highest Vendor package.json homepage https://babel.dev/docs/en/next/babel-template Highest Vendor package.json name @babel/template Highest Vendor package.json name @babel/template_project Highest Product package.json name @babel/template Highest Version package.json version 7.23.9 Highest
Related Dependencies @babel/template:7.23.9File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/core:7.23.9/@babel/template:^7.23.9 pkg:npm/%40babel%2Ftemplate@7.23.9 @babel/template:7.23.9File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/helper-function-name:7.23.0/@babel/template:^7.22.15 pkg:npm/%40babel%2Ftemplate@7.23.9 @babel/template:7.23.9File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/helper-wrap-function:7.22.20/@babel/template:^7.22.15 pkg:npm/%40babel%2Ftemplate@7.23.9 @babel/template:7.23.9File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/helpers:7.23.9/@babel/template:^7.23.9 pkg:npm/%40babel%2Ftemplate@7.23.9 @babel/template:7.23.9File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/plugin-transform-computed-properties:7.23.3/@babel/template:^7.22.15 pkg:npm/%40babel%2Ftemplate@7.23.9 @babel/traverse:7.23.9Description:
The Babel Traverse module maintains the overall tree state, and is responsible for replacing, removing, and adding nodes License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?depcheck:1.4.3/@babel/traverse:^7.12.5
Referenced In Projects/Scopes: simplicite-js:5.2.54/@babel/core:7.23.9 simplicite-js:5.2.54 simplicite-js:5.2.54/depcheck:1.4.3 simplicite-js:5.2.54/@babel/helpers:7.23.9 Evidence Type Source Name Value Confidence Vendor package.json author The Babel Team (https://babel.dev/team) Highest Vendor package.json bugs https://github.com/babel/babel/issues?utf8=%E2%9C%93&q=is%3Aissue+label%3A%22pkg%3A%20traverse%22+is%3Aopen Highest Vendor package.json description The Babel Traverse module maintains the overall tree state, and is responsible for replacing, removing, and adding nodes Highest Vendor package.json homepage https://babel.dev/docs/en/next/babel-traverse Highest Vendor package.json name @babel/traverse Highest Vendor package.json name @babel/traverse_project Highest Product package.json name @babel/traverse Highest Version package.json version 7.23.9 Highest
Related Dependencies @babel/traverse:7.23.9File Path: /var/simplicite/simplicite-5.2/package-lock.json?/@babel/traverse:7.23.9 pkg:npm/%40babel%2Ftraverse@7.23.9 @babel/traverse:7.23.9File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/core:7.23.9/@babel/traverse:^7.23.9 pkg:npm/%40babel%2Ftraverse@7.23.9 @babel/traverse:7.23.9File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/helpers:7.23.9/@babel/traverse:^7.23.9 pkg:npm/%40babel%2Ftraverse@7.23.9 @babel/types:7.23.9Description:
Babel Types is a Lodash-esque utility library for AST nodes License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/@babel/types:7.23.9
Referenced In Projects/Scopes: simplicite-js:5.2.54/@babel/helper-split-export-declaration:7.22.6 simplicite-js:5.2.54/@babel/helper-module-imports:7.22.15 simplicite-js:5.2.54/@babel/helper-simple-access:7.22.5 simplicite-js:5.2.54/@babel/preset-modules:0.1.6-no-external-plugins simplicite-js:5.2.54/@babel/helper-optimise-call-expression:7.22.5 simplicite-js:5.2.54/@babel/traverse:7.23.9 simplicite-js:5.2.54/@babel/helper-skip-transparent-expression-wrappers:7.22.5 simplicite-js:5.2.54/@babel/generator:7.23.6 simplicite-js:5.2.54/@babel/helper-builder-binary-assignment-operator-visitor:7.22.15 simplicite-js:5.2.54/@babel/core:7.23.9 simplicite-js:5.2.54 simplicite-js:5.2.54/@babel/helper-hoist-variables:7.22.5 simplicite-js:5.2.54/@babel/helper-annotate-as-pure:7.22.5 simplicite-js:5.2.54/@babel/helper-function-name:7.23.0 simplicite-js:5.2.54/@babel/helper-wrap-function:7.22.20 simplicite-js:5.2.54/@babel/template:7.23.9 simplicite-js:5.2.54/@babel/helpers:7.23.9 simplicite-js:5.2.54/@babel/helper-member-expression-to-functions:7.23.0 Evidence Type Source Name Value Confidence Vendor package.json author The Babel Team (https://babel.dev/team) Highest Vendor package.json bugs https://github.com/babel/babel/issues?utf8=%E2%9C%93&q=is%3Aissue+label%3A%22pkg%3A%20types%22+is%3Aopen Highest Vendor package.json description Babel Types is a Lodash-esque utility library for AST nodes Highest Vendor package.json homepage https://babel.dev/docs/en/next/babel-types Highest Vendor package.json name @babel/types Highest Vendor package.json name @babel/types_project Highest Product package.json name @babel/types Highest Version package.json version 7.23.9 Highest
Related Dependencies @babel/types:7.23.9File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/core:7.23.9/@babel/types:^7.23.9 pkg:npm/%40babel%2Ftypes@7.23.9 @babel/types:7.23.9File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/generator:7.23.6/@babel/types:^7.23.6 pkg:npm/%40babel%2Ftypes@7.23.9 @babel/types:7.23.9File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/helper-annotate-as-pure:7.22.5/@babel/types:^7.22.5 pkg:npm/%40babel%2Ftypes@7.23.9 @babel/types:7.23.9File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/helper-builder-binary-assignment-operator-visitor:7.22.15/@babel/types:^7.22.15 pkg:npm/%40babel%2Ftypes@7.23.9 @babel/types:7.23.9File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/helper-function-name:7.23.0/@babel/types:^7.23.0 pkg:npm/%40babel%2Ftypes@7.23.9 @babel/types:7.23.9File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/helper-hoist-variables:7.22.5/@babel/types:^7.22.5 pkg:npm/%40babel%2Ftypes@7.23.9 @babel/types:7.23.9File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/helper-member-expression-to-functions:7.23.0/@babel/types:^7.23.0 pkg:npm/%40babel%2Ftypes@7.23.9 @babel/types:7.23.9File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/helper-module-imports:7.22.15/@babel/types:^7.22.15 pkg:npm/%40babel%2Ftypes@7.23.9 @babel/types:7.23.9File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/helper-optimise-call-expression:7.22.5/@babel/types:^7.22.5 pkg:npm/%40babel%2Ftypes@7.23.9 @babel/types:7.23.9File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/helper-simple-access:7.22.5/@babel/types:^7.22.5 pkg:npm/%40babel%2Ftypes@7.23.9 @babel/types:7.23.9File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/helper-skip-transparent-expression-wrappers:7.22.5/@babel/types:^7.22.5 pkg:npm/%40babel%2Ftypes@7.23.9 @babel/types:7.23.9File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/helper-split-export-declaration:7.22.6/@babel/types:^7.22.5 pkg:npm/%40babel%2Ftypes@7.23.9 @babel/types:7.23.9File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/helper-wrap-function:7.22.20/@babel/types:^7.22.19 pkg:npm/%40babel%2Ftypes@7.23.9 @babel/types:7.23.9File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/helpers:7.23.9/@babel/types:^7.23.9 pkg:npm/%40babel%2Ftypes@7.23.9 @babel/types:7.23.9File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/preset-modules:0.1.6-no-external-plugins/@babel/types:^7.4.4 pkg:npm/%40babel%2Ftypes@7.23.9 @babel/types:7.23.9File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/template:7.23.9/@babel/types:^7.23.9 pkg:npm/%40babel%2Ftypes@7.23.9 @babel/types:7.23.9File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/traverse:7.23.9/@babel/types:^7.23.9 pkg:npm/%40babel%2Ftypes@7.23.9 @colors/colors:1.5.0Description:
get colors in your node.js console License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/@colors/colors:1.5.0
Referenced In Project/Scope: simplicite-js:5.2.54
Evidence Type Source Name Value Confidence Vendor package.json author DABH Highest Vendor package.json bugs https://github.com/DABH/colors.js/issues Highest Vendor package.json description get colors in your node.js console Highest Vendor package.json homepage https://github.com/DABH/colors.js Highest Vendor package.json name @colors/colors Highest Vendor package.json name @colors/colors_project Highest Product package.json name @colors/colors Highest Version package.json version 1.5.0 Highest
@csstools/selector-specificity:2.2.0Description:
Determine selector specificity with postcss-selector-parser License:
CC0-1.0 File Path: /var/simplicite/simplicite-5.2/package-lock.json?stylelint:14.16.1/@csstools/selector-specificity:^2.0.2
Referenced In Projects/Scopes: simplicite-js:5.2.54/stylelint:14.16.1 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json bugs https://github.com/csstools/postcss-plugins/issues Highest Vendor package.json description Determine selector specificity with postcss-selector-parser Highest Vendor package.json homepage https://github.com/csstools/postcss-plugins/tree/main/packages/selector-specificity#readme Highest Vendor package.json name @csstools/selector-specificity Highest Vendor package.json name @csstools/selector-specificity_project Highest Product package.json name @csstools/selector-specificity Highest Version package.json version 2.2.0 Highest
Related Dependencies @csstools/selector-specificity:2.2.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?/@csstools/selector-specificity:2.2.0 pkg:npm/%40csstools%2Fselector-specificity@2.2.0 @devexpress/error-stack-parser:2.0.6Description:
Extract meaning from JS Errors License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?callsite-record:4.1.5/@devexpress/error-stack-parser:^2.0.6
Referenced In Projects/Scopes: simplicite-js:5.2.54/callsite-record:4.1.5 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json bugs.url https://github.com/stacktracejs/error-stack-parser/issues Highest Vendor package.json description Extract meaning from JS Errors Highest Vendor package.json homepage https://www.stacktracejs.com Highest Vendor package.json name @devexpress/error-stack-parser Highest Vendor package.json name @devexpress/error-stack-parser_project Highest Product package.json name @devexpress/error-stack-parser Highest Version package.json version 2.0.6 Highest
Related Dependencies @devexpress/error-stack-parser:2.0.6File Path: /var/simplicite/simplicite-5.2/package-lock.json?/@devexpress/error-stack-parser:2.0.6 pkg:npm/%40devexpress%2Ferror-stack-parser@2.0.6 @es-joy/jsdoccomment:0.41.0Description:
Maintained replacement for ESLint's deprecated SourceCode#getJSDocComment along with other jsdoc utilities License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?eslint-plugin-jsdoc:48.0.4/@es-joy/jsdoccomment:~0.41.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/eslint-plugin-jsdoc:48.0.4 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author Brett Zamir <brettz9@yahoo.com> Highest Vendor package.json bugs.url https://github.com/es-joy/jsdoccomment/issues Highest Vendor package.json description Maintained replacement for ESLint's deprecated SourceCode#getJSDocComment along with other jsdoc utilities Highest Vendor package.json homepage https://github.com/es-joy/jsdoccomment Highest Vendor package.json name @es-joy/jsdoccomment Highest Vendor package.json name @es-joy/jsdoccomment_project Highest Product package.json name @es-joy/jsdoccomment Highest Version package.json version 0.41.0 Highest
Related Dependencies @es-joy/jsdoccomment:0.41.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?/@es-joy/jsdoccomment:0.41.0 pkg:npm/%40es-joy%2Fjsdoccomment@0.41.0 @eslint-community/eslint-utils:4.4.0Description:
Utilities for ESLint plugins. License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?eslint:8.56.0/@eslint-community/eslint-utils:^4.2.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/eslint:8.56.0 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author Toru Nagashima Highest Vendor package.json bugs.url https://github.com/eslint-community/eslint-utils/issues Highest Vendor package.json description Utilities for ESLint plugins. Highest Vendor package.json homepage https://github.com/eslint-community/eslint-utils#readme Highest Vendor package.json name @eslint-community/eslint-utils Highest Vendor package.json name @eslint-community/eslint-utils_project Highest Product package.json name @eslint-community/eslint-utils Highest Version package.json version 4.4.0 Highest
Related Dependencies @eslint-community/eslint-utils:4.4.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?/@eslint-community/eslint-utils:4.4.0 pkg:npm/%40eslint-community%2Feslint-utils@4.4.0 @eslint-community/regexpp:4.6.2Description:
Regular expression parser for ECMAScript. License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?eslint:8.56.0/@eslint-community/regexpp:^4.6.1
Referenced In Projects/Scopes: simplicite-js:5.2.54/eslint:8.56.0 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author Toru Nagashima Highest Vendor package.json bugs.url https://github.com/eslint-community/regexpp/issues Highest Vendor package.json description Regular expression parser for ECMAScript. Highest Vendor package.json homepage https://github.com/eslint-community/regexpp#readme Highest Vendor package.json name @eslint-community/regexpp Highest Vendor package.json name @eslint-community/regexpp_project Highest Product package.json name @eslint-community/regexpp Highest Version package.json version 4.6.2 Highest
Related Dependencies @eslint-community/regexpp:4.6.2File Path: /var/simplicite/simplicite-5.2/package-lock.json?/@eslint-community/regexpp:4.6.2 pkg:npm/%40eslint-community%2Fregexpp@4.6.2 @eslint/eslintrc:2.1.4Description:
The legacy ESLintRC config file format for ESLint License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?eslint:8.56.0/@eslint/eslintrc:^2.1.4
Referenced In Projects/Scopes: simplicite-js:5.2.54/eslint:8.56.0 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author Nicholas C. Zakas Highest Vendor package.json bugs.url https://github.com/eslint/eslintrc/issues Highest Vendor package.json description The legacy ESLintRC config file format for ESLint Highest Vendor package.json homepage https://github.com/eslint/eslintrc#readme Highest Vendor package.json name @eslint/eslintrc Highest Vendor package.json name @eslint/eslintrc_project Highest Product package.json name @eslint/eslintrc Highest Version package.json version 2.1.4 Highest
Related Dependencies @eslint/eslintrc:2.1.4File Path: /var/simplicite/simplicite-5.2/package-lock.json?/@eslint/eslintrc:2.1.4 pkg:npm/%40eslint%2Feslintrc@2.1.4 @eslint/js:8.56.0Description:
ESLint JavaScript language implementation License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?eslint:8.56.0/@eslint/js:8.56.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/eslint:8.56.0 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json bugs https://github.com/eslint/eslint/issues/ Highest Vendor package.json description ESLint JavaScript language implementation Highest Vendor package.json homepage https://eslint.org Highest Vendor package.json name @eslint/js Highest Vendor package.json name @eslint/js_project Highest Product package.json name @eslint/js Highest Version package.json version 8.56.0 Highest
Related Dependencies @eslint/js:8.56.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?/@eslint/js:8.56.0 pkg:npm/%40eslint%2Fjs@8.56.0 @fullcalendar/bootstrap:5.11.0Description:
Bootstrap 4 theming for your calendar License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/@fullcalendar/bootstrap:5.11.0
Referenced In Project/Scope: simplicite-js:5.2.54
Evidence Type Source Name Value Confidence Vendor package.json author.email arshaw@arshaw.com Highest Vendor package.json author.name Adam Shaw Highest Vendor package.json author.url http://arshaw.com/ Highest Vendor package.json bugs https://fullcalendar.io/reporting-bugs Highest Vendor package.json description Bootstrap 4 theming for your calendar Highest Vendor package.json homepage https://fullcalendar.io/ Highest Vendor package.json name @fullcalendar/bootstrap Highest Vendor package.json name @fullcalendar/bootstrap_project Highest Product package.json name @fullcalendar/bootstrap Highest Version package.json version 5.11.0 Highest
@fullcalendar/common:5.11.5Description:
internal package License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?@fullcalendar/timegrid:5.11.0/@fullcalendar/common:~5.11.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/@fullcalendar/moment:5.11.0 simplicite-js:5.2.54/@fullcalendar/moment-timezone:5.11.0 simplicite-js:5.2.54 simplicite-js:5.2.54/@fullcalendar/interaction:5.11.0 simplicite-js:5.2.54/@fullcalendar/luxon:5.11.0 simplicite-js:5.2.54/@fullcalendar/google-calendar:5.11.0 simplicite-js:5.2.54/@fullcalendar/bootstrap:5.11.0 simplicite-js:5.2.54/@fullcalendar/daygrid:5.11.0 simplicite-js:5.2.54/@fullcalendar/timegrid:5.11.0 simplicite-js:5.2.54/@fullcalendar/list:5.11.0 simplicite-js:5.2.54/@fullcalendar/rrule:5.11.0 simplicite-js:5.2.54/@fullcalendar/core:5.11.0 Evidence Type Source Name Value Confidence Vendor package.json author.email arshaw@arshaw.com Highest Vendor package.json author.name Adam Shaw Highest Vendor package.json author.url http://arshaw.com/ Highest Vendor package.json bugs https://fullcalendar.io/reporting-bugs Highest Vendor package.json description internal package Highest Vendor package.json homepage https://fullcalendar.io/ Highest Vendor package.json name @fullcalendar/common Highest Vendor package.json name @fullcalendar/common_project Highest Product package.json name @fullcalendar/common Highest Version package.json version 5.11.5 Highest
Related Dependencies @fullcalendar/common:5.11.5File Path: /var/simplicite/simplicite-5.2/package-lock.json?/@fullcalendar/common:5.11.5 pkg:npm/%40fullcalendar%2Fcommon@5.11.5 @fullcalendar/common:5.11.5File Path: /var/simplicite/simplicite-5.2/package-lock.json?@fullcalendar/bootstrap:5.11.0/@fullcalendar/common:~5.11.0 pkg:npm/%40fullcalendar%2Fcommon@5.11.5 @fullcalendar/common:5.11.5File Path: /var/simplicite/simplicite-5.2/package-lock.json?@fullcalendar/core:5.11.0/@fullcalendar/common:~5.11.0 pkg:npm/%40fullcalendar%2Fcommon@5.11.5 @fullcalendar/common:5.11.5File Path: /var/simplicite/simplicite-5.2/package-lock.json?@fullcalendar/daygrid:5.11.0/@fullcalendar/common:~5.11.0 pkg:npm/%40fullcalendar%2Fcommon@5.11.5 @fullcalendar/common:5.11.5File Path: /var/simplicite/simplicite-5.2/package-lock.json?@fullcalendar/google-calendar:5.11.0/@fullcalendar/common:~5.11.0 pkg:npm/%40fullcalendar%2Fcommon@5.11.5 @fullcalendar/common:5.11.5File Path: /var/simplicite/simplicite-5.2/package-lock.json?@fullcalendar/interaction:5.11.0/@fullcalendar/common:~5.11.0 pkg:npm/%40fullcalendar%2Fcommon@5.11.5 @fullcalendar/common:5.11.5File Path: /var/simplicite/simplicite-5.2/package-lock.json?@fullcalendar/list:5.11.0/@fullcalendar/common:~5.11.0 pkg:npm/%40fullcalendar%2Fcommon@5.11.5 @fullcalendar/common:5.11.5File Path: /var/simplicite/simplicite-5.2/package-lock.json?@fullcalendar/luxon:5.11.0/@fullcalendar/common:~5.11.0 pkg:npm/%40fullcalendar%2Fcommon@5.11.5 @fullcalendar/common:5.11.5File Path: /var/simplicite/simplicite-5.2/package-lock.json?@fullcalendar/moment-timezone:5.11.0/@fullcalendar/common:~5.11.0 pkg:npm/%40fullcalendar%2Fcommon@5.11.5 @fullcalendar/common:5.11.5File Path: /var/simplicite/simplicite-5.2/package-lock.json?@fullcalendar/moment:5.11.0/@fullcalendar/common:~5.11.0 pkg:npm/%40fullcalendar%2Fcommon@5.11.5 @fullcalendar/common:5.11.5File Path: /var/simplicite/simplicite-5.2/package-lock.json?@fullcalendar/rrule:5.11.0/@fullcalendar/common:~5.11.0 pkg:npm/%40fullcalendar%2Fcommon@5.11.5 @fullcalendar/core:5.11.0Description:
Provides core functionality, including the Calendar class License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/@fullcalendar/core:5.11.0
Referenced In Project/Scope: simplicite-js:5.2.54
Evidence Type Source Name Value Confidence Vendor package.json author.email arshaw@arshaw.com Highest Vendor package.json author.name Adam Shaw Highest Vendor package.json author.url http://arshaw.com/ Highest Vendor package.json bugs https://fullcalendar.io/reporting-bugs Highest Vendor package.json description Provides core functionality, including the Calendar class Highest Vendor package.json homepage https://fullcalendar.io/ Highest Vendor package.json name @fullcalendar/core Highest Vendor package.json name @fullcalendar/core_project Highest Product package.json name @fullcalendar/core Highest Version package.json version 5.11.0 Highest
@fullcalendar/daygrid:5.11.0Description:
Display events on Month view or DayGrid view License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?@fullcalendar/timegrid:5.11.0/@fullcalendar/daygrid:~5.11.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/@fullcalendar/timegrid:5.11.0 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author.email arshaw@arshaw.com Highest Vendor package.json author.name Adam Shaw Highest Vendor package.json author.url http://arshaw.com/ Highest Vendor package.json bugs https://fullcalendar.io/reporting-bugs Highest Vendor package.json description Display events on Month view or DayGrid view Highest Vendor package.json homepage https://fullcalendar.io/ Highest Vendor package.json name @fullcalendar/daygrid Highest Vendor package.json name @fullcalendar/daygrid_project Highest Product package.json name @fullcalendar/daygrid Highest Version package.json version 5.11.0 Highest
Related Dependencies @fullcalendar/daygrid:5.11.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?/@fullcalendar/daygrid:5.11.0 pkg:npm/%40fullcalendar%2Fdaygrid@5.11.0 @fullcalendar/google-calendar:5.11.0Description:
Fetch events from a public Google Calendar feed License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/@fullcalendar/google-calendar:5.11.0
Referenced In Project/Scope: simplicite-js:5.2.54
Evidence Type Source Name Value Confidence Vendor package.json author.email arshaw@arshaw.com Highest Vendor package.json author.name Adam Shaw Highest Vendor package.json author.url http://arshaw.com/ Highest Vendor package.json bugs https://fullcalendar.io/reporting-bugs Highest Vendor package.json description Fetch events from a public Google Calendar feed Highest Vendor package.json homepage https://fullcalendar.io/ Highest Vendor package.json name @fullcalendar/google-calendar Highest Vendor package.json name @fullcalendar/google-calendar_project Highest Product package.json name @fullcalendar/google-calendar Highest Version package.json version 5.11.0 Highest
@fullcalendar/interaction:5.11.0Description:
Provides functionality for event drag-n-drop, resizing, dateClick, and selectable actions License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/@fullcalendar/interaction:5.11.0
Referenced In Project/Scope: simplicite-js:5.2.54
Evidence Type Source Name Value Confidence Vendor package.json author.email arshaw@arshaw.com Highest Vendor package.json author.name Adam Shaw Highest Vendor package.json author.url http://arshaw.com/ Highest Vendor package.json bugs https://fullcalendar.io/reporting-bugs Highest Vendor package.json description Provides functionality for event drag-n-drop, resizing, dateClick, and selectable actions Highest Vendor package.json homepage https://fullcalendar.io/ Highest Vendor package.json name @fullcalendar/interaction Highest Vendor package.json name @fullcalendar/interaction_project Highest Product package.json name @fullcalendar/interaction Highest Version package.json version 5.11.0 Highest
@fullcalendar/list:5.11.0Description:
View your events as a bulleted list License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/@fullcalendar/list:5.11.0
Referenced In Project/Scope: simplicite-js:5.2.54
Evidence Type Source Name Value Confidence Vendor package.json author.email arshaw@arshaw.com Highest Vendor package.json author.name Adam Shaw Highest Vendor package.json author.url http://arshaw.com/ Highest Vendor package.json bugs https://fullcalendar.io/reporting-bugs Highest Vendor package.json description View your events as a bulleted list Highest Vendor package.json homepage https://fullcalendar.io/ Highest Vendor package.json name @fullcalendar/list Highest Vendor package.json name @fullcalendar/list_project Highest Product package.json name @fullcalendar/list Highest Version package.json version 5.11.0 Highest
@fullcalendar/luxon:5.11.0Description:
A connector to the Luxon 1 date library License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/@fullcalendar/luxon:5.11.0
Referenced In Project/Scope: simplicite-js:5.2.54
Evidence Type Source Name Value Confidence Vendor package.json author.email arshaw@arshaw.com Highest Vendor package.json author.name Adam Shaw Highest Vendor package.json author.url http://arshaw.com/ Highest Vendor package.json bugs https://fullcalendar.io/reporting-bugs Highest Vendor package.json description A connector to the Luxon 1 date library Highest Vendor package.json homepage https://fullcalendar.io/ Highest Vendor package.json name @fullcalendar/luxon Highest Vendor package.json name @fullcalendar/luxon_project Highest Product package.json name @fullcalendar/luxon Highest Version package.json version 5.11.0 Highest
@fullcalendar/moment-timezone:5.11.0Description:
A connector to the moment-timezone library License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/@fullcalendar/moment-timezone:5.11.0
Referenced In Project/Scope: simplicite-js:5.2.54
Evidence Type Source Name Value Confidence Vendor package.json author.email arshaw@arshaw.com Highest Vendor package.json author.name Adam Shaw Highest Vendor package.json author.url http://arshaw.com/ Highest Vendor package.json bugs https://fullcalendar.io/reporting-bugs Highest Vendor package.json description A connector to the moment-timezone library Highest Vendor package.json homepage https://fullcalendar.io/ Highest Vendor package.json name @fullcalendar/moment-timezone Highest Vendor package.json name @fullcalendar/moment-timezone_project Highest Product package.json name @fullcalendar/moment-timezone Highest Version package.json version 5.11.0 Highest
@fullcalendar/moment:5.11.0Description:
A connector to the MomentJS date library License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/@fullcalendar/moment:5.11.0
Referenced In Project/Scope: simplicite-js:5.2.54
Evidence Type Source Name Value Confidence Vendor package.json author.email arshaw@arshaw.com Highest Vendor package.json author.name Adam Shaw Highest Vendor package.json author.url http://arshaw.com/ Highest Vendor package.json bugs https://fullcalendar.io/reporting-bugs Highest Vendor package.json description A connector to the MomentJS date library Highest Vendor package.json homepage https://fullcalendar.io/ Highest Vendor package.json name @fullcalendar/moment Highest Vendor package.json name @fullcalendar/moment_project Highest Product package.json name @fullcalendar/moment Highest Version package.json version 5.11.0 Highest
@fullcalendar/rrule:5.11.0Description:
A connector to the RRule library, for recurring events License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/@fullcalendar/rrule:5.11.0
Referenced In Project/Scope: simplicite-js:5.2.54
Evidence Type Source Name Value Confidence Vendor package.json author.email arshaw@arshaw.com Highest Vendor package.json author.name Adam Shaw Highest Vendor package.json author.url http://arshaw.com/ Highest Vendor package.json bugs https://fullcalendar.io/reporting-bugs Highest Vendor package.json description A connector to the RRule library, for recurring events Highest Vendor package.json homepage https://fullcalendar.io/ Highest Vendor package.json name @fullcalendar/rrule Highest Vendor package.json name @fullcalendar/rrule_project Highest Product package.json name @fullcalendar/rrule Highest Version package.json version 5.11.0 Highest
@fullcalendar/timegrid:5.11.0Description:
Display your events on a grid of time slots License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/@fullcalendar/timegrid:5.11.0
Referenced In Project/Scope: simplicite-js:5.2.54
Evidence Type Source Name Value Confidence Vendor package.json author.email arshaw@arshaw.com Highest Vendor package.json author.name Adam Shaw Highest Vendor package.json author.url http://arshaw.com/ Highest Vendor package.json bugs https://fullcalendar.io/reporting-bugs Highest Vendor package.json description Display your events on a grid of time slots Highest Vendor package.json homepage https://fullcalendar.io/ Highest Vendor package.json name @fullcalendar/timegrid Highest Vendor package.json name @fullcalendar/timegrid_project Highest Product package.json name @fullcalendar/timegrid Highest Version package.json version 5.11.0 Highest
@humanwhocodes/config-array:0.11.13Description:
Glob-based configuration matching. License:
Apache-2.0 File Path: /var/simplicite/simplicite-5.2/package-lock.json?eslint:8.56.0/@humanwhocodes/config-array:^0.11.13
Referenced In Projects/Scopes: simplicite-js:5.2.54/eslint:8.56.0 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author Nicholas C. Zakas Highest Vendor package.json bugs.url https://github.com/humanwhocodes/config-array/issues Highest Vendor package.json description Glob-based configuration matching. Highest Vendor package.json homepage https://github.com/humanwhocodes/config-array#readme Highest Vendor package.json name @humanwhocodes/config-array Highest Vendor package.json name @humanwhocodes/config-array_project Highest Product package.json name @humanwhocodes/config-array Highest Version package.json version 0.11.13 Highest
Related Dependencies @humanwhocodes/config-array:0.11.13File Path: /var/simplicite/simplicite-5.2/package-lock.json?/@humanwhocodes/config-array:0.11.13 pkg:npm/%40humanwhocodes%2Fconfig-array@0.11.13 @humanwhocodes/module-importer:1.0.1Description:
Universal module importer for Node.js License:
Apache-2.0 File Path: /var/simplicite/simplicite-5.2/package-lock.json?eslint:8.56.0/@humanwhocodes/module-importer:^1.0.1
Referenced In Projects/Scopes: simplicite-js:5.2.54/eslint:8.56.0 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author Nicholas C. Zaks Highest Vendor package.json description Universal module importer for Node.js Highest Vendor package.json name @humanwhocodes/module-importer Highest Vendor package.json name @humanwhocodes/module-importer_project Highest Product package.json name @humanwhocodes/module-importer Highest Version package.json version 1.0.1 Highest
Related Dependencies @humanwhocodes/module-importer:1.0.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?/@humanwhocodes/module-importer:1.0.1 pkg:npm/%40humanwhocodes%2Fmodule-importer@1.0.1 @humanwhocodes/object-schema:2.0.1Description:
An object schema merger/validator License:
BSD-3-Clause File Path: /var/simplicite/simplicite-5.2/package-lock.json?/@humanwhocodes/object-schema:2.0.1
Referenced In Projects/Scopes: simplicite-js:5.2.54 simplicite-js:5.2.54/@humanwhocodes/config-array:0.11.13 Evidence Type Source Name Value Confidence Vendor package.json author Nicholas C. Zakas Highest Vendor package.json bugs.url https://github.com/humanwhocodes/object-schema/issues Highest Vendor package.json description An object schema merger/validator Highest Vendor package.json homepage https://github.com/humanwhocodes/object-schema#readme Highest Vendor package.json name @humanwhocodes/object-schema Highest Vendor package.json name @humanwhocodes/object-schema_project Highest Product package.json name @humanwhocodes/object-schema Highest Version package.json version 2.0.1 Highest
Related Dependencies @humanwhocodes/object-schema:2.0.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?@humanwhocodes/config-array:0.11.13/@humanwhocodes/object-schema:^2.0.1 pkg:npm/%40humanwhocodes%2Fobject-schema@2.0.1 @isaacs/cliui:8.0.2Description:
easily create complex multi-column command-line-interfaces License:
ISC File Path: /var/simplicite/simplicite-5.2/package-lock.json?jackspeak:2.3.6/@isaacs/cliui:^8.0.2
Referenced In Projects/Scopes: simplicite-js:5.2.54/jackspeak:2.3.6 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author Ben Coe <ben@npmjs.com> Highest Vendor package.json description easily create complex multi-column command-line-interfaces Highest Vendor package.json name @isaacs/cliui Highest Vendor package.json name @isaacs/cliui_project Highest Product package.json name @isaacs/cliui Highest Version package.json version 8.0.2 Highest
Related Dependencies @isaacs/cliui:8.0.2File Path: /var/simplicite/simplicite-5.2/package-lock.json?/@isaacs/cliui:8.0.2 pkg:npm/%40isaacs%2Fcliui@8.0.2 @jridgewell/gen-mapping:0.3.3Description:
Generate source maps License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/@jridgewell/gen-mapping:0.3.3
Referenced In Projects/Scopes: simplicite-js:5.2.54/@ampproject/remapping:2.2.1 simplicite-js:5.2.54/@babel/generator:7.23.6 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author Justin Ridgewell <justin@ridgewell.name> Highest Vendor package.json description Generate source maps Highest Vendor package.json name @jridgewell/gen-mapping Highest Vendor package.json name @jridgewell/gen-mapping_project Highest Product package.json name @jridgewell/gen-mapping Highest Version package.json version 0.3.3 Highest
Related Dependencies @jridgewell/gen-mapping:0.3.3File Path: /var/simplicite/simplicite-5.2/package-lock.json?@ampproject/remapping:2.2.1/@jridgewell/gen-mapping:^0.3.0 pkg:npm/%40jridgewell%2Fgen-mapping@0.3.3 @jridgewell/gen-mapping:0.3.3File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/generator:7.23.6/@jridgewell/gen-mapping:^0.3.2 pkg:npm/%40jridgewell%2Fgen-mapping@0.3.3 @jridgewell/resolve-uri:3.1.0Description:
Resolve a URI relative to an optional base URI License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?@jridgewell/trace-mapping:0.3.18/@jridgewell/resolve-uri:3.1.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/@jridgewell/trace-mapping:0.3.18 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author Justin Ridgewell <justin@ridgewell.name> Highest Vendor package.json description Resolve a URI relative to an optional base URI Highest Vendor package.json name @jridgewell/resolve-uri Highest Vendor package.json name @jridgewell/resolve-uri_project Highest Product package.json name @jridgewell/resolve-uri Highest Version package.json version 3.1.0 Highest
Related Dependencies @jridgewell/resolve-uri:3.1.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?/@jridgewell/resolve-uri:3.1.0 pkg:npm/%40jridgewell%2Fresolve-uri@3.1.0 @jridgewell/set-array:1.1.2Description:
Like a Set, but provides the index of the `key` in the backing array License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/@jridgewell/set-array:1.1.2
Referenced In Projects/Scopes: simplicite-js:5.2.54/@jridgewell/gen-mapping:0.3.3 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author Justin Ridgewell <justin@ridgewell.name> Highest Vendor package.json description Like a Set, but provides the index of the `key` in the backing array Highest Vendor package.json name @jridgewell/set-array Highest Vendor package.json name @jridgewell/set-array_project Highest Product package.json name @jridgewell/set-array Highest Version package.json version 1.1.2 Highest
Related Dependencies @jridgewell/set-array:1.1.2File Path: /var/simplicite/simplicite-5.2/package-lock.json?@jridgewell/gen-mapping:0.3.3/@jridgewell/set-array:^1.0.1 pkg:npm/%40jridgewell%2Fset-array@1.1.2 @jridgewell/sourcemap-codec:1.4.14Description:
Encode/decode sourcemap mappings License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/@jridgewell/sourcemap-codec:1.4.14
Referenced In Projects/Scopes: simplicite-js:5.2.54/@jridgewell/trace-mapping:0.3.18 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author Rich Harris Highest Vendor package.json description Encode/decode sourcemap mappings Highest Vendor package.json name @jridgewell/sourcemap-codec Highest Vendor package.json name @jridgewell/sourcemap-codec_project Highest Product package.json name @jridgewell/sourcemap-codec Highest Version package.json version 1.4.14 Highest
Related Dependencies @jridgewell/sourcemap-codec:1.4.14File Path: /var/simplicite/simplicite-5.2/package-lock.json?@jridgewell/trace-mapping:0.3.18/@jridgewell/sourcemap-codec:1.4.14 pkg:npm/%40jridgewell%2Fsourcemap-codec@1.4.14 @jridgewell/sourcemap-codec:1.4.15Description:
Encode/decode sourcemap mappings License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?magic-string:0.30.0/@jridgewell/sourcemap-codec:^1.4.13
Referenced In Projects/Scopes: simplicite-js:5.2.54/@jridgewell/gen-mapping:0.3.3 simplicite-js:5.2.54/magic-string:0.30.0 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author Rich Harris Highest Vendor package.json description Encode/decode sourcemap mappings Highest Vendor package.json name @jridgewell/sourcemap-codec Highest Vendor package.json name @jridgewell/sourcemap-codec_project Highest Product package.json name @jridgewell/sourcemap-codec Highest Version package.json version 1.4.15 Highest
Related Dependencies @jridgewell/sourcemap-codec:1.4.15File Path: /var/simplicite/simplicite-5.2/package-lock.json?/@jridgewell/sourcemap-codec:1.4.15 pkg:npm/%40jridgewell%2Fsourcemap-codec@1.4.15 @jridgewell/sourcemap-codec:1.4.15File Path: /var/simplicite/simplicite-5.2/package-lock.json?@jridgewell/gen-mapping:0.3.3/@jridgewell/sourcemap-codec:^1.4.10 pkg:npm/%40jridgewell%2Fsourcemap-codec@1.4.15 @jridgewell/trace-mapping:0.3.18Description:
Trace the original position through a source map License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/@jridgewell/trace-mapping:0.3.18
Referenced In Projects/Scopes: simplicite-js:5.2.54/@ampproject/remapping:2.2.1 simplicite-js:5.2.54/@jridgewell/gen-mapping:0.3.3 simplicite-js:5.2.54/@babel/generator:7.23.6 simplicite-js:5.2.54/@babel/cli:7.23.9 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author Justin Ridgewell <justin@ridgewell.name> Highest Vendor package.json description Trace the original position through a source map Highest Vendor package.json name @jridgewell/trace-mapping Highest Vendor package.json name @jridgewell/trace-mapping_project Highest Product package.json name @jridgewell/trace-mapping Highest Version package.json version 0.3.18 Highest
Related Dependencies @jridgewell/trace-mapping:0.3.18File Path: /var/simplicite/simplicite-5.2/package-lock.json?@ampproject/remapping:2.2.1/@jridgewell/trace-mapping:^0.3.9 pkg:npm/%40jridgewell%2Ftrace-mapping@0.3.18 @jridgewell/trace-mapping:0.3.18File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/cli:7.23.9/@jridgewell/trace-mapping:^0.3.17 pkg:npm/%40jridgewell%2Ftrace-mapping@0.3.18 @jridgewell/trace-mapping:0.3.18File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/generator:7.23.6/@jridgewell/trace-mapping:^0.3.17 pkg:npm/%40jridgewell%2Ftrace-mapping@0.3.18 @jridgewell/trace-mapping:0.3.18File Path: /var/simplicite/simplicite-5.2/package-lock.json?@jridgewell/gen-mapping:0.3.3/@jridgewell/trace-mapping:^0.3.9 pkg:npm/%40jridgewell%2Ftrace-mapping@0.3.18 @jsdoc/salty:0.2.5Description:
A drop-in replacement for (some of) TaffyDB. License:
Apache-2.0 File Path: /var/simplicite/simplicite-5.2/package-lock.json?jsdoc:4.0.2/@jsdoc/salty:^0.2.1
Referenced In Projects/Scopes: simplicite-js:5.2.54/jsdoc:4.0.2 simplicite-js:5.2.54/docdash:2.0.2 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author Jeff Williams <jeffrey.l.williams@gmail.com> Highest Vendor package.json bugs.url https://github.com/jsdoc/jsdoc/issues Highest Vendor package.json description A drop-in replacement for (some of) TaffyDB. Highest Vendor package.json homepage https://jsdoc.app/ Highest Vendor package.json name @jsdoc/salty Highest Vendor package.json name @jsdoc/salty_project Highest Product package.json name @jsdoc/salty Highest Version package.json version 0.2.5 Highest
Related Dependencies @jsdoc/salty:0.2.5File Path: /var/simplicite/simplicite-5.2/package-lock.json?/@jsdoc/salty:0.2.5 pkg:npm/%40jsdoc%2Fsalty@0.2.5 @jsdoc/salty:0.2.5File Path: /var/simplicite/simplicite-5.2/package-lock.json?docdash:2.0.2/@jsdoc/salty:^0.2.1 pkg:npm/%40jsdoc%2Fsalty@0.2.5 @kessler/tableify:1.0.2Description:
Create HTML tables from Javascript Objects License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?license-report:6.5.0/@kessler/tableify:^1.0.2
Referenced In Projects/Scopes: simplicite-js:5.2.54/license-report:6.5.0 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author Dan VerWeire, Yaniv Kessler Highest Vendor package.json bugs.url https://github.com/kessler/node-tableify/issues Highest Vendor package.json description Create HTML tables from Javascript Objects Highest Vendor package.json homepage https://github.com/kessler/node-tableify Highest Vendor package.json name @kessler/tableify Highest Vendor package.json name @kessler/tableify_project Highest Product package.json name @kessler/tableify Highest Version package.json version 1.0.2 Highest
Related Dependencies @kessler/tableify:1.0.2File Path: /var/simplicite/simplicite-5.2/package-lock.json?/@kessler/tableify:1.0.2 pkg:npm/%40kessler%2Ftableify@1.0.2 @nicolo-ribaudo/chokidar-2:2.1.8-no-fsevents.3Description:
A wrapper around chokidar@2 to be able to specify both @2 and @3 as dependencies License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/@nicolo-ribaudo/chokidar-2:2.1.8-no-fsevents.3
Referenced In Project/Scope: simplicite-js:5.2.54
Evidence Type Source Name Value Confidence Vendor package.json author Nicolò Ribaudo <nicolo.ribaudo@gmail.com> Highest Vendor package.json description A wrapper around chokidar@2 to be able to specify both @2 and @3 as dependencies Highest Vendor package.json name @nicolo-ribaudo/chokidar-2 Highest Vendor package.json name @nicolo-ribaudo/chokidar-2_project Highest Product package.json name @nicolo-ribaudo/chokidar-2 Highest Version package.json version 2.1.8-no-fsevents.3 Highest
@nodelib/fs.scandir:2.1.5Description:
List files and directories inside the specified directory License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?@nodelib/fs.walk:1.2.8/@nodelib/fs.scandir:2.1.5
Referenced In Projects/Scopes: simplicite-js:5.2.54/@nodelib/fs.walk:1.2.8 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json description List files and directories inside the specified directory Highest Vendor package.json name @nodelib/fs.scandir Highest Vendor package.json name @nodelib/fs.scandir_project Highest Product package.json name @nodelib/fs.scandir Highest Version package.json version 2.1.5 Highest
Related Dependencies @nodelib/fs.scandir:2.1.5File Path: /var/simplicite/simplicite-5.2/package-lock.json?/@nodelib/fs.scandir:2.1.5 pkg:npm/%40nodelib%2Ffs.scandir@2.1.5 @nodelib/fs.stat:2.0.5Description:
Get the status of a file with some features License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?fast-glob:3.3.0/@nodelib/fs.stat:^2.0.2
Referenced In Projects/Scopes: simplicite-js:5.2.54 simplicite-js:5.2.54/@nodelib/fs.scandir:2.1.5 simplicite-js:5.2.54/fast-glob:3.3.0 Evidence Type Source Name Value Confidence Vendor package.json description Get the status of a file with some features Highest Vendor package.json name @nodelib/fs.stat Highest Vendor package.json name @nodelib/fs.stat_project Highest Product package.json name @nodelib/fs.stat Highest Version package.json version 2.0.5 Highest
Related Dependencies @nodelib/fs.stat:2.0.5File Path: /var/simplicite/simplicite-5.2/package-lock.json?/@nodelib/fs.stat:2.0.5 pkg:npm/%40nodelib%2Ffs.stat@2.0.5 @nodelib/fs.stat:2.0.5File Path: /var/simplicite/simplicite-5.2/package-lock.json?@nodelib/fs.scandir:2.1.5/@nodelib/fs.stat:2.0.5 pkg:npm/%40nodelib%2Ffs.stat@2.0.5 @nodelib/fs.walk:1.2.8Description:
A library for efficiently walking a directory recursively License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?fast-glob:3.3.0/@nodelib/fs.walk:^1.2.3
Referenced In Projects/Scopes: simplicite-js:5.2.54/eslint:8.56.0 simplicite-js:5.2.54 simplicite-js:5.2.54/fast-glob:3.3.0 Evidence Type Source Name Value Confidence Vendor package.json description A library for efficiently walking a directory recursively Highest Vendor package.json name @nodelib/fs.walk Highest Vendor package.json name @nodelib/fs.walk_project Highest Product package.json name @nodelib/fs.walk Highest Version package.json version 1.2.8 Highest
Related Dependencies @nodelib/fs.walk:1.2.8File Path: /var/simplicite/simplicite-5.2/package-lock.json?/@nodelib/fs.walk:1.2.8 pkg:npm/%40nodelib%2Ffs.walk@1.2.8 @nodelib/fs.walk:1.2.8File Path: /var/simplicite/simplicite-5.2/package-lock.json?eslint:8.56.0/@nodelib/fs.walk:^1.2.8 pkg:npm/%40nodelib%2Ffs.walk@1.2.8 @npmcli/fs:3.1.0Description:
filesystem utilities for the npm cli License:
ISC File Path: /var/simplicite/simplicite-5.2/package-lock.json?cacache:17.1.3/@npmcli/fs:^3.1.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/cacache:17.1.3 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author GitHub Inc. Highest Vendor package.json description filesystem utilities for the npm cli Highest Vendor package.json name @npmcli/fs Highest Vendor package.json name @npmcli/fs_project Highest Product package.json name @npmcli/fs Highest Version package.json version 3.1.0 Highest
Related Dependencies @npmcli/fs:3.1.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?/@npmcli/fs:3.1.0 pkg:npm/%40npmcli%2Ffs@3.1.0 @npmcli/git:4.1.0Description:
a util for spawning git from npm CLI contexts License:
ISC File Path: /var/simplicite/simplicite-5.2/package-lock.json?pacote:15.2.0/@npmcli/git:^4.0.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/pacote:15.2.0 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author GitHub Inc. Highest Vendor package.json description a util for spawning git from npm CLI contexts Highest Vendor package.json name @npmcli/git Highest Vendor package.json name @npmcli/git_project Highest Product package.json name @npmcli/git Highest Version package.json version 4.1.0 Highest
Related Dependencies @npmcli/git:4.1.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?/@npmcli/git:4.1.0 pkg:npm/%40npmcli%2Fgit@4.1.0 @npmcli/installed-package-contents:2.0.2Description:
Get the list of files installed in a package in node_modules, including bundled dependencies License:
ISC File Path: /var/simplicite/simplicite-5.2/package-lock.json?pacote:15.2.0/@npmcli/installed-package-contents:^2.0.1
Referenced In Projects/Scopes: simplicite-js:5.2.54/pacote:15.2.0 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author GitHub Inc. Highest Vendor package.json description Get the list of files installed in a package in node_modules, including bundled dependencies Highest Vendor package.json name @npmcli/installed-package-contents Highest Vendor package.json name @npmcli/installed-package-contents_project Highest Product package.json name @npmcli/installed-package-contents Highest Version package.json version 2.0.2 Highest
Related Dependencies @npmcli/installed-package-contents:2.0.2File Path: /var/simplicite/simplicite-5.2/package-lock.json?/@npmcli/installed-package-contents:2.0.2 pkg:npm/%40npmcli%2Finstalled-package-contents@2.0.2 @npmcli/node-gyp:3.0.0Description:
Tools for dealing with node-gyp packages License:
ISC File Path: /var/simplicite/simplicite-5.2/package-lock.json?@npmcli/run-script:6.0.2/@npmcli/node-gyp:^3.0.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/@npmcli/run-script:6.0.2 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author GitHub Inc. Highest Vendor package.json description Tools for dealing with node-gyp packages Highest Vendor package.json name @npmcli/node-gyp Highest Vendor package.json name @npmcli/node-gyp_project Highest Product package.json name @npmcli/node-gyp Highest Version package.json version 3.0.0 Highest
Related Dependencies @npmcli/node-gyp:3.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?/@npmcli/node-gyp:3.0.0 pkg:npm/%40npmcli%2Fnode-gyp@3.0.0 @npmcli/promise-spawn:6.0.2Description:
spawn processes the way the npm cli likes to do License:
ISC File Path: /var/simplicite/simplicite-5.2/package-lock.json?pacote:15.2.0/@npmcli/promise-spawn:^6.0.1
Referenced In Projects/Scopes: simplicite-js:5.2.54/@npmcli/run-script:6.0.2 simplicite-js:5.2.54/pacote:15.2.0 simplicite-js:5.2.54 simplicite-js:5.2.54/@npmcli/git:4.1.0 Evidence Type Source Name Value Confidence Vendor package.json author GitHub Inc. Highest Vendor package.json description spawn processes the way the npm cli likes to do Highest Vendor package.json name @npmcli/promise-spawn Highest Vendor package.json name @npmcli/promise-spawn_project Highest Product package.json name @npmcli/promise-spawn Highest Version package.json version 6.0.2 Highest
Related Dependencies @npmcli/promise-spawn:6.0.2File Path: /var/simplicite/simplicite-5.2/package-lock.json?/@npmcli/promise-spawn:6.0.2 pkg:npm/%40npmcli%2Fpromise-spawn@6.0.2 @npmcli/promise-spawn:6.0.2File Path: /var/simplicite/simplicite-5.2/package-lock.json?@npmcli/git:4.1.0/@npmcli/promise-spawn:^6.0.0 pkg:npm/%40npmcli%2Fpromise-spawn@6.0.2 @npmcli/promise-spawn:6.0.2File Path: /var/simplicite/simplicite-5.2/package-lock.json?@npmcli/run-script:6.0.2/@npmcli/promise-spawn:^6.0.0 pkg:npm/%40npmcli%2Fpromise-spawn@6.0.2 @npmcli/run-script:6.0.2Description:
Run a lifecycle script for a package (descendant of npm-lifecycle) License:
ISC File Path: /var/simplicite/simplicite-5.2/package-lock.json?pacote:15.2.0/@npmcli/run-script:^6.0.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/pacote:15.2.0 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author GitHub Inc. Highest Vendor package.json description Run a lifecycle script for a package (descendant of npm-lifecycle) Highest Vendor package.json name @npmcli/run-script Highest Vendor package.json name @npmcli/run-script_project Highest Product package.json name @npmcli/run-script Highest Version package.json version 6.0.2 Highest
Related Dependencies @npmcli/run-script:6.0.2File Path: /var/simplicite/simplicite-5.2/package-lock.json?/@npmcli/run-script:6.0.2 pkg:npm/%40npmcli%2Frun-script@6.0.2 @pkgjs/parseargs:0.11.0Description:
Polyfill of future proposal for `util.parseArgs()` License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/@pkgjs/parseargs:0.11.0
Referenced In Project/Scope: simplicite-js:5.2.54
Evidence Type Source Name Value Confidence Vendor package.json author Highest Vendor package.json bugs.url https://github.com/pkgjs/parseargs/issues Highest Vendor package.json description Polyfill of future proposal for `util.parseArgs()` Highest Vendor package.json homepage https://github.com/pkgjs/parseargs#readme Highest Vendor package.json name @pkgjs/parseargs Highest Vendor package.json name @pkgjs/parseargs_project Highest Product package.json name @pkgjs/parseargs Highest Version package.json version 0.11.0 Highest
@pnpm/config.env-replace:1.1.0License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?@pnpm/npm-conf:2.2.2/@pnpm/config.env-replace:^1.1.0
Referenced In Projects/Scopes: simplicite-js:5.2.54 simplicite-js:5.2.54/@pnpm/npm-conf:2.2.2 Evidence Type Source Name Value Confidence Vendor package.json homepage https://bit.cloud/pnpm/config/env-replace Highest Vendor package.json name @pnpm/config.env-replace Highest Vendor package.json name @pnpm/config.env-replace_project Highest Product package.json name @pnpm/config.env-replace Highest Version package.json version 1.1.0 Highest
Related Dependencies @pnpm/config.env-replace:1.1.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?/@pnpm/config.env-replace:1.1.0 pkg:npm/%40pnpm%2Fconfig.env-replace@1.1.0 @pnpm/network.ca-file:1.0.2License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?@pnpm/npm-conf:2.2.2/@pnpm/network.ca-file:^1.0.1
Referenced In Projects/Scopes: simplicite-js:5.2.54 simplicite-js:5.2.54/@pnpm/npm-conf:2.2.2 Evidence Type Source Name Value Confidence Vendor package.json homepage https://bit.dev/pnpm/network/ca-file Highest Vendor package.json name @pnpm/network.ca-file Highest Vendor package.json name @pnpm/network.ca-file_project Highest Product package.json name @pnpm/network.ca-file Highest Version package.json version 1.0.2 Highest
Related Dependencies @pnpm/network.ca-file:1.0.2File Path: /var/simplicite/simplicite-5.2/package-lock.json?/@pnpm/network.ca-file:1.0.2 pkg:npm/%40pnpm%2Fnetwork.ca-file@1.0.2 @pnpm/npm-conf:2.2.2Description:
Get the npm config License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?registry-auth-token:5.0.2/@pnpm/npm-conf:^2.1.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/registry-auth-token:5.0.2 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json description Get the npm config Highest Vendor package.json name @pnpm/npm-conf Highest Vendor package.json name @pnpm/npm-conf_project Highest Product package.json name @pnpm/npm-conf Highest Version package.json version 2.2.2 Highest
Related Dependencies @pnpm/npm-conf:2.2.2File Path: /var/simplicite/simplicite-5.2/package-lock.json?/@pnpm/npm-conf:2.2.2 pkg:npm/%40pnpm%2Fnpm-conf@2.2.2 @sigstore/bundle:1.0.0Description:
Sigstore bundle type License:
Apache-2.0 File Path: /var/simplicite/simplicite-5.2/package-lock.json?sigstore:1.8.0/@sigstore/bundle:^1.0.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/sigstore:1.8.0 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author bdehamer@github.com Highest Vendor package.json bugs.url https://github.com/sigstore/sigstore-js/issues Highest Vendor package.json description Sigstore bundle type Highest Vendor package.json homepage https://github.com/sigstore/sigstore-js/tree/main/packages/bundle#readme Highest Vendor package.json name @sigstore/bundle Highest Vendor package.json name @sigstore/bundle_project Highest Product package.json name @sigstore/bundle Highest Version package.json version 1.0.0 Highest
Related Dependencies @sigstore/bundle:1.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?/@sigstore/bundle:1.0.0 pkg:npm/%40sigstore%2Fbundle@1.0.0 @sigstore/protobuf-specs:0.2.0Description:
code-signing for npm packages License:
Apache-2.0 File Path: /var/simplicite/simplicite-5.2/package-lock.json?sigstore:1.8.0/@sigstore/protobuf-specs:^0.2.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/sigstore:1.8.0 simplicite-js:5.2.54/@sigstore/tuf:1.0.3 simplicite-js:5.2.54/@sigstore/bundle:1.0.0 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author bdehamer@github.com Highest Vendor package.json bugs.url https://github.com/sigstore/protobuf-specs/issues Highest Vendor package.json description code-signing for npm packages Highest Vendor package.json homepage https://github.com/sigstore/protobuf-specs#readme Highest Vendor package.json name @sigstore/protobuf-specs Highest Vendor package.json name @sigstore/protobuf-specs_project Highest Product package.json name @sigstore/protobuf-specs Highest Version package.json version 0.2.0 Highest
Related Dependencies @sigstore/protobuf-specs:0.2.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?/@sigstore/protobuf-specs:0.2.0 pkg:npm/%40sigstore%2Fprotobuf-specs@0.2.0 @sigstore/protobuf-specs:0.2.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?@sigstore/bundle:1.0.0/@sigstore/protobuf-specs:^0.2.0 pkg:npm/%40sigstore%2Fprotobuf-specs@0.2.0 @sigstore/protobuf-specs:0.2.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?@sigstore/tuf:1.0.3/@sigstore/protobuf-specs:^0.2.0 pkg:npm/%40sigstore%2Fprotobuf-specs@0.2.0 @sigstore/tuf:1.0.3Description:
Client for the Sigstore TUF repository License:
Apache-2.0 File Path: /var/simplicite/simplicite-5.2/package-lock.json?sigstore:1.8.0/@sigstore/tuf:^1.0.3
Referenced In Projects/Scopes: simplicite-js:5.2.54/sigstore:1.8.0 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author bdehamer@github.com Highest Vendor package.json bugs.url https://github.com/sigstore/sigstore-js/issues Highest Vendor package.json description Client for the Sigstore TUF repository Highest Vendor package.json homepage https://github.com/sigstore/sigstore-js/tree/main/packages/tuf#readme Highest Vendor package.json name @sigstore/tuf Highest Vendor package.json name @sigstore/tuf_project Highest Product package.json name @sigstore/tuf Highest Version package.json version 1.0.3 Highest
Related Dependencies @sigstore/tuf:1.0.3File Path: /var/simplicite/simplicite-5.2/package-lock.json?/@sigstore/tuf:1.0.3 pkg:npm/%40sigstore%2Ftuf@1.0.3 @sindresorhus/is:5.4.1Description:
Type check values License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?got:13.0.0/@sindresorhus/is:^5.2.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/got:12.6.1 simplicite-js:5.2.54/got:9.6.0 simplicite-js:5.2.54 simplicite-js:5.2.54/got:13.0.0 Evidence Type Source Name Value Confidence Vendor package.json author.email sindresorhus@gmail.com Highest Vendor package.json author.name Sindre Sorhus Highest Vendor package.json author.url https://sindresorhus.com Highest Vendor package.json description Type check values Highest Vendor package.json name @sindresorhus/is Highest Vendor package.json name @sindresorhus/is_project Highest Product package.json name @sindresorhus/is Highest Version package.json version 5.4.1 Highest
Related Dependencies @sindresorhus/is:0.14.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?/@sindresorhus/is:0.14.0 pkg:npm/%40sindresorhus%2Fis@0.14.0 @sindresorhus/is:5.4.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?/@sindresorhus/is:5.4.1 pkg:npm/%40sindresorhus%2Fis@5.4.1 @sindresorhus/is:5.4.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?got:12.6.1/@sindresorhus/is:^5.2.0 pkg:npm/%40sindresorhus%2Fis@5.4.1 @sindresorhus/is:5.4.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?got:9.6.0/@sindresorhus/is:^0.14.0 pkg:npm/%40sindresorhus%2Fis@5.4.1 @szmarczak/http-timer:5.0.1Description:
Timings for HTTP requests License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?got:13.0.0/@szmarczak/http-timer:^5.0.1
Referenced In Projects/Scopes: simplicite-js:5.2.54/got:12.6.1 simplicite-js:5.2.54/got:9.6.0 simplicite-js:5.2.54 simplicite-js:5.2.54/got:13.0.0 Evidence Type Source Name Value Confidence Vendor package.json author Szymon Marczak Highest Vendor package.json bugs.url https://github.com/szmarczak/http-timer/issues Highest Vendor package.json description Timings for HTTP requests Highest Vendor package.json homepage https://github.com/szmarczak/http-timer#readme Highest Vendor package.json name @szmarczak/http-timer Highest Vendor package.json name @szmarczak/http-timer_project Highest Product package.json name @szmarczak/http-timer Highest Version package.json version 5.0.1 Highest
Related Dependencies @szmarczak/http-timer:1.1.2File Path: /var/simplicite/simplicite-5.2/package-lock.json?/@szmarczak/http-timer:1.1.2 pkg:npm/%40szmarczak%2Fhttp-timer@1.1.2 @szmarczak/http-timer:5.0.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?/@szmarczak/http-timer:5.0.1 pkg:npm/%40szmarczak%2Fhttp-timer@5.0.1 @szmarczak/http-timer:5.0.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?got:12.6.1/@szmarczak/http-timer:^5.0.1 pkg:npm/%40szmarczak%2Fhttp-timer@5.0.1 @szmarczak/http-timer:5.0.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?got:9.6.0/@szmarczak/http-timer:^1.1.2 pkg:npm/%40szmarczak%2Fhttp-timer@5.0.1 @tootallnate/once:2.0.0Description:
Creates a Promise that waits for a single event License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/@tootallnate/once:2.0.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/http-proxy-agent:5.0.0 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author Nathan Rajlich <nathan@tootallnate.net> (http://n8.io/) Highest Vendor package.json bugs.url https://github.com/TooTallNate/once/issues Highest Vendor package.json description Creates a Promise that waits for a single event Highest Vendor package.json name @tootallnate/once Highest Vendor package.json name @tootallnate/once_project Highest Product package.json name @tootallnate/once Highest Version package.json version 2.0.0 Highest
Related Dependencies @tootallnate/once:2.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?http-proxy-agent:5.0.0/@tootallnate/once:2 pkg:npm/%40tootallnate%2Fonce@2.0.0 @tufjs/canonical-json:1.0.0Description:
OLPC JSON canonicalization License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?@tufjs/models:1.0.4/@tufjs/canonical-json:1.0.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/@tufjs/models:1.0.4 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author bdehamer@github.com Highest Vendor package.json bugs.url https://github.com/theupdateframework/tuf-js/issues Highest Vendor package.json description OLPC JSON canonicalization Highest Vendor package.json homepage https://github.com/theupdateframework/tuf-js/packages/canonical-json#readme Highest Vendor package.json name @tufjs/canonical-json Highest Vendor package.json name @tufjs/canonical-json_project Highest Product package.json name @tufjs/canonical-json Highest Version package.json version 1.0.0 Highest
Related Dependencies @tufjs/canonical-json:1.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?/@tufjs/canonical-json:1.0.0 pkg:npm/%40tufjs%2Fcanonical-json@1.0.0 @tufjs/models:1.0.4Description:
TUF metadata models License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?tuf-js:1.1.7/@tufjs/models:1.0.4
Referenced In Projects/Scopes: simplicite-js:5.2.54/tuf-js:1.1.7 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author bdehamer@github.com Highest Vendor package.json bugs.url https://github.com/theupdateframework/tuf-js/issues Highest Vendor package.json description TUF metadata models Highest Vendor package.json homepage https://github.com/theupdateframework/tuf-js/tree/main/packages/models#readme Highest Vendor package.json name @tufjs/models Highest Vendor package.json name @tufjs/models_project Highest Product package.json name @tufjs/models Highest Version package.json version 1.0.4 Highest
Related Dependencies @tufjs/models:1.0.4File Path: /var/simplicite/simplicite-5.2/package-lock.json?/@tufjs/models:1.0.4 pkg:npm/%40tufjs%2Fmodels@1.0.4 @types/http-cache-semantics:4.0.1Description:
TypeScript definitions for http-cache-semantics License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?cacheable-request:10.2.12/@types/http-cache-semantics:^4.0.1
Referenced In Projects/Scopes: simplicite-js:5.2.54/cacheable-request:10.2.12 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json description TypeScript definitions for http-cache-semantics Highest Vendor package.json homepage https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/http-cache-semantics Highest Vendor package.json name @types/http-cache-semantics Highest Vendor package.json name @types/http-cache-semantics_project Highest Product package.json name @types/http-cache-semantics Highest Version package.json version 4.0.1 Highest
Related Dependencies @types/http-cache-semantics:4.0.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?/@types/http-cache-semantics:4.0.1 pkg:npm/%40types%2Fhttp-cache-semantics@4.0.1 @types/linkify-it:3.0.2Description:
TypeScript definitions for linkify-it License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?@types/markdown-it:12.2.3/@types/linkify-it:*
Referenced In Projects/Scopes: simplicite-js:5.2.54/@types/markdown-it:12.2.3 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json description TypeScript definitions for linkify-it Highest Vendor package.json homepage https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/linkify-it Highest Vendor package.json name @types/linkify-it Highest Vendor package.json name @types/linkify-it_project Highest Product package.json name @types/linkify-it Highest Version package.json version 3.0.2 Highest
Related Dependencies @types/linkify-it:3.0.2File Path: /var/simplicite/simplicite-5.2/package-lock.json?/@types/linkify-it:3.0.2 pkg:npm/%40types%2Flinkify-it@3.0.2 @types/lodash:4.14.195Description:
TypeScript definitions for Lo-Dash License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?callsite-record:4.1.5/@types/lodash:^4.14.72
Referenced In Projects/Scopes: simplicite-js:5.2.54/callsite-record:4.1.5 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json description TypeScript definitions for Lo-Dash Highest Vendor package.json homepage https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/lodash Highest Vendor package.json name @types/lodash Highest Vendor package.json name @types/lodash_project Highest Product package.json name @types/lodash Highest Version package.json version 4.14.195 Highest
Related Dependencies @types/lodash:4.14.195File Path: /var/simplicite/simplicite-5.2/package-lock.json?/@types/lodash:4.14.195 pkg:npm/%40types%2Flodash@4.14.195 @types/markdown-it:12.2.3Description:
TypeScript definitions for markdown-it License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?jsdoc:4.0.2/@types/markdown-it:^12.2.3
Referenced In Projects/Scopes: simplicite-js:5.2.54/jsdoc:4.0.2 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json description TypeScript definitions for markdown-it Highest Vendor package.json homepage https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/markdown-it Highest Vendor package.json name @types/markdown-it Highest Vendor package.json name @types/markdown-it_project Highest Product package.json name @types/markdown-it Highest Version package.json version 12.2.3 Highest
Related Dependencies @types/markdown-it:12.2.3File Path: /var/simplicite/simplicite-5.2/package-lock.json?/@types/markdown-it:12.2.3 pkg:npm/%40types%2Fmarkdown-it@12.2.3 @types/mdurl:1.0.2Description:
TypeScript definitions for mdurl License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/@types/mdurl:1.0.2
Referenced In Projects/Scopes: simplicite-js:5.2.54/@types/markdown-it:12.2.3 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json description TypeScript definitions for mdurl Highest Vendor package.json name @types/mdurl Highest Vendor package.json name @types/mdurl_project Highest Product package.json name @types/mdurl Highest Version package.json version 1.0.2 Highest
Related Dependencies @types/mdurl:1.0.2File Path: /var/simplicite/simplicite-5.2/package-lock.json?@types/markdown-it:12.2.3/@types/mdurl:* pkg:npm/%40types%2Fmdurl@1.0.2 @types/minimatch:3.0.5Description:
TypeScript definitions for Minimatch License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?multimatch:5.0.0/@types/minimatch:^3.0.3
Referenced In Projects/Scopes: simplicite-js:5.2.54/multimatch:5.0.0 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json description TypeScript definitions for Minimatch Highest Vendor package.json homepage https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/minimatch Highest Vendor package.json name @types/minimatch Highest Vendor package.json name @types/minimatch_project Highest Product package.json name @types/minimatch Highest Version package.json version 3.0.5 Highest
Related Dependencies @types/minimatch:3.0.5File Path: /var/simplicite/simplicite-5.2/package-lock.json?/@types/minimatch:3.0.5 pkg:npm/%40types%2Fminimatch@3.0.5 @types/minimist:1.2.2Description:
TypeScript definitions for minimist License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?meow:9.0.0/@types/minimist:^1.2.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/meow:9.0.0 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json description TypeScript definitions for minimist Highest Vendor package.json homepage https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/minimist Highest Vendor package.json name @types/minimist Highest Vendor package.json name @types/minimist_project Highest Product package.json name @types/minimist Highest Version package.json version 1.2.2 Highest
Related Dependencies @types/minimist:1.2.2File Path: /var/simplicite/simplicite-5.2/package-lock.json?/@types/minimist:1.2.2 pkg:npm/%40types%2Fminimist@1.2.2 @types/normalize-package-data:2.4.1Description:
TypeScript definitions for normalize-package-data License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?read-pkg:5.2.0/@types/normalize-package-data:^2.4.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/read-pkg:5.2.0 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json description TypeScript definitions for normalize-package-data Highest Vendor package.json homepage https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/normalize-package-data Highest Vendor package.json name @types/normalize-package-data Highest Vendor package.json name @types/normalize-package-data_project Highest Product package.json name @types/normalize-package-data Highest Version package.json version 2.4.1 Highest
Related Dependencies @types/normalize-package-data:2.4.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?/@types/normalize-package-data:2.4.1 pkg:npm/%40types%2Fnormalize-package-data@2.4.1 @types/parse-json:4.0.0Description:
TypeScript definitions for parse-json License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?cosmiconfig:7.1.0/@types/parse-json:^4.0.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/cosmiconfig:7.1.0 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json description TypeScript definitions for parse-json Highest Vendor package.json name @types/parse-json Highest Vendor package.json name @types/parse-json_project Highest Product package.json name @types/parse-json Highest Version package.json version 4.0.0 Highest
Related Dependencies @types/parse-json:4.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?/@types/parse-json:4.0.0 pkg:npm/%40types%2Fparse-json@4.0.0 @ungap/structured-clone:1.2.0Description:
A structuredClone polyfill License:
ISC File Path: /var/simplicite/simplicite-5.2/package-lock.json?eslint:8.56.0/@ungap/structured-clone:^1.2.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/eslint:8.56.0 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author Andrea Giammarchi Highest Vendor package.json bugs.url https://github.com/ungap/structured-clone/issues Highest Vendor package.json description A structuredClone polyfill Highest Vendor package.json homepage https://github.com/ungap/structured-clone#readme Highest Vendor package.json name @ungap/structured-clone Highest Vendor package.json name @ungap/structured-clone_project Highest Product package.json name @ungap/structured-clone Highest Version package.json version 1.2.0 Highest
Related Dependencies @ungap/structured-clone:1.2.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?/@ungap/structured-clone:1.2.0 pkg:npm/%40ungap%2Fstructured-clone@1.2.0 @vue/compiler-core:3.3.4Description:
@vue/compiler-core License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?@vue/reactivity-transform:3.3.4/@vue/compiler-core:3.3.4
Referenced In Projects/Scopes: simplicite-js:5.2.54/@vue/compiler-sfc:3.3.4 simplicite-js:5.2.54/@vue/reactivity-transform:3.3.4 simplicite-js:5.2.54/@vue/compiler-dom:3.3.4 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author Evan You Highest Vendor package.json bugs.url https://github.com/vuejs/core/issues Highest Vendor package.json description @vue/compiler-core Highest Vendor package.json homepage https://github.com/vuejs/core/tree/main/packages/compiler-core#readme Highest Vendor package.json name @vue/compiler-core Highest Vendor package.json name @vue/compiler-core_project Highest Product package.json name @vue/compiler-core Highest Version package.json version 3.3.4 Highest
Related Dependencies @vue/compiler-core:3.3.4File Path: /var/simplicite/simplicite-5.2/package-lock.json?/@vue/compiler-core:3.3.4 pkg:npm/%40vue%2Fcompiler-core@3.3.4 @vue/compiler-core:3.3.4File Path: /var/simplicite/simplicite-5.2/package-lock.json?@vue/compiler-dom:3.3.4/@vue/compiler-core:3.3.4 pkg:npm/%40vue%2Fcompiler-core@3.3.4 @vue/compiler-core:3.3.4File Path: /var/simplicite/simplicite-5.2/package-lock.json?@vue/compiler-sfc:3.3.4/@vue/compiler-core:3.3.4 pkg:npm/%40vue%2Fcompiler-core@3.3.4 @vue/compiler-dom:3.3.4Description:
@vue/compiler-dom License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?@vue/compiler-ssr:3.3.4/@vue/compiler-dom:3.3.4
Referenced In Projects/Scopes: simplicite-js:5.2.54/@vue/compiler-sfc:3.3.4 simplicite-js:5.2.54/@vue/compiler-ssr:3.3.4 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author Evan You Highest Vendor package.json bugs.url https://github.com/vuejs/core/issues Highest Vendor package.json description @vue/compiler-dom Highest Vendor package.json homepage https://github.com/vuejs/core/tree/main/packages/compiler-dom#readme Highest Vendor package.json name @vue/compiler-dom Highest Vendor package.json name @vue/compiler-dom_project Highest Product package.json name @vue/compiler-dom Highest Version package.json version 3.3.4 Highest
Related Dependencies @vue/compiler-dom:3.3.4File Path: /var/simplicite/simplicite-5.2/package-lock.json?/@vue/compiler-dom:3.3.4 pkg:npm/%40vue%2Fcompiler-dom@3.3.4 @vue/compiler-dom:3.3.4File Path: /var/simplicite/simplicite-5.2/package-lock.json?@vue/compiler-sfc:3.3.4/@vue/compiler-dom:3.3.4 pkg:npm/%40vue%2Fcompiler-dom@3.3.4 @vue/compiler-sfc:3.3.4Description:
@vue/compiler-sfc License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?depcheck:1.4.3/@vue/compiler-sfc:^3.0.5
Referenced In Projects/Scopes: simplicite-js:5.2.54 simplicite-js:5.2.54/depcheck:1.4.3 Evidence Type Source Name Value Confidence Vendor package.json author Evan You Highest Vendor package.json bugs.url https://github.com/vuejs/core/issues Highest Vendor package.json description @vue/compiler-sfc Highest Vendor package.json homepage https://github.com/vuejs/core/tree/main/packages/compiler-sfc#readme Highest Vendor package.json name @vue/compiler-sfc Highest Vendor package.json name @vue/compiler-sfc_project Highest Product package.json name @vue/compiler-sfc Highest Version package.json version 3.3.4 Highest
Related Dependencies @vue/compiler-sfc:3.3.4File Path: /var/simplicite/simplicite-5.2/package-lock.json?/@vue/compiler-sfc:3.3.4 pkg:npm/%40vue%2Fcompiler-sfc@3.3.4 @vue/compiler-ssr:3.3.4Description:
@vue/compiler-ssr License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/@vue/compiler-ssr:3.3.4
Referenced In Projects/Scopes: simplicite-js:5.2.54/@vue/compiler-sfc:3.3.4 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author Evan You Highest Vendor package.json bugs.url https://github.com/vuejs/core/issues Highest Vendor package.json description @vue/compiler-ssr Highest Vendor package.json homepage https://github.com/vuejs/core/tree/main/packages/compiler-ssr#readme Highest Vendor package.json name @vue/compiler-ssr Highest Vendor package.json name @vue/compiler-ssr_project Highest Product package.json name @vue/compiler-ssr Highest Version package.json version 3.3.4 Highest
Related Dependencies @vue/compiler-ssr:3.3.4File Path: /var/simplicite/simplicite-5.2/package-lock.json?@vue/compiler-sfc:3.3.4/@vue/compiler-ssr:3.3.4 pkg:npm/%40vue%2Fcompiler-ssr@3.3.4 @vue/reactivity-transform:3.3.4Description:
@vue/reactivity-transform License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/@vue/reactivity-transform:3.3.4
Referenced In Projects/Scopes: simplicite-js:5.2.54/@vue/compiler-sfc:3.3.4 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author Evan You Highest Vendor package.json bugs.url https://github.com/vuejs/core/issues Highest Vendor package.json description @vue/reactivity-transform Highest Vendor package.json homepage https://github.com/vuejs/core/tree/dev/packages/reactivity-transform#readme Highest Vendor package.json name @vue/reactivity-transform Highest Vendor package.json name @vue/reactivity-transform_project Highest Product package.json name @vue/reactivity-transform Highest Version package.json version 3.3.4 Highest
Related Dependencies @vue/reactivity-transform:3.3.4File Path: /var/simplicite/simplicite-5.2/package-lock.json?@vue/compiler-sfc:3.3.4/@vue/reactivity-transform:3.3.4 pkg:npm/%40vue%2Freactivity-transform@3.3.4 @vue/shared:3.3.4Description:
internal utils shared across @vue packages License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/@vue/shared:3.3.4
Referenced In Projects/Scopes: simplicite-js:5.2.54/@vue/compiler-sfc:3.3.4 simplicite-js:5.2.54/@vue/compiler-ssr:3.3.4 simplicite-js:5.2.54/@vue/compiler-core:3.3.4 simplicite-js:5.2.54/@vue/reactivity-transform:3.3.4 simplicite-js:5.2.54/@vue/compiler-dom:3.3.4 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author Evan You Highest Vendor package.json bugs.url https://github.com/vuejs/core/issues Highest Vendor package.json description internal utils shared across @vue packages Highest Vendor package.json homepage https://github.com/vuejs/core/tree/main/packages/shared#readme Highest Vendor package.json name @vue/shared Highest Vendor package.json name @vue/shared_project Highest Product package.json name @vue/shared Highest Version package.json version 3.3.4 Highest
Related Dependencies @vue/shared:3.3.4File Path: /var/simplicite/simplicite-5.2/package-lock.json?@vue/compiler-core:3.3.4/@vue/shared:3.3.4 pkg:npm/%40vue%2Fshared@3.3.4 @vue/shared:3.3.4File Path: /var/simplicite/simplicite-5.2/package-lock.json?@vue/compiler-dom:3.3.4/@vue/shared:3.3.4 pkg:npm/%40vue%2Fshared@3.3.4 @vue/shared:3.3.4File Path: /var/simplicite/simplicite-5.2/package-lock.json?@vue/compiler-sfc:3.3.4/@vue/shared:3.3.4 pkg:npm/%40vue%2Fshared@3.3.4 @vue/shared:3.3.4File Path: /var/simplicite/simplicite-5.2/package-lock.json?@vue/compiler-ssr:3.3.4/@vue/shared:3.3.4 pkg:npm/%40vue%2Fshared@3.3.4 @vue/shared:3.3.4File Path: /var/simplicite/simplicite-5.2/package-lock.json?@vue/reactivity-transform:3.3.4/@vue/shared:3.3.4 pkg:npm/%40vue%2Fshared@3.3.4 HikariCP-5.0.0.jarDescription:
Ultimate JDBC Connection Pool License:
The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /var/simplicite/.m2/repository/com/zaxxer/HikariCP/5.0.0/HikariCP-5.0.0.jar
MD5: 0231648391cf340e30a360f28b259073
SHA1: 8685b74cebc0435144d652311a2930f5914c968a
SHA256: cfab85c04fcb590ae4cfdbe1b1e87cfd7277c4ba378229422d8e8bce989a97d6
Referenced In Project/Scope: Simplicite Platform:compile
HikariCP-5.0.0.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.simplicite/simplicite@5.2.54
Evidence Type Source Name Value Confidence Vendor file name HikariCP High Vendor jar package name pool Highest Vendor jar package name zaxxer Highest Vendor Manifest build-jdk-spec 11 Low Vendor Manifest bundle-docurl https://github.com/brettwooldridge Low Vendor Manifest bundle-symbolicname com.zaxxer.HikariCP Medium Vendor Manifest multi-release true Low Vendor Manifest originally-created-by Apache Maven Bundle Plugin Low Vendor pom artifactid HikariCP Highest Vendor pom artifactid HikariCP Low Vendor pom developer email brett.wooldridge@gmail.com Low Vendor pom developer name Brett Wooldridge Medium Vendor pom groupid com.zaxxer Highest Vendor pom name HikariCP High Vendor pom organization name Zaxxer.com High Vendor pom organization url brettwooldridge Medium Vendor pom url brettwooldridge/HikariCP Highest Product file name HikariCP High Product jar package name 11 Highest Product jar package name pool Highest Product jar package name zaxxer Highest Product Manifest build-jdk-spec 11 Low Product Manifest bundle-docurl https://github.com/brettwooldridge Low Product Manifest Bundle-Name HikariCP Medium Product Manifest bundle-symbolicname com.zaxxer.HikariCP Medium Product Manifest multi-release true Low Product Manifest originally-created-by Apache Maven Bundle Plugin Low Product pom artifactid HikariCP Highest Product pom developer email brett.wooldridge@gmail.com Low Product pom developer name Brett Wooldridge Low Product pom groupid com.zaxxer Highest Product pom name HikariCP High Product pom organization name Zaxxer.com Low Product pom url brettwooldridge High Product pom url brettwooldridge/HikariCP High Version file version 5.0.0 High Version Manifest Bundle-Version 5.0.0 High Version pom version 5.0.0 Highest
JavaEWAH-1.1.13.jarDescription:
The bit array data structure is implemented in Java as the BitSet class. Unfortunately, this fails to scale without compression.
JavaEWAH is a word-aligned compressed variant of the Java bitset class. It uses a 64-bit run-length encoding (RLE) compression scheme.
The goal of word-aligned compression is not to achieve the best compression, but rather to improve query processing time. Hence, we try to save CPU cycles, maybe at the expense of storage. However, the EWAH scheme we implemented is always more efficient storage-wise than an uncompressed bitmap (implemented in Java as the BitSet class). Unlike some alternatives, javaewah does not rely on a patented scheme. License:
Apache 2: http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /var/simplicite/.m2/repository/com/googlecode/javaewah/JavaEWAH/1.1.13/JavaEWAH-1.1.13.jar
MD5: a1eb305e5cc5bba238d4360e3139abb4
SHA1: 32cd724a42dc73f99ca08453d11a4bb83e0034c7
SHA256: 4c0fda2b1d317750d7ea324e36c70b2bc48310c0aaae67b98df0915d696d7111
Referenced In Project/Scope: Simplicite Platform:compile
JavaEWAH-1.1.13.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.eclipse.jgit/org.eclipse.jgit@6.1.0.202203080745-r
Evidence Type Source Name Value Confidence Vendor file name JavaEWAH High Vendor jar package name bitset Highest Vendor jar package name googlecode Highest Vendor jar package name javaewah Highest Vendor Manifest bundle-symbolicname com.googlecode.javaewah.JavaEWAH Medium Vendor pom artifactid JavaEWAH Highest Vendor pom artifactid JavaEWAH Low Vendor pom developer email lemire@gmail.com Low Vendor pom developer id lemire Medium Vendor pom developer name Daniel Lemire Medium Vendor pom developer org LICEF Research Center Medium Vendor pom developer org URL http://licef.ca Medium Vendor pom groupid com.googlecode.javaewah Highest Vendor pom name JavaEWAH High Vendor pom url lemire/javaewah Highest Product file name JavaEWAH High Product jar package name bitset Highest Product jar package name googlecode Highest Product jar package name javaewah Highest Product Manifest Bundle-Name JavaEWAH Medium Product Manifest bundle-symbolicname com.googlecode.javaewah.JavaEWAH Medium Product pom artifactid JavaEWAH Highest Product pom developer email lemire@gmail.com Low Product pom developer id lemire Low Product pom developer name Daniel Lemire Low Product pom developer org LICEF Research Center Low Product pom developer org URL http://licef.ca Low Product pom groupid com.googlecode.javaewah Highest Product pom name JavaEWAH High Product pom url lemire/javaewah High Version file version 1.1.13 High Version Manifest Bundle-Version 1.1.13 High Version pom version 1.1.13 Highest
SparseBitSet-1.2.jarDescription:
An efficient sparse bitset implementation for Java License:
The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /var/simplicite/.m2/repository/com/zaxxer/SparseBitSet/1.2/SparseBitSet-1.2.jar
MD5: 1c6032441aec11b523e1a7bfa96d60cf
SHA1: 8467c813d442837fcaeddbc42cf5c5359fab4933
SHA256: 91e6b318c901a0f2dd1f6ce781d62474435ae627d22fbac9b21bbc39ffd804b6
Referenced In Project/Scope: Simplicite Platform:compile
SparseBitSet-1.2.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.apache.poi/poi@4.1.2
Evidence Type Source Name Value Confidence Vendor file name SparseBitSet High Vendor jar package name sparsebits Low Vendor jar package name sparsebitset Highest Vendor jar package name zaxxer Highest Vendor jar package name zaxxer Low Vendor pom artifactid SparseBitSet Highest Vendor pom artifactid SparseBitSet Low Vendor pom developer email brett.wooldridge@gmail.com Low Vendor pom developer name Brett Wooldridge Medium Vendor pom groupid com.zaxxer Highest Vendor pom name SparseBitSet High Vendor pom organization name Zaxxer.com High Vendor pom organization url brettwooldridge/SparseBitSet Medium Vendor pom url brettwooldridge/SparseBitSet Highest Product file name SparseBitSet High Product jar package name sparsebits Low Product jar package name sparsebitset Highest Product jar package name zaxxer Highest Product pom artifactid SparseBitSet Highest Product pom developer email brett.wooldridge@gmail.com Low Product pom developer name Brett Wooldridge Low Product pom groupid com.zaxxer Highest Product pom name SparseBitSet High Product pom organization name Zaxxer.com Low Product pom url brettwooldridge/SparseBitSet High Version file version 1.2 High Version pom version 1.2 Highest
abbrev:1.1.1Description:
Like ruby's abbrev module, but in js License:
ISC File Path: /var/simplicite/simplicite-5.2/package-lock.json?nopt:6.0.0/abbrev:^1.0.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/nopt:5.0.0 simplicite-js:5.2.54/nopt:6.0.0 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author Isaac Z. Schlueter <i@izs.me> Highest Vendor package.json description Like ruby's abbrev module, but in js Highest Vendor package.json name abbrev Highest Vendor package.json name abbrev_project Highest Product package.json name abbrev Highest Version package.json version 1.1.1 Highest
Related Dependencies abbrev:1.1.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?/abbrev:1.1.1 pkg:npm/abbrev@1.1.1 abbrev:1.1.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?nopt:5.0.0/abbrev:1 pkg:npm/abbrev@1.1.1 ace-builds:1.4.12Description:
Ace (Ajax.org Cloud9 Editor) License:
BSD-3-Clause File Path: /var/simplicite/simplicite-5.2/package-lock.json?/ace-builds:1.4.12
Referenced In Project/Scope: simplicite-js:5.2.54
Evidence Type Source Name Value Confidence Vendor package.json author Highest Vendor package.json bugs.url https://github.com/ajaxorg/ace-builds/issues Highest Vendor package.json description Ace (Ajax.org Cloud9 Editor) Highest Vendor package.json homepage https://github.com/ajaxorg/ace-builds Highest Vendor package.json name ace-builds Highest Vendor package.json name ace-builds_project Highest Product package.json name ace-builds Highest Version package.json version 1.4.12 Highest
ace-diff:3.0.3Description:
A diff/merging wrapper for Ace Editor built on google-diff-match-patch License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/ace-diff:3.0.3
Referenced In Project/Scope: simplicite-js:5.2.54
Evidence Type Source Name Value Confidence Vendor package.json author Ben Keen Highest Vendor package.json bugs.url https://github.com/ace-diff/ace-diff/issues Highest Vendor package.json description A diff/merging wrapper for Ace Editor built on google-diff-match-patch Highest Vendor package.json homepage https://ace-diff.github.io/ace-diff/ Highest Vendor package.json name ace-diff Highest Vendor package.json name ace-diff_project Highest Product package.json name ace-diff Highest Version package.json version 3.0.3 Highest
acorn-jsx:5.3.2Description:
Modern, fast React.js JSX parser License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?espree:9.6.1/acorn-jsx:^5.3.2
Referenced In Projects/Scopes: simplicite-js:5.2.54/espree:9.6.1 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json description Modern, fast React.js JSX parser Highest Vendor package.json homepage https://github.com/acornjs/acorn-jsx Highest Vendor package.json maintainers.email me@rreverser.com Highest Vendor package.json maintainers.name Ingvar Stepanyan Highest Vendor package.json maintainers.web http://rreverser.com/ Highest Vendor package.json name acorn-jsx Highest Vendor package.json name acorn-jsx_project Highest Product package.json name acorn-jsx Highest Version package.json version 5.3.2 Highest
Related Dependencies acorn-jsx:5.3.2File Path: /var/simplicite/simplicite-5.2/package-lock.json?/acorn-jsx:5.3.2 pkg:npm/acorn-jsx@5.3.2 acorn:8.11.3Description:
ECMAScript parser License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?espree:9.6.1/acorn:^8.9.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/espree:9.6.1 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json description ECMAScript parser Highest Vendor package.json homepage https://github.com/acornjs/acorn Highest Vendor package.json maintainers.email marijnh@gmail.com Highest Vendor package.json maintainers.email me@rreverser.com Highest Vendor package.json maintainers.name Adrian Heine Highest Vendor package.json maintainers.name Ingvar Stepanyan Highest Vendor package.json maintainers.name Marijn Haverbeke Highest Vendor package.json maintainers.web http://adrianheine.de Highest Vendor package.json maintainers.web https://marijnhaverbeke.nl Highest Vendor package.json maintainers.web https://rreverser.com/ Highest Vendor package.json name acorn Highest Vendor package.json name acorn_project Highest Product package.json name acorn Highest Version package.json version 8.11.3 Highest
Related Dependencies acorn:8.11.3File Path: /var/simplicite/simplicite-5.2/package-lock.json?/acorn:8.11.3 pkg:npm/acorn@8.11.3 agent-base:6.0.2Description:
Turn a function into an `http.Agent` instance License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?socks-proxy-agent:7.0.0/agent-base:^6.0.2
Referenced In Projects/Scopes: simplicite-js:5.2.54/https-proxy-agent:5.0.1 simplicite-js:5.2.54/socks-proxy-agent:7.0.0 simplicite-js:5.2.54/http-proxy-agent:5.0.0 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author Nathan Rajlich <nathan@tootallnate.net> (http://n8.io/) Highest Vendor package.json bugs.url https://github.com/TooTallNate/node-agent-base/issues Highest Vendor package.json description Turn a function into an `http.Agent` instance Highest Vendor package.json name agent-base Highest Vendor package.json name agent-base_project Highest Product package.json name agent-base Highest Version package.json version 6.0.2 Highest
Related Dependencies agent-base:6.0.2File Path: /var/simplicite/simplicite-5.2/package-lock.json?/agent-base:6.0.2 pkg:npm/agent-base@6.0.2 agent-base:6.0.2File Path: /var/simplicite/simplicite-5.2/package-lock.json?http-proxy-agent:5.0.0/agent-base:6 pkg:npm/agent-base@6.0.2 agent-base:6.0.2File Path: /var/simplicite/simplicite-5.2/package-lock.json?https-proxy-agent:5.0.1/agent-base:6 pkg:npm/agent-base@6.0.2 agentkeepalive:4.3.0Description:
Missing keepalive http.Agent License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?make-fetch-happen:11.1.1/agentkeepalive:^4.2.1
Referenced In Projects/Scopes: simplicite-js:5.2.54/make-fetch-happen:11.1.1 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author fengmk2 <fengmk2@gmail.com> (https://github.com/fengmk2) Highest Vendor package.json bugs.url https://github.com/node-modules/agentkeepalive/issues Highest Vendor package.json description Missing keepalive http.Agent Highest Vendor package.json name agentkeepalive Highest Vendor package.json name agentkeepalive_project Highest Product package.json name agentkeepalive Highest Version package.json version 4.3.0 Highest
Related Dependencies agentkeepalive:4.3.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?/agentkeepalive:4.3.0 pkg:npm/agentkeepalive@4.3.0 aggregate-error:3.1.0Description:
Create an error from multiple errors License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?p-map:4.0.0/aggregate-error:^3.0.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/p-map:4.0.0 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author.email sindresorhus@gmail.com Highest Vendor package.json author.name Sindre Sorhus Highest Vendor package.json author.url sindresorhus.com Highest Vendor package.json description Create an error from multiple errors Highest Vendor package.json name aggregate-error Highest Vendor package.json name aggregate-error_project Highest Product package.json name aggregate-error Highest Version package.json version 3.1.0 Highest
Related Dependencies aggregate-error:3.1.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?/aggregate-error:3.1.0 pkg:npm/aggregate-error@3.1.0 ajv:6.12.6Description:
Another JSON Schema Validator License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?eslint:8.56.0/ajv:^6.12.4
Referenced In Projects/Scopes: simplicite-js:5.2.54/eslint:8.56.0 simplicite-js:5.2.54/@eslint/eslintrc:2.1.4 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author Evgeny Poberezkin Highest Vendor package.json bugs.url https://github.com/ajv-validator/ajv/issues Highest Vendor package.json description Another JSON Schema Validator Highest Vendor package.json homepage https://github.com/ajv-validator/ajv Highest Vendor package.json name ajv Highest Vendor package.json name ajv_project Highest Product package.json name ajv Highest Version package.json version 6.12.6 Highest
Related Dependencies ajv:6.12.6File Path: /var/simplicite/simplicite-5.2/package-lock.json?/ajv:6.12.6 pkg:npm/ajv@6.12.6 ajv:6.12.6File Path: /var/simplicite/simplicite-5.2/package-lock.json?@eslint/eslintrc:2.1.4/ajv:^6.12.4 pkg:npm/ajv@6.12.6 ajv:8.12.0Description:
Another JSON Schema Validator License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/ajv:8.12.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/table:6.8.1 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author Evgeny Poberezkin Highest Vendor package.json bugs https://github.com/ajv-validator/ajv/issues Highest Vendor package.json description Another JSON Schema Validator Highest Vendor package.json homepage https://ajv.js.org Highest Vendor package.json name ajv Highest Vendor package.json name ajv_project Highest Product package.json name ajv Highest Version package.json version 8.12.0 Highest
Related Dependencies ajv:8.12.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?table:6.8.1/ajv:^8.0.1 pkg:npm/ajv@8.12.0 animal-sniffer-annotations-1.20.jarFile Path: /var/simplicite/.m2/repository/org/codehaus/mojo/animal-sniffer-annotations/1.20/animal-sniffer-annotations-1.20.jarMD5: 919666ecef35662f89bd13e2fc04c127SHA1: 0d98c2b001fcb9031859ec9d21914c2ce78912a5SHA256: bedd44dfca2dc2b8f5c08cd1d6f0e0ce74094ec67781260968e03fc0e77522acReferenced In Project/Scope: Simplicite Platform:runtimeanimal-sniffer-annotations-1.20.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.google.cloud/google-cloud-pubsub@1.114.4
Evidence Type Source Name Value Confidence Vendor file name animal-sniffer-annotations High Vendor jar package name codehaus Highest Vendor jar package name mojo Highest Vendor Manifest build-jdk-spec 11 Low Vendor pom artifactid animal-sniffer-annotations Highest Vendor pom artifactid animal-sniffer-annotations Low Vendor pom groupid org.codehaus.mojo Highest Vendor pom name Animal Sniffer Annotations High Vendor pom parent-artifactid animal-sniffer-parent Low Product file name animal-sniffer-annotations High Product jar package name codehaus Highest Product jar package name mojo Highest Product Manifest build-jdk-spec 11 Low Product pom artifactid animal-sniffer-annotations Highest Product pom groupid org.codehaus.mojo Highest Product pom name Animal Sniffer Annotations High Product pom parent-artifactid animal-sniffer-parent Medium Version file version 1.20 High Version pom version 1.20 Highest
annotations-4.1.1.4.jarDescription:
A library jar that provides annotations for the Google Android Platform. License:
Apache 2.0: http://www.apache.org/licenses/LICENSE-2.0 File Path: /var/simplicite/.m2/repository/com/google/android/annotations/4.1.1.4/annotations-4.1.1.4.jar
MD5: c2cdd26a6ae577f24775e8ce75da1fdc
SHA1: a1678ba907bf92691d879fef34e1a187038f9259
SHA256: ba734e1e84c09d615af6a09d33034b4f0442f8772dec120efb376d86a565ae15
Referenced In Project/Scope: Simplicite Platform:runtime
annotations-4.1.1.4.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.google.cloud/google-cloud-pubsub@1.114.4
Evidence Type Source Name Value Confidence Vendor file name annotations High Vendor jar package name android Highest Vendor jar package name android Low Vendor jar package name annotation Low Vendor pom artifactid annotations Highest Vendor pom artifactid annotations Low Vendor pom developer name The Android Open Source Projects Medium Vendor pom groupid com.google.android Highest Vendor pom name Google Android Annotations Library High Vendor pom url http://source.android.com/ Highest Product file name annotations High Product jar package name android Highest Product jar package name annotation Low Product pom artifactid annotations Highest Product pom developer name The Android Open Source Projects Low Product pom groupid com.google.android Highest Product pom name Google Android Annotations Library High Product pom url http://source.android.com/ Medium Version file version 4.1.1.4 High Version pom version 4.1.1.4 Highest
ansi-align:3.0.1Description:
align-text with ANSI support for CLIs License:
ISC File Path: /var/simplicite/simplicite-5.2/package-lock.json?boxen:5.1.2/ansi-align:^3.0.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/boxen:5.1.2 simplicite-js:5.2.54/boxen:7.1.0 simplicite-js:5.2.54/boxen:4.2.0 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author nexdrew Highest Vendor package.json bugs.url https://github.com/nexdrew/ansi-align/issues Highest Vendor package.json description align-text with ANSI support for CLIs Highest Vendor package.json homepage https://github.com/nexdrew/ansi-align#readme Highest Vendor package.json name ansi-align Highest Vendor package.json name ansi-align_project Highest Product package.json name ansi-align Highest Version package.json version 3.0.1 Highest
Related Dependencies ansi-align:3.0.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?/ansi-align:3.0.1 pkg:npm/ansi-align@3.0.1 ansi-align:3.0.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?boxen:4.2.0/ansi-align:^3.0.0 pkg:npm/ansi-align@3.0.1 ansi-align:3.0.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?boxen:7.1.0/ansi-align:^3.0.1 pkg:npm/ansi-align@3.0.1 ansi-escapes:4.3.2Description:
ANSI escape codes for manipulating the terminal License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?terminal-link:2.1.1/ansi-escapes:^4.2.1
Referenced In Projects/Scopes: simplicite-js:5.2.54/terminal-link:2.1.1 simplicite-js:5.2.54/inquirer:7.3.3 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author.email sindresorhus@gmail.com Highest Vendor package.json author.name Sindre Sorhus Highest Vendor package.json author.url https://sindresorhus.com Highest Vendor package.json description ANSI escape codes for manipulating the terminal Highest Vendor package.json name ansi-escapes Highest Vendor package.json name ansi-escapes_project Highest Product package.json name ansi-escapes Highest Version package.json version 4.3.2 Highest
Related Dependencies ansi-escapes:4.3.2File Path: /var/simplicite/simplicite-5.2/package-lock.json?/ansi-escapes:4.3.2 pkg:npm/ansi-escapes@4.3.2 ansi-escapes:4.3.2File Path: /var/simplicite/simplicite-5.2/package-lock.json?inquirer:7.3.3/ansi-escapes:^4.2.1 pkg:npm/ansi-escapes@4.3.2 ansi-regex:5.0.1Description:
Regular expression for matching ANSI escape codes License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?strip-ansi-cjs:6.0.1/ansi-regex:^5.0.1
Referenced In Projects/Scopes: simplicite-js:5.2.54/strip-ansi-cjs:6.0.1 simplicite-js:5.2.54 simplicite-js:5.2.54/strip-ansi:6.0.1 simplicite-js:5.2.54/strip-ansi:7.1.0 Evidence Type Source Name Value Confidence Vendor package.json author.email sindresorhus@gmail.com Highest Vendor package.json author.name Sindre Sorhus Highest Vendor package.json author.url https://sindresorhus.com Highest Vendor package.json author.url sindresorhus.com Highest Vendor package.json description Regular expression for matching ANSI escape codes Highest Vendor package.json name ansi-regex Highest Vendor package.json name ansi-regex_project Highest Product package.json name ansi-regex Highest Version package.json version 5.0.1 Highest
Related Dependencies ansi-regex:5.0.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?/ansi-regex:5.0.1 pkg:npm/ansi-regex@5.0.1 ansi-regex:5.0.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?strip-ansi:6.0.1/ansi-regex:^5.0.1 pkg:npm/ansi-regex@5.0.1 ansi-regex:5.0.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?strip-ansi:7.1.0/ansi-regex:^6.0.1 pkg:npm/ansi-regex@5.0.1 ansi-regex:6.0.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?/ansi-regex:6.0.1 pkg:npm/ansi-regex@6.0.1 ansi-styles:3.2.1Description:
ANSI escape codes for styling strings in the terminal License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?chalk:2.4.2/ansi-styles:^3.2.1
Referenced In Projects/Scopes: simplicite-js:5.2.54/slice-ansi:4.0.0 simplicite-js:5.2.54/chalk:3.0.0 simplicite-js:5.2.54/wrap-ansi:8.1.0 simplicite-js:5.2.54/chalk:4.1.2 simplicite-js:5.2.54 simplicite-js:5.2.54/chalk:2.4.2 Evidence Type Source Name Value Confidence Vendor package.json author.email sindresorhus@gmail.com Highest Vendor package.json author.name Sindre Sorhus Highest Vendor package.json author.url https://sindresorhus.com Highest Vendor package.json author.url sindresorhus.com Highest Vendor package.json description ANSI escape codes for styling strings in the terminal Highest Vendor package.json name ansi-styles Highest Vendor package.json name ansi-styles_project Highest Product package.json name ansi-styles Highest Version package.json version 3.2.1 Highest
Related Dependencies ansi-styles:3.2.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?/ansi-styles:3.2.1 pkg:npm/ansi-styles@3.2.1 ansi-styles:3.2.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?chalk:3.0.0/ansi-styles:^4.1.0 pkg:npm/ansi-styles@3.2.1 ansi-styles:3.2.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?chalk:4.1.2/ansi-styles:^4.1.0 pkg:npm/ansi-styles@3.2.1 ansi-styles:3.2.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?wrap-ansi:8.1.0/ansi-styles:^6.1.0 pkg:npm/ansi-styles@3.2.1 ansi-styles:4.3.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?/ansi-styles:4.3.0 pkg:npm/ansi-styles@4.3.0 ansi-styles:4.3.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?slice-ansi:4.0.0/ansi-styles:^4.0.0 pkg:npm/ansi-styles@4.3.0 ansi-styles:6.2.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?/ansi-styles:6.2.1 pkg:npm/ansi-styles@6.2.1 ansi-styles:4.3.0Description:
ANSI escape codes for styling strings in the terminal License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/ansi-styles:4.3.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/wrap-ansi:7.0.0 simplicite-js:5.2.54/wrap-ansi-cjs:7.0.0 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author.email sindresorhus@gmail.com Highest Vendor package.json author.name Sindre Sorhus Highest Vendor package.json author.url sindresorhus.com Highest Vendor package.json description ANSI escape codes for styling strings in the terminal Highest Vendor package.json name ansi-styles Highest Vendor package.json name ansi-styles_project Highest Product package.json name ansi-styles Highest Version package.json version 4.3.0 Highest
Related Dependencies ansi-styles:4.3.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?wrap-ansi-cjs:7.0.0/ansi-styles:^4.0.0 pkg:npm/ansi-styles@4.3.0 ansi-styles:4.3.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?wrap-ansi:7.0.0/ansi-styles:^4.0.0 pkg:npm/ansi-styles@4.3.0 ant-1.10.11.jarFile Path: /var/simplicite/.m2/repository/org/apache/ant/ant/1.10.11/ant-1.10.11.jarMD5: ee3529760a0cf967e19f38523adc603eSHA1: b875cd48a0bc955ae9c5c477ad991e1f26fb24d2SHA256: 88c0b89bbbaae01e0d9fcae93be792f5abbe3409106f8eee858fdf365dbc0754Referenced In Project/Scope: Simplicite Platform:compileant-1.10.11.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.simplicite/simplicite@5.2.54
Evidence Type Source Name Value Confidence Vendor file name ant High Vendor jar package name ant Highest Vendor jar package name apache Highest Vendor manifest: org/apache/tools/ant/ Implementation-Vendor Apache Software Foundation Medium Vendor pom artifactid ant Highest Vendor pom artifactid ant Low Vendor pom groupid org.apache.ant Highest Vendor pom name Apache Ant Core High Vendor pom parent-artifactid ant-parent Low Vendor pom url https://ant.apache.org/ Highest Product file name ant High Product jar package name ant Highest Product jar package name apache Highest Product jar package name tools Highest Product manifest: org/apache/tools/ant/ Implementation-Title org.apache.tools.ant Medium Product manifest: org/apache/tools/ant/ Specification-Title Apache Ant Medium Product pom artifactid ant Highest Product pom groupid org.apache.ant Highest Product pom name Apache Ant Core High Product pom parent-artifactid ant-parent Medium Product pom url https://ant.apache.org/ Medium Version file version 1.10.11 High Version manifest: org/apache/tools/ant/ Implementation-Version 1.10.11 Medium Version pom version 1.10.11 Highest
Related Dependencies ant-launcher-1.10.11.jarFile Path: /var/simplicite/.m2/repository/org/apache/ant/ant-launcher/1.10.11/ant-launcher-1.10.11.jar MD5: be781a9ac23f3b6f16a898d49aa2af0b SHA1: ea0a0475fb6dfcdcf48b30410fd9d4f5c80df07e SHA256: dab530df7a980b5ac8fd7e8d208243ae0d3ebd6de09b1aa2ce756360cc2ed256 pkg:maven/org.apache.ant/ant-launcher@1.10.11 antlr-2.7.7.jarDescription:
A framework for constructing recognizers, compilers,
and translators from grammatical descriptions containing
Java, C#, C++, or Python actions.
License:
BSD License: http://www.antlr.org/license.html File Path: /var/simplicite/.m2/repository/antlr/antlr/2.7.7/antlr-2.7.7.jar
MD5: f8f1352c52a4c6a500b597596501fc64
SHA1: 83cd2cd674a217ade95a4bb83a8a14f351f48bd0
SHA256: 88fbda4b912596b9f56e8e12e580cc954bacfb51776ecfddd3e18fc1cf56dc4c
Referenced In Project/Scope: Simplicite Platform:compile
antlr-2.7.7.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.docx4j/docx4j-core@11.2.9
Evidence Type Source Name Value Confidence Vendor file name antlr High Vendor jar package name actions Highest Vendor jar package name antlr Highest Vendor jar package name antlr Low Vendor jar package name java Highest Vendor jar package name parser Highest Vendor jar package name python Highest Vendor pom artifactid antlr Highest Vendor pom artifactid antlr Low Vendor pom groupid antlr Highest Vendor pom name AntLR Parser Generator High Vendor pom url http://www.antlr.org/ Highest Product file name antlr High Product jar package name actions Highest Product jar package name antlr Highest Product jar package name java Highest Product jar package name parser Highest Product jar package name python Highest Product pom artifactid antlr Highest Product pom groupid antlr Highest Product pom name AntLR Parser Generator High Product pom url http://www.antlr.org/ Medium Version file version 2.7.7 High Version pom version 2.7.7 Highest
antlr-runtime-3.5.2.jarDescription:
A framework for constructing recognizers, compilers, and translators from grammatical descriptions containing Java, C#, C++, or Python actions. File Path: /var/simplicite/.m2/repository/org/antlr/antlr-runtime/3.5.2/antlr-runtime-3.5.2.jarMD5: 1fbbae2cb72530207c20b797bdabd029SHA1: cd9cd41361c155f3af0f653009dcecb08d8b4afdSHA256: ce3fc8ecb10f39e9a3cddcbb2ce350d272d9cd3d0b1e18e6fe73c3b9389c8734Referenced In Project/Scope: Simplicite Platform:compileantlr-runtime-3.5.2.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.docx4j/docx4j-core@11.2.9
Evidence Type Source Name Value Confidence Vendor file name antlr-runtime High Vendor jar package name antlr Highest Vendor jar package name runtime Highest Vendor Manifest Implementation-Vendor ANTLR High Vendor Manifest Implementation-Vendor-Id org.antlr Medium Vendor pom artifactid antlr-runtime Highest Vendor pom artifactid antlr-runtime Low Vendor pom developer email jimi@temporal-wave.com Low Vendor pom developer email parrt@antlr.org Low Vendor pom developer name Jim Idle Medium Vendor pom developer name Terence Parr Medium Vendor pom developer org Temporal Wave LLC Medium Vendor pom developer org USFCA Medium Vendor pom developer org URL http://www.cs.usfca.edu Medium Vendor pom developer org URL http://www.temporal-wave.com Medium Vendor pom groupid org.antlr Highest Vendor pom name ANTLR 3 Runtime High Vendor pom parent-artifactid antlr-master Low Vendor pom url http://www.antlr.org Highest Product file name antlr-runtime High Product jar package name antlr Highest Product jar package name runtime Highest Product Manifest Implementation-Title ANTLR 3 Runtime High Product pom artifactid antlr-runtime Highest Product pom developer email jimi@temporal-wave.com Low Product pom developer email parrt@antlr.org Low Product pom developer name Jim Idle Low Product pom developer name Terence Parr Low Product pom developer org Temporal Wave LLC Low Product pom developer org USFCA Low Product pom developer org URL http://www.cs.usfca.edu Low Product pom developer org URL http://www.temporal-wave.com Low Product pom groupid org.antlr Highest Product pom name ANTLR 3 Runtime High Product pom parent-artifactid antlr-master Medium Product pom url http://www.antlr.org Medium Version file version 3.5.2 High Version Manifest Implementation-Version 3.5.2 High Version pom version 3.5.2 Highest
anymatch:3.1.3Description:
Matches strings against configurable strings, globs, regular expressions, and/or functions License:
ISC File Path: /var/simplicite/simplicite-5.2/package-lock.json?chokidar:3.5.3/anymatch:~3.1.2
Referenced In Projects/Scopes: simplicite-js:5.2.54/chokidar:3.5.3 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author.name Elan Shanker Highest Vendor package.json author.url https://github.com/es128 Highest Vendor package.json description Matches strings against configurable strings, globs, regular expressions, and/or functions Highest Vendor package.json homepage https://github.com/micromatch/anymatch Highest Vendor package.json name anymatch Highest Vendor package.json name anymatch_project Highest Product package.json name anymatch Highest Version package.json version 3.1.3 Highest
Related Dependencies anymatch:3.1.3File Path: /var/simplicite/simplicite-5.2/package-lock.json?/anymatch:3.1.3 pkg:npm/anymatch@3.1.3 aopalliance-1.0.jarDescription:
AOP Alliance License:
Public Domain File Path: /var/simplicite/.m2/repository/aopalliance/aopalliance/1.0/aopalliance-1.0.jar
MD5: 04177054e180d09e3998808efa0401c7
SHA1: 0235ba8b489512805ac13a8f9ea77a1ca5ebe3e8
SHA256: 0addec670fedcd3f113c5c8091d783280d23f75e3acb841b61a9cdb079376a08
Referenced In Project/Scope: Simplicite Platform:compile
aopalliance-1.0.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.apache.jclouds/jclouds-core@2.4.0
Evidence Type Source Name Value Confidence Vendor file name aopalliance High Vendor jar package name aop Highest Vendor jar package name aopalliance Highest Vendor jar package name aopalliance Low Vendor jar package name intercept Low Vendor pom artifactid aopalliance Highest Vendor pom artifactid aopalliance Low Vendor pom groupid aopalliance Highest Vendor pom name AOP alliance High Vendor pom url http://aopalliance.sourceforge.net Highest Product file name aopalliance High Product jar package name aop Highest Product jar package name aopalliance Highest Product jar package name intercept Low Product pom artifactid aopalliance Highest Product pom groupid aopalliance Highest Product pom name AOP alliance High Product pom url http://aopalliance.sourceforge.net Medium Version file version 1.0 High Version pom version 1.0 Highest
aopalliance-repackaged-2.6.1.jarDescription:
Dependency Injection Kernel License:
http://www.eclipse.org/legal/epl-2.0, https://www.gnu.org/software/classpath/license.html File Path: /var/simplicite/.m2/repository/org/glassfish/hk2/external/aopalliance-repackaged/2.6.1/aopalliance-repackaged-2.6.1.jar
MD5: 0237846ebdaa7db36b356044a373ffba
SHA1: b2eb0a83bcbb44cc5d25f8b18f23be116313a638
SHA256: bad77f9278d753406360af9e4747bd9b3161554ea9cd3d62411a0ae1f2c141fd
Referenced In Project/Scope: Simplicite Platform:provided
aopalliance-repackaged-2.6.1.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.docusign/docusign-esign-java@3.14.0
Evidence Type Source Name Value Confidence Vendor file name aopalliance-repackaged High Vendor jar package name aopalliance Highest Vendor Manifest bundle-docurl http://www.oracle.com Low Vendor Manifest bundle-symbolicname org.glassfish.hk2.external.aopalliance-repackaged Medium Vendor pom artifactid aopalliance-repackaged Highest Vendor pom artifactid aopalliance-repackaged Low Vendor pom groupid org.glassfish.hk2.external Highest Vendor pom name aopalliance version repackaged as a module High Vendor pom name aopalliance version ${aopalliance.version} repackaged as a module High Vendor pom parent-artifactid external Low Vendor pom parent-groupid org.glassfish.hk2 Medium Product file name aopalliance-repackaged High Product jar package name aopalliance Highest Product Manifest bundle-docurl http://www.oracle.com Low Product Manifest Bundle-Name aopalliance version 1.0 repackaged as a module Medium Product Manifest bundle-symbolicname org.glassfish.hk2.external.aopalliance-repackaged Medium Product pom artifactid aopalliance-repackaged Highest Product pom groupid org.glassfish.hk2.external Highest Product pom name aopalliance version repackaged as a module High Product pom name aopalliance version ${aopalliance.version} repackaged as a module High Product pom parent-artifactid external Medium Product pom parent-groupid org.glassfish.hk2 Medium Version file version 2.6.1 High Version Manifest Bundle-Version 2.6.1 High Version pom version 2.6.1 Highest
apache-mime4j-core-0.8.4.jarDescription:
Java stream based MIME message parser License:
https://www.apache.org/licenses/LICENSE-2.0.txt File Path: /var/simplicite/.m2/repository/org/apache/james/apache-mime4j-core/0.8.4/apache-mime4j-core-0.8.4.jar
MD5: 6d4ea538b14e34ee757fa00b06192514
SHA1: a7e552628c6587bdd1e2036045f1e06c4d513e32
SHA256: cd53e8269a9e1997c5699ffebd7d5c8245ffc81c2061fa397de27aa13f194883
Referenced In Project/Scope: Simplicite Platform:compile
apache-mime4j-core-0.8.4.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.apache.tika/tika-parsers@1.27
Evidence Type Source Name Value Confidence Vendor file name apache-mime4j-core High Vendor jar package name apache Highest Vendor jar package name james Highest Vendor jar package name mime4j Highest Vendor Manifest build-jdk-spec 1.8 Low Vendor Manifest bundle-docurl https://www.apache.org/ Low Vendor Manifest bundle-symbolicname org.apache.james.apache-mime4j-core Medium Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor pom artifactid apache-mime4j-core Highest Vendor pom artifactid apache-mime4j-core Low Vendor pom groupid org.apache.james Highest Vendor pom name Apache James :: Mime4j :: Core High Vendor pom parent-artifactid apache-mime4j-project Low Product file name apache-mime4j-core High Product jar package name apache Highest Product jar package name james Highest Product jar package name mime4j Highest Product jar package name parser Highest Product jar package name stream Highest Product Manifest build-jdk-spec 1.8 Low Product Manifest bundle-docurl https://www.apache.org/ Low Product Manifest Bundle-Name Apache James :: Mime4j :: Core Medium Product Manifest bundle-symbolicname org.apache.james.apache-mime4j-core Medium Product Manifest Implementation-Title Apache James :: Mime4j :: Core High Product Manifest specification-title Apache James :: Mime4j :: Core Medium Product pom artifactid apache-mime4j-core Highest Product pom groupid org.apache.james Highest Product pom name Apache James :: Mime4j :: Core High Product pom parent-artifactid apache-mime4j-project Medium Version file version 0.8.4 High Version Manifest Bundle-Version 0.8.4 High Version Manifest Implementation-Version 0.8.4 High Version pom version 0.8.4 Highest
CVE-2024-21742 (OSSINDEX) suppress
Improper input validation allows for header injection in MIME4J library when using MIME4J DOM for composing message.
This can be exploited by an attacker to add unintended headers to MIME messages.
CWE-20 Improper Input Validation
CVSSv2:
Base Score: MEDIUM (5.3) Vector: /AV:N/AC:L/Au:/C:N/I:L/A:N References:
Vulnerable Software & Versions (OSSINDEX):
cpe:2.3:a:org.apache.james:apache-mime4j-core:0.8.4:*:*:*:*:*:*:* apache-mime4j-dom-0.8.4.jarDescription:
Java MIME Document Object Model License:
https://www.apache.org/licenses/LICENSE-2.0.txt File Path: /var/simplicite/.m2/repository/org/apache/james/apache-mime4j-dom/0.8.4/apache-mime4j-dom-0.8.4.jar
MD5: 075dc485dbd239a5d587fb0150afa49d
SHA1: dfdfdbc095017ffbaef308e80ff7ca53b1a6ff08
SHA256: f85feb2ad16aa15b5bbba48df16cd711b407f966967669cec897bd82498c5b5d
Referenced In Project/Scope: Simplicite Platform:compile
apache-mime4j-dom-0.8.4.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.apache.tika/tika-parsers@1.27
Evidence Type Source Name Value Confidence Vendor file name apache-mime4j-dom High Vendor jar package name apache Highest Vendor jar package name dom Highest Vendor jar package name james Highest Vendor jar package name mime4j Highest Vendor Manifest build-jdk-spec 1.8 Low Vendor Manifest bundle-docurl https://www.apache.org/ Low Vendor Manifest bundle-symbolicname org.apache.james.apache-mime4j-dom Medium Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor pom artifactid apache-mime4j-dom Highest Vendor pom artifactid apache-mime4j-dom Low Vendor pom groupid org.apache.james Highest Vendor pom name Apache James :: Mime4j :: DOM High Vendor pom parent-artifactid apache-mime4j-project Low Product file name apache-mime4j-dom High Product jar package name apache Highest Product jar package name dom Highest Product jar package name james Highest Product jar package name mime4j Highest Product Manifest build-jdk-spec 1.8 Low Product Manifest bundle-docurl https://www.apache.org/ Low Product Manifest Bundle-Name Apache James :: Mime4j :: DOM Medium Product Manifest bundle-symbolicname org.apache.james.apache-mime4j-dom Medium Product Manifest Implementation-Title Apache James :: Mime4j :: DOM High Product Manifest specification-title Apache James :: Mime4j :: DOM Medium Product pom artifactid apache-mime4j-dom Highest Product pom groupid org.apache.james Highest Product pom name Apache James :: Mime4j :: DOM High Product pom parent-artifactid apache-mime4j-project Medium Version file version 0.8.4 High Version Manifest Bundle-Version 0.8.4 High Version Manifest Implementation-Version 0.8.4 High Version pom version 0.8.4 Highest
api-common-2.0.2.jarDescription:
Common utilities for Google APIs in Java License:
BSD: https://github.com/googleapis/api-common-java/blob/master/LICENSE File Path: /var/simplicite/.m2/repository/com/google/api/api-common/2.0.2/api-common-2.0.2.jar
MD5: c609f750cc5ca9563d7183358c7e2965
SHA1: d640515a0216e2143ad08fa7dece2653db4cc030
SHA256: d3c6632e3695a4cd5d0b25314f4585ce1a81743b2df345728d85e16208805340
Referenced In Project/Scope: Simplicite Platform:compile
api-common-2.0.2.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.google.cloud/google-cloud-storage@2.1.4
Evidence Type Source Name Value Confidence Vendor file name api-common High Vendor jar package name api Highest Vendor jar package name google Highest Vendor Manifest automatic-module-name com.google.api.apicommon Medium Vendor pom artifactid api-common Highest Vendor pom artifactid api-common Low Vendor pom developer email googleapis@googlegroups.com Low Vendor pom developer id GoogleAPIs Medium Vendor pom developer name GoogleAPIs Medium Vendor pom developer org Google, Inc. Medium Vendor pom developer org URL https://www.google.com Medium Vendor pom groupid com.google.api Highest Vendor pom name API Common High Vendor pom url googleapis/api-common-java Highest Product file name api-common High Product jar package name api Highest Product jar package name google Highest Product Manifest automatic-module-name com.google.api.apicommon Medium Product pom artifactid api-common Highest Product pom developer email googleapis@googlegroups.com Low Product pom developer id GoogleAPIs Low Product pom developer name GoogleAPIs Low Product pom developer org Google, Inc. Low Product pom developer org URL https://www.google.com Low Product pom groupid com.google.api Highest Product pom name API Common High Product pom url googleapis/api-common-java High Version file version 2.0.2 High Version pom version 2.0.2 Highest
aproba:2.0.0Description:
A ridiculously light-weight argument validator (now browser friendly) License:
ISC File Path: /var/simplicite/simplicite-5.2/package-lock.json?gauge:4.0.4/aproba:^1.0.3 || ^2.0.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/gauge:4.0.4 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author Rebecca Turner <me@re-becca.org> Highest Vendor package.json bugs.url https://github.com/iarna/aproba/issues Highest Vendor package.json description A ridiculously light-weight argument validator (now browser friendly) Highest Vendor package.json homepage https://github.com/iarna/aproba Highest Vendor package.json name aproba Highest Vendor package.json name aproba_project Highest Product package.json name aproba Highest Version package.json version 2.0.0 Highest
Related Dependencies aproba:2.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?/aproba:2.0.0 pkg:npm/aproba@2.0.0 are-docs-informative:0.0.2Description:
Checks whether a documentation description introduces any new information. License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?eslint-plugin-jsdoc:48.0.4/are-docs-informative:^0.0.2
Referenced In Projects/Scopes: simplicite-js:5.2.54/eslint-plugin-jsdoc:48.0.4 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author Josh Goldberg <npm@joshuakgoldberg.com> Highest Vendor package.json description Checks whether a documentation description introduces any new information. Highest Vendor package.json name are-docs-informative Highest Vendor package.json name are-docs-informative_project Highest Product package.json name are-docs-informative Highest Version package.json version 0.0.2 Highest
Related Dependencies are-docs-informative:0.0.2File Path: /var/simplicite/simplicite-5.2/package-lock.json?/are-docs-informative:0.0.2 pkg:npm/are-docs-informative@0.0.2 are-we-there-yet:3.0.1Description:
Keep track of the overall completion of many disparate processes License:
ISC File Path: /var/simplicite/simplicite-5.2/package-lock.json?npmlog:6.0.2/are-we-there-yet:^3.0.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/npmlog:6.0.2 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author GitHub Inc. Highest Vendor package.json bugs.url https://github.com/npm/are-we-there-yet/issues Highest Vendor package.json description Keep track of the overall completion of many disparate processes Highest Vendor package.json homepage https://github.com/npm/are-we-there-yet Highest Vendor package.json name are-we-there-yet Highest Vendor package.json name are-we-there-yet_project Highest Product package.json name are-we-there-yet Highest Version package.json version 3.0.1 Highest
Related Dependencies are-we-there-yet:3.0.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?/are-we-there-yet:3.0.1 pkg:npm/are-we-there-yet@3.0.1 argparse:2.0.1Description:
CLI arguments parser. Native port of python's argparse. License:
Python-2.0 File Path: /var/simplicite/simplicite-5.2/package-lock.json?markdown-it:12.3.2/argparse:^2.0.1
Referenced In Projects/Scopes: simplicite-js:5.2.54/js-yaml:3.14.1 simplicite-js:5.2.54/js-yaml:4.1.0 simplicite-js:5.2.54 simplicite-js:5.2.54/markdown-it:12.3.2 Evidence Type Source Name Value Confidence Vendor package.json description CLI arguments parser. Native port of python's argparse. Highest Vendor package.json name argparse Highest Vendor package.json name argparse_project Highest Product package.json name argparse Highest Version package.json version 2.0.1 Highest
Related Dependencies argparse:1.0.10File Path: /var/simplicite/simplicite-5.2/package-lock.json?/argparse:1.0.10 pkg:npm/argparse@1.0.10 argparse:2.0.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?/argparse:2.0.1 pkg:npm/argparse@2.0.1 argparse:2.0.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?js-yaml:3.14.1/argparse:^1.0.7 pkg:npm/argparse@2.0.1 argparse:2.0.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?js-yaml:4.1.0/argparse:^2.0.1 pkg:npm/argparse@2.0.1 array-buffer-byte-length:1.0.0Description:
Get the byte length of an ArrayBuffer, even in engines without a `.byteLength` method. License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?es-abstract:1.21.2/array-buffer-byte-length:^1.0.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/es-abstract:1.21.2 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author Jordan Harband <ljharb@gmail.com> Highest Vendor package.json bugs.url https://github.com/inspect-js/array-buffer-byte-length/issues Highest Vendor package.json description Get the byte length of an ArrayBuffer, even in engines without a `.byteLength` method. Highest Vendor package.json homepage https://github.com/inspect-js/array-buffer-byte-length#readme Highest Vendor package.json name array-buffer-byte-length Highest Vendor package.json name array-buffer-byte-length_project Highest Product package.json name array-buffer-byte-length Highest Version package.json version 1.0.0 Highest
Related Dependencies array-buffer-byte-length:1.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?/array-buffer-byte-length:1.0.0 pkg:npm/array-buffer-byte-length@1.0.0 array-differ:3.0.0Description:
Create an array with values that are present in the first input array but not additional ones License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?multimatch:5.0.0/array-differ:^3.0.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/multimatch:5.0.0 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author.email sindresorhus@gmail.com Highest Vendor package.json author.name Sindre Sorhus Highest Vendor package.json author.url sindresorhus.com Highest Vendor package.json description Create an array with values that are present in the first input array but not additional ones Highest Vendor package.json name array-differ Highest Vendor package.json name array-differ_project Highest Product package.json name array-differ Highest Version package.json version 3.0.0 Highest
Related Dependencies array-differ:3.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?/array-differ:3.0.0 pkg:npm/array-differ@3.0.0 array-union:2.1.0Description:
Create an array of unique values, in order, from the input arrays License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?multimatch:5.0.0/array-union:^2.1.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/multimatch:5.0.0 simplicite-js:5.2.54 simplicite-js:5.2.54/globby:11.1.0 Evidence Type Source Name Value Confidence Vendor package.json author.email sindresorhus@gmail.com Highest Vendor package.json author.name Sindre Sorhus Highest Vendor package.json author.url sindresorhus.com Highest Vendor package.json description Create an array of unique values, in order, from the input arrays Highest Vendor package.json name array-union Highest Vendor package.json name array-union_project Highest Product package.json name array-union Highest Version package.json version 2.1.0 Highest
Related Dependencies array-union:2.1.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?/array-union:2.1.0 pkg:npm/array-union@2.1.0 array-union:2.1.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?globby:11.1.0/array-union:^2.1.0 pkg:npm/array-union@2.1.0 array.prototype.reduce:1.0.5Description:
An ES5 spec-compliant `Array.prototype.reduce` shim/polyfill/replacement that works as far down as ES3. License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?object.getownpropertydescriptors:2.1.6/array.prototype.reduce:^1.0.5
Referenced In Projects/Scopes: simplicite-js:5.2.54/object.getownpropertydescriptors:2.1.6 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author Jordan Harband <ljharb@gmail.com> Highest Vendor package.json bugs.url https://github.com/es-shims/Array.prototype.reduce/issues Highest Vendor package.json description An ES5 spec-compliant `Array.prototype.reduce` shim/polyfill/replacement that works as far down as ES3. Highest Vendor package.json homepage https://github.com/es-shims/Array.prototype.reduce#readme Highest Vendor package.json name array.prototype.reduce Highest Vendor package.json name array.prototype.reduce_project Highest Product package.json name array.prototype.reduce Highest Version package.json version 1.0.5 Highest
Related Dependencies array.prototype.reduce:1.0.5File Path: /var/simplicite/simplicite-5.2/package-lock.json?/array.prototype.reduce:1.0.5 pkg:npm/array.prototype.reduce@1.0.5 arrify:1.0.1Description:
Convert a value to an array License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?minimist-options:4.1.0/arrify:^1.0.1
Referenced In Projects/Scopes: simplicite-js:5.2.54 simplicite-js:5.2.54/minimist-options:4.1.0 Evidence Type Source Name Value Confidence Vendor package.json author.email sindresorhus@gmail.com Highest Vendor package.json author.name Sindre Sorhus Highest Vendor package.json author.url sindresorhus.com Highest Vendor package.json description Convert a value to an array Highest Vendor package.json name arrify Highest Vendor package.json name arrify_project Highest Product package.json name arrify Highest Version package.json version 1.0.1 Highest
Related Dependencies arrify:1.0.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?/arrify:1.0.1 pkg:npm/arrify@1.0.1 arrify:2.0.1Description:
Convert a value to an array License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/arrify:2.0.1
Referenced In Projects/Scopes: simplicite-js:5.2.54/multimatch:5.0.0 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author.email sindresorhus@gmail.com Highest Vendor package.json author.name Sindre Sorhus Highest Vendor package.json author.url sindresorhus.com Highest Vendor package.json description Convert a value to an array Highest Vendor package.json name arrify Highest Vendor package.json name arrify_project Highest Product package.json name arrify Highest Version package.json version 2.0.1 Highest
Related Dependencies arrify:2.0.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?multimatch:5.0.0/arrify:^2.0.1 pkg:npm/arrify@2.0.1 asm-9.2.jarDescription:
ASM, a very small and fast Java bytecode manipulation framework License:
BSD-3-Clause: https://asm.ow2.io/license.html File Path: /var/simplicite/.m2/repository/org/ow2/asm/asm/9.2/asm-9.2.jar
MD5: 8f184dce9b1bedc675d4a3640d43ddf0
SHA1: 81a03f76019c67362299c40e0ba13405f5467bff
SHA256: b9d4fe4d71938df38839f0eca42aaaa64cf8b313d678da036f0cb3ca199b47f5
Referenced In Project/Scope: Simplicite Platform:compile
asm-9.2.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.apache.tika/tika-parsers@1.27
Evidence Type Source Name Value Confidence Vendor file name asm High Vendor jar package name asm Highest Vendor jar package name objectweb Highest Vendor Manifest bundle-docurl http://asm.ow2.org Low Vendor Manifest bundle-requiredexecutionenvironment J2SE-1.5 Low Vendor Manifest bundle-symbolicname org.objectweb.asm Medium Vendor pom artifactid asm Highest Vendor pom artifactid asm Low Vendor pom developer email ebruneton@free.fr Low Vendor pom developer email eu@javatx.org Low Vendor pom developer email forax@univ-mlv.fr Low Vendor pom developer id ebruneton Medium Vendor pom developer id eu Medium Vendor pom developer id forax Medium Vendor pom developer name Eric Bruneton Medium Vendor pom developer name Eugene Kuleshov Medium Vendor pom developer name Remi Forax Medium Vendor pom groupid org.ow2.asm Highest Vendor pom name asm High Vendor pom organization name OW2 High Vendor pom organization url http://www.ow2.org/ Medium Vendor pom parent-artifactid ow2 Low Vendor pom parent-groupid org.ow2 Medium Vendor pom url http://asm.ow2.io/ Highest Product file name asm High Product jar package name asm Highest Product jar package name objectweb Highest Product Manifest bundle-docurl http://asm.ow2.org Low Product Manifest Bundle-Name org.objectweb.asm Medium Product Manifest bundle-requiredexecutionenvironment J2SE-1.5 Low Product Manifest bundle-symbolicname org.objectweb.asm Medium Product Manifest Implementation-Title ASM, a very small and fast Java bytecode manipulation framework High Product pom artifactid asm Highest Product pom developer email ebruneton@free.fr Low Product pom developer email eu@javatx.org Low Product pom developer email forax@univ-mlv.fr Low Product pom developer id ebruneton Low Product pom developer id eu Low Product pom developer id forax Low Product pom developer name Eric Bruneton Low Product pom developer name Eugene Kuleshov Low Product pom developer name Remi Forax Low Product pom groupid org.ow2.asm Highest Product pom name asm High Product pom organization name OW2 Low Product pom organization url http://www.ow2.org/ Low Product pom parent-artifactid ow2 Medium Product pom parent-groupid org.ow2 Medium Product pom url http://asm.ow2.io/ Medium Version file version 9.2 High Version Manifest Implementation-Version 9.2 High Version pom parent-version 9.2 Low Version pom version 9.2 Highest
astral-regex:2.0.0Description:
Regular expression for matching astral symbols License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?slice-ansi:4.0.0/astral-regex:^2.0.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/slice-ansi:4.0.0 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author.email kevinmartensson@gmail.com Highest Vendor package.json author.name Kevin Mårtensson Highest Vendor package.json author.url github.com/kevva Highest Vendor package.json description Regular expression for matching astral symbols Highest Vendor package.json name astral-regex Highest Vendor package.json name astral-regex_project Highest Product package.json name astral-regex Highest Version package.json version 2.0.0 Highest
Related Dependencies astral-regex:2.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?/astral-regex:2.0.0 pkg:npm/astral-regex@2.0.0 auto-value-annotations-1.8.2.jarDescription:
Immutable value-type code generation for Java 1.6+.
File Path: /var/simplicite/.m2/repository/com/google/auto/value/auto-value-annotations/1.8.2/auto-value-annotations-1.8.2.jarMD5: 9b5f83eed1eaf5c5ae972d7024542d03SHA1: 546ae662e646e47a544ef68ebb43987a3146b692SHA256: 392a848fc611fff5fd317c2453a9a1bf7775e4f4de9c5af0d688bff57f691f6eReferenced In Project/Scope: Simplicite Platform:compileauto-value-annotations-1.8.2.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.google.cloud/google-cloud-storage@2.1.4
Evidence Type Source Name Value Confidence Vendor file name auto-value-annotations High Vendor jar package name auto Highest Vendor jar package name autovalue Highest Vendor jar package name google Highest Vendor jar package name value Highest Vendor Manifest build-jdk-spec 1.8 Low Vendor pom artifactid auto-value-annotations Highest Vendor pom artifactid auto-value-annotations Low Vendor pom groupid com.google.auto.value Highest Vendor pom name AutoValue Annotations High Vendor pom parent-artifactid auto-value-parent Low Vendor pom url google/auto/tree/master/value Highest Product file name auto-value-annotations High Product jar package name auto Highest Product jar package name autovalue Highest Product jar package name google Highest Product jar package name value Highest Product Manifest build-jdk-spec 1.8 Low Product pom artifactid auto-value-annotations Highest Product pom groupid com.google.auto.value Highest Product pom name AutoValue Annotations High Product pom parent-artifactid auto-value-parent Medium Product pom url google/auto/tree/master/value High Version file version 1.8.2 High Version pom version 1.8.2 Highest
autolink-0.10.0.jarDescription:
Java library to extract links (URLs, email addresses) from plain text;
fast, small and smart about recognizing where links end
License:
MIT License: http://www.opensource.org/licenses/mit-license.php File Path: /var/simplicite/.m2/repository/org/nibor/autolink/autolink/0.10.0/autolink-0.10.0.jar
MD5: be771f6d4d82b9098596afa30b4f48ea
SHA1: 6579ea7079be461e5ffa99f33222a632711cc671
SHA256: 302b30160968415ee6cd1907987138c7575a6315f9b6ef13b9fe3abc87367857
Referenced In Project/Scope: Simplicite Platform:compile
autolink-0.10.0.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.commonmark/commonmark-ext-autolink@0.18.0
Evidence Type Source Name Value Confidence Vendor file name autolink High Vendor jar package name autolink Highest Vendor jar package name nibor Highest Vendor Manifest automatic-module-name org.nibor.autolink Medium Vendor pom artifactid autolink Highest Vendor pom artifactid autolink Low Vendor pom developer email robin@nibor.org Low Vendor pom developer name Robin Stocker Medium Vendor pom groupid org.nibor.autolink Highest Vendor pom name autolink-java High Vendor pom url robinst/autolink-java Highest Product file name autolink High Product jar package name autolink Highest Product jar package name nibor Highest Product Manifest automatic-module-name org.nibor.autolink Medium Product pom artifactid autolink Highest Product pom developer email robin@nibor.org Low Product pom developer name Robin Stocker Low Product pom groupid org.nibor.autolink Highest Product pom name autolink-java High Product pom url robinst/autolink-java High Version file version 0.10.0 High Version pom version 0.10.0 Highest
available-typed-arrays:1.0.5Description:
Returns an array of Typed Array names that are available in the current environment License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?which-typed-array:1.1.9/available-typed-arrays:^1.0.5
Referenced In Projects/Scopes: simplicite-js:5.2.54/es-abstract:1.21.2 simplicite-js:5.2.54/is-typed-array:1.1.10 simplicite-js:5.2.54/which-typed-array:1.1.9 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author Jordan Harband <ljharb@gmail.com> Highest Vendor package.json bugs.url https://github.com/inspect-js/available-typed-arrays/issues Highest Vendor package.json description Returns an array of Typed Array names that are available in the current environment Highest Vendor package.json homepage https://github.com/inspect-js/available-typed-arrays#readme Highest Vendor package.json name available-typed-arrays Highest Vendor package.json name available-typed-arrays_project Highest Product package.json name available-typed-arrays Highest Version package.json version 1.0.5 Highest
Related Dependencies available-typed-arrays:1.0.5File Path: /var/simplicite/simplicite-5.2/package-lock.json?/available-typed-arrays:1.0.5 pkg:npm/available-typed-arrays@1.0.5 available-typed-arrays:1.0.5File Path: /var/simplicite/simplicite-5.2/package-lock.json?es-abstract:1.21.2/available-typed-arrays:^1.0.5 pkg:npm/available-typed-arrays@1.0.5 available-typed-arrays:1.0.5File Path: /var/simplicite/simplicite-5.2/package-lock.json?is-typed-array:1.1.10/available-typed-arrays:^1.0.5 pkg:npm/available-typed-arrays@1.0.5 avalon-framework-impl-4.2.0.jarFile Path: /var/simplicite/.m2/repository/avalon-framework/avalon-framework-impl/4.2.0/avalon-framework-impl-4.2.0.jarMD5: 5c1f8f5c8c6c043538fc4ea038c2aaf6SHA1: 4da1db18947eb6950abb7ad79253011b9aec0e48SHA256: ed42c573cab460ca634b5c64a3b40ed1d67d6ee47fe25f87947370bede6af814Referenced In Project/Scope: Simplicite Platform:compileavalon-framework-impl-4.2.0.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/net.sf.barcode4j/barcode4j@2.1
Evidence Type Source Name Value Confidence Vendor file name avalon-framework-impl High Vendor jar package name apache Highest Vendor jar package name avalon Highest Vendor jar package name framework Highest Vendor Manifest extension-name avalon-framework-impl Medium Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor pom artifactid avalon-framework-impl Highest Vendor pom artifactid avalon-framework-impl Low Vendor pom groupid avalon-framework Highest Product file name avalon-framework-impl High Product jar package name avalon Highest Product jar package name framework Highest Product Manifest extension-name avalon-framework-impl Medium Product Manifest Implementation-Title High Product Manifest specification-title Avalon Framework Implementation Medium Product pom artifactid avalon-framework-impl Highest Product pom groupid avalon-framework Highest Version file version 4.2.0 High Version Manifest Implementation-Version 4.2.0 High Version pom version 4.2.0 Highest
aws-s3-2.4.0.jarDescription:
Simple Storage Service (S3) implementation targeted to Amazon Web Services File Path: /var/simplicite/.m2/repository/org/apache/jclouds/provider/aws-s3/2.4.0/aws-s3-2.4.0.jarMD5: d2f0ffe2fdcebe6d992a4eff274a4b5fSHA1: fc244f207a95f30508c422c5e74566495e3770fbSHA256: 6fc2a7bc0cd8cbbccb7197a6aeaed6e3a6ee603bbfbe983b8ecacaea70973ed7Referenced In Project/Scope: Simplicite Platform:compileaws-s3-2.4.0.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.simplicite/simplicite@5.2.54
Evidence Type Source Name Value Confidence Vendor file name aws-s3 High Vendor jar package name aws Highest Vendor jar package name jclouds Highest Vendor jar package name s3 Highest Vendor Manifest bundle-symbolicname aws-s3 Medium Vendor Manifest implementation-url https://jclouds.apache.org/aws-s3/ Low Vendor Manifest Implementation-Vendor jclouds High Vendor Manifest Implementation-Vendor-Id org.apache.jclouds Medium Vendor Manifest specification-vendor jclouds Low Vendor pom artifactid aws-s3 Highest Vendor pom artifactid aws-s3 Low Vendor pom groupid org.apache.jclouds.provider Highest Vendor pom name jclouds Amazon Simple Storage Service (S3) provider High Vendor pom parent-artifactid jclouds-project Low Vendor pom parent-groupid org.apache.jclouds Medium Product file name aws-s3 High Product jar package name aws Highest Product jar package name jclouds Highest Product jar package name s3 Highest Product Manifest Bundle-Name jclouds Amazon Simple Storage Service (S3) provider Medium Product Manifest bundle-symbolicname aws-s3 Medium Product Manifest Implementation-Title jclouds Amazon Simple Storage Service (S3) provider High Product Manifest implementation-url https://jclouds.apache.org/aws-s3/ Low Product Manifest specification-title jclouds jclouds Amazon Simple Storage Service (S3) provider Medium Product pom artifactid aws-s3 Highest Product pom groupid org.apache.jclouds.provider Highest Product pom name jclouds Amazon Simple Storage Service (S3) provider High Product pom parent-artifactid jclouds-project Medium Product pom parent-groupid org.apache.jclouds Medium Version file version 2.4.0 High Version Manifest Bundle-Version 2.4.0 High Version Manifest Implementation-Version 2.4.0 High Version pom version 2.4.0 Highest
azureblob-2.4.0.jarDescription:
jclouds components to access Azure Blob Service File Path: /var/simplicite/.m2/repository/org/apache/jclouds/provider/azureblob/2.4.0/azureblob-2.4.0.jarMD5: 29caba9ddf6d5112ad4afcdd1059c3caSHA1: 9e53b5e4417af041bedd16eaebcf3c0f87804dfcSHA256: 94c835b4321b02dd46c31054f8e4131efbb81c97abe15dee64397d7b02db03caReferenced In Project/Scope: Simplicite Platform:compileazureblob-2.4.0.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.simplicite/simplicite@5.2.54
Evidence Type Source Name Value Confidence Vendor file name azureblob High Vendor jar package name azure Highest Vendor jar package name azureblob Highest Vendor jar package name jclouds Highest Vendor jar package name storage Highest Vendor Manifest bundle-symbolicname azureblob Medium Vendor Manifest implementation-url https://jclouds.apache.org/azureblob/ Low Vendor Manifest Implementation-Vendor jclouds High Vendor Manifest Implementation-Vendor-Id org.apache.jclouds Medium Vendor Manifest specification-vendor jclouds Low Vendor pom artifactid azureblob Highest Vendor pom artifactid azureblob Low Vendor pom groupid org.apache.jclouds.provider Highest Vendor pom name jclouds Azure Storage provider High Vendor pom parent-artifactid jclouds-project Low Vendor pom parent-groupid org.apache.jclouds Medium Product file name azureblob High Product jar package name azure Highest Product jar package name azureblob Highest Product jar package name jclouds Highest Product jar package name storage Highest Product Manifest Bundle-Name jclouds Azure Storage provider Medium Product Manifest bundle-symbolicname azureblob Medium Product Manifest Implementation-Title jclouds Azure Storage provider High Product Manifest implementation-url https://jclouds.apache.org/azureblob/ Low Product Manifest specification-title jclouds jclouds Azure Storage provider Medium Product pom artifactid azureblob Highest Product pom groupid org.apache.jclouds.provider Highest Product pom name jclouds Azure Storage provider High Product pom parent-artifactid jclouds-project Medium Product pom parent-groupid org.apache.jclouds Medium Version file version 2.4.0 High Version Manifest Bundle-Version 2.4.0 High Version Manifest Implementation-Version 2.4.0 High Version pom version 2.4.0 Highest
babel-plugin-polyfill-corejs2:0.4.8Description:
A Babel plugin to inject imports to core-js@2 polyfills License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/babel-plugin-polyfill-corejs2:0.4.8
Referenced In Projects/Scopes: simplicite-js:5.2.54/@babel/preset-env:7.23.9 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json description A Babel plugin to inject imports to core-js@2 polyfills Highest Vendor package.json name babel-plugin-polyfill-corejs2 Highest Vendor package.json name babel-plugin-polyfill-corejs2_project Highest Product package.json name babel-plugin-polyfill-corejs2 Highest Version package.json version 0.4.8 Highest
Related Dependencies babel-plugin-polyfill-corejs2:0.4.8File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/preset-env:7.23.9/babel-plugin-polyfill-corejs2:^0.4.8 pkg:npm/babel-plugin-polyfill-corejs2@0.4.8 babel-plugin-polyfill-corejs3:0.9.0Description:
A Babel plugin to inject imports to core-js@3 polyfills License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/babel-plugin-polyfill-corejs3:0.9.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/@babel/preset-env:7.23.9 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json description A Babel plugin to inject imports to core-js@3 polyfills Highest Vendor package.json name babel-plugin-polyfill-corejs3 Highest Vendor package.json name babel-plugin-polyfill-corejs3_project Highest Product package.json name babel-plugin-polyfill-corejs3 Highest Version package.json version 0.9.0 Highest
Related Dependencies babel-plugin-polyfill-corejs3:0.9.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/preset-env:7.23.9/babel-plugin-polyfill-corejs3:^0.9.0 pkg:npm/babel-plugin-polyfill-corejs3@0.9.0 babel-plugin-polyfill-regenerator:0.5.5Description:
A Babel plugin to inject imports to regenerator-runtime License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/babel-plugin-polyfill-regenerator:0.5.5
Referenced In Projects/Scopes: simplicite-js:5.2.54/@babel/preset-env:7.23.9 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json description A Babel plugin to inject imports to regenerator-runtime Highest Vendor package.json name babel-plugin-polyfill-regenerator Highest Vendor package.json name babel-plugin-polyfill-regenerator_project Highest Product package.json name babel-plugin-polyfill-regenerator Highest Version package.json version 0.5.5 Highest
Related Dependencies babel-plugin-polyfill-regenerator:0.5.5File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/preset-env:7.23.9/babel-plugin-polyfill-regenerator:^0.5.5 pkg:npm/babel-plugin-polyfill-regenerator@0.5.5 balanced-match:1.0.2Description:
Match balanced character pairs, like "{" and "}" License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?brace-expansion:2.0.1/balanced-match:^1.0.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/brace-expansion:1.1.11 simplicite-js:5.2.54/brace-expansion:2.0.1 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author.email mail@juliangruber.com Highest Vendor package.json author.name Julian Gruber Highest Vendor package.json author.url http://juliangruber.com Highest Vendor package.json description Match balanced character pairs, like "{" and "}" Highest Vendor package.json homepage https://github.com/juliangruber/balanced-match Highest Vendor package.json name balanced-match Highest Vendor package.json name balanced-match_project Highest Product package.json name balanced-match Highest Version package.json version 1.0.2 Highest
Related Dependencies balanced-match:1.0.2File Path: /var/simplicite/simplicite-5.2/package-lock.json?/balanced-match:1.0.2 pkg:npm/balanced-match@1.0.2 balanced-match:1.0.2File Path: /var/simplicite/simplicite-5.2/package-lock.json?brace-expansion:1.1.11/balanced-match:^1.0.0 pkg:npm/balanced-match@1.0.2 balanced-match:2.0.0Description:
Match balanced character pairs, like "{" and "}" License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/balanced-match:2.0.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/stylelint:14.16.1 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author.email mail@juliangruber.com Highest Vendor package.json author.name Julian Gruber Highest Vendor package.json author.url http://juliangruber.com Highest Vendor package.json description Match balanced character pairs, like "{" and "}" Highest Vendor package.json homepage https://github.com/juliangruber/balanced-match Highest Vendor package.json name balanced-match Highest Vendor package.json name balanced-match_project Highest Product package.json name balanced-match Highest Version package.json version 2.0.0 Highest
Related Dependencies balanced-match:2.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?stylelint:14.16.1/balanced-match:^2.0.0 pkg:npm/balanced-match@2.0.0 barcode4j-2.1.jarDescription:
Barcode4J is a flexible generator for barcodes written in Java. License:
The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /var/simplicite/.m2/repository/net/sf/barcode4j/barcode4j/2.1/barcode4j-2.1.jar
MD5: 4fc30cdb7b1abaf1ce08f26b0666e351
SHA1: 4b38b2219c0d522fcea8238493f2ea3e238ef529
SHA256: eb7252cc41a1539bcd018348e9f60e0942872bdaa49c58051e656a6be94969fb
Referenced In Project/Scope: Simplicite Platform:compile
barcode4j-2.1.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.simplicite/simplicite@5.2.54
Evidence Type Source Name Value Confidence Vendor file name barcode4j High Vendor jar package name barcode4j Highest Vendor jar package name krysalis Highest Vendor Manifest bundle-docurl http://barcode4j.sourceforge.net Low Vendor Manifest bundle-symbolicname org.krysalis.barcode4j Medium Vendor Manifest implementation-url http://barcode4j.sourceforge.net Low Vendor Manifest Implementation-Vendor The Barcode4J Project High Vendor pom artifactid barcode4j Highest Vendor pom artifactid barcode4j Low Vendor pom developer email buerkle@users.sourceforge.net Low Vendor pom developer email jmaerki@users.sourceforge.net Low Vendor pom developer email nicolaken@krysalis.org Low Vendor pom developer email the_webmaestro@users.sourceforge.net Low Vendor pom developer id buerkle Medium Vendor pom developer id jmaerki Medium Vendor pom developer id nicolaken Medium Vendor pom developer id the_webmaestro Medium Vendor pom developer name Dietmar Bürkle Medium Vendor pom developer name Jeremias Märki Medium Vendor pom developer name Nicola Ken Barozzi Medium Vendor pom developer name Web Maestro Clay Leeds Medium Vendor pom groupid net.sf.barcode4j Highest Vendor pom name Barcode4J High Vendor pom url http://barcode4j.sourceforge.net Highest Product file name barcode4j High Product jar package name barcode4j Highest Product jar package name krysalis Highest Product Manifest bundle-docurl http://barcode4j.sourceforge.net Low Product Manifest Bundle-Name Barcode4J Medium Product Manifest bundle-symbolicname org.krysalis.barcode4j Medium Product Manifest Implementation-Title Barcode4J Library High Product Manifest implementation-url http://barcode4j.sourceforge.net Low Product pom artifactid barcode4j Highest Product pom developer email buerkle@users.sourceforge.net Low Product pom developer email jmaerki@users.sourceforge.net Low Product pom developer email nicolaken@krysalis.org Low Product pom developer email the_webmaestro@users.sourceforge.net Low Product pom developer id buerkle Low Product pom developer id jmaerki Low Product pom developer id nicolaken Low Product pom developer id the_webmaestro Low Product pom developer name Dietmar Bürkle Low Product pom developer name Jeremias Märki Low Product pom developer name Nicola Ken Barozzi Low Product pom developer name Web Maestro Clay Leeds Low Product pom groupid net.sf.barcode4j Highest Product pom name Barcode4J High Product pom url http://barcode4j.sourceforge.net Medium Version file version 2.1 High Version pom version 2.1 Highest
base64-js:1.5.1Description:
Base64 encoding/decoding in pure JS License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?buffer:6.0.3/base64-js:^1.3.1
Referenced In Projects/Scopes: simplicite-js:5.2.54/buffer:6.0.3 simplicite-js:5.2.54 simplicite-js:5.2.54/buffer:5.7.1 Evidence Type Source Name Value Confidence Vendor package.json author T. Jameson Little <t.jameson.little@gmail.com> Highest Vendor package.json bugs.url https://github.com/beatgammit/base64-js/issues Highest Vendor package.json description Base64 encoding/decoding in pure JS Highest Vendor package.json homepage https://github.com/beatgammit/base64-js Highest Vendor package.json name base64-js Highest Vendor package.json name base64-js_project Highest Product package.json name base64-js Highest Version package.json version 1.5.1 Highest
Related Dependencies base64-js:1.5.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?/base64-js:1.5.1 pkg:npm/base64-js@1.5.1 base64-js:1.5.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?buffer:5.7.1/base64-js:^1.3.1 pkg:npm/base64-js@1.5.1 bcmail-jdk15on-1.70.jarDescription:
The Bouncy Castle Java S/MIME APIs for handling S/MIME protocols. This jar contains S/MIME APIs for JDK 1.5 and up. The APIs can be used in conjunction with a JCE/JCA provider such as the one provided with the Bouncy Castle Cryptography APIs. The JavaMail API and the Java activation framework will also be needed. License:
Bouncy Castle Licence: https://www.bouncycastle.org/licence.html File Path: /var/simplicite/.m2/repository/org/bouncycastle/bcmail-jdk15on/1.70/bcmail-jdk15on-1.70.jar
MD5: 8bb191ccc5fb9aacd10e6d90eb827133
SHA1: 08f4aafad90f6cc7f16b9992279828ae848c9e0d
SHA256: ff6cde372bcabca182e40c1cc5d9b1f9eb73370cad286ce362d3747aff15f230
Referenced In Project/Scope: Simplicite Platform:compile
bcmail-jdk15on-1.70.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.simplicite/simplicite@5.2.54
Evidence Type Source Name Value Confidence Vendor file name bcmail-jdk15on High Vendor jar package name bouncycastle Highest Vendor jar package name mail Highest Vendor Manifest application-library-allowable-codebase * Low Vendor Manifest application-name Bouncy Castle S/MIME API Medium Vendor Manifest automatic-module-name org.bouncycastle.mail Medium Vendor Manifest bundle-requiredexecutionenvironment J2SE-1.5 Low Vendor Manifest bundle-symbolicname bcmail Medium Vendor Manifest caller-allowable-codebase * Low Vendor Manifest codebase * Low Vendor Manifest extension-name org.bouncycastle.bcmail Medium Vendor Manifest Implementation-Vendor BouncyCastle.org High Vendor Manifest Implementation-Vendor-Id org.bouncycastle Medium Vendor Manifest multi-release true Low Vendor Manifest originally-created-by 25.292-b10 (Private Build) Low Vendor Manifest permissions all-permissions Low Vendor Manifest specification-vendor BouncyCastle.org Low Vendor Manifest trusted-library true Low Vendor pom artifactid bcmail-jdk15on Highest Vendor pom artifactid bcmail-jdk15on Low Vendor pom developer email feedback-crypto@bouncycastle.org Low Vendor pom developer id feedback-crypto Medium Vendor pom developer name The Legion of the Bouncy Castle Inc. Medium Vendor pom groupid org.bouncycastle Highest Vendor pom name Bouncy Castle S/MIME API High Vendor pom url https://www.bouncycastle.org/java.html Highest Product file name bcmail-jdk15on High Product jar package name bouncycastle Highest Product jar package name mail Highest Product Manifest application-library-allowable-codebase * Low Product Manifest application-name Bouncy Castle S/MIME API Medium Product Manifest automatic-module-name org.bouncycastle.mail Medium Product Manifest Bundle-Name bcmail Medium Product Manifest bundle-requiredexecutionenvironment J2SE-1.5 Low Product Manifest bundle-symbolicname bcmail Medium Product Manifest caller-allowable-codebase * Low Product Manifest codebase * Low Product Manifest extension-name org.bouncycastle.bcmail Medium Product Manifest multi-release true Low Product Manifest originally-created-by 25.292-b10 (Private Build) Low Product Manifest permissions all-permissions Low Product Manifest trusted-library true Low Product pom artifactid bcmail-jdk15on Highest Product pom developer email feedback-crypto@bouncycastle.org Low Product pom developer id feedback-crypto Low Product pom developer name The Legion of the Bouncy Castle Inc. Low Product pom groupid org.bouncycastle Highest Product pom name Bouncy Castle S/MIME API High Product pom url https://www.bouncycastle.org/java.html Medium Version file version 1.70 High Version Manifest Bundle-Version 1.70 High Version pom version 1.70 Highest
pkg:maven/org.bouncycastle/bcmail-jdk15on@1.70 (Confidence :High)cpe:2.3:a:bouncycastle:bouncy_castle_for_java:1.70:*:*:*:*:*:*:* (Confidence :Low) suppress cpe:2.3:a:bouncycastle:legion-of-the-bouncy-castle:1.70:*:*:*:*:*:*:* (Confidence :Low) suppress CVE-2023-33202 suppress
Bouncy Castle for Java before 1.73 contains a potential Denial of Service (DoS) issue within the Bouncy Castle org.bouncycastle.openssl.PEMParser class. This class parses OpenSSL PEM encoded streams containing X.509 certificates, PKCS8 encoded keys, and PKCS7 objects. Parsing a file that has crafted ASN.1 data through the PEMParser causes an OutOfMemoryError, which can enable a denial of service attack. (For users of the FIPS Java API: BC-FJA 1.0.2.3 and earlier are affected; BC-FJA 1.0.2.4 is fixed.) CWE-400 Uncontrolled Resource Consumption
CVSSv3:
Base Score: MEDIUM (5.5) Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H References:
Vulnerable Software & Versions:
bcpg-jdk15on-1.70.jarDescription:
The Bouncy Castle Java API for handling the OpenPGP protocol. This jar contains the OpenPGP API for JDK 1.5 and up. The APIs can be used in conjunction with a JCE/JCA provider such as the one provided with the Bouncy Castle Cryptography APIs. License:
Bouncy Castle Licence: https://www.bouncycastle.org/licence.html
Apache Software License, Version 1.1: https://www.apache.org/licenses/LICENSE-1.1 File Path: /var/simplicite/.m2/repository/org/bouncycastle/bcpg-jdk15on/1.70/bcpg-jdk15on-1.70.jar
MD5: 01ddc3aa0289346f4db19d95039cefdb
SHA1: 062f72ec06f31a6c31a3f3355fce0384b21126d7
SHA256: 4f08f4aa74048824151c98dd3e92e7165ac30659834404f08a8e843bdad32847
Referenced In Project/Scope: Simplicite Platform:compile
bcpg-jdk15on-1.70.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.simplicite/simplicite@5.2.54
Evidence Type Source Name Value Confidence Vendor file name bcpg-jdk15on High Vendor jar package name bcpg Highest Vendor jar package name bouncycastle Highest Vendor jar package name openpgp Highest Vendor Manifest application-library-allowable-codebase * Low Vendor Manifest application-name Bouncy Castle OpenPGP API Medium Vendor Manifest automatic-module-name org.bouncycastle.pg Medium Vendor Manifest bundle-requiredexecutionenvironment J2SE-1.5 Low Vendor Manifest bundle-symbolicname bcpg Medium Vendor Manifest caller-allowable-codebase * Low Vendor Manifest codebase * Low Vendor Manifest extension-name org.bouncycastle.bcpg Medium Vendor Manifest Implementation-Vendor BouncyCastle.org High Vendor Manifest Implementation-Vendor-Id org.bouncycastle Medium Vendor Manifest multi-release true Low Vendor Manifest originally-created-by 25.292-b10 (Private Build) Low Vendor Manifest permissions all-permissions Low Vendor Manifest specification-vendor BouncyCastle.org Low Vendor Manifest trusted-library true Low Vendor pom artifactid bcpg-jdk15on Highest Vendor pom artifactid bcpg-jdk15on Low Vendor pom developer email feedback-crypto@bouncycastle.org Low Vendor pom developer id feedback-crypto Medium Vendor pom developer name The Legion of the Bouncy Castle Inc. Medium Vendor pom groupid org.bouncycastle Highest Vendor pom name Bouncy Castle OpenPGP API High Vendor pom url https://www.bouncycastle.org/java.html Highest Product file name bcpg-jdk15on High Product jar package name bcpg Highest Product jar package name bouncycastle Highest Product jar package name openpgp Highest Product Manifest application-library-allowable-codebase * Low Product Manifest application-name Bouncy Castle OpenPGP API Medium Product Manifest automatic-module-name org.bouncycastle.pg Medium Product Manifest Bundle-Name bcpg Medium Product Manifest bundle-requiredexecutionenvironment J2SE-1.5 Low Product Manifest bundle-symbolicname bcpg Medium Product Manifest caller-allowable-codebase * Low Product Manifest codebase * Low Product Manifest extension-name org.bouncycastle.bcpg Medium Product Manifest multi-release true Low Product Manifest originally-created-by 25.292-b10 (Private Build) Low Product Manifest permissions all-permissions Low Product Manifest trusted-library true Low Product pom artifactid bcpg-jdk15on Highest Product pom developer email feedback-crypto@bouncycastle.org Low Product pom developer id feedback-crypto Low Product pom developer name The Legion of the Bouncy Castle Inc. Low Product pom groupid org.bouncycastle Highest Product pom name Bouncy Castle OpenPGP API High Product pom url https://www.bouncycastle.org/java.html Medium Version file version 1.70 High Version Manifest Bundle-Version 1.70 High Version pom version 1.70 Highest
pkg:maven/org.bouncycastle/bcpg-jdk15on@1.70 (Confidence :High)cpe:2.3:a:bouncycastle:bouncy_castle_for_java:1.70:*:*:*:*:*:*:* (Confidence :Low) suppress cpe:2.3:a:bouncycastle:legion-of-the-bouncy-castle:1.70:*:*:*:*:*:*:* (Confidence :Low) suppress CVE-2023-33202 suppress
Bouncy Castle for Java before 1.73 contains a potential Denial of Service (DoS) issue within the Bouncy Castle org.bouncycastle.openssl.PEMParser class. This class parses OpenSSL PEM encoded streams containing X.509 certificates, PKCS8 encoded keys, and PKCS7 objects. Parsing a file that has crafted ASN.1 data through the PEMParser causes an OutOfMemoryError, which can enable a denial of service attack. (For users of the FIPS Java API: BC-FJA 1.0.2.3 and earlier are affected; BC-FJA 1.0.2.4 is fixed.) CWE-400 Uncontrolled Resource Consumption
CVSSv3:
Base Score: MEDIUM (5.5) Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H References:
Vulnerable Software & Versions:
bcpkix-jdk15on-1.70.jarDescription:
The Bouncy Castle Java APIs for CMS, PKCS, EAC, TSP, CMP, CRMF, OCSP, and certificate generation. This jar contains APIs for JDK 1.5 and up. The APIs can be used in conjunction with a JCE/JCA provider such as the one provided with the Bouncy Castle Cryptography APIs. License:
Bouncy Castle Licence: https://www.bouncycastle.org/licence.html File Path: /var/simplicite/.m2/repository/org/bouncycastle/bcpkix-jdk15on/1.70/bcpkix-jdk15on-1.70.jar
MD5: 2c383f50d41937eae4fd32c35d8668cd
SHA1: f81e5af49571a9d5a109a88f239a73ce87055417
SHA256: e5b9cb821df57f70b0593358e89c0e8d7266515da9d088af6c646f63d433c07c
Referenced In Project/Scope: Simplicite Platform:compile
bcpkix-jdk15on-1.70.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.simplicite/simplicite@5.2.54
Evidence Type Source Name Value Confidence Vendor file name bcpkix-jdk15on High Vendor jar package name bouncycastle Highest Vendor jar package name cmp Highest Vendor jar package name cms Highest Vendor jar package name crmf Highest Vendor jar package name eac Highest Vendor jar package name ocsp Highest Vendor jar package name pkcs Highest Vendor jar package name pkix Highest Vendor jar package name tsp Highest Vendor Manifest application-library-allowable-codebase * Low Vendor Manifest application-name Bouncy Castle PKIX API Medium Vendor Manifest automatic-module-name org.bouncycastle.pkix Medium Vendor Manifest bundle-requiredexecutionenvironment J2SE-1.5 Low Vendor Manifest bundle-symbolicname bcpkix Medium Vendor Manifest caller-allowable-codebase * Low Vendor Manifest codebase * Low Vendor Manifest extension-name org.bouncycastle.bcpkix Medium Vendor Manifest Implementation-Vendor BouncyCastle.org High Vendor Manifest Implementation-Vendor-Id org.bouncycastle Medium Vendor Manifest multi-release true Low Vendor Manifest originally-created-by 25.292-b10 (Private Build) Low Vendor Manifest permissions all-permissions Low Vendor Manifest specification-vendor BouncyCastle.org Low Vendor Manifest trusted-library true Low Vendor pom artifactid bcpkix-jdk15on Highest Vendor pom artifactid bcpkix-jdk15on Low Vendor pom developer email feedback-crypto@bouncycastle.org Low Vendor pom developer id feedback-crypto Medium Vendor pom developer name The Legion of the Bouncy Castle Inc. Medium Vendor pom groupid org.bouncycastle Highest Vendor pom name Bouncy Castle PKIX, CMS, EAC, TSP, PKCS, OCSP, CMP, and CRMF APIs High Vendor pom url https://www.bouncycastle.org/java.html Highest Product file name bcpkix-jdk15on High Product jar package name bouncycastle Highest Product jar package name cmp Highest Product jar package name cms Highest Product jar package name crmf Highest Product jar package name eac Highest Product jar package name ocsp Highest Product jar package name pkcs Highest Product jar package name pkix Highest Product jar package name tsp Highest Product Manifest application-library-allowable-codebase * Low Product Manifest application-name Bouncy Castle PKIX API Medium Product Manifest automatic-module-name org.bouncycastle.pkix Medium Product Manifest Bundle-Name bcpkix Medium Product Manifest bundle-requiredexecutionenvironment J2SE-1.5 Low Product Manifest bundle-symbolicname bcpkix Medium Product Manifest caller-allowable-codebase * Low Product Manifest codebase * Low Product Manifest extension-name org.bouncycastle.bcpkix Medium Product Manifest multi-release true Low Product Manifest originally-created-by 25.292-b10 (Private Build) Low Product Manifest permissions all-permissions Low Product Manifest trusted-library true Low Product pom artifactid bcpkix-jdk15on Highest Product pom developer email feedback-crypto@bouncycastle.org Low Product pom developer id feedback-crypto Low Product pom developer name The Legion of the Bouncy Castle Inc. Low Product pom groupid org.bouncycastle Highest Product pom name Bouncy Castle PKIX, CMS, EAC, TSP, PKCS, OCSP, CMP, and CRMF APIs High Product pom url https://www.bouncycastle.org/java.html Medium Version file version 1.70 High Version Manifest Bundle-Version 1.70 High Version pom version 1.70 Highest
pkg:maven/org.bouncycastle/bcpkix-jdk15on@1.70 (Confidence :High)cpe:2.3:a:bouncycastle:bouncy_castle_for_java:1.70:*:*:*:*:*:*:* (Confidence :Low) suppress cpe:2.3:a:bouncycastle:legion-of-the-bouncy-castle:1.70:*:*:*:*:*:*:* (Confidence :Low) suppress CVE-2023-33202 suppress
Bouncy Castle for Java before 1.73 contains a potential Denial of Service (DoS) issue within the Bouncy Castle org.bouncycastle.openssl.PEMParser class. This class parses OpenSSL PEM encoded streams containing X.509 certificates, PKCS8 encoded keys, and PKCS7 objects. Parsing a file that has crafted ASN.1 data through the PEMParser causes an OutOfMemoryError, which can enable a denial of service attack. (For users of the FIPS Java API: BC-FJA 1.0.2.3 and earlier are affected; BC-FJA 1.0.2.4 is fixed.) CWE-400 Uncontrolled Resource Consumption
CVSSv3:
Base Score: MEDIUM (5.5) Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H References:
Vulnerable Software & Versions:
bcprov-ext-jdk15on-1.70.jarDescription:
The Bouncy Castle Crypto package is a Java implementation of cryptographic algorithms. This jar contains JCE provider and lightweight API for the Bouncy Castle Cryptography APIs for JDK 1.5 and up. Note: this package includes the NTRU encryption algorithms. License:
Bouncy Castle Licence: https://www.bouncycastle.org/licence.html File Path: /var/simplicite/.m2/repository/org/bouncycastle/bcprov-ext-jdk15on/1.70/bcprov-ext-jdk15on-1.70.jar
MD5: b94196703cf09438fb33c5d083c42f55
SHA1: 373d425c5ecb4edc9e3e2f7f7ff39bc8eff4abbf
SHA256: 5d819f3b88597ec680c94151a0ba0a3afff0c0c1c999b5b065a67c998a3e3e1b
Referenced In Project/Scope: Simplicite Platform:compile
bcprov-ext-jdk15on-1.70.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.simplicite/simplicite@5.2.54
Evidence Type Source Name Value Confidence Vendor file name bcprov-ext-jdk15on High Vendor jar package name bouncycastle Highest Vendor jar package name crypto Highest Vendor jar package name jce Highest Vendor jar package name ntru Highest Vendor jar package name org Highest Vendor jar package name provider Highest Vendor Manifest application-library-allowable-codebase * Low Vendor Manifest application-name Bouncy Castle Provider Medium Vendor Manifest bundle-requiredexecutionenvironment J2SE-1.5 Low Vendor Manifest bundle-symbolicname bcprov-ext Medium Vendor Manifest caller-allowable-codebase * Low Vendor Manifest codebase * Low Vendor Manifest extension-name org.bouncycastle.bcproviderext Medium Vendor Manifest Implementation-Vendor BouncyCastle.org High Vendor Manifest Implementation-Vendor-Id org.bouncycastle Medium Vendor Manifest multi-release true Low Vendor Manifest originally-created-by 25.292-b10 (Private Build) Low Vendor Manifest permissions all-permissions Low Vendor Manifest specification-vendor BouncyCastle.org Low Vendor Manifest trusted-library true Low Vendor pom artifactid bcprov-ext-jdk15on Highest Vendor pom artifactid bcprov-ext-jdk15on Low Vendor pom developer email feedback-crypto@bouncycastle.org Low Vendor pom developer id feedback-crypto Medium Vendor pom developer name The Legion of the Bouncy Castle Inc. Medium Vendor pom groupid org.bouncycastle Highest Vendor pom name Bouncy Castle Provider High Vendor pom url https://www.bouncycastle.org/java.html Highest Product file name bcprov-ext-jdk15on High Product jar package name bouncycastle Highest Product jar package name crypto Highest Product jar package name jce Highest Product jar package name ntru Highest Product jar package name org Highest Product jar package name provider Highest Product Manifest application-library-allowable-codebase * Low Product Manifest application-name Bouncy Castle Provider Medium Product Manifest Bundle-Name bcprov-ext Medium Product Manifest bundle-requiredexecutionenvironment J2SE-1.5 Low Product Manifest bundle-symbolicname bcprov-ext Medium Product Manifest caller-allowable-codebase * Low Product Manifest codebase * Low Product Manifest extension-name org.bouncycastle.bcproviderext Medium Product Manifest multi-release true Low Product Manifest originally-created-by 25.292-b10 (Private Build) Low Product Manifest permissions all-permissions Low Product Manifest trusted-library true Low Product pom artifactid bcprov-ext-jdk15on Highest Product pom developer email feedback-crypto@bouncycastle.org Low Product pom developer id feedback-crypto Low Product pom developer name The Legion of the Bouncy Castle Inc. Low Product pom groupid org.bouncycastle Highest Product pom name Bouncy Castle Provider High Product pom url https://www.bouncycastle.org/java.html Medium Version file version 1.70 High Version Manifest Bundle-Version 1.70 High Version pom version 1.70 Highest
pkg:maven/org.bouncycastle/bcprov-ext-jdk15on@1.70 (Confidence :High)cpe:2.3:a:bouncycastle:bouncy_castle_for_java:1.70:*:*:*:*:*:*:* (Confidence :Low) suppress cpe:2.3:a:bouncycastle:legion-of-the-bouncy-castle:1.70:*:*:*:*:*:*:* (Confidence :Low) suppress CVE-2023-33202 suppress
Bouncy Castle for Java before 1.73 contains a potential Denial of Service (DoS) issue within the Bouncy Castle org.bouncycastle.openssl.PEMParser class. This class parses OpenSSL PEM encoded streams containing X.509 certificates, PKCS8 encoded keys, and PKCS7 objects. Parsing a file that has crafted ASN.1 data through the PEMParser causes an OutOfMemoryError, which can enable a denial of service attack. (For users of the FIPS Java API: BC-FJA 1.0.2.3 and earlier are affected; BC-FJA 1.0.2.4 is fixed.) CWE-400 Uncontrolled Resource Consumption
CVSSv3:
Base Score: MEDIUM (5.5) Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H References:
Vulnerable Software & Versions:
CVE-2023-33201 (OSSINDEX) suppress
Bouncy Castle For Java before 1.74 is affected by an LDAP injection vulnerability. The vulnerability only affects applications that use an LDAP CertStore from Bouncy Castle to validate X.509 certificates. During the certificate validation process, Bouncy Castle inserts the certificate's Subject Name into an LDAP search filter without any escaping, which leads to an LDAP injection vulnerability. CWE-295 Improper Certificate Validation
CVSSv2:
Base Score: MEDIUM (5.3) Vector: /AV:N/AC:L/Au:/C:L/I:N/A:N References:
Vulnerable Software & Versions (OSSINDEX):
cpe:2.3:a:org.bouncycastle:bcprov-ext-jdk15on:1.70:*:*:*:*:*:*:* bcprov-jdk15on-1.70.jarDescription:
The Bouncy Castle Crypto package is a Java implementation of cryptographic algorithms. This jar contains JCE provider and lightweight API for the Bouncy Castle Cryptography APIs for JDK 1.5 and up. License:
Bouncy Castle Licence: https://www.bouncycastle.org/licence.html File Path: /var/simplicite/.m2/repository/org/bouncycastle/bcprov-jdk15on/1.70/bcprov-jdk15on-1.70.jar
MD5: 1809d0449a6374279c01fdd3be26cd92
SHA1: 4636a0d01f74acaf28082fb62b317f1080118371
SHA256: 8f3c20e3e2d565d26f33e8d4857a37d0d7f8ac39b62a7026496fcab1bdac30d4
Referenced In Project/Scope: Simplicite Platform:compile
bcprov-jdk15on-1.70.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.bouncycastle/bcpkix-jdk15on@1.70
Evidence Type Source Name Value Confidence Vendor file name bcprov-jdk15on High Vendor jar package name bouncycastle Highest Vendor jar package name crypto Highest Vendor jar package name jce Highest Vendor jar package name org Highest Vendor jar package name provider Highest Vendor Manifest application-library-allowable-codebase * Low Vendor Manifest application-name Bouncy Castle Provider Medium Vendor Manifest automatic-module-name org.bouncycastle.provider Medium Vendor Manifest bundle-requiredexecutionenvironment J2SE-1.5 Low Vendor Manifest bundle-symbolicname bcprov Medium Vendor Manifest caller-allowable-codebase * Low Vendor Manifest codebase * Low Vendor Manifest extension-name org.bouncycastle.bcprovider Medium Vendor Manifest Implementation-Vendor BouncyCastle.org High Vendor Manifest Implementation-Vendor-Id org.bouncycastle Medium Vendor Manifest multi-release true Low Vendor Manifest originally-created-by 25.292-b10 (Private Build) Low Vendor Manifest permissions all-permissions Low Vendor Manifest specification-vendor BouncyCastle.org Low Vendor Manifest trusted-library true Low Vendor pom artifactid bcprov-jdk15on Highest Vendor pom artifactid bcprov-jdk15on Low Vendor pom developer email feedback-crypto@bouncycastle.org Low Vendor pom developer id feedback-crypto Medium Vendor pom developer name The Legion of the Bouncy Castle Inc. Medium Vendor pom groupid org.bouncycastle Highest Vendor pom name Bouncy Castle Provider High Vendor pom url https://www.bouncycastle.org/java.html Highest Product file name bcprov-jdk15on High Product hint analyzer product legion-of-the-bouncy-castle-java-crytography-api High Product hint analyzer product the_bouncy_castle_crypto_package_for_java High Product jar package name bouncycastle Highest Product jar package name crypto Highest Product jar package name jce Highest Product jar package name org Highest Product jar package name provider Highest Product Manifest application-library-allowable-codebase * Low Product Manifest application-name Bouncy Castle Provider Medium Product Manifest automatic-module-name org.bouncycastle.provider Medium Product Manifest Bundle-Name bcprov Medium Product Manifest bundle-requiredexecutionenvironment J2SE-1.5 Low Product Manifest bundle-symbolicname bcprov Medium Product Manifest caller-allowable-codebase * Low Product Manifest codebase * Low Product Manifest extension-name org.bouncycastle.bcprovider Medium Product Manifest multi-release true Low Product Manifest originally-created-by 25.292-b10 (Private Build) Low Product Manifest permissions all-permissions Low Product Manifest trusted-library true Low Product pom artifactid bcprov-jdk15on Highest Product pom developer email feedback-crypto@bouncycastle.org Low Product pom developer id feedback-crypto Low Product pom developer name The Legion of the Bouncy Castle Inc. Low Product pom groupid org.bouncycastle Highest Product pom name Bouncy Castle Provider High Product pom url https://www.bouncycastle.org/java.html Medium Version file version 1.70 High Version Manifest Bundle-Version 1.70 High Version pom version 1.70 Highest
pkg:maven/org.bouncycastle/bcprov-jdk15on@1.70 (Confidence :High)cpe:2.3:a:bouncycastle:bouncy-castle-crypto-package:1.70:*:*:*:*:*:*:* (Confidence :Low) suppress cpe:2.3:a:bouncycastle:bouncy_castle_crypto_package:1.70:*:*:*:*:*:*:* (Confidence :Low) suppress cpe:2.3:a:bouncycastle:bouncy_castle_for_java:1.70:*:*:*:*:*:*:* (Confidence :Low) suppress cpe:2.3:a:bouncycastle:legion-of-the-bouncy-castle:1.70:*:*:*:*:*:*:* (Confidence :Low) suppress cpe:2.3:a:bouncycastle:legion-of-the-bouncy-castle-java-crytography-api:1.70:*:*:*:*:*:*:* (Confidence :Low) suppress cpe:2.3:a:bouncycastle:the_bouncy_castle_crypto_package_for_java:1.70:*:*:*:*:*:*:* (Confidence :Low) suppress CVE-2023-33202 suppress
Bouncy Castle for Java before 1.73 contains a potential Denial of Service (DoS) issue within the Bouncy Castle org.bouncycastle.openssl.PEMParser class. This class parses OpenSSL PEM encoded streams containing X.509 certificates, PKCS8 encoded keys, and PKCS7 objects. Parsing a file that has crafted ASN.1 data through the PEMParser causes an OutOfMemoryError, which can enable a denial of service attack. (For users of the FIPS Java API: BC-FJA 1.0.2.3 and earlier are affected; BC-FJA 1.0.2.4 is fixed.) CWE-400 Uncontrolled Resource Consumption
CVSSv3:
Base Score: MEDIUM (5.5) Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H References:
Vulnerable Software & Versions:
CVE-2023-33201 (OSSINDEX) suppress
Bouncy Castle For Java before 1.74 is affected by an LDAP injection vulnerability. The vulnerability only affects applications that use an LDAP CertStore from Bouncy Castle to validate X.509 certificates. During the certificate validation process, Bouncy Castle inserts the certificate's Subject Name into an LDAP search filter without any escaping, which leads to an LDAP injection vulnerability. CWE-295 Improper Certificate Validation
CVSSv2:
Base Score: MEDIUM (5.3) Vector: /AV:N/AC:L/Au:/C:L/I:N/A:N References:
Vulnerable Software & Versions (OSSINDEX):
cpe:2.3:a:org.bouncycastle:bcprov-jdk15on:1.70:*:*:*:*:*:*:* bcutil-jdk15on-1.70.jarDescription:
The Bouncy Castle Java APIs for ASN.1 extension and utility APIs used to support bcpkix and bctls. This jar contains APIs for JDK 1.5 and up. License:
Bouncy Castle Licence: https://www.bouncycastle.org/licence.html File Path: /var/simplicite/.m2/repository/org/bouncycastle/bcutil-jdk15on/1.70/bcutil-jdk15on-1.70.jar
MD5: 805173dfb0891331dbe69d0e53371af4
SHA1: 54280e7195a7430d7911ded93fc01e07300b9526
SHA256: 52dc5551b0257666526c5095424567fed7dc7b00d2b1ba7bd52298411112b1d0
Referenced In Project/Scope: Simplicite Platform:compile
bcutil-jdk15on-1.70.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.simplicite/simplicite@5.2.54
Evidence Type Source Name Value Confidence Vendor file name bcutil-jdk15on High Vendor jar package name bouncycastle Highest Vendor Manifest application-library-allowable-codebase * Low Vendor Manifest application-name Bouncy Castle Utility APIs Medium Vendor Manifest automatic-module-name org.bouncycastle.util Medium Vendor Manifest bundle-requiredexecutionenvironment J2SE-1.5 Low Vendor Manifest bundle-symbolicname bcutil Medium Vendor Manifest caller-allowable-codebase * Low Vendor Manifest codebase * Low Vendor Manifest extension-name org.bouncycastle.bcutil Medium Vendor Manifest Implementation-Vendor BouncyCastle.org High Vendor Manifest Implementation-Vendor-Id org.bouncycastle Medium Vendor Manifest multi-release true Low Vendor Manifest originally-created-by 25.292-b10 (Private Build) Low Vendor Manifest permissions all-permissions Low Vendor Manifest specification-vendor BouncyCastle.org Low Vendor Manifest trusted-library true Low Vendor pom artifactid bcutil-jdk15on Highest Vendor pom artifactid bcutil-jdk15on Low Vendor pom developer email feedback-crypto@bouncycastle.org Low Vendor pom developer id feedback-crypto Medium Vendor pom developer name The Legion of the Bouncy Castle Inc. Medium Vendor pom groupid org.bouncycastle Highest Vendor pom name Bouncy Castle ASN.1 Extension and Utility APIs High Vendor pom url https://www.bouncycastle.org/java.html Highest Product file name bcutil-jdk15on High Product jar package name bouncycastle Highest Product Manifest application-library-allowable-codebase * Low Product Manifest application-name Bouncy Castle Utility APIs Medium Product Manifest automatic-module-name org.bouncycastle.util Medium Product Manifest Bundle-Name bcutil Medium Product Manifest bundle-requiredexecutionenvironment J2SE-1.5 Low Product Manifest bundle-symbolicname bcutil Medium Product Manifest caller-allowable-codebase * Low Product Manifest codebase * Low Product Manifest extension-name org.bouncycastle.bcutil Medium Product Manifest multi-release true Low Product Manifest originally-created-by 25.292-b10 (Private Build) Low Product Manifest permissions all-permissions Low Product Manifest trusted-library true Low Product pom artifactid bcutil-jdk15on Highest Product pom developer email feedback-crypto@bouncycastle.org Low Product pom developer id feedback-crypto Low Product pom developer name The Legion of the Bouncy Castle Inc. Low Product pom groupid org.bouncycastle Highest Product pom name Bouncy Castle ASN.1 Extension and Utility APIs High Product pom url https://www.bouncycastle.org/java.html Medium Version file version 1.70 High Version Manifest Bundle-Version 1.70 High Version pom version 1.70 Highest
pkg:maven/org.bouncycastle/bcutil-jdk15on@1.70 (Confidence :High)cpe:2.3:a:bouncycastle:bouncy_castle_for_java:1.70:*:*:*:*:*:*:* (Confidence :Low) suppress cpe:2.3:a:bouncycastle:legion-of-the-bouncy-castle:1.70:*:*:*:*:*:*:* (Confidence :Low) suppress CVE-2023-33202 suppress
Bouncy Castle for Java before 1.73 contains a potential Denial of Service (DoS) issue within the Bouncy Castle org.bouncycastle.openssl.PEMParser class. This class parses OpenSSL PEM encoded streams containing X.509 certificates, PKCS8 encoded keys, and PKCS7 objects. Parsing a file that has crafted ASN.1 data through the PEMParser causes an OutOfMemoryError, which can enable a denial of service attack. (For users of the FIPS Java API: BC-FJA 1.0.2.3 and earlier are affected; BC-FJA 1.0.2.4 is fixed.) CWE-400 Uncontrolled Resource Consumption
CVSSv3:
Base Score: MEDIUM (5.5) Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H References:
Vulnerable Software & Versions:
binary-extensions:2.2.0Description:
List of binary file extensions License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?is-binary-path:2.1.0/binary-extensions:^2.0.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/is-binary-path:2.1.0 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author.email sindresorhus@gmail.com Highest Vendor package.json author.name Sindre Sorhus Highest Vendor package.json author.url sindresorhus.com Highest Vendor package.json description List of binary file extensions Highest Vendor package.json name binary-extensions Highest Vendor package.json name binary-extensions_project Highest Product package.json name binary-extensions Highest Version package.json version 2.2.0 Highest
Related Dependencies binary-extensions:2.2.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?/binary-extensions:2.2.0 pkg:npm/binary-extensions@2.2.0 bl:4.1.0Description:
Buffer List: collect buffers and access with a standard readable Buffer interface, streamable too! License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?ora:5.4.1/bl:^4.1.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/ora:5.4.1 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json description Buffer List: collect buffers and access with a standard readable Buffer interface, streamable too! Highest Vendor package.json homepage https://github.com/rvagg/bl Highest Vendor package.json name bl Highest Vendor package.json name bl_project Highest Product package.json name bl Highest Version package.json version 4.1.0 Highest
Related Dependencies bl:4.1.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?/bl:4.1.0 pkg:npm/bl@4.1.0 bluebird:3.7.2Description:
Full featured Promises/A+ implementation with exceptionally good performance License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?jsdoc:4.0.2/bluebird:^3.7.2
Referenced In Projects/Scopes: simplicite-js:5.2.54/jsdoc:4.0.2 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author.email petka_antonov@hotmail.com Highest Vendor package.json author.name Petka Antonov Highest Vendor package.json author.url http://github.com/petkaantonov/ Highest Vendor package.json bugs.url http://github.com/petkaantonov/bluebird/issues Highest Vendor package.json description Full featured Promises/A+ implementation with exceptionally good performance Highest Vendor package.json homepage https://github.com/petkaantonov/bluebird Highest Vendor package.json name bluebird Highest Vendor package.json name bluebird_project Highest Product package.json name bluebird Highest Version package.json version 3.7.2 Highest
Related Dependencies bluebird:3.7.2File Path: /var/simplicite/simplicite-5.2/package-lock.json?/bluebird:3.7.2 pkg:npm/bluebird@3.7.2 boilerpipe-1.1.0.jarDescription:
The boilerpipe library provides algorithms to detect and remove the surplus "clutter" (boilerplate, templates) around the main textual content of a web page.
The library already provides specific strategies for common tasks (for example: news article extraction) and may also be easily extended for individual problem settings.
Extracting content is very fast (milliseconds), just needs the input document (no global or site-level information required) and is usually quite accurate.
Boilerpipe is a Java library written by Christian Kohlschütter. It is released under the Apache License 2.0.
The algorithms used by the library are based on (and extending) some concepts of the paper "Boilerplate Detection using Shallow Text Features" by Christian Kohlschütter et al., presented at WSDM 2010 -- The Third ACM International Conference on Web Search and Data Mining New York City, NY USA.
License:
Apache License 2.0 File Path: /var/simplicite/.m2/repository/de/l3s/boilerpipe/boilerpipe/1.1.0/boilerpipe-1.1.0.jar
MD5: 0616568083786d0f49e2cb07a5d09fe4
SHA1: f62cb75ed52455a9e68d1d05b84c500673340eb2
SHA256: 088203df4326c4dcc42cec1253a2b41e03dc8904984eae744543b48e2cc63846
Referenced In Project/Scope: Simplicite Platform:compile
boilerpipe-1.1.0.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.apache.tika/tika-parsers@1.27
Evidence Type Source Name Value Confidence Vendor file name boilerpipe High Vendor jar package name boilerpipe Highest Vendor jar package name boilerpipe Low Vendor jar package name de Highest Vendor jar package name de Low Vendor jar package name document Highest Vendor jar package name html Highest Vendor jar package name l3s Highest Vendor jar package name l3s Low Vendor pom artifactid boilerpipe Highest Vendor pom artifactid boilerpipe Low Vendor pom developer name Christian Kohlschütter Medium Vendor pom groupid de.l3s.boilerpipe Highest Vendor pom name Boilerpipe -- Boilerplate Removal and Fulltext Extraction from HTML pages High Vendor pom url http://code.google.com/p/boilerpipe/ Highest Product file name boilerpipe High Product jar package name boilerpipe Highest Product jar package name boilerpipe Low Product jar package name de Highest Product jar package name document Highest Product jar package name html Highest Product jar package name l3s Highest Product jar package name l3s Low Product pom artifactid boilerpipe Highest Product pom developer name Christian Kohlschütter Low Product pom groupid de.l3s.boilerpipe Highest Product pom name Boilerpipe -- Boilerplate Removal and Fulltext Extraction from HTML pages High Product pom url http://code.google.com/p/boilerpipe/ Medium Version file version 1.1.0 High Version pom version 1.1.0 Highest
bootbox:5.5.2Description:
Wrappers for JavaScript alert(), confirm(), prompt(), and other flexible dialogs using the Bootstrap framework License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/bootbox:5.5.2
Referenced In Project/Scope: simplicite-js:5.2.54
Evidence Type Source Name Value Confidence Vendor package.json author Nick Payne <nick@kurai.co.uk> Highest Vendor package.json description Wrappers for JavaScript alert(), confirm(), prompt(), and other flexible dialogs using the Bootstrap framework Highest Vendor package.json name bootbox Highest Vendor package.json name bootbox_project Highest Product package.json name bootbox Highest Version package.json version 5.5.2 Highest
CVE-2023-46998 (OSSINDEX) suppress
Cross Site Scripting vulnerability in BootBox Bootbox.js v.3.2 through 6.0 allows a remote attacker to execute arbitrary code via a crafted payload to alert(), confirm(), prompt() functions. CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVSSv2:
Base Score: MEDIUM (6.1) Vector: /AV:N/AC:L/Au:/C:L/I:L/A:N References:
Vulnerable Software & Versions (OSSINDEX):
cpe:2.3:a:*:bootbox:5.5.2:*:*:*:*:*:*:* GHSA-m4ch-4m5f-2gp6 (NPM) suppress
Cross Site Scripting vulnerability in BootBox Bootbox.js v.3.2 through 6.0 allows a remote attacker to execute arbitrary code via a crafted payload to alert(), confirm(), prompt() functions. CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVSSv3:
Base Score: MEDIUM (6.1) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Unscored:
References:
Vulnerable Software & Versions (NPM):
cpe:2.3:a:*:bootbox:\>\=3.2.0\<\=6.0.0:*:*:*:*:*:*:* GHSA-87mg-h5r3-hw88 (NPM) suppress
All version of `bootbox` are vulnerable to Cross-Site Scripting. The package does not sanitize user input in the provided dialog boxes, allowing attackers to inject HTML code and execute arbitrary JavaScript.
## Recommendation
Sanitize user input being passed to `bootbox` or consider using an alternative package. CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting'), CWE-64 Windows Shortcut Following (.LNK)
Unscored:
References:
Vulnerable Software & Versions (NPM):
cpe:2.3:a:*:bootbox:\<\=5.5.2:*:*:*:*:*:*:* bootstrap-datetimepicker:0.0.7File Path: /var/simplicite/simplicite-5.2/package-lock.json?simplicite-bootstrap-datetimepicker:1.0.6/bootstrap-datetimepicker:0.0.7Referenced In Projects/Scopes:
simplicite-js:5.2.54 simplicite-js:5.2.54/simplicite-bootstrap-datetimepicker:1.0.6 Evidence Type Source Name Value Confidence Vendor package.json name bootstrap-datetimepicker Highest Vendor package.json name bootstrap-datetimepicker_project Highest Product package.json name bootstrap-datetimepicker Highest Version package.json version 0.0.7 Highest
Related Dependencies bootstrap-datetimepicker:0.0.7File Path: /var/simplicite/simplicite-5.2/package-lock.json?/bootstrap-datetimepicker:0.0.7 pkg:npm/bootstrap-datetimepicker@0.0.7 bootstrap:4.6.0Description:
The most popular front-end framework for developing responsive, mobile first projects on the web. License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/bootstrap:4.6.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/bootbox:5.5.2 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author The Bootstrap Authors (https://github.com/twbs/bootstrap/graphs/contributors) Highest Vendor package.json bugs.url https://github.com/twbs/bootstrap/issues Highest Vendor package.json description The most popular front-end framework for developing responsive, mobile first projects on the web. Highest Vendor package.json homepage https://getbootstrap.com/ Highest Vendor package.json name bootstrap Highest Vendor package.json name bootstrap_project Highest Product package.json name bootstrap Highest Version package.json version 4.6.0 Highest
Related Dependencies bootstrap:4.6.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?bootbox:5.5.2/bootstrap:^4.4.0 pkg:npm/bootstrap@4.6.0 boxen:4.2.0Description:
Create boxes in the terminal License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?update-notifier:4.1.3/boxen:^4.2.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/update-notifier:6.0.2 simplicite-js:5.2.54/update-notifier:4.1.3 simplicite-js:5.2.54/update-notifier:5.1.0 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author.email sindresorhus@gmail.com Highest Vendor package.json author.name Sindre Sorhus Highest Vendor package.json author.url sindresorhus.com Highest Vendor package.json description Create boxes in the terminal Highest Vendor package.json name boxen Highest Vendor package.json name boxen_project Highest Product package.json name boxen Highest Version package.json version 4.2.0 Highest
Related Dependencies boxen:4.2.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?/boxen:4.2.0 pkg:npm/boxen@4.2.0 boxen:4.2.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?update-notifier:5.1.0/boxen:^5.0.0 pkg:npm/boxen@4.2.0 boxen:4.2.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?update-notifier:6.0.2/boxen:^7.0.0 pkg:npm/boxen@4.2.0 boxen:5.1.2File Path: /var/simplicite/simplicite-5.2/package-lock.json?/boxen:5.1.2 pkg:npm/boxen@5.1.2 boxen:7.1.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?/boxen:7.1.0 pkg:npm/boxen@7.1.0 brace-expansion:1.1.11Description:
Brace expansion as known from sh/bash License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?minimatch:3.1.2/brace-expansion:^1.1.7
Referenced In Projects/Scopes: simplicite-js:5.2.54/minimatch:3.0.8 simplicite-js:5.2.54/minimatch:9.0.3 simplicite-js:5.2.54 simplicite-js:5.2.54/minimatch:3.1.2 Evidence Type Source Name Value Confidence Vendor package.json author.email mail@juliangruber.com Highest Vendor package.json author.name Julian Gruber Highest Vendor package.json author.url http://juliangruber.com Highest Vendor package.json description Brace expansion as known from sh/bash Highest Vendor package.json homepage https://github.com/juliangruber/brace-expansion Highest Vendor package.json name brace-expansion Highest Vendor package.json name brace-expansion_project Highest Product package.json name brace-expansion Highest Version package.json version 1.1.11 Highest
Related Dependencies brace-expansion:1.1.11File Path: /var/simplicite/simplicite-5.2/package-lock.json?/brace-expansion:1.1.11 pkg:npm/brace-expansion@1.1.11 brace-expansion:1.1.11File Path: /var/simplicite/simplicite-5.2/package-lock.json?minimatch:3.0.8/brace-expansion:^1.1.7 pkg:npm/brace-expansion@1.1.11 brace-expansion:1.1.11File Path: /var/simplicite/simplicite-5.2/package-lock.json?minimatch:9.0.3/brace-expansion:^2.0.1 pkg:npm/brace-expansion@1.1.11 brace-expansion:2.0.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?/brace-expansion:2.0.1 pkg:npm/brace-expansion@2.0.1 braces:3.0.2Description:
Bash-like brace expansion, implemented in JavaScript. Safer than other brace expansion libs, with complete support for the Bash 4.3 braces specification, without sacrificing speed. License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?micromatch:4.0.5/braces:^3.0.2
Referenced In Projects/Scopes: simplicite-js:5.2.54/chokidar:3.5.3 simplicite-js:5.2.54 simplicite-js:5.2.54/micromatch:4.0.5 Evidence Type Source Name Value Confidence Vendor package.json author Jon Schlinkert (https://github.com/jonschlinkert) Highest Vendor package.json bugs.url https://github.com/micromatch/braces/issues Highest Vendor package.json description Bash-like brace expansion, implemented in JavaScript. Safer than other brace expansion libs, with complete support for the Bash 4.3 braces specification, without sacrificing speed. Highest Vendor package.json homepage https://github.com/micromatch/braces Highest Vendor package.json name braces Highest Vendor package.json name braces_project Highest Product package.json name braces Highest Version package.json version 3.0.2 Highest
Related Dependencies braces:3.0.2File Path: /var/simplicite/simplicite-5.2/package-lock.json?/braces:3.0.2 pkg:npm/braces@3.0.2 braces:3.0.2File Path: /var/simplicite/simplicite-5.2/package-lock.json?chokidar:3.5.3/braces:~3.0.2 pkg:npm/braces@3.0.2 browserslist:4.22.3Description:
Share target browsers between different front-end tools, like Autoprefixer, Stylelint and babel-env-preset License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?core-js-compat:3.35.1/browserslist:^4.22.2
Referenced In Projects/Scopes: simplicite-js:5.2.54/@babel/helper-compilation-targets:7.23.6 simplicite-js:5.2.54/core-js-compat:3.35.1 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author Andrey Sitnik <andrey@sitnik.ru> Highest Vendor package.json description Share target browsers between different front-end tools, like Autoprefixer, Stylelint and babel-env-preset Highest Vendor package.json name browserslist Highest Vendor package.json name browserslist_project Highest Product package.json name browserslist Highest Version package.json version 4.22.3 Highest
Related Dependencies browserslist:4.22.3File Path: /var/simplicite/simplicite-5.2/package-lock.json?/browserslist:4.22.3 pkg:npm/browserslist@4.22.3 browserslist:4.22.3File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/helper-compilation-targets:7.23.6/browserslist:^4.22.2 pkg:npm/browserslist@4.22.3 bson-3.12.12.jarDescription:
The BSON library License:
The Apache License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /var/simplicite/.m2/repository/org/mongodb/bson/3.12.12/bson-3.12.12.jar
MD5: e942910fb1444c0841a7e269b53c05af
SHA1: 1696b031f013389d1754379a064c73a893ba8453
SHA256: f926aae0055c051ccca6d17c0e0da36f17d49984a65c133687892a63a89cbfd4
Referenced In Project/Scope: Simplicite Platform:compile
bson-3.12.12.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.mongodb/mongodb-driver@3.12.12
Evidence Type Source Name Value Confidence Vendor file name bson High Vendor jar package name bson Highest Vendor Manifest automatic-module-name org.mongodb.bson Medium Vendor Manifest bundle-symbolicname org.mongodb.bson Medium Vendor pom artifactid bson Highest Vendor pom artifactid bson Low Vendor pom developer name Various Medium Vendor pom developer org MongoDB Medium Vendor pom groupid org.mongodb Highest Vendor pom name BSON High Vendor pom url https://bsonspec.org Highest Product file name bson High Product jar package name bson Highest Product Manifest automatic-module-name org.mongodb.bson Medium Product Manifest Bundle-Name bson Medium Product Manifest bundle-symbolicname org.mongodb.bson Medium Product pom artifactid bson Highest Product pom developer name Various Low Product pom developer org MongoDB Low Product pom groupid org.mongodb Highest Product pom name BSON High Product pom url https://bsonspec.org Medium Version file version 3.12.12 High Version Manifest build-version 3.12.12 Medium Version Manifest Bundle-Version 3.12.12 High Version pom version 3.12.12 Highest
buffer-from:1.1.2License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?source-map-support:0.5.21/buffer-from:^1.0.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/source-map-support:0.5.21 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json name buffer-from Highest Vendor package.json name buffer-from_project Highest Product package.json name buffer-from Highest Version package.json version 1.1.2 Highest
Related Dependencies buffer-from:1.1.2File Path: /var/simplicite/simplicite-5.2/package-lock.json?/buffer-from:1.1.2 pkg:npm/buffer-from@1.1.2 buffer:5.7.1Description:
Node.js Buffer API, for the browser License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/buffer:5.7.1
Referenced In Projects/Scopes: simplicite-js:5.2.54/bl:4.1.0 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author.email feross@feross.org Highest Vendor package.json author.name Feross Aboukhadijeh Highest Vendor package.json author.url https://feross.org Highest Vendor package.json bugs.url https://github.com/feross/buffer/issues Highest Vendor package.json description Node.js Buffer API, for the browser Highest Vendor package.json homepage https://github.com/feross/buffer Highest Vendor package.json name buffer Highest Vendor package.json name buffer_project Highest Product package.json name buffer Highest Version package.json version 5.7.1 Highest
Related Dependencies buffer:5.7.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?bl:4.1.0/buffer:^5.5.0 pkg:npm/buffer@5.7.1 buffer:6.0.3Description:
Node.js Buffer API, for the browser License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/buffer:6.0.3
Referenced In Projects/Scopes: simplicite-js:5.2.54/simplicite:3.0.1 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author.email feross@feross.org Highest Vendor package.json author.name Feross Aboukhadijeh Highest Vendor package.json author.url https://feross.org Highest Vendor package.json bugs.url https://github.com/feross/buffer/issues Highest Vendor package.json description Node.js Buffer API, for the browser Highest Vendor package.json homepage https://github.com/feross/buffer Highest Vendor package.json name buffer Highest Vendor package.json name buffer_project Highest Product package.json name buffer Highest Version package.json version 6.0.3 Highest
Related Dependencies buffer:6.0.3File Path: /var/simplicite/simplicite-5.2/package-lock.json?simplicite:3.0.1/buffer:^6.0.3 pkg:npm/buffer@6.0.3 builtin-modules:3.3.0Description:
List of the Node.js builtin modules License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?is-builtin-module:3.2.1/builtin-modules:^3.3.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/is-builtin-module:3.2.1 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author.email sindresorhus@gmail.com Highest Vendor package.json author.name Sindre Sorhus Highest Vendor package.json author.url https://sindresorhus.com Highest Vendor package.json description List of the Node.js builtin modules Highest Vendor package.json name builtin-modules Highest Vendor package.json name builtin-modules_project Highest Product package.json name builtin-modules Highest Version package.json version 3.3.0 Highest
Related Dependencies builtin-modules:3.3.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?/builtin-modules:3.3.0 pkg:npm/builtin-modules@3.3.0 builtins:5.0.1Description:
List of node.js builtin modules License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?validate-npm-package-name:5.0.0/builtins:^5.0.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/validate-npm-package-name:5.0.0 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json description List of node.js builtin modules Highest Vendor package.json name builtins Highest Vendor package.json name builtins_project Highest Product package.json name builtins Highest Version package.json version 5.0.1 Highest
Related Dependencies builtins:5.0.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?/builtins:5.0.1 pkg:npm/builtins@5.0.1 byte-buddy-1.12.9.jar (shaded: net.bytebuddy:byte-buddy-dep:1.12.9)Description:
Byte Buddy is a Java library for creating Java classes at run time.
This artifact is a build of Byte Buddy with a remaining dependency onto ASM.
You should never depend on this module without repackaging Byte Buddy and ASM into your own namespace.
File Path: /var/simplicite/.m2/repository/net/bytebuddy/byte-buddy/1.12.9/byte-buddy-1.12.9.jar/META-INF/maven/net.bytebuddy/byte-buddy-dep/pom.xmlMD5: f252b6a3ad73a2fe8b82d4e5e252b6e7SHA1: bd386dc86918b6f7769ad855aa2636b40b639c76SHA256: 71c523053fd9cd841080a5bc89a4740b49f5dedd648e8de0ab064456e3113c14Referenced In Project/Scope: Simplicite Platform:compile
Evidence Type Source Name Value Confidence Vendor pom artifactid byte-buddy-dep Low Vendor pom groupid net.bytebuddy Highest Vendor pom name Byte Buddy (with dependencies) High Vendor pom parent-artifactid byte-buddy-parent Low Product pom artifactid byte-buddy-dep Highest Product pom groupid net.bytebuddy Highest Product pom name Byte Buddy (with dependencies) High Product pom parent-artifactid byte-buddy-parent Medium Version pom version 1.12.9 Highest
byte-buddy-1.12.9.jarDescription:
Byte Buddy is a Java library for creating Java classes at run time.
This artifact is a build of Byte Buddy with all ASM dependencies repackaged into its own name space.
License:
https://www.apache.org/licenses/LICENSE-2.0.txt File Path: /var/simplicite/.m2/repository/net/bytebuddy/byte-buddy/1.12.9/byte-buddy-1.12.9.jar
MD5: a120a37aba17a10766b9bc869f90fd2b
SHA1: 424ded9ef3496b0d997ce066f2166a4f7ec7b07a
SHA256: e305b6b5bdf8602bc5012efaa50c96b0fb922a3c60308ee1af85605b74d82710
Referenced In Project/Scope: Simplicite Platform:compile
byte-buddy-1.12.9.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.mockito/mockito-core@4.5.1
Evidence Type Source Name Value Confidence Vendor file name byte-buddy High Vendor jar package name asm Highest Vendor jar package name build Highest Vendor jar package name bytebuddy Highest Vendor jar package name net Highest Vendor Manifest bundle-symbolicname net.bytebuddy.byte-buddy Medium Vendor Manifest multi-release true Low Vendor pom artifactid byte-buddy Highest Vendor pom artifactid byte-buddy Low Vendor pom groupid net.bytebuddy Highest Vendor pom name Byte Buddy (without dependencies) High Vendor pom parent-artifactid byte-buddy-parent Low Product file name byte-buddy High Product jar package name asm Highest Product jar package name build Highest Product jar package name bytebuddy Highest Product jar package name net Highest Product Manifest Bundle-Name Byte Buddy (without dependencies) Medium Product Manifest bundle-symbolicname net.bytebuddy.byte-buddy Medium Product Manifest multi-release true Low Product pom artifactid byte-buddy Highest Product pom groupid net.bytebuddy Highest Product pom name Byte Buddy (without dependencies) High Product pom parent-artifactid byte-buddy-parent Medium Version file version 1.12.9 High Version Manifest Bundle-Version 1.12.9 High Version pom version 1.12.9 Highest
byte-buddy-agent-1.12.9.jarDescription:
The Byte Buddy agent offers convenience for attaching an agent to the local or a remote VM. License:
https://www.apache.org/licenses/LICENSE-2.0.txt File Path: /var/simplicite/.m2/repository/net/bytebuddy/byte-buddy-agent/1.12.9/byte-buddy-agent-1.12.9.jar
MD5: cb4881cad7e1625aad4a59e333847a2a
SHA1: f58bf71d15e827fa47e9b37e63156b333e3389d3
SHA256: 5d62779f66436ef2130b470b7ecb6463c552fd411be757267034798a130bf5ed
Referenced In Project/Scope: Simplicite Platform:compile
byte-buddy-agent-1.12.9.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.mockito/mockito-core@4.5.1
Evidence Type Source Name Value Confidence Vendor file name byte-buddy-agent High Vendor jar package name agent Highest Vendor jar package name bytebuddy Highest Vendor jar package name net Highest Vendor Manifest bundle-symbolicname net.bytebuddy.byte-buddy-agent Medium Vendor Manifest can-redefine-classes true Low Vendor Manifest can-retransform-classes true Low Vendor Manifest can-set-native-method-prefix true Low Vendor Manifest multi-release true Low Vendor pom artifactid byte-buddy-agent Highest Vendor pom artifactid byte-buddy-agent Low Vendor pom groupid net.bytebuddy Highest Vendor pom name Byte Buddy agent High Vendor pom parent-artifactid byte-buddy-parent Low Product file name byte-buddy-agent High Product jar package name agent Highest Product jar package name bytebuddy Highest Product jar package name net Highest Product Manifest Bundle-Name Byte Buddy agent Medium Product Manifest bundle-symbolicname net.bytebuddy.byte-buddy-agent Medium Product Manifest can-redefine-classes true Low Product Manifest can-retransform-classes true Low Product Manifest can-set-native-method-prefix true Low Product Manifest multi-release true Low Product pom artifactid byte-buddy-agent Highest Product pom groupid net.bytebuddy Highest Product pom name Byte Buddy agent High Product pom parent-artifactid byte-buddy-parent Medium Version file version 1.12.9 High Version Manifest Bundle-Version 1.12.9 High Version pom version 1.12.9 Highest
byte-buddy-agent-1.12.9.jar: attach_hotspot_windows.dllFile Path: /var/simplicite/.m2/repository/net/bytebuddy/byte-buddy-agent/1.12.9/byte-buddy-agent-1.12.9.jar/win32-x86-64/attach_hotspot_windows.dllMD5: 053a783e5777c6a9867c27d51af89677SHA1: 5ef4d98ae6a033a5707d0b5466e6138beb337e76SHA256: 16d424423f9b09accf132ad35dbeaa52ac9f6bd45bba1406b89df851f651db20Referenced In Project/Scope: Simplicite Platform:compile
Evidence Type Source Name Value Confidence Vendor file name attach_hotspot_windows High Product file name attach_hotspot_windows High
byte-buddy-agent-1.12.9.jar: attach_hotspot_windows.dllFile Path: /var/simplicite/.m2/repository/net/bytebuddy/byte-buddy-agent/1.12.9/byte-buddy-agent-1.12.9.jar/win32-x86/attach_hotspot_windows.dllMD5: fbca33102ac97be0ed496c0f78e466b3SHA1: c4df05146a86a6d073769bb697d550ef42518ed5SHA256: 810f94c4a2f5ca1a072c19859f7954fed9aa3a1dcb0d601e92d2338793202e72Referenced In Project/Scope: Simplicite Platform:compile
Evidence Type Source Name Value Confidence Vendor file name attach_hotspot_windows High Product file name attach_hotspot_windows High
bzip2-0.9.1.jarDescription:
jbzip2 is a Java bzip2 compression/decompression library. It can be used as a replacement for the Apache CBZip2InputStream / CBZip2OutputStream classes. License:
MIT License (MIT): http://opensource.org/licenses/mit-license.php File Path: /var/simplicite/.m2/repository/org/itadaki/bzip2/0.9.1/bzip2-0.9.1.jar
MD5: ddd5eb3a035655cbbb536e9b86907a00
SHA1: 47ca95f71e3ccae756c4a24354d48069c58f475c
SHA256: 865a7a13dd33ef0388f675993adaf4c6f95632ba80d609d42e9d42e6343aae77
Referenced In Project/Scope: Simplicite Platform:compile
bzip2-0.9.1.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.apache.tika/tika-parsers@1.27
Evidence Type Source Name Value Confidence Vendor file name bzip2 High Vendor jar package name bzip2 Highest Vendor jar package name bzip2 Low Vendor jar package name itadaki Highest Vendor jar package name itadaki Low Vendor pom artifactid bzip2 Highest Vendor pom artifactid bzip2 Low Vendor pom groupid org.itadaki Highest Vendor pom name Itadaki jbzip2 High Vendor pom url https://code.google.com/p/jbzip2/ Highest Product file name bzip2 High Product jar package name bzip2 Highest Product jar package name bzip2 Low Product jar package name itadaki Highest Product pom artifactid bzip2 Highest Product pom groupid org.itadaki Highest Product pom name Itadaki jbzip2 High Product pom url https://code.google.com/p/jbzip2/ Medium Version file version 0.9.1 High Version pom version 0.9.1 Highest
c3p0-0.9.5.5.jarDescription:
a JDBC Connection pooling / Statement caching library License:
GNU Lesser General Public License, Version 2.1: http://www.gnu.org/licenses/lgpl-2.1.html
Eclipse Public License, Version 1.0: http://www.eclipse.org/org/documents/epl-v10.php File Path: /var/simplicite/.m2/repository/com/mchange/c3p0/0.9.5.5/c3p0-0.9.5.5.jar
MD5: 9fc982b4b179e44cec986ea86fe1bff7
SHA1: 37dfc3021e5589d65ff2ae0becf811510b87ab01
SHA256: 96cec5ddfe2f08b8407125d8228eb0392121e1bf2239ca621bb19228b67f741a
Referenced In Project/Scope: Simplicite Platform:compile
c3p0-0.9.5.5.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.simplicite/simplicite@5.2.54
Evidence Type Source Name Value Confidence Vendor file name c3p0 High Vendor jar package name c3p0 Highest Vendor jar package name mchange Highest Vendor jar package name v2 Highest Vendor Manifest extension-name com.mchange.v2.c3p0 Medium Vendor Manifest Implementation-Vendor Machinery For Change, Inc. High Vendor Manifest Implementation-Vendor-Id com.mchange Medium Vendor Manifest specification-vendor Machinery For Change, Inc. Low Vendor pom artifactid c3p0 Highest Vendor pom artifactid c3p0 Low Vendor pom developer email swaldman@mchange.com Low Vendor pom developer id swaldman Medium Vendor pom developer name Steve Waldman Medium Vendor pom groupid com.mchange Highest Vendor pom name c3p0 High Vendor pom url swaldman/c3p0 Highest Product file name c3p0 High Product jar package name c3p0 Highest Product jar package name mchange Highest Product jar package name v2 Highest Product Manifest extension-name com.mchange.v2.c3p0 Medium Product pom artifactid c3p0 Highest Product pom developer email swaldman@mchange.com Low Product pom developer id swaldman Low Product pom developer name Steve Waldman Low Product pom groupid com.mchange Highest Product pom name c3p0 High Product pom url swaldman/c3p0 High Version file version 0.9.5.5 High Version Manifest Implementation-Version 0.9.5.5 High Version pom version 0.9.5.5 Highest
cacache:17.1.3Description:
Fast, fault-tolerant, cross-platform, disk-based, data-agnostic, content-addressable cache. License:
ISC File Path: /var/simplicite/simplicite-5.2/package-lock.json?pacote:15.2.0/cacache:^17.0.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/make-fetch-happen:11.1.1 simplicite-js:5.2.54/pacote:15.2.0 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author GitHub Inc. Highest Vendor package.json description Fast, fault-tolerant, cross-platform, disk-based, data-agnostic, content-addressable cache. Highest Vendor package.json name cacache Highest Vendor package.json name cacache_project Highest Product package.json name cacache Highest Version package.json version 17.1.3 Highest
Related Dependencies cacache:17.1.3File Path: /var/simplicite/simplicite-5.2/package-lock.json?/cacache:17.1.3 pkg:npm/cacache@17.1.3 cacache:17.1.3File Path: /var/simplicite/simplicite-5.2/package-lock.json?make-fetch-happen:11.1.1/cacache:^17.0.0 pkg:npm/cacache@17.1.3 cacheable-lookup:7.0.0Description:
A cacheable dns.lookup(…) that respects TTL License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?got:13.0.0/cacheable-lookup:^7.0.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/got:12.6.1 simplicite-js:5.2.54 simplicite-js:5.2.54/got:13.0.0 Evidence Type Source Name Value Confidence Vendor package.json author Szymon Marczak Highest Vendor package.json bugs.url https://github.com/szmarczak/cacheable-lookup/issues Highest Vendor package.json description A cacheable dns.lookup(…) that respects TTL Highest Vendor package.json homepage https://github.com/szmarczak/cacheable-lookup#readme Highest Vendor package.json name cacheable-lookup Highest Vendor package.json name cacheable-lookup_project Highest Product package.json name cacheable-lookup Highest Version package.json version 7.0.0 Highest
Related Dependencies cacheable-lookup:7.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?/cacheable-lookup:7.0.0 pkg:npm/cacheable-lookup@7.0.0 cacheable-lookup:7.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?got:12.6.1/cacheable-lookup:^7.0.0 pkg:npm/cacheable-lookup@7.0.0 cacheable-request:10.2.12Description:
Wrap native HTTP requests with RFC compliant cache support License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?got:13.0.0/cacheable-request:^10.2.8
Referenced In Projects/Scopes: simplicite-js:5.2.54/got:12.6.1 simplicite-js:5.2.54/got:9.6.0 simplicite-js:5.2.54 simplicite-js:5.2.54/got:13.0.0 Evidence Type Source Name Value Confidence Vendor package.json author Jared Wray <me@jaredwray.com> (http://jaredwray.com) Highest Vendor package.json description Wrap native HTTP requests with RFC compliant cache support Highest Vendor package.json name cacheable-request Highest Vendor package.json name cacheable-request_project Highest Product package.json name cacheable-request Highest Version package.json version 10.2.12 Highest
Related Dependencies cacheable-request:10.2.12File Path: /var/simplicite/simplicite-5.2/package-lock.json?/cacheable-request:10.2.12 pkg:npm/cacheable-request@10.2.12 cacheable-request:10.2.12File Path: /var/simplicite/simplicite-5.2/package-lock.json?got:12.6.1/cacheable-request:^10.2.8 pkg:npm/cacheable-request@10.2.12 cacheable-request:10.2.12File Path: /var/simplicite/simplicite-5.2/package-lock.json?got:9.6.0/cacheable-request:^6.0.0 pkg:npm/cacheable-request@10.2.12 cacheable-request:6.1.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?/cacheable-request:6.1.0 pkg:npm/cacheable-request@6.1.0 caffeine-3.0.6.jarDescription:
A high performance caching library License:
Apache License, Version 2.0: https://www.apache.org/licenses/LICENSE-2.0.txt File Path: /var/simplicite/.m2/repository/com/github/ben-manes/caffeine/caffeine/3.0.6/caffeine-3.0.6.jar
MD5: b3db829baf2b527a737abf24aabfd27f
SHA1: e261a64f8f828eeadae139d8d0ff2a9b1224f4ef
SHA256: 0b1aabc3ba98c95d4f0a5376b006c4126a1a09e153826b9294c9c64c68ef7bcd
Referenced In Project/Scope: Simplicite Platform:compile
caffeine-3.0.6.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.simplicite/simplicite@5.2.54
Evidence Type Source Name Value Confidence Vendor file name caffeine High Vendor jar package name benmanes Highest Vendor jar package name cache Highest Vendor jar package name caffeine Highest Vendor jar package name github Highest Vendor Manifest automatic-module-name com.github.benmanes.caffeine Medium Vendor Manifest bundle-symbolicname com.github.ben-manes.caffeine Medium Vendor pom artifactid caffeine Highest Vendor pom artifactid caffeine Low Vendor pom developer email ben.manes@gmail.com Low Vendor pom developer id ben-manes Medium Vendor pom developer name Ben Manes Medium Vendor pom groupid com.github.ben-manes.caffeine Highest Vendor pom name Caffeine cache High Vendor pom url ben-manes/caffeine Highest Product file name caffeine High Product jar package name benmanes Highest Product jar package name cache Highest Product jar package name caffeine Highest Product jar package name github Highest Product Manifest automatic-module-name com.github.benmanes.caffeine Medium Product Manifest Bundle-Name com.github.ben-manes.caffeine Medium Product Manifest bundle-symbolicname com.github.ben-manes.caffeine Medium Product pom artifactid caffeine Highest Product pom developer email ben.manes@gmail.com Low Product pom developer id ben-manes Low Product pom developer name Ben Manes Low Product pom groupid com.github.ben-manes.caffeine Highest Product pom name Caffeine cache High Product pom url ben-manes/caffeine High Version file version 3.0.6 High Version Manifest Bundle-Version 3.0.6 High Version pom version 3.0.6 Highest
call-bind:1.0.2Description:
Robustly `.call.bind()` a function License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?which-typed-array:1.1.9/call-bind:^1.0.2
Referenced In Projects/Scopes: simplicite-js:5.2.54/function.prototype.name:1.1.5 simplicite-js:5.2.54/is-weakref:1.0.2 simplicite-js:5.2.54/safe-array-concat:1.0.0 simplicite-js:5.2.54/is-typed-array:1.1.10 simplicite-js:5.2.54/get-symbol-description:1.0.0 simplicite-js:5.2.54/object.getownpropertydescriptors:2.1.6 simplicite-js:5.2.54/safe-regex-test:1.0.0 simplicite-js:5.2.54/is-regex:1.1.4 simplicite-js:5.2.54/es-abstract:1.21.2 simplicite-js:5.2.54/side-channel:1.0.4 simplicite-js:5.2.54/string.prototype.trimend:1.0.6 simplicite-js:5.2.54/array.prototype.reduce:1.0.5 simplicite-js:5.2.54/regexp.prototype.flags:1.5.0 simplicite-js:5.2.54 simplicite-js:5.2.54/string.prototype.trimstart:1.0.6 simplicite-js:5.2.54/object.assign:4.1.4 simplicite-js:5.2.54/array-buffer-byte-length:1.0.0 simplicite-js:5.2.54/unbox-primitive:1.0.2 simplicite-js:5.2.54/is-array-buffer:3.0.2 simplicite-js:5.2.54/typed-array-length:1.0.4 simplicite-js:5.2.54/which-typed-array:1.1.9 simplicite-js:5.2.54/is-boolean-object:1.1.2 simplicite-js:5.2.54/string.prototype.trim:1.2.7 simplicite-js:5.2.54/is-shared-array-buffer:1.0.2 Evidence Type Source Name Value Confidence Vendor package.json author Jordan Harband <ljharb@gmail.com> Highest Vendor package.json bugs.url https://github.com/ljharb/call-bind/issues Highest Vendor package.json description Robustly `.call.bind()` a function Highest Vendor package.json homepage https://github.com/ljharb/call-bind#readme Highest Vendor package.json name call-bind Highest Vendor package.json name call-bind_project Highest Product package.json name call-bind Highest Version package.json version 1.0.2 Highest
Related Dependencies call-bind:1.0.2File Path: /var/simplicite/simplicite-5.2/package-lock.json?/call-bind:1.0.2 pkg:npm/call-bind@1.0.2 call-bind:1.0.2File Path: /var/simplicite/simplicite-5.2/package-lock.json?array-buffer-byte-length:1.0.0/call-bind:^1.0.2 pkg:npm/call-bind@1.0.2 call-bind:1.0.2File Path: /var/simplicite/simplicite-5.2/package-lock.json?array.prototype.reduce:1.0.5/call-bind:^1.0.2 pkg:npm/call-bind@1.0.2 call-bind:1.0.2File Path: /var/simplicite/simplicite-5.2/package-lock.json?es-abstract:1.21.2/call-bind:^1.0.2 pkg:npm/call-bind@1.0.2 call-bind:1.0.2File Path: /var/simplicite/simplicite-5.2/package-lock.json?function.prototype.name:1.1.5/call-bind:^1.0.2 pkg:npm/call-bind@1.0.2 call-bind:1.0.2File Path: /var/simplicite/simplicite-5.2/package-lock.json?get-symbol-description:1.0.0/call-bind:^1.0.2 pkg:npm/call-bind@1.0.2 call-bind:1.0.2File Path: /var/simplicite/simplicite-5.2/package-lock.json?is-array-buffer:3.0.2/call-bind:^1.0.2 pkg:npm/call-bind@1.0.2 call-bind:1.0.2File Path: /var/simplicite/simplicite-5.2/package-lock.json?is-boolean-object:1.1.2/call-bind:^1.0.2 pkg:npm/call-bind@1.0.2 call-bind:1.0.2File Path: /var/simplicite/simplicite-5.2/package-lock.json?is-regex:1.1.4/call-bind:^1.0.2 pkg:npm/call-bind@1.0.2 call-bind:1.0.2File Path: /var/simplicite/simplicite-5.2/package-lock.json?is-shared-array-buffer:1.0.2/call-bind:^1.0.2 pkg:npm/call-bind@1.0.2 call-bind:1.0.2File Path: /var/simplicite/simplicite-5.2/package-lock.json?is-typed-array:1.1.10/call-bind:^1.0.2 pkg:npm/call-bind@1.0.2 call-bind:1.0.2File Path: /var/simplicite/simplicite-5.2/package-lock.json?is-weakref:1.0.2/call-bind:^1.0.2 pkg:npm/call-bind@1.0.2 call-bind:1.0.2File Path: /var/simplicite/simplicite-5.2/package-lock.json?object.assign:4.1.4/call-bind:^1.0.2 pkg:npm/call-bind@1.0.2 call-bind:1.0.2File Path: /var/simplicite/simplicite-5.2/package-lock.json?object.getownpropertydescriptors:2.1.6/call-bind:^1.0.2 pkg:npm/call-bind@1.0.2 call-bind:1.0.2File Path: /var/simplicite/simplicite-5.2/package-lock.json?regexp.prototype.flags:1.5.0/call-bind:^1.0.2 pkg:npm/call-bind@1.0.2 call-bind:1.0.2File Path: /var/simplicite/simplicite-5.2/package-lock.json?safe-array-concat:1.0.0/call-bind:^1.0.2 pkg:npm/call-bind@1.0.2 call-bind:1.0.2File Path: /var/simplicite/simplicite-5.2/package-lock.json?safe-regex-test:1.0.0/call-bind:^1.0.2 pkg:npm/call-bind@1.0.2 call-bind:1.0.2File Path: /var/simplicite/simplicite-5.2/package-lock.json?side-channel:1.0.4/call-bind:^1.0.0 pkg:npm/call-bind@1.0.2 call-bind:1.0.2File Path: /var/simplicite/simplicite-5.2/package-lock.json?string.prototype.trim:1.2.7/call-bind:^1.0.2 pkg:npm/call-bind@1.0.2 call-bind:1.0.2File Path: /var/simplicite/simplicite-5.2/package-lock.json?string.prototype.trimend:1.0.6/call-bind:^1.0.2 pkg:npm/call-bind@1.0.2 call-bind:1.0.2File Path: /var/simplicite/simplicite-5.2/package-lock.json?string.prototype.trimstart:1.0.6/call-bind:^1.0.2 pkg:npm/call-bind@1.0.2 call-bind:1.0.2File Path: /var/simplicite/simplicite-5.2/package-lock.json?typed-array-length:1.0.4/call-bind:^1.0.2 pkg:npm/call-bind@1.0.2 call-bind:1.0.2File Path: /var/simplicite/simplicite-5.2/package-lock.json?unbox-primitive:1.0.2/call-bind:^1.0.2 pkg:npm/call-bind@1.0.2 callsite-record:4.1.5Description:
Create fancy log entries for errors and function call sites. License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?npm-check:6.0.1/callsite-record:^4.1.3
Referenced In Projects/Scopes: simplicite-js:5.2.54/npm-check:6.0.1 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author Ivan Nikulin (ifaaan@gmail.com) Highest Vendor package.json bugs.url https://github.com/inikulin/source-frame/issues Highest Vendor package.json description Create fancy log entries for errors and function call sites. Highest Vendor package.json homepage https://github.com/inikulin/source-frame#readme Highest Vendor package.json name callsite-record Highest Vendor package.json name callsite-record_project Highest Product package.json name callsite-record Highest Version package.json version 4.1.5 Highest
Related Dependencies callsite-record:4.1.5File Path: /var/simplicite/simplicite-5.2/package-lock.json?/callsite-record:4.1.5 pkg:npm/callsite-record@4.1.5 callsite:1.0.0Description:
access to v8's CallSites File Path: /var/simplicite/simplicite-5.2/package-lock.json?callsite-record:4.1.5/callsite:^1.0.0Referenced In Projects/Scopes:
simplicite-js:5.2.54/callsite-record:4.1.5 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author TJ Holowaychuk <tj@vision-media.ca> Highest Vendor package.json description access to v8's CallSites Highest Vendor package.json name callsite Highest Vendor package.json name callsite_project Highest Product package.json name callsite Highest Version package.json version 1.0.0 Highest
Related Dependencies callsite:1.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?/callsite:1.0.0 pkg:npm/callsite@1.0.0 callsites:3.1.0Description:
Get callsites from the V8 stack trace API License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?parent-module:1.0.1/callsites:^3.0.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/parent-module:1.0.1 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author.email sindresorhus@gmail.com Highest Vendor package.json author.name Sindre Sorhus Highest Vendor package.json author.url sindresorhus.com Highest Vendor package.json description Get callsites from the V8 stack trace API Highest Vendor package.json name callsites Highest Vendor package.json name callsites_project Highest Product package.json name callsites Highest Version package.json version 3.1.0 Highest
Related Dependencies callsites:3.1.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?/callsites:3.1.0 pkg:npm/callsites@3.1.0 camelcase-keys:6.2.2Description:
Convert object keys to camel case License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?meow:9.0.0/camelcase-keys:^6.2.2
Referenced In Projects/Scopes: simplicite-js:5.2.54/meow:9.0.0 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author.email sindresorhus@gmail.com Highest Vendor package.json author.name Sindre Sorhus Highest Vendor package.json author.url sindresorhus.com Highest Vendor package.json description Convert object keys to camel case Highest Vendor package.json name camelcase-keys Highest Vendor package.json name camelcase-keys_project Highest Product package.json name camelcase-keys Highest Version package.json version 6.2.2 Highest
Related Dependencies camelcase-keys:6.2.2File Path: /var/simplicite/simplicite-5.2/package-lock.json?/camelcase-keys:6.2.2 pkg:npm/camelcase-keys@6.2.2 camelcase:5.3.1Description:
Convert a dash/dot/underscore/space separated string to camelCase or PascalCase: `foo-bar` → `fooBar` License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/camelcase:5.3.1
Referenced In Projects/Scopes: simplicite-js:5.2.54/camelcase-keys:6.2.2 simplicite-js:5.2.54/boxen:4.2.0 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author.email sindresorhus@gmail.com Highest Vendor package.json author.name Sindre Sorhus Highest Vendor package.json author.url sindresorhus.com Highest Vendor package.json description Convert a dash/dot/underscore/space separated string to camelCase or PascalCase: `foo-bar` → `fooBar` Highest Vendor package.json name camelcase Highest Vendor package.json name camelcase_project Highest Product package.json name camelcase Highest Version package.json version 5.3.1 Highest
Related Dependencies camelcase:5.3.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?boxen:4.2.0/camelcase:^5.3.1 pkg:npm/camelcase@5.3.1 camelcase:5.3.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?camelcase-keys:6.2.2/camelcase:^5.3.1 pkg:npm/camelcase@5.3.1 camelcase:6.3.0Description:
Convert a dash/dot/underscore/space separated string to camelCase or PascalCase: `foo-bar` → `fooBar` License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?boxen:5.1.2/camelcase:^6.2.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/boxen:5.1.2 simplicite-js:5.2.54/boxen:7.1.0 simplicite-js:5.2.54 simplicite-js:5.2.54/depcheck:1.4.3 Evidence Type Source Name Value Confidence Vendor package.json author.email sindresorhus@gmail.com Highest Vendor package.json author.name Sindre Sorhus Highest Vendor package.json author.url https://sindresorhus.com Highest Vendor package.json description Convert a dash/dot/underscore/space separated string to camelCase or PascalCase: `foo-bar` → `fooBar` Highest Vendor package.json name camelcase Highest Vendor package.json name camelcase_project Highest Product package.json name camelcase Highest Version package.json version 6.3.0 Highest
Related Dependencies camelcase:6.3.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?/camelcase:6.3.0 pkg:npm/camelcase@6.3.0 camelcase:6.3.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?boxen:7.1.0/camelcase:^7.0.1 pkg:npm/camelcase@6.3.0 camelcase:6.3.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?depcheck:1.4.3/camelcase:^6.2.0 pkg:npm/camelcase@6.3.0 camelcase:7.0.1Description:
Convert a dash/dot/underscore/space separated string to camelCase or PascalCase: `foo-bar` → `fooBar` License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/camelcase:7.0.1
Referenced In Project/Scope: simplicite-js:5.2.54
Evidence Type Source Name Value Confidence Vendor package.json author.email sindresorhus@gmail.com Highest Vendor package.json author.name Sindre Sorhus Highest Vendor package.json author.url https://sindresorhus.com Highest Vendor package.json description Convert a dash/dot/underscore/space separated string to camelCase or PascalCase: `foo-bar` → `fooBar` Highest Vendor package.json name camelcase Highest Vendor package.json name camelcase_project Highest Product package.json name camelcase Highest Version package.json version 7.0.1 Highest
caniuse-lite:1.0.30001584Description:
A smaller version of caniuse-db, with only the essentials! License:
CC-BY-4.0 File Path: /var/simplicite/simplicite-5.2/package-lock.json?/caniuse-lite:1.0.30001584
Referenced In Projects/Scopes: simplicite-js:5.2.54/browserslist:4.22.3 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author.email beneb.info@gmail.com Highest Vendor package.json author.name Ben Briggs Highest Vendor package.json author.url http://beneb.info Highest Vendor package.json description A smaller version of caniuse-db, with only the essentials! Highest Vendor package.json name caniuse-lite Highest Vendor package.json name caniuse-lite_project Highest Product package.json name caniuse-lite Highest Version package.json version 1.0.30001584 Highest
Related Dependencies caniuse-lite:1.0.30001584File Path: /var/simplicite/simplicite-5.2/package-lock.json?browserslist:4.22.3/caniuse-lite:^1.0.30001580 pkg:npm/caniuse-lite@1.0.30001584 catharsis:0.9.0Description:
A JavaScript parser for Google Closure Compiler and JSDoc type expressions. License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?jsdoc:4.0.2/catharsis:^0.9.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/jsdoc:4.0.2 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author Jeff Williams <jeffrey.l.williams@gmail.com> Highest Vendor package.json bugs https://github.com/hegemonic/catharsis/issues Highest Vendor package.json description A JavaScript parser for Google Closure Compiler and JSDoc type expressions. Highest Vendor package.json name catharsis Highest Vendor package.json name catharsis_project Highest Product package.json name catharsis Highest Version package.json version 0.9.0 Highest
Related Dependencies catharsis:0.9.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?/catharsis:0.9.0 pkg:npm/catharsis@0.9.0 cdm-4.5.5.jarDescription:
The NetCDF-Java Library is a Java interface to NetCDF files,
as well as to many other types of scientific data formats.
File Path: /var/simplicite/.m2/repository/edu/ucar/cdm/4.5.5/cdm-4.5.5.jarMD5: 7770c86aabbd0ec5e12ed1f0600d5492SHA1: af1748a3d024069cb7fd3fc2591efe806c914589SHA256: 74ea183cda0f7aa06fae2f3cfa8c3c6c64d013ce8cb87bde4a06de6676eacfdbReferenced In Project/Scope: Simplicite Platform:compilecdm-4.5.5.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.apache.tika/tika-parsers@1.27
Evidence Type Source Name Value Confidence Vendor file name cdm High Vendor jar package name cdm Highest Vendor jar package name thredds Highest Vendor jar package name ucar Highest Vendor jar package name unidata Highest Vendor Manifest built-on 20150306.1537 Low Vendor Manifest Implementation-Vendor UCAR/Unidata High Vendor Manifest Implementation-Vendor-Id edu.ucar Medium Vendor pom artifactid cdm Highest Vendor pom artifactid cdm Low Vendor pom groupid edu.ucar Highest Vendor pom name CDM core library High Vendor pom parent-artifactid thredds-parent Low Vendor pom url http://www.unidata.ucar.edu/software/netcdf-java/documentation.htm Highest Product file name cdm High Product jar package name cdm Highest Product jar package name thredds Highest Product jar package name ucar Highest Product Manifest built-on 20150306.1537 Low Product Manifest Implementation-Title CDM core library High Product pom artifactid cdm Highest Product pom groupid edu.ucar Highest Product pom name CDM core library High Product pom parent-artifactid thredds-parent Medium Product pom url http://www.unidata.ucar.edu/software/netcdf-java/documentation.htm Medium Version file version 4.5.5 High Version Manifest Implementation-Version 4.5.5 High Version pom version 4.5.5 Highest
chalk:2.4.2Description:
Terminal string styling done right License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?highlight-es:1.0.3/chalk:^2.4.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/npm-audit-html:1.5.0 simplicite-js:5.2.54/npm-check:6.0.1 simplicite-js:5.2.54/update-notifier:5.1.0 simplicite-js:5.2.54/callsite-record:4.1.5 simplicite-js:5.2.54/npm-check-updates:16.14.14 simplicite-js:5.2.54 simplicite-js:5.2.54/log-symbols:4.1.0 simplicite-js:5.2.54/update-notifier:6.0.2 simplicite-js:5.2.54/eslint:8.56.0 simplicite-js:5.2.54/inquirer:7.3.3 simplicite-js:5.2.54/boxen:5.1.2 simplicite-js:5.2.54/@babel/highlight:7.23.4 simplicite-js:5.2.54/boxen:7.1.0 simplicite-js:5.2.54/highlight-es:1.0.3 simplicite-js:5.2.54/@babel/code-frame:7.23.5 Evidence Type Source Name Value Confidence Vendor package.json description Terminal string styling done right Highest Vendor package.json name chalk Highest Vendor package.json name chalk_project Highest Product package.json name chalk Highest Version package.json version 2.4.2 Highest
Related Dependencies chalk:2.4.2File Path: /var/simplicite/simplicite-5.2/package-lock.json?/chalk:2.4.2 pkg:npm/chalk@2.4.2 chalk:2.4.2File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/code-frame:7.23.5/chalk:^2.4.2 pkg:npm/chalk@2.4.2 chalk:2.4.2File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/highlight:7.23.4/chalk:^2.4.2 pkg:npm/chalk@2.4.2 chalk:2.4.2File Path: /var/simplicite/simplicite-5.2/package-lock.json?boxen:5.1.2/chalk:^4.1.0 pkg:npm/chalk@2.4.2 chalk:2.4.2File Path: /var/simplicite/simplicite-5.2/package-lock.json?boxen:7.1.0/chalk:^5.2.0 pkg:npm/chalk@2.4.2 chalk:2.4.2File Path: /var/simplicite/simplicite-5.2/package-lock.json?callsite-record:4.1.5/chalk:^2.4.0 pkg:npm/chalk@2.4.2 chalk:2.4.2File Path: /var/simplicite/simplicite-5.2/package-lock.json?update-notifier:5.1.0/chalk:^4.1.0 pkg:npm/chalk@2.4.2 chalk:2.4.2File Path: /var/simplicite/simplicite-5.2/package-lock.json?update-notifier:6.0.2/chalk:^5.0.1 pkg:npm/chalk@2.4.2 chalk:4.1.2File Path: /var/simplicite/simplicite-5.2/package-lock.json?/chalk:4.1.2 pkg:npm/chalk@4.1.2 chalk:4.1.2File Path: /var/simplicite/simplicite-5.2/package-lock.json?eslint:8.56.0/chalk:^4.0.0 pkg:npm/chalk@4.1.2 chalk:4.1.2File Path: /var/simplicite/simplicite-5.2/package-lock.json?inquirer:7.3.3/chalk:^4.1.0 pkg:npm/chalk@4.1.2 chalk:4.1.2File Path: /var/simplicite/simplicite-5.2/package-lock.json?log-symbols:4.1.0/chalk:^4.1.0 pkg:npm/chalk@4.1.2 chalk:4.1.2File Path: /var/simplicite/simplicite-5.2/package-lock.json?npm-audit-html:1.5.0/chalk:^4.1.0 pkg:npm/chalk@4.1.2 chalk:4.1.2File Path: /var/simplicite/simplicite-5.2/package-lock.json?npm-check:6.0.1/chalk:^4.1.0 pkg:npm/chalk@4.1.2 chalk:5.3.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?/chalk:5.3.0 pkg:npm/chalk@5.3.0 chalk:5.3.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?npm-check-updates:16.14.14/chalk:^5.3.0 pkg:npm/chalk@5.3.0 chalk:3.0.0Description:
Terminal string styling done right License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/chalk:3.0.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/update-notifier:4.1.3 simplicite-js:5.2.54/boxen:4.2.0 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json description Terminal string styling done right Highest Vendor package.json name chalk Highest Vendor package.json name chalk_project Highest Product package.json name chalk Highest Version package.json version 3.0.0 Highest
Related Dependencies chalk:3.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?boxen:4.2.0/chalk:^3.0.0 pkg:npm/chalk@3.0.0 chalk:3.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?update-notifier:4.1.3/chalk:^3.0.0 pkg:npm/chalk@3.0.0 chalk:4.1.2Description:
Terminal string styling done right License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/chalk:4.1.2
Referenced In Projects/Scopes: simplicite-js:5.2.54/ora:5.4.1 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json description Terminal string styling done right Highest Vendor package.json name chalk Highest Vendor package.json name chalk_project Highest Product package.json name chalk Highest Version package.json version 4.1.2 Highest
Related Dependencies chalk:4.1.2File Path: /var/simplicite/simplicite-5.2/package-lock.json?ora:5.4.1/chalk:^4.1.0 pkg:npm/chalk@4.1.2 chardet:0.7.0Description:
Character detector License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?external-editor:3.1.0/chardet:^0.7.0
Referenced In Projects/Scopes: simplicite-js:5.2.54 simplicite-js:5.2.54/external-editor:3.1.0 Evidence Type Source Name Value Confidence Vendor package.json author Dmitry Shirokov <deadrunk@gmail.com> Highest Vendor package.json bugs.mail deadrunk@gmail.com Highest Vendor package.json bugs.url http://github.com/runk/node-chardet/issues Highest Vendor package.json description Character detector Highest Vendor package.json homepage https://github.com/runk/node-chardet Highest Vendor package.json name chardet Highest Vendor package.json name chardet_project Highest Product package.json name chardet Highest Version package.json version 0.7.0 Highest
Related Dependencies chardet:0.7.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?/chardet:0.7.0 pkg:npm/chardet@0.7.0 chart.js:2.9.4Description:
Simple HTML5 charts using the canvas element. License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/chart.js:2.9.4
Referenced In Project/Scope: simplicite-js:5.2.54
Evidence Type Source Name Value Confidence Vendor package.json bugs.url https://github.com/chartjs/Chart.js/issues Highest Vendor package.json description Simple HTML5 charts using the canvas element. Highest Vendor package.json homepage https://www.chartjs.org Highest Vendor package.json name chart.js Highest Vendor package.json name chart.js_project Highest Product package.json name chart.js Highest Version package.json version 2.9.4 Highest
chartjs-color-string:0.6.0Description:
Parser and generator for CSS color strings License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/chartjs-color-string:0.6.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/chartjs-color:2.4.1 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author Heather Arthur <fayearthur@gmail.com> Highest Vendor package.json description Parser and generator for CSS color strings Highest Vendor package.json name chartjs-color-string Highest Vendor package.json name chartjs-color-string_project Highest Product package.json name chartjs-color-string Highest Version package.json version 0.6.0 Highest
Related Dependencies chartjs-color-string:0.6.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?chartjs-color:2.4.1/chartjs-color-string:^0.6.0 pkg:npm/chartjs-color-string@0.6.0 chartjs-color:2.4.1Description:
Color conversion and manipulation with CSS string support License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/chartjs-color:2.4.1
Referenced In Projects/Scopes: simplicite-js:5.2.54/chart.js:2.9.4 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json description Color conversion and manipulation with CSS string support Highest Vendor package.json name chartjs-color Highest Vendor package.json name chartjs-color_project Highest Product package.json name chartjs-color Highest Version package.json version 2.4.1 Highest
Related Dependencies chartjs-color:2.4.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?chart.js:2.9.4/chartjs-color:^2.1.0 pkg:npm/chartjs-color@2.4.1 checker-compat-qual-2.5.5.jarDescription:
Checker Qual is the set of annotations (qualifiers) and supporting classes
used by the Checker Framework to type check Java source code. Please
see artifact:
org.checkerframework:checker
License:
GNU General Public License, version 2 (GPL2), with the classpath exception: http://www.gnu.org/software/classpath/license.html
The MIT License: http://opensource.org/licenses/MIT File Path: /var/simplicite/.m2/repository/org/checkerframework/checker-compat-qual/2.5.5/checker-compat-qual-2.5.5.jar
MD5: b7a5c96547fb3fb6869f5f76bcd19b15
SHA1: 435dc33e3019c9f019e15f01aa111de9d6b2b79c
SHA256: 11d134b245e9cacc474514d2d66b5b8618f8039a1465cdc55bbc0b34e0008b7a
Referenced In Project/Scope: Simplicite Platform:compile
checker-compat-qual-2.5.5.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.google.firebase/firebase-admin@8.0.1
Evidence Type Source Name Value Confidence Vendor file name checker-compat-qual High Vendor jar package name checker Highest Vendor jar package name checkerframework Highest Vendor Manifest automatic-module-name org.checkerframework.checker.qual Medium Vendor Manifest implementation-url https://checkerframework.org Low Vendor pom artifactid checker-compat-qual Highest Vendor pom artifactid checker-compat-qual Low Vendor pom developer email mernst@cs.washington.edu Low Vendor pom developer email smillst@cs.washington.edu Low Vendor pom developer email wdietl@uwaterloo.ca Low Vendor pom developer id Michael Ernst <mernst@cs.washington.edu> Medium Vendor pom developer id Suzanne Millstein <smillst@cs.washington.edu> Medium Vendor pom developer id wmdietl Medium Vendor pom developer name Michael Ernst Medium Vendor pom developer name Suzanne Millstein Medium Vendor pom developer name Werner M. Dietl Medium Vendor pom developer org University of Washington Medium Vendor pom developer org University of Washington PLSE Group Medium Vendor pom developer org University of Waterloo Medium Vendor pom developer org URL http://uwaterloo.ca/ Medium Vendor pom developer org URL https://www.cs.washington.edu/ Medium Vendor pom developer org URL https://www.cs.washington.edu/research/plse/ Medium Vendor pom groupid org.checkerframework Highest Vendor pom name Checker Qual High Vendor pom url https://checkerframework.org Highest Product file name checker-compat-qual High Product jar package name checker Highest Product jar package name checkerframework Highest Product Manifest automatic-module-name org.checkerframework.checker.qual Medium Product Manifest implementation-url https://checkerframework.org Low Product pom artifactid checker-compat-qual Highest Product pom developer email mernst@cs.washington.edu Low Product pom developer email smillst@cs.washington.edu Low Product pom developer email wdietl@uwaterloo.ca Low Product pom developer id Michael Ernst <mernst@cs.washington.edu> Low Product pom developer id Suzanne Millstein <smillst@cs.washington.edu> Low Product pom developer id wmdietl Low Product pom developer name Michael Ernst Low Product pom developer name Suzanne Millstein Low Product pom developer name Werner M. Dietl Low Product pom developer org University of Washington Low Product pom developer org University of Washington PLSE Group Low Product pom developer org University of Waterloo Low Product pom developer org URL http://uwaterloo.ca/ Low Product pom developer org URL https://www.cs.washington.edu/ Low Product pom developer org URL https://www.cs.washington.edu/research/plse/ Low Product pom groupid org.checkerframework Highest Product pom name Checker Qual High Product pom url https://checkerframework.org Medium Version file version 2.5.5 High Version Manifest Implementation-Version 2.5.5 High Version pom version 2.5.5 Highest
checker-qual-3.18.0.jarDescription:
checker-qual contains annotations (type qualifiers) that a programmer
writes to specify Java code for type-checking by the Checker Framework.
License:
The MIT License: http://opensource.org/licenses/MIT File Path: /var/simplicite/.m2/repository/org/checkerframework/checker-qual/3.18.0/checker-qual-3.18.0.jar
MD5: abc64881dec789241c89d9e1738fde98
SHA1: 7d1ffd35973fa4c94c3aebf187a26cf0b4350281
SHA256: 99d4491b3a8b810641eb2fd7d96b2869e8ca8c05b5ae2cf4bc030f65bb12c3a1
Referenced In Project/Scope: Simplicite Platform:compile
checker-qual-3.18.0.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.simplicite/simplicite@5.2.54
Evidence Type Source Name Value Confidence Vendor file name checker-qual High Vendor jar package name checker Highest Vendor jar package name checkerframework Highest Vendor jar package name framework Highest Vendor jar package name qual Highest Vendor Manifest automatic-module-name org.checkerframework.checker.qual Medium Vendor Manifest bundle-symbolicname checker-qual Medium Vendor Manifest implementation-url https://checkerframework.org Low Vendor pom artifactid checker-qual Highest Vendor pom artifactid checker-qual Low Vendor pom developer email mernst@cs.washington.edu Low Vendor pom developer email smillst@cs.washington.edu Low Vendor pom developer id mernst Medium Vendor pom developer id smillst Medium Vendor pom developer name Michael Ernst Medium Vendor pom developer name Suzanne Millstein Medium Vendor pom developer org University of Washington Medium Vendor pom developer org URL https://www.cs.washington.edu/ Medium Vendor pom groupid org.checkerframework Highest Vendor pom name Checker Qual High Vendor pom url https://checkerframework.org Highest Product file name checker-qual High Product jar package name checker Highest Product jar package name checkerframework Highest Product jar package name framework Highest Product jar package name qual Highest Product Manifest automatic-module-name org.checkerframework.checker.qual Medium Product Manifest Bundle-Name checker-qual Medium Product Manifest bundle-symbolicname checker-qual Medium Product Manifest implementation-url https://checkerframework.org Low Product pom artifactid checker-qual Highest Product pom developer email mernst@cs.washington.edu Low Product pom developer email smillst@cs.washington.edu Low Product pom developer id mernst Low Product pom developer id smillst Low Product pom developer name Michael Ernst Low Product pom developer name Suzanne Millstein Low Product pom developer org University of Washington Low Product pom developer org URL https://www.cs.washington.edu/ Low Product pom groupid org.checkerframework Highest Product pom name Checker Qual High Product pom url https://checkerframework.org Medium Version file version 3.18.0 High Version Manifest Bundle-Version 3.18.0 High Version Manifest Implementation-Version 3.18.0 High Version pom version 3.18.0 Highest
chokidar:3.5.3Description:
Minimal and efficient cross-platform file watching library License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?sass:1.63.6/chokidar:>=3.0.0 <4.0.0
Referenced In Projects/Scopes: simplicite-js:5.2.54 simplicite-js:5.2.54/sass:1.63.6 Evidence Type Source Name Value Confidence Vendor package.json author Paul Miller (https://paulmillr.com) Highest Vendor package.json bugs.url https://github.com/paulmillr/chokidar/issues Highest Vendor package.json description Minimal and efficient cross-platform file watching library Highest Vendor package.json homepage https://github.com/paulmillr/chokidar Highest Vendor package.json name chokidar Highest Vendor package.json name chokidar_project Highest Product package.json name chokidar Highest Version package.json version 3.5.3 Highest
Related Dependencies chokidar:3.5.3File Path: /var/simplicite/simplicite-5.2/package-lock.json?/chokidar:3.5.3 pkg:npm/chokidar@3.5.3 chownr:2.0.0Description:
like `chown -R` License:
ISC File Path: /var/simplicite/simplicite-5.2/package-lock.json?tar:6.1.15/chownr:^2.0.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/tar:6.1.15 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author Isaac Z. Schlueter <i@izs.me> (http://blog.izs.me/) Highest Vendor package.json description like `chown -R` Highest Vendor package.json name chownr Highest Vendor package.json name chownr_project Highest Product package.json name chownr Highest Version package.json version 2.0.0 Highest
Related Dependencies chownr:2.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?/chownr:2.0.0 pkg:npm/chownr@2.0.0 ci-info:2.0.0Description:
Get details about the current Continuous Integration environment License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?is-ci:2.0.0/ci-info:^2.0.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/is-ci:2.0.0 simplicite-js:5.2.54 simplicite-js:5.2.54/is-ci:3.0.1 Evidence Type Source Name Value Confidence Vendor package.json author Thomas Watson Steen <w@tson.dk> (https://twitter.com/wa7son) Highest Vendor package.json bugs.url https://github.com/watson/ci-info/issues Highest Vendor package.json description Get details about the current Continuous Integration environment Highest Vendor package.json homepage https://github.com/watson/ci-info Highest Vendor package.json name ci-info Highest Vendor package.json name ci-info_project Highest Product package.json name ci-info Highest Version package.json version 2.0.0 Highest
Related Dependencies ci-info:2.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?/ci-info:2.0.0 pkg:npm/ci-info@2.0.0 ci-info:2.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?is-ci:3.0.1/ci-info:^3.2.0 pkg:npm/ci-info@2.0.0 ci-info:3.8.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?/ci-info:3.8.0 pkg:npm/ci-info@3.8.0 clean-stack:2.2.0Description:
Clean up error stack traces License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/clean-stack:2.2.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/aggregate-error:3.1.0 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author.email sindresorhus@gmail.com Highest Vendor package.json author.name Sindre Sorhus Highest Vendor package.json author.url sindresorhus.com Highest Vendor package.json description Clean up error stack traces Highest Vendor package.json name clean-stack Highest Vendor package.json name clean-stack_project Highest Product package.json name clean-stack Highest Version package.json version 2.2.0 Highest
Related Dependencies clean-stack:2.2.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?aggregate-error:3.1.0/clean-stack:^2.0.0 pkg:npm/clean-stack@2.2.0 cli-boxes:2.2.1Description:
Boxes for use in the terminal License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?boxen:5.1.2/cli-boxes:^2.2.1
Referenced In Projects/Scopes: simplicite-js:5.2.54/boxen:5.1.2 simplicite-js:5.2.54/boxen:4.2.0 simplicite-js:5.2.54/boxen:7.1.0 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author.email sindresorhus@gmail.com Highest Vendor package.json author.name Sindre Sorhus Highest Vendor package.json author.url https://sindresorhus.com Highest Vendor package.json description Boxes for use in the terminal Highest Vendor package.json name cli-boxes Highest Vendor package.json name cli-boxes_project Highest Product package.json name cli-boxes Highest Version package.json version 2.2.1 Highest
Related Dependencies cli-boxes:2.2.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?/cli-boxes:2.2.1 pkg:npm/cli-boxes@2.2.1 cli-boxes:2.2.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?boxen:4.2.0/cli-boxes:^2.2.0 pkg:npm/cli-boxes@2.2.1 cli-boxes:2.2.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?boxen:7.1.0/cli-boxes:^3.0.0 pkg:npm/cli-boxes@2.2.1 cli-boxes:3.0.0Description:
Boxes for use in the terminal License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/cli-boxes:3.0.0
Referenced In Project/Scope: simplicite-js:5.2.54
Evidence Type Source Name Value Confidence Vendor package.json author.email sindresorhus@gmail.com Highest Vendor package.json author.name Sindre Sorhus Highest Vendor package.json author.url https://sindresorhus.com Highest Vendor package.json description Boxes for use in the terminal Highest Vendor package.json name cli-boxes Highest Vendor package.json name cli-boxes_project Highest Product package.json name cli-boxes Highest Version package.json version 3.0.0 Highest
cli-cursor:3.1.0Description:
Toggle the CLI cursor License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?ora:5.4.1/cli-cursor:^3.1.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/inquirer:7.3.3 simplicite-js:5.2.54/ora:5.4.1 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author.email sindresorhus@gmail.com Highest Vendor package.json author.name Sindre Sorhus Highest Vendor package.json author.url sindresorhus.com Highest Vendor package.json description Toggle the CLI cursor Highest Vendor package.json name cli-cursor Highest Vendor package.json name cli-cursor_project Highest Product package.json name cli-cursor Highest Version package.json version 3.1.0 Highest
Related Dependencies cli-cursor:3.1.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?/cli-cursor:3.1.0 pkg:npm/cli-cursor@3.1.0 cli-cursor:3.1.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?inquirer:7.3.3/cli-cursor:^3.1.0 pkg:npm/cli-cursor@3.1.0 cli-spinners:2.9.0Description:
Spinners for use in the terminal License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?ora:5.4.1/cli-spinners:^2.5.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/ora:5.4.1 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author.email sindresorhus@gmail.com Highest Vendor package.json author.name Sindre Sorhus Highest Vendor package.json author.url https://sindresorhus.com Highest Vendor package.json description Spinners for use in the terminal Highest Vendor package.json name cli-spinners Highest Vendor package.json name cli-spinners_project Highest Product package.json name cli-spinners Highest Version package.json version 2.9.0 Highest
Related Dependencies cli-spinners:2.9.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?/cli-spinners:2.9.0 pkg:npm/cli-spinners@2.9.0 cli-table3:0.6.3Description:
Pretty unicode tables for the command line. Based on the original cli-table. License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?npm-check-updates:16.14.14/cli-table3:^0.6.3
Referenced In Projects/Scopes: simplicite-js:5.2.54/npm-check-updates:16.14.14 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author James Talmage Highest Vendor package.json bugs.url https://github.com/cli-table/cli-table3/issues Highest Vendor package.json description Pretty unicode tables for the command line. Based on the original cli-table. Highest Vendor package.json homepage https://github.com/cli-table/cli-table3 Highest Vendor package.json name cli-table3 Highest Vendor package.json name cli-table3_project Highest Product package.json name cli-table3 Highest Version package.json version 0.6.3 Highest
Related Dependencies cli-table3:0.6.3File Path: /var/simplicite/simplicite-5.2/package-lock.json?/cli-table3:0.6.3 pkg:npm/cli-table3@0.6.3 cli-width:3.0.0Description:
Get stdout window width, with two fallbacks, tty and then a default. License:
ISC File Path: /var/simplicite/simplicite-5.2/package-lock.json?inquirer:7.3.3/cli-width:^3.0.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/inquirer:7.3.3 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author Ilya Radchenko <knownasilya@gmail.com> Highest Vendor package.json bugs.url https://github.com/knownasilya/cli-width/issues Highest Vendor package.json description Get stdout window width, with two fallbacks, tty and then a default. Highest Vendor package.json homepage https://github.com/knownasilya/cli-width Highest Vendor package.json name cli-width Highest Vendor package.json name cli-width_project Highest Product package.json name cli-width Highest Version package.json version 3.0.0 Highest
Related Dependencies cli-width:3.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?/cli-width:3.0.0 pkg:npm/cli-width@3.0.0 cli:1.0.1Description:
A tool for rapidly building command line apps License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?jshint:2.13.1/cli:~1.0.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/jshint:2.13.1 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author Chris O'Hara <cohara87@gmail.com> Highest Vendor package.json bugs.mail cohara87@gmail.com Highest Vendor package.json bugs.url http://github.com/node-js-libs/cli/issues Highest Vendor package.json description A tool for rapidly building command line apps Highest Vendor package.json homepage http://github.com/node-js-libs/cli Highest Vendor package.json name cli Highest Vendor package.json name cli_project Highest Product package.json name cli Highest Version package.json version 1.0.1 Highest
Related Dependencies cli:1.0.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?/cli:1.0.1 pkg:npm/cli@1.0.1 cliui:7.0.4Description:
easily create complex multi-column command-line-interfaces License:
ISC File Path: /var/simplicite/simplicite-5.2/package-lock.json?yargs:16.2.0/cliui:^7.0.2
Referenced In Projects/Scopes: simplicite-js:5.2.54/yargs:16.2.0 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author Ben Coe <ben@npmjs.com> Highest Vendor package.json description easily create complex multi-column command-line-interfaces Highest Vendor package.json name cliui Highest Vendor package.json name cliui_project Highest Product package.json name cliui Highest Version package.json version 7.0.4 Highest
Related Dependencies cliui:7.0.4File Path: /var/simplicite/simplicite-5.2/package-lock.json?/cliui:7.0.4 pkg:npm/cliui@7.0.4 clone-deep:4.0.1Description:
Recursively (deep) clone JavaScript native types, like Object, Array, RegExp, Date as well as primitives. License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/clone-deep:4.0.1
Referenced In Projects/Scopes: simplicite-js:5.2.54 simplicite-js:5.2.54/@babel/register:7.23.7 Evidence Type Source Name Value Confidence Vendor package.json author Jon Schlinkert (https://github.com/jonschlinkert) Highest Vendor package.json bugs.url https://github.com/jonschlinkert/clone-deep/issues Highest Vendor package.json description Recursively (deep) clone JavaScript native types, like Object, Array, RegExp, Date as well as primitives. Highest Vendor package.json homepage https://github.com/jonschlinkert/clone-deep Highest Vendor package.json name clone-deep Highest Vendor package.json name clone-deep_project Highest Product package.json name clone-deep Highest Version package.json version 4.0.1 Highest
Related Dependencies clone-deep:4.0.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/register:7.23.7/clone-deep:^4.0.1 pkg:npm/clone-deep@4.0.1 clone-response:1.0.3Description:
Clone a Node.js HTTP response stream License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?cacheable-request:6.1.0/clone-response:^1.0.2
Referenced In Projects/Scopes: simplicite-js:5.2.54/cacheable-request:6.1.0 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author Luke Childs <lukechilds123@gmail.com> (http://lukechilds.co.uk) Highest Vendor package.json description Clone a Node.js HTTP response stream Highest Vendor package.json name clone-response Highest Vendor package.json name clone-response_project Highest Product package.json name clone-response Highest Version package.json version 1.0.3 Highest
Related Dependencies clone-response:1.0.3File Path: /var/simplicite/simplicite-5.2/package-lock.json?/clone-response:1.0.3 pkg:npm/clone-response@1.0.3 clone:1.0.4Description:
deep cloning of objects and arrays License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?defaults:1.0.4/clone:^1.0.2
Referenced In Projects/Scopes: simplicite-js:5.2.54/defaults:1.0.4 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author Paul Vorbach <paul@vorba.ch> (http://paul.vorba.ch/) Highest Vendor package.json bugs.url https://github.com/pvorb/node-clone/issues Highest Vendor package.json description deep cloning of objects and arrays Highest Vendor package.json name clone Highest Vendor package.json name clone_project Highest Product package.json name clone Highest Version package.json version 1.0.4 Highest
Related Dependencies clone:1.0.4File Path: /var/simplicite/simplicite-5.2/package-lock.json?/clone:1.0.4 pkg:npm/clone@1.0.4 co:4.6.0Description:
generator async control flow goodness License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?npm-check:6.0.1/co:^4.6.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/npm-check:6.0.1 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json description generator async control flow goodness Highest Vendor package.json name co Highest Vendor package.json name co_project Highest Product package.json name co Highest Version package.json version 4.6.0 Highest
Related Dependencies co:4.6.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?/co:4.6.0 pkg:npm/co@4.6.0 codemodel-2.3.4.jarDescription:
The core functionality of the CodeModel java source code generation library License:
http://www.eclipse.org/org/documents/edl-v10.php File Path: /var/simplicite/.m2/repository/org/glassfish/jaxb/codemodel/2.3.4/codemodel-2.3.4.jar
MD5: c1d9b683da4372476e0a24a5145f1376
SHA1: 8ab752f833454bbd9bc736749cbc939427dd9ef9
SHA256: de6863199942948ea1cdf0c9740539a7ada7e87a70049fb7d00798c0a2e4210e
Referenced In Project/Scope: Simplicite Platform:compile
codemodel-2.3.4.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.glassfish.jaxb/jaxb-xjc@2.3.4
Evidence Type Source Name Value Confidence Vendor file name codemodel High Vendor jar package name codemodel Highest Vendor jar package name sun Highest Vendor jar (hint) package name oracle Highest Vendor Manifest build-jdk-spec 11 Low Vendor Manifest bundle-docurl https://www.eclipse.org Low Vendor Manifest bundle-symbolicname org.glassfish.jaxb.codemodel Medium Vendor Manifest implementation-build-id 2.3.4 - 2a16b4e Low Vendor Manifest Implementation-Vendor Eclipse Foundation High Vendor pom artifactid codemodel Highest Vendor pom artifactid codemodel Low Vendor pom groupid org.glassfish.jaxb Highest Vendor pom name Codemodel Core High Vendor pom parent-artifactid jaxb-codemodel-parent Low Vendor pom parent-groupid com.sun.xml.bind.mvn Medium Product file name codemodel High Product jar package name codemodel Highest Product jar package name sun Highest Product Manifest build-jdk-spec 11 Low Product Manifest bundle-docurl https://www.eclipse.org Low Product Manifest Bundle-Name Codemodel Core Medium Product Manifest bundle-symbolicname org.glassfish.jaxb.codemodel Medium Product Manifest implementation-build-id 2.3.4 - 2a16b4e Low Product Manifest Implementation-Title Codemodel Core High Product pom artifactid codemodel Highest Product pom groupid org.glassfish.jaxb Highest Product pom name Codemodel Core High Product pom parent-artifactid jaxb-codemodel-parent Medium Product pom parent-groupid com.sun.xml.bind.mvn Medium Version file version 2.3.4 High Version Manifest Bundle-Version 2.3.4 High Version Manifest implementation-build-id 2.3.4 Low Version Manifest Implementation-Version 2.3.4 High Version pom version 2.3.4 Highest
color-convert:1.9.3Description:
Plain color conversion functions License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/color-convert:1.9.3
Referenced In Projects/Scopes: simplicite-js:5.2.54/ansi-styles:3.2.1 simplicite-js:5.2.54/ansi-styles:4.3.0 simplicite-js:5.2.54/chartjs-color:2.4.1 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author Heather Arthur <fayearthur@gmail.com> Highest Vendor package.json description Plain color conversion functions Highest Vendor package.json name color-convert Highest Vendor package.json name color-convert_project Highest Product package.json name color-convert Highest Version package.json version 1.9.3 Highest
Related Dependencies color-convert:1.9.3File Path: /var/simplicite/simplicite-5.2/package-lock.json?ansi-styles:3.2.1/color-convert:^1.9.0 pkg:npm/color-convert@1.9.3 color-convert:1.9.3File Path: /var/simplicite/simplicite-5.2/package-lock.json?ansi-styles:4.3.0/color-convert:^2.0.1 pkg:npm/color-convert@1.9.3 color-convert:1.9.3File Path: /var/simplicite/simplicite-5.2/package-lock.json?chartjs-color:2.4.1/color-convert:^1.9.3 pkg:npm/color-convert@1.9.3 color-convert:2.0.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?/color-convert:2.0.1 pkg:npm/color-convert@2.0.1 color-convert:2.0.1Description:
Plain color conversion functions License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/color-convert:2.0.1
Referenced In Project/Scope: simplicite-js:5.2.54
Evidence Type Source Name Value Confidence Vendor package.json author Heather Arthur <fayearthur@gmail.com> Highest Vendor package.json description Plain color conversion functions Highest Vendor package.json name color-convert Highest Vendor package.json name color-convert_project Highest Product package.json name color-convert Highest Version package.json version 2.0.1 Highest
color-name:1.1.3Description:
A list of color names and its values License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/color-name:1.1.3
Referenced In Projects/Scopes: simplicite-js:5.2.54/color-convert:1.9.3 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author DY <dfcreative@gmail.com> Highest Vendor package.json bugs.url https://github.com/dfcreative/color-name/issues Highest Vendor package.json description A list of color names and its values Highest Vendor package.json homepage https://github.com/dfcreative/color-name Highest Vendor package.json name color-name Highest Vendor package.json name color-name_project Highest Product package.json name color-name Highest Version package.json version 1.1.3 Highest
Related Dependencies color-name:1.1.3File Path: /var/simplicite/simplicite-5.2/package-lock.json?color-convert:1.9.3/color-name:1.1.3 pkg:npm/color-name@1.1.3 color-name:1.1.4Description:
A list of color names and its values License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?color-convert:2.0.1/color-name:~1.1.4
Referenced In Projects/Scopes: simplicite-js:5.2.54/chartjs-color-string:0.6.0 simplicite-js:5.2.54 simplicite-js:5.2.54/color-convert:2.0.1 Evidence Type Source Name Value Confidence Vendor package.json author DY <dfcreative@gmail.com> Highest Vendor package.json bugs.url https://github.com/colorjs/color-name/issues Highest Vendor package.json description A list of color names and its values Highest Vendor package.json homepage https://github.com/colorjs/color-name Highest Vendor package.json name color-name Highest Vendor package.json name color-name_project Highest Product package.json name color-name Highest Version package.json version 1.1.4 Highest
Related Dependencies color-name:1.1.4File Path: /var/simplicite/simplicite-5.2/package-lock.json?/color-name:1.1.4 pkg:npm/color-name@1.1.4 color-name:1.1.4File Path: /var/simplicite/simplicite-5.2/package-lock.json?chartjs-color-string:0.6.0/color-name:^1.0.0 pkg:npm/color-name@1.1.4 color-support:1.1.3Description:
A module which will endeavor to guess your terminal's level of color support. License:
ISC File Path: /var/simplicite/simplicite-5.2/package-lock.json?gauge:4.0.4/color-support:^1.1.3
Referenced In Projects/Scopes: simplicite-js:5.2.54/gauge:4.0.4 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author Isaac Z. Schlueter <i@izs.me> (http://blog.izs.me/) Highest Vendor package.json description A module which will endeavor to guess your terminal's level of color support. Highest Vendor package.json name color-support Highest Vendor package.json name color-support_project Highest Product package.json name color-support Highest Version package.json version 1.1.3 Highest
Related Dependencies color-support:1.1.3File Path: /var/simplicite/simplicite-5.2/package-lock.json?/color-support:1.1.3 pkg:npm/color-support@1.1.3 colord:2.9.3Description:
👑 A tiny yet powerful tool for high-performance color manipulations and conversions License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?stylelint:14.16.1/colord:^2.9.3
Referenced In Projects/Scopes: simplicite-js:5.2.54/stylelint:14.16.1 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author Vlad Shilov <omgovich@ya.ru> Highest Vendor package.json description 👑 A tiny yet powerful tool for high-performance color manipulations and conversions Highest Vendor package.json name colord Highest Vendor package.json name colord_project Highest Product package.json name colord Highest Version package.json version 2.9.3 Highest
Related Dependencies colord:2.9.3File Path: /var/simplicite/simplicite-5.2/package-lock.json?/colord:2.9.3 pkg:npm/colord@2.9.3 commander:10.0.1Description:
the complete solution for node.js command-line programs License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/commander:10.0.1
Referenced In Projects/Scopes: simplicite-js:5.2.54/npm-check-updates:16.14.14 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author TJ Holowaychuk <tj@vision-media.ca> Highest Vendor package.json description the complete solution for node.js command-line programs Highest Vendor package.json name commander Highest Vendor package.json name commander_project Highest Product package.json name commander Highest Version package.json version 10.0.1 Highest
Related Dependencies commander:10.0.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?npm-check-updates:16.14.14/commander:^10.0.1 pkg:npm/commander@10.0.1 commander:2.20.3Description:
the complete solution for node.js command-line programs License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/commander:2.20.3
Referenced In Projects/Scopes: simplicite-js:5.2.54/editorconfig:0.15.3 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author TJ Holowaychuk <tj@vision-media.ca> Highest Vendor package.json description the complete solution for node.js command-line programs Highest Vendor package.json name commander Highest Vendor package.json name commander_project Highest Product package.json name commander Highest Version package.json version 2.20.3 Highest
Related Dependencies commander:2.20.3File Path: /var/simplicite/simplicite-5.2/package-lock.json?editorconfig:0.15.3/commander:^2.19.0 pkg:npm/commander@2.20.3 commander:3.0.2Description:
the complete solution for node.js command-line programs License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/commander:3.0.2
Referenced In Projects/Scopes: simplicite-js:5.2.54/npm-audit-html:1.5.0 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author TJ Holowaychuk <tj@vision-media.ca> Highest Vendor package.json description the complete solution for node.js command-line programs Highest Vendor package.json name commander Highest Vendor package.json name commander_project Highest Product package.json name commander Highest Version package.json version 3.0.2 Highest
Related Dependencies commander:3.0.2File Path: /var/simplicite/simplicite-5.2/package-lock.json?npm-audit-html:1.5.0/commander:^3.0.2 pkg:npm/commander@3.0.2 commander:4.1.1Description:
the complete solution for node.js command-line programs License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/commander:4.1.1
Referenced In Projects/Scopes: simplicite-js:5.2.54/@babel/node:7.23.9 simplicite-js:5.2.54/@babel/cli:7.23.9 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author TJ Holowaychuk <tj@vision-media.ca> Highest Vendor package.json description the complete solution for node.js command-line programs Highest Vendor package.json name commander Highest Vendor package.json name commander_project Highest Product package.json name commander Highest Version package.json version 4.1.1 Highest
Related Dependencies commander:4.1.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/cli:7.23.9/commander:^4.0.1 pkg:npm/commander@4.1.1 commander:4.1.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/node:7.23.9/commander:^4.0.1 pkg:npm/commander@4.1.1 comment-parser:1.4.1Description:
Generic JSDoc-like comment parser License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?eslint-plugin-jsdoc:48.0.4/comment-parser:1.4.1
Referenced In Projects/Scopes: simplicite-js:5.2.54/eslint-plugin-jsdoc:48.0.4 simplicite-js:5.2.54 simplicite-js:5.2.54/@es-joy/jsdoccomment:0.41.0 Evidence Type Source Name Value Confidence Vendor package.json author Sergiy Yavorsky <sergiy@yavorsky.me> (https://github.com/syavorsky) Highest Vendor package.json bugs.url https://github.com/syavorsky/comment-parser/issues Highest Vendor package.json description Generic JSDoc-like comment parser Highest Vendor package.json homepage https://github.com/syavorsky/comment-parser Highest Vendor package.json name comment-parser Highest Vendor package.json name comment-parser_project Highest Product package.json name comment-parser Highest Version package.json version 1.4.1 Highest
Related Dependencies comment-parser:1.4.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?/comment-parser:1.4.1 pkg:npm/comment-parser@1.4.1 comment-parser:1.4.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?@es-joy/jsdoccomment:0.41.0/comment-parser:1.4.1 pkg:npm/comment-parser@1.4.1 commondir:1.0.1Description:
compute the closest common parent for file paths License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?find-cache-dir:2.1.0/commondir:^1.0.1
Referenced In Projects/Scopes: simplicite-js:5.2.54/find-cache-dir:2.1.0 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author.email mail@substack.net Highest Vendor package.json author.name James Halliday Highest Vendor package.json author.url http://substack.net Highest Vendor package.json description compute the closest common parent for file paths Highest Vendor package.json name commondir Highest Vendor package.json name commondir_project Highest Product package.json name commondir Highest Version package.json version 1.0.1 Highest
Related Dependencies commondir:1.0.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?/commondir:1.0.1 pkg:npm/commondir@1.0.1 commonmark-0.18.0.jarDescription:
Core of commonmark-java (implementation of CommonMark for parsing markdown and rendering to HTML) File Path: /var/simplicite/.m2/repository/org/commonmark/commonmark/0.18.0/commonmark-0.18.0.jarMD5: 16eff9d995c0fbe10f46daee7b7f2796SHA1: 89d6f732805a7ae903a03de5d24daf5541bdac87SHA256: 533c431a2ec613074a48ba011d319a327c649aeb5b8d69c9e66e437f18cfbccbReferenced In Project/Scope: Simplicite Platform:compilecommonmark-0.18.0.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.simplicite/simplicite@5.2.54
Evidence Type Source Name Value Confidence Vendor file name commonmark High Vendor jar package name commonmark Highest Vendor jar package name html Highest Vendor jar package name parsing Highest Vendor Manifest automatic-module-name org.commonmark Medium Vendor Manifest build-jdk-spec 1.8 Low Vendor pom artifactid commonmark Highest Vendor pom artifactid commonmark Low Vendor pom groupid org.commonmark Highest Vendor pom name commonmark-java core High Vendor pom parent-artifactid commonmark-parent Low Product file name commonmark High Product jar package name commonmark Highest Product jar package name html Highest Product jar package name parsing Highest Product Manifest automatic-module-name org.commonmark Medium Product Manifest build-jdk-spec 1.8 Low Product pom artifactid commonmark Highest Product pom groupid org.commonmark Highest Product pom name commonmark-java core High Product pom parent-artifactid commonmark-parent Medium Version file version 0.18.0 High Version pom version 0.18.0 Highest
commonmark-ext-autolink-0.18.0.jarDescription:
commonmark-java extension for turning plain URLs and email addresses into links File Path: /var/simplicite/.m2/repository/org/commonmark/commonmark-ext-autolink/0.18.0/commonmark-ext-autolink-0.18.0.jarMD5: 6627c79a625066f5be762e5f39ef7e24SHA1: d6faf1eb8cff81888dbda77f74c82090fe260adbSHA256: 10feb418bc1849a2fed75a8cf7224c4863f7e0ba11b7d36fa05af613a332c035Referenced In Project/Scope: Simplicite Platform:compilecommonmark-ext-autolink-0.18.0.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.simplicite/simplicite@5.2.54
Evidence Type Source Name Value Confidence Vendor file name commonmark-ext-autolink High Vendor jar package name autolink Highest Vendor jar package name commonmark Highest Vendor jar package name ext Highest Vendor Manifest automatic-module-name org.commonmark.ext.autolink Medium Vendor Manifest build-jdk-spec 1.8 Low Vendor pom artifactid commonmark-ext-autolink Highest Vendor pom artifactid commonmark-ext-autolink Low Vendor pom groupid org.commonmark Highest Vendor pom name commonmark-java extension for autolinking High Vendor pom parent-artifactid commonmark-parent Low Product file name commonmark-ext-autolink High Product jar package name autolink Highest Product jar package name commonmark Highest Product jar package name ext Highest Product Manifest automatic-module-name org.commonmark.ext.autolink Medium Product Manifest build-jdk-spec 1.8 Low Product pom artifactid commonmark-ext-autolink Highest Product pom groupid org.commonmark Highest Product pom name commonmark-java extension for autolinking High Product pom parent-artifactid commonmark-parent Medium Version file version 0.18.0 High Version pom version 0.18.0 Highest
commonmark-ext-gfm-strikethrough-0.18.0.jarDescription:
commonmark-java extension for GFM strikethrough using ~~ (GitHub Flavored Markdown) File Path: /var/simplicite/.m2/repository/org/commonmark/commonmark-ext-gfm-strikethrough/0.18.0/commonmark-ext-gfm-strikethrough-0.18.0.jarMD5: 882d5909d422496addca68d51b0b86c1SHA1: 26a14a38e55e465241b30f96a0d67be02064f622SHA256: 5243b357e493e69f39a03d60504e957c0a03d633638bf87d420537073d8dc7b0Referenced In Project/Scope: Simplicite Platform:compilecommonmark-ext-gfm-strikethrough-0.18.0.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.simplicite/simplicite@5.2.54
Evidence Type Source Name Value Confidence Vendor file name commonmark-ext-gfm-strikethrough High Vendor jar package name commonmark Highest Vendor jar package name ext Highest Vendor jar package name gfm Highest Vendor jar package name strikethrough Highest Vendor Manifest automatic-module-name org.commonmark.ext.gfm.strikethrough Medium Vendor Manifest build-jdk-spec 1.8 Low Vendor pom artifactid commonmark-ext-gfm-strikethrough Highest Vendor pom artifactid commonmark-ext-gfm-strikethrough Low Vendor pom groupid org.commonmark Highest Vendor pom name commonmark-java extension for strikethrough High Vendor pom parent-artifactid commonmark-parent Low Product file name commonmark-ext-gfm-strikethrough High Product jar package name commonmark Highest Product jar package name ext Highest Product jar package name gfm Highest Product jar package name strikethrough Highest Product Manifest automatic-module-name org.commonmark.ext.gfm.strikethrough Medium Product Manifest build-jdk-spec 1.8 Low Product pom artifactid commonmark-ext-gfm-strikethrough Highest Product pom groupid org.commonmark Highest Product pom name commonmark-java extension for strikethrough High Product pom parent-artifactid commonmark-parent Medium Version file version 0.18.0 High Version pom version 0.18.0 Highest
commonmark-ext-gfm-tables-0.18.0.jarDescription:
commonmark-java extension for GFM tables using "|" pipes (GitHub Flavored Markdown) File Path: /var/simplicite/.m2/repository/org/commonmark/commonmark-ext-gfm-tables/0.18.0/commonmark-ext-gfm-tables-0.18.0.jarMD5: 656495abc933a6d5b024dfa83c5d8837SHA1: 27885f6bbe1ac5b74eedc74bfee452e206ffcdf4SHA256: 50e63bea8f1ae8166de3a6bd27330064247ab534db931e194bd90bb2ad655b0fReferenced In Project/Scope: Simplicite Platform:compilecommonmark-ext-gfm-tables-0.18.0.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.simplicite/simplicite@5.2.54
Evidence Type Source Name Value Confidence Vendor file name commonmark-ext-gfm-tables High Vendor jar package name commonmark Highest Vendor jar package name ext Highest Vendor jar package name gfm Highest Vendor jar package name tables Highest Vendor Manifest automatic-module-name org.commonmark.ext.gfm.tables Medium Vendor Manifest build-jdk-spec 1.8 Low Vendor pom artifactid commonmark-ext-gfm-tables Highest Vendor pom artifactid commonmark-ext-gfm-tables Low Vendor pom groupid org.commonmark Highest Vendor pom name commonmark-java extension for tables High Vendor pom parent-artifactid commonmark-parent Low Product file name commonmark-ext-gfm-tables High Product jar package name commonmark Highest Product jar package name ext Highest Product jar package name gfm Highest Product jar package name tables Highest Product Manifest automatic-module-name org.commonmark.ext.gfm.tables Medium Product Manifest build-jdk-spec 1.8 Low Product pom artifactid commonmark-ext-gfm-tables Highest Product pom groupid org.commonmark Highest Product pom name commonmark-java extension for tables High Product pom parent-artifactid commonmark-parent Medium Version file version 0.18.0 High Version pom version 0.18.0 Highest
commonmark-ext-heading-anchor-0.18.0.jarDescription:
commonmark-java extension for adding unique id attributes to header tags File Path: /var/simplicite/.m2/repository/org/commonmark/commonmark-ext-heading-anchor/0.18.0/commonmark-ext-heading-anchor-0.18.0.jarMD5: c320f2bb2a369012f2d8d711f8ca1b1eSHA1: 3c580d3a7e9a193d78e36f36f5e07a52ae8e31a3SHA256: a21a24bbddec2a35c1dc17f0a45f0006ff37f289d06c3d5df64f8d265531ca71Referenced In Project/Scope: Simplicite Platform:compilecommonmark-ext-heading-anchor-0.18.0.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.simplicite/simplicite@5.2.54
Evidence Type Source Name Value Confidence Vendor file name commonmark-ext-heading-anchor High Vendor jar package name anchor Highest Vendor jar package name commonmark Highest Vendor jar package name ext Highest Vendor jar package name heading Highest Vendor Manifest automatic-module-name org.commonmark.ext.heading.anchor Medium Vendor Manifest build-jdk-spec 1.8 Low Vendor pom artifactid commonmark-ext-heading-anchor Highest Vendor pom artifactid commonmark-ext-heading-anchor Low Vendor pom groupid org.commonmark Highest Vendor pom name commonmark-java extension for adding id attributes to h tags High Vendor pom parent-artifactid commonmark-parent Low Product file name commonmark-ext-heading-anchor High Product jar package name anchor Highest Product jar package name commonmark Highest Product jar package name ext Highest Product jar package name heading Highest Product Manifest automatic-module-name org.commonmark.ext.heading.anchor Medium Product Manifest build-jdk-spec 1.8 Low Product pom artifactid commonmark-ext-heading-anchor Highest Product pom groupid org.commonmark Highest Product pom name commonmark-java extension for adding id attributes to h tags High Product pom parent-artifactid commonmark-parent Medium Version file version 0.18.0 High Version pom version 0.18.0 Highest
commonmark-ext-image-attributes-0.18.0.jarDescription:
commonmark-java extension for adding attributes to images File Path: /var/simplicite/.m2/repository/org/commonmark/commonmark-ext-image-attributes/0.18.0/commonmark-ext-image-attributes-0.18.0.jarMD5: 9689b1bccdce2e16c49638738bf99318SHA1: edae8c5450ae6bcf9505bf4d7d496498a7167707SHA256: 786ddf5e3a1b8f19c5cb0ea23285c8cc362734541169aa8cf99dc5ee195e584cReferenced In Project/Scope: Simplicite Platform:compilecommonmark-ext-image-attributes-0.18.0.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.simplicite/simplicite@5.2.54
Evidence Type Source Name Value Confidence Vendor file name commonmark-ext-image-attributes High Vendor jar package name attributes Highest Vendor jar package name commonmark Highest Vendor jar package name ext Highest Vendor jar package name image Highest Vendor Manifest automatic-module-name org.commonmark.ext.image.attributes Medium Vendor Manifest build-jdk-spec 1.8 Low Vendor pom artifactid commonmark-ext-image-attributes Highest Vendor pom artifactid commonmark-ext-image-attributes Low Vendor pom groupid org.commonmark Highest Vendor pom name commonmark-java extension for image attributes High Vendor pom parent-artifactid commonmark-parent Low Product file name commonmark-ext-image-attributes High Product jar package name attributes Highest Product jar package name commonmark Highest Product jar package name ext Highest Product jar package name image Highest Product Manifest automatic-module-name org.commonmark.ext.image.attributes Medium Product Manifest build-jdk-spec 1.8 Low Product pom artifactid commonmark-ext-image-attributes Highest Product pom groupid org.commonmark Highest Product pom name commonmark-java extension for image attributes High Product pom parent-artifactid commonmark-parent Medium Version file version 0.18.0 High Version pom version 0.18.0 Highest
commonmark-ext-ins-0.18.0.jarDescription:
commonmark-java extension for using ++ File Path: /var/simplicite/.m2/repository/org/commonmark/commonmark-ext-ins/0.18.0/commonmark-ext-ins-0.18.0.jarMD5: 01e7942caf3cfa753520598f8fc62f97SHA1: b5c97a6443bada4e6cc5dced0c7bb7a712f084c3SHA256: 3b5a6d0d9245c290721850abd9017910172a0d5349bfaf3fd6327a991543ec5aReferenced In Project/Scope: Simplicite Platform:compilecommonmark-ext-ins-0.18.0.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.simplicite/simplicite@5.2.54
Evidence Type Source Name Value Confidence Vendor file name commonmark-ext-ins High Vendor jar package name commonmark Highest Vendor jar package name ext Highest Vendor jar package name ins Highest Vendor Manifest automatic-module-name org.commonmark.ext.ins Medium Vendor Manifest build-jdk-spec 1.8 Low Vendor pom artifactid commonmark-ext-ins Highest Vendor pom artifactid commonmark-ext-ins Low Vendor pom groupid org.commonmark Highest Vendor pom name commonmark-java extension for <ins> (underline) High Vendor pom parent-artifactid commonmark-parent Low Product file name commonmark-ext-ins High Product jar package name commonmark Highest Product jar package name ext Highest Product jar package name ins Highest Product Manifest automatic-module-name org.commonmark.ext.ins Medium Product Manifest build-jdk-spec 1.8 Low Product pom artifactid commonmark-ext-ins Highest Product pom groupid org.commonmark Highest Product pom name commonmark-java extension for <ins> (underline) High Product pom parent-artifactid commonmark-parent Medium Version file version 0.18.0 High Version pom version 0.18.0 Highest
commonmark-ext-task-list-items-0.18.0.jarDescription:
commonmark-java extension for task list items File Path: /var/simplicite/.m2/repository/org/commonmark/commonmark-ext-task-list-items/0.18.0/commonmark-ext-task-list-items-0.18.0.jarMD5: f9f7bc9524e2b6a10c3c2cf9091481abSHA1: ab00471367a4bae9c3574669910841a72362cdd2SHA256: 10c4a970d410201ce131291ac9105ed7e09c4b7abba3d76a7e2fc07e296cae14Referenced In Project/Scope: Simplicite Platform:compilecommonmark-ext-task-list-items-0.18.0.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.simplicite/simplicite@5.2.54
Evidence Type Source Name Value Confidence Vendor file name commonmark-ext-task-list-items High Vendor jar package name commonmark Highest Vendor jar package name ext Highest Vendor jar package name list Highest Vendor jar package name task Highest Vendor Manifest automatic-module-name org.commonmark.ext.task.list.items Medium Vendor Manifest build-jdk-spec 1.8 Low Vendor pom artifactid commonmark-ext-task-list-items Highest Vendor pom artifactid commonmark-ext-task-list-items Low Vendor pom groupid org.commonmark Highest Vendor pom name commonmark-java extension for task list items High Vendor pom parent-artifactid commonmark-parent Low Product file name commonmark-ext-task-list-items High Product jar package name commonmark Highest Product jar package name ext Highest Product jar package name list Highest Product jar package name task Highest Product Manifest automatic-module-name org.commonmark.ext.task.list.items Medium Product Manifest build-jdk-spec 1.8 Low Product pom artifactid commonmark-ext-task-list-items Highest Product pom groupid org.commonmark Highest Product pom name commonmark-java extension for task list items High Product pom parent-artifactid commonmark-parent Medium Version file version 0.18.0 High Version pom version 0.18.0 Highest
commonmark-ext-yaml-front-matter-0.18.0.jarDescription:
commonmark-java extension for YAML front matter File Path: /var/simplicite/.m2/repository/org/commonmark/commonmark-ext-yaml-front-matter/0.18.0/commonmark-ext-yaml-front-matter-0.18.0.jarMD5: 9cce63bec84708f4006f2ca305d203b4SHA1: 944587429d6f2d2df6acd75534c5f02e48972b49SHA256: 3170acbd220b0f5d27c16ec52323e641ea99ce36c3c86dfbb46ef5e925bd5ba0Referenced In Project/Scope: Simplicite Platform:compilecommonmark-ext-yaml-front-matter-0.18.0.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.simplicite/simplicite@5.2.54
Evidence Type Source Name Value Confidence Vendor file name commonmark-ext-yaml-front-matter High Vendor jar package name commonmark Highest Vendor jar package name ext Highest Vendor jar package name front Highest Vendor jar package name matter Highest Vendor Manifest automatic-module-name org.commonmark.ext.front.matter Medium Vendor Manifest build-jdk-spec 1.8 Low Vendor pom artifactid commonmark-ext-yaml-front-matter Highest Vendor pom artifactid commonmark-ext-yaml-front-matter Low Vendor pom groupid org.commonmark Highest Vendor pom name commonmark-java extension for YAML front matter High Vendor pom parent-artifactid commonmark-parent Low Product file name commonmark-ext-yaml-front-matter High Product jar package name commonmark Highest Product jar package name ext Highest Product jar package name front Highest Product jar package name matter Highest Product Manifest automatic-module-name org.commonmark.ext.front.matter Medium Product Manifest build-jdk-spec 1.8 Low Product pom artifactid commonmark-ext-yaml-front-matter Highest Product pom groupid org.commonmark Highest Product pom name commonmark-java extension for YAML front matter High Product pom parent-artifactid commonmark-parent Medium Version file version 0.18.0 High Version pom version 0.18.0 Highest
commons-beanutils-1.9.4.jarDescription:
Apache Commons BeanUtils provides an easy-to-use but flexible wrapper around reflection and introspection. License:
https://www.apache.org/licenses/LICENSE-2.0.txt File Path: /var/simplicite/.m2/repository/commons-beanutils/commons-beanutils/1.9.4/commons-beanutils-1.9.4.jar
MD5: 07dc532ee316fe1f2f0323e9bd2f8df4
SHA1: d52b9abcd97f38c81342bb7e7ae1eee9b73cba51
SHA256: 7d938c81789028045c08c065e94be75fc280527620d5bd62b519d5838532368a
Referenced In Project/Scope: Simplicite Platform:compile
commons-beanutils-1.9.4.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.simplicite/simplicite@5.2.54
Evidence Type Source Name Value Confidence Vendor file name commons-beanutils High Vendor jar package name apache Highest Vendor jar package name beanutils Highest Vendor jar package name commons Highest Vendor Manifest bundle-docurl https://commons.apache.org/proper/commons-beanutils/ Low Vendor Manifest bundle-symbolicname org.apache.commons.commons-beanutils Medium Vendor Manifest implementation-build UNKNOWN_BRANCH@r??????; 2019-07-28 22:14:44+0000 Low Vendor Manifest implementation-url https://commons.apache.org/proper/commons-beanutils/ Low Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor Manifest Implementation-Vendor-Id org.apache Medium Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor pom artifactid commons-beanutils Highest Vendor pom artifactid commons-beanutils Low Vendor pom developer email britter@apache.org Low Vendor pom developer email chtompki@apache.org Low Vendor pom developer email craigmcc@apache.org Low Vendor pom developer email dion@apache.org Low Vendor pom developer email epugh@apache.org Low Vendor pom developer email geirm@apache.org Low Vendor pom developer email ggregory@apache.org Low Vendor pom developer email jcarman@apache.org Low Vendor pom developer email jconlon@apache.org Low Vendor pom developer email jstrachan@apache.org Low Vendor pom developer email morgand@apache.org Low Vendor pom developer email mvdb@apache.org Low Vendor pom developer email niallp@apache.org Low Vendor pom developer email rdonkin@apache.org Low Vendor pom developer email rwaldhoff@apache.org Low Vendor pom developer email sanders@apache.org Low Vendor pom developer email scolebourne@apache.org Low Vendor pom developer email skitching@apache.org Low Vendor pom developer email stain@apache.org Low Vendor pom developer email tobrien@apache.org Low Vendor pom developer email yoavs@apache.org Low Vendor pom developer id britter Medium Vendor pom developer id chtompki Medium Vendor pom developer id craigmcc Medium Vendor pom developer id dion Medium Vendor pom developer id epugh Medium Vendor pom developer id geirm Medium Vendor pom developer id ggregory Medium Vendor pom developer id jcarman Medium Vendor pom developer id jconlon Medium Vendor pom developer id jstrachan Medium Vendor pom developer id morgand Medium Vendor pom developer id mvdb Medium Vendor pom developer id niallp Medium Vendor pom developer id rdonkin Medium Vendor pom developer id rwaldhoff Medium Vendor pom developer id sanders Medium Vendor pom developer id scolebourne Medium Vendor pom developer id skitching Medium Vendor pom developer id stain Medium Vendor pom developer id tobrien Medium Vendor pom developer id yoavs Medium Vendor pom developer name Benedikt Ritter Medium Vendor pom developer name Craig McClanahan Medium Vendor pom developer name David Eric Pugh Medium Vendor pom developer name Dion Gillard Medium Vendor pom developer name Gary Gregory Medium Vendor pom developer name Geir Magnusson Jr. Medium Vendor pom developer name James Carman Medium Vendor pom developer name James Strachan Medium Vendor pom developer name John E. Conlon Medium Vendor pom developer name Martin van den Bemt Medium Vendor pom developer name Morgan James Delagrange Medium Vendor pom developer name Niall Pemberton Medium Vendor pom developer name Rob Tompkins Medium Vendor pom developer name Robert Burrell Donkin Medium Vendor pom developer name Rodney Waldhoff Medium Vendor pom developer name Scott Sanders Medium Vendor pom developer name Simon Kitching Medium Vendor pom developer name Stephen Colebourne Medium Vendor pom developer name Stian Soiland-Reyes Medium Vendor pom developer name Tim O'Brien Medium Vendor pom developer name Yoav Shapira Medium Vendor pom developer org The Apache Software Foundation Medium Vendor pom groupid commons-beanutils Highest Vendor pom name Apache Commons BeanUtils High Vendor pom parent-artifactid commons-parent Low Vendor pom parent-groupid org.apache.commons Medium Vendor pom url https://commons.apache.org/proper/commons-beanutils/ Highest Product file name commons-beanutils High Product jar package name apache Highest Product jar package name beanutils Highest Product jar package name commons Highest Product Manifest bundle-docurl https://commons.apache.org/proper/commons-beanutils/ Low Product Manifest Bundle-Name Apache Commons BeanUtils Medium Product Manifest bundle-symbolicname org.apache.commons.commons-beanutils Medium Product Manifest implementation-build UNKNOWN_BRANCH@r??????; 2019-07-28 22:14:44+0000 Low Product Manifest Implementation-Title Apache Commons BeanUtils High Product Manifest implementation-url https://commons.apache.org/proper/commons-beanutils/ Low Product Manifest specification-title Apache Commons BeanUtils Medium Product pom artifactid commons-beanutils Highest Product pom developer email britter@apache.org Low Product pom developer email chtompki@apache.org Low Product pom developer email craigmcc@apache.org Low Product pom developer email dion@apache.org Low Product pom developer email epugh@apache.org Low Product pom developer email geirm@apache.org Low Product pom developer email ggregory@apache.org Low Product pom developer email jcarman@apache.org Low Product pom developer email jconlon@apache.org Low Product pom developer email jstrachan@apache.org Low Product pom developer email morgand@apache.org Low Product pom developer email mvdb@apache.org Low Product pom developer email niallp@apache.org Low Product pom developer email rdonkin@apache.org Low Product pom developer email rwaldhoff@apache.org Low Product pom developer email sanders@apache.org Low Product pom developer email scolebourne@apache.org Low Product pom developer email skitching@apache.org Low Product pom developer email stain@apache.org Low Product pom developer email tobrien@apache.org Low Product pom developer email yoavs@apache.org Low Product pom developer id britter Low Product pom developer id chtompki Low Product pom developer id craigmcc Low Product pom developer id dion Low Product pom developer id epugh Low Product pom developer id geirm Low Product pom developer id ggregory Low Product pom developer id jcarman Low Product pom developer id jconlon Low Product pom developer id jstrachan Low Product pom developer id morgand Low Product pom developer id mvdb Low Product pom developer id niallp Low Product pom developer id rdonkin Low Product pom developer id rwaldhoff Low Product pom developer id sanders Low Product pom developer id scolebourne Low Product pom developer id skitching Low Product pom developer id stain Low Product pom developer id tobrien Low Product pom developer id yoavs Low Product pom developer name Benedikt Ritter Low Product pom developer name Craig McClanahan Low Product pom developer name David Eric Pugh Low Product pom developer name Dion Gillard Low Product pom developer name Gary Gregory Low Product pom developer name Geir Magnusson Jr. Low Product pom developer name James Carman Low Product pom developer name James Strachan Low Product pom developer name John E. Conlon Low Product pom developer name Martin van den Bemt Low Product pom developer name Morgan James Delagrange Low Product pom developer name Niall Pemberton Low Product pom developer name Rob Tompkins Low Product pom developer name Robert Burrell Donkin Low Product pom developer name Rodney Waldhoff Low Product pom developer name Scott Sanders Low Product pom developer name Simon Kitching Low Product pom developer name Stephen Colebourne Low Product pom developer name Stian Soiland-Reyes Low Product pom developer name Tim O'Brien Low Product pom developer name Yoav Shapira Low Product pom developer org The Apache Software Foundation Low Product pom groupid commons-beanutils Highest Product pom name Apache Commons BeanUtils High Product pom parent-artifactid commons-parent Medium Product pom parent-groupid org.apache.commons Medium Product pom url https://commons.apache.org/proper/commons-beanutils/ Medium Version file version 1.9.4 High Version Manifest Bundle-Version 1.9.4 High Version Manifest Implementation-Version 1.9.4 High Version pom parent-version 1.9.4 Low Version pom version 1.9.4 Highest
commons-cli-1.4.jarDescription:
Apache Commons CLI provides a simple API for presenting, processing and validating a command line interface.
License:
https://www.apache.org/licenses/LICENSE-2.0.txt File Path: /var/simplicite/.m2/repository/commons-cli/commons-cli/1.4/commons-cli-1.4.jar
MD5: c966d7e03507c834d5b09b848560174e
SHA1: c51c00206bb913cd8612b24abd9fa98ae89719b1
SHA256: fd3c7c9545a9cdb2051d1f9155c4f76b1e4ac5a57304404a6eedb578ffba7328
Referenced In Project/Scope: Simplicite Platform:compile
commons-cli-1.4.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.simplicite/simplicite@5.2.54
Evidence Type Source Name Value Confidence Vendor file name commons-cli High Vendor jar package name apache Highest Vendor jar package name cli Highest Vendor jar package name commons Highest Vendor Manifest bundle-docurl http://commons.apache.org/proper/commons-cli/ Low Vendor Manifest bundle-symbolicname org.apache.commons.cli Medium Vendor Manifest implementation-build tags/cli-1.4-RC1@r1786159; 2017-03-09 13:01:35+0000 Low Vendor Manifest implementation-url http://commons.apache.org/proper/commons-cli/ Low Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor Manifest Implementation-Vendor-Id org.apache Medium Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor pom artifactid commons-cli Highest Vendor pom artifactid commons-cli Low Vendor pom developer email bob@werken.com Low Vendor pom developer email ebourg@apache.org Low Vendor pom developer email jbjk@mac.com Low Vendor pom developer email jstrachan@apache.org Low Vendor pom developer email roxspring@imapmail.org Low Vendor pom developer email tn@apache.org Low Vendor pom developer id bob Medium Vendor pom developer id ebourg Medium Vendor pom developer id jkeyes Medium Vendor pom developer id jstrachan Medium Vendor pom developer id roxspring Medium Vendor pom developer id tn Medium Vendor pom developer name Bob McWhirter Medium Vendor pom developer name Emmanuel Bourg Medium Vendor pom developer name James Strachan Medium Vendor pom developer name John Keyes Medium Vendor pom developer name Rob Oxspring Medium Vendor pom developer name Thomas Neidhart Medium Vendor pom developer org Ariane Software Medium Vendor pom developer org Indigo Stone Medium Vendor pom developer org integral Source Medium Vendor pom developer org SpiritSoft, Inc. Medium Vendor pom developer org Werken Medium Vendor pom groupid commons-cli Highest Vendor pom name Apache Commons CLI High Vendor pom parent-artifactid commons-parent Low Vendor pom parent-groupid org.apache.commons Medium Vendor pom url http://commons.apache.org/proper/commons-cli/ Highest Product file name commons-cli High Product jar package name apache Highest Product jar package name cli Highest Product jar package name commons Highest Product Manifest bundle-docurl http://commons.apache.org/proper/commons-cli/ Low Product Manifest Bundle-Name Apache Commons CLI Medium Product Manifest bundle-symbolicname org.apache.commons.cli Medium Product Manifest implementation-build tags/cli-1.4-RC1@r1786159; 2017-03-09 13:01:35+0000 Low Product Manifest Implementation-Title Apache Commons CLI High Product Manifest implementation-url http://commons.apache.org/proper/commons-cli/ Low Product Manifest specification-title Apache Commons CLI Medium Product pom artifactid commons-cli Highest Product pom developer email bob@werken.com Low Product pom developer email ebourg@apache.org Low Product pom developer email jbjk@mac.com Low Product pom developer email jstrachan@apache.org Low Product pom developer email roxspring@imapmail.org Low Product pom developer email tn@apache.org Low Product pom developer id bob Low Product pom developer id ebourg Low Product pom developer id jkeyes Low Product pom developer id jstrachan Low Product pom developer id roxspring Low Product pom developer id tn Low Product pom developer name Bob McWhirter Low Product pom developer name Emmanuel Bourg Low Product pom developer name James Strachan Low Product pom developer name John Keyes Low Product pom developer name Rob Oxspring Low Product pom developer name Thomas Neidhart Low Product pom developer org Ariane Software Low Product pom developer org Indigo Stone Low Product pom developer org integral Source Low Product pom developer org SpiritSoft, Inc. Low Product pom developer org Werken Low Product pom groupid commons-cli Highest Product pom name Apache Commons CLI High Product pom parent-artifactid commons-parent Medium Product pom parent-groupid org.apache.commons Medium Product pom url http://commons.apache.org/proper/commons-cli/ Medium Version file version 1.4 High Version Manifest Implementation-Version 1.4 High Version pom parent-version 1.4 Low Version pom version 1.4 Highest
commons-codec-1.15.jarDescription:
The Apache Commons Codec package contains simple encoder and decoders for
various formats such as Base64 and Hexadecimal. In addition to these
widely used encoders and decoders, the codec package also maintains a
collection of phonetic encoding utilities.
License:
https://www.apache.org/licenses/LICENSE-2.0.txt File Path: /var/simplicite/.m2/repository/commons-codec/commons-codec/1.15/commons-codec-1.15.jar
MD5: 303baf002ce6d382198090aedd9d79a2
SHA1: 49d94806b6e3dc933dacbd8acb0fdbab8ebd1e5d
SHA256: b3e9f6d63a790109bf0d056611fbed1cf69055826defeb9894a71369d246ed63
Referenced In Project/Scope: Simplicite Platform:compile
commons-codec-1.15.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.simplicite/simplicite@5.2.54
Evidence Type Source Name Value Confidence Vendor file name commons-codec High Vendor jar package name apache Highest Vendor jar package name codec Highest Vendor jar package name commons Highest Vendor jar package name encoder Highest Vendor Manifest automatic-module-name org.apache.commons.codec Medium Vendor Manifest build-jdk-spec 1.8 Low Vendor Manifest bundle-docurl https://commons.apache.org/proper/commons-codec/ Low Vendor Manifest bundle-symbolicname org.apache.commons.commons-codec Medium Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor pom artifactid commons-codec Highest Vendor pom artifactid commons-codec Low Vendor pom developer email bayard@apache.org Low Vendor pom developer email chtompki@apache.org Low Vendor pom developer email dgraham@apache.org Low Vendor pom developer email dlr@finemaltcoding.com Low Vendor pom developer email ggregory@apache.org Low Vendor pom developer email jon@collab.net Low Vendor pom developer email julius@apache.org Low Vendor pom developer email rwaldhoff@apache.org Low Vendor pom developer email sanders@totalsync.com Low Vendor pom developer email tn@apache.org Low Vendor pom developer email tobrien@apache.org Low Vendor pom developer id bayard Medium Vendor pom developer id chtompki Medium Vendor pom developer id dgraham Medium Vendor pom developer id dlr Medium Vendor pom developer id ggregory Medium Vendor pom developer id jon Medium Vendor pom developer id julius Medium Vendor pom developer id rwaldhoff Medium Vendor pom developer id sanders Medium Vendor pom developer id tn Medium Vendor pom developer id tobrien Medium Vendor pom developer name Daniel Rall Medium Vendor pom developer name David Graham Medium Vendor pom developer name Gary Gregory Medium Vendor pom developer name Henri Yandell Medium Vendor pom developer name Jon S. Stevens Medium Vendor pom developer name Julius Davies Medium Vendor pom developer name Rob Tompkins Medium Vendor pom developer name Rodney Waldhoff Medium Vendor pom developer name Scott Sanders Medium Vendor pom developer name Thomas Neidhart Medium Vendor pom developer name Tim OBrien Medium Vendor pom developer org URL http://juliusdavies.ca/ Medium Vendor pom groupid commons-codec Highest Vendor pom name Apache Commons Codec High Vendor pom parent-artifactid commons-parent Low Vendor pom parent-groupid org.apache.commons Medium Vendor pom url https://commons.apache.org/proper/commons-codec/ Highest Product file name commons-codec High Product jar package name apache Highest Product jar package name codec Highest Product jar package name commons Highest Product jar package name encoder Highest Product Manifest automatic-module-name org.apache.commons.codec Medium Product Manifest build-jdk-spec 1.8 Low Product Manifest bundle-docurl https://commons.apache.org/proper/commons-codec/ Low Product Manifest Bundle-Name Apache Commons Codec Medium Product Manifest bundle-symbolicname org.apache.commons.commons-codec Medium Product Manifest Implementation-Title Apache Commons Codec High Product Manifest specification-title Apache Commons Codec Medium Product pom artifactid commons-codec Highest Product pom developer email bayard@apache.org Low Product pom developer email chtompki@apache.org Low Product pom developer email dgraham@apache.org Low Product pom developer email dlr@finemaltcoding.com Low Product pom developer email ggregory@apache.org Low Product pom developer email jon@collab.net Low Product pom developer email julius@apache.org Low Product pom developer email rwaldhoff@apache.org Low Product pom developer email sanders@totalsync.com Low Product pom developer email tn@apache.org Low Product pom developer email tobrien@apache.org Low Product pom developer id bayard Low Product pom developer id chtompki Low Product pom developer id dgraham Low Product pom developer id dlr Low Product pom developer id ggregory Low Product pom developer id jon Low Product pom developer id julius Low Product pom developer id rwaldhoff Low Product pom developer id sanders Low Product pom developer id tn Low Product pom developer id tobrien Low Product pom developer name Daniel Rall Low Product pom developer name David Graham Low Product pom developer name Gary Gregory Low Product pom developer name Henri Yandell Low Product pom developer name Jon S. Stevens Low Product pom developer name Julius Davies Low Product pom developer name Rob Tompkins Low Product pom developer name Rodney Waldhoff Low Product pom developer name Scott Sanders Low Product pom developer name Thomas Neidhart Low Product pom developer name Tim OBrien Low Product pom developer org URL http://juliusdavies.ca/ Low Product pom groupid commons-codec Highest Product pom name Apache Commons Codec High Product pom parent-artifactid commons-parent Medium Product pom parent-groupid org.apache.commons Medium Product pom url https://commons.apache.org/proper/commons-codec/ Medium Version file version 1.15 High Version Manifest Implementation-Version 1.15 High Version pom parent-version 1.15 Low Version pom version 1.15 Highest
commons-collections-3.2.2.jarDescription:
Types that extend and augment the Java Collections Framework. License:
http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /var/simplicite/.m2/repository/commons-collections/commons-collections/3.2.2/commons-collections-3.2.2.jar
MD5: f54a8510f834a1a57166970bfc982e94
SHA1: 8ad72fe39fa8c91eaaf12aadb21e0c3661fe26d5
SHA256: eeeae917917144a68a741d4c0dff66aa5c5c5fd85593ff217bced3fc8ca783b8
Referenced In Project/Scope: Simplicite Platform:compile
commons-collections-3.2.2.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.simplicite/simplicite@5.2.54
Evidence Type Source Name Value Confidence Vendor file name commons-collections High Vendor jar package name apache Highest Vendor jar package name collections Highest Vendor jar package name commons Highest Vendor Manifest bundle-docurl http://commons.apache.org/collections/ Low Vendor Manifest bundle-symbolicname org.apache.commons.collections Medium Vendor Manifest implementation-build tags/COLLECTIONS_3_2_2_RC3@r1714131; 2015-11-13 00:09:45+0100 Low Vendor Manifest implementation-url http://commons.apache.org/collections/ Low Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor Manifest Implementation-Vendor-Id org.apache Medium Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor pom artifactid commons-collections Highest Vendor pom artifactid commons-collections Low Vendor pom developer id amamment Medium Vendor pom developer id bayard Medium Vendor pom developer id craigmcc Medium Vendor pom developer id geirm Medium Vendor pom developer id jcarman Medium Vendor pom developer id matth Medium Vendor pom developer id morgand Medium Vendor pom developer id psteitz Medium Vendor pom developer id rdonkin Medium Vendor pom developer id rwaldhoff Medium Vendor pom developer id scolebourne Medium Vendor pom developer name Arun M. Thomas Medium Vendor pom developer name Craig McClanahan Medium Vendor pom developer name Geir Magnusson Medium Vendor pom developer name Henri Yandell Medium Vendor pom developer name James Carman Medium Vendor pom developer name Matthew Hawthorne Medium Vendor pom developer name Morgan Delagrange Medium Vendor pom developer name Phil Steitz Medium Vendor pom developer name Robert Burrell Donkin Medium Vendor pom developer name Rodney Waldhoff Medium Vendor pom developer name Stephen Colebourne Medium Vendor pom groupid commons-collections Highest Vendor pom name Apache Commons Collections High Vendor pom parent-artifactid commons-parent Low Vendor pom parent-groupid org.apache.commons Medium Vendor pom url http://commons.apache.org/collections/ Highest Product file name commons-collections High Product jar package name apache Highest Product jar package name collections Highest Product jar package name commons Highest Product Manifest bundle-docurl http://commons.apache.org/collections/ Low Product Manifest Bundle-Name Apache Commons Collections Medium Product Manifest bundle-symbolicname org.apache.commons.collections Medium Product Manifest implementation-build tags/COLLECTIONS_3_2_2_RC3@r1714131; 2015-11-13 00:09:45+0100 Low Product Manifest Implementation-Title Apache Commons Collections High Product Manifest implementation-url http://commons.apache.org/collections/ Low Product Manifest specification-title Apache Commons Collections Medium Product pom artifactid commons-collections Highest Product pom developer id amamment Low Product pom developer id bayard Low Product pom developer id craigmcc Low Product pom developer id geirm Low Product pom developer id jcarman Low Product pom developer id matth Low Product pom developer id morgand Low Product pom developer id psteitz Low Product pom developer id rdonkin Low Product pom developer id rwaldhoff Low Product pom developer id scolebourne Low Product pom developer name Arun M. Thomas Low Product pom developer name Craig McClanahan Low Product pom developer name Geir Magnusson Low Product pom developer name Henri Yandell Low Product pom developer name James Carman Low Product pom developer name Matthew Hawthorne Low Product pom developer name Morgan Delagrange Low Product pom developer name Phil Steitz Low Product pom developer name Robert Burrell Donkin Low Product pom developer name Rodney Waldhoff Low Product pom developer name Stephen Colebourne Low Product pom groupid commons-collections Highest Product pom name Apache Commons Collections High Product pom parent-artifactid commons-parent Medium Product pom parent-groupid org.apache.commons Medium Product pom url http://commons.apache.org/collections/ Medium Version file version 3.2.2 High Version Manifest Bundle-Version 3.2.2 High Version Manifest Implementation-Version 3.2.2 High Version pom parent-version 3.2.2 Low Version pom version 3.2.2 Highest
commons-collections4-4.4.jarDescription:
The Apache Commons Collections package contains types that extend and augment the Java Collections Framework. License:
https://www.apache.org/licenses/LICENSE-2.0.txt File Path: /var/simplicite/.m2/repository/org/apache/commons/commons-collections4/4.4/commons-collections4-4.4.jar
MD5: 4a37023740719b391f10030362c86be6
SHA1: 62ebe7544cb7164d87e0637a2a6a2bdc981395e8
SHA256: 1df8b9430b5c8ed143d7815e403e33ef5371b2400aadbe9bda0883762e0846d1
Referenced In Project/Scope: Simplicite Platform:compile
commons-collections4-4.4.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.simplicite/simplicite@5.2.54
Evidence Type Source Name Value Confidence Vendor file name commons-collections4 High Vendor jar package name apache Highest Vendor jar package name collections4 Highest Vendor jar package name commons Highest Vendor Manifest automatic-module-name org.apache.commons.collections4 Medium Vendor Manifest bundle-docurl https://commons.apache.org/proper/commons-collections/ Low Vendor Manifest bundle-symbolicname org.apache.commons.commons-collections4 Medium Vendor Manifest implementation-url https://commons.apache.org/proper/commons-collections/ Low Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor Manifest Implementation-Vendor-Id org.apache.commons Medium Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor pom artifactid commons-collections4 Highest Vendor pom artifactid commons-collections4 Low Vendor pom developer id adriannistor Medium Vendor pom developer id amamment Medium Vendor pom developer id bayard Medium Vendor pom developer id chtompki Medium Vendor pom developer id craigmcc Medium Vendor pom developer id dlaha Medium Vendor pom developer id geirm Medium Vendor pom developer id ggregory Medium Vendor pom developer id jcarman Medium Vendor pom developer id luc Medium Vendor pom developer id matth Medium Vendor pom developer id mbenson Medium Vendor pom developer id morgand Medium Vendor pom developer id rdonkin Medium Vendor pom developer id rwaldhoff Medium Vendor pom developer id scolebourne Medium Vendor pom developer id tn Medium Vendor pom developer name Adrian Nistor Medium Vendor pom developer name Arun M. Thomas Medium Vendor pom developer name Craig McClanahan Medium Vendor pom developer name Dipanjan Laha Medium Vendor pom developer name Gary Gregory Medium Vendor pom developer name Geir Magnusson Medium Vendor pom developer name Henri Yandell Medium Vendor pom developer name James Carman Medium Vendor pom developer name Luc Maisonobe Medium Vendor pom developer name Matt Benson Medium Vendor pom developer name Matthew Hawthorne Medium Vendor pom developer name Morgan Delagrange Medium Vendor pom developer name Rob Tompkins Medium Vendor pom developer name Robert Burrell Donkin Medium Vendor pom developer name Rodney Waldhoff Medium Vendor pom developer name Stephen Colebourne Medium Vendor pom developer name Thomas Neidhart Medium Vendor pom groupid org.apache.commons Highest Vendor pom name Apache Commons Collections High Vendor pom parent-artifactid commons-parent Low Vendor pom url https://commons.apache.org/proper/commons-collections/ Highest Product file name commons-collections4 High Product jar package name apache Highest Product jar package name collections4 Highest Product jar package name commons Highest Product Manifest automatic-module-name org.apache.commons.collections4 Medium Product Manifest bundle-docurl https://commons.apache.org/proper/commons-collections/ Low Product Manifest Bundle-Name Apache Commons Collections Medium Product Manifest bundle-symbolicname org.apache.commons.commons-collections4 Medium Product Manifest Implementation-Title Apache Commons Collections High Product Manifest implementation-url https://commons.apache.org/proper/commons-collections/ Low Product Manifest specification-title Apache Commons Collections Medium Product pom artifactid commons-collections4 Highest Product pom developer id adriannistor Low Product pom developer id amamment Low Product pom developer id bayard Low Product pom developer id chtompki Low Product pom developer id craigmcc Low Product pom developer id dlaha Low Product pom developer id geirm Low Product pom developer id ggregory Low Product pom developer id jcarman Low Product pom developer id luc Low Product pom developer id matth Low Product pom developer id mbenson Low Product pom developer id morgand Low Product pom developer id rdonkin Low Product pom developer id rwaldhoff Low Product pom developer id scolebourne Low Product pom developer id tn Low Product pom developer name Adrian Nistor Low Product pom developer name Arun M. Thomas Low Product pom developer name Craig McClanahan Low Product pom developer name Dipanjan Laha Low Product pom developer name Gary Gregory Low Product pom developer name Geir Magnusson Low Product pom developer name Henri Yandell Low Product pom developer name James Carman Low Product pom developer name Luc Maisonobe Low Product pom developer name Matt Benson Low Product pom developer name Matthew Hawthorne Low Product pom developer name Morgan Delagrange Low Product pom developer name Rob Tompkins Low Product pom developer name Robert Burrell Donkin Low Product pom developer name Rodney Waldhoff Low Product pom developer name Stephen Colebourne Low Product pom developer name Thomas Neidhart Low Product pom groupid org.apache.commons Highest Product pom name Apache Commons Collections High Product pom parent-artifactid commons-parent Medium Product pom url https://commons.apache.org/proper/commons-collections/ Medium Version file version 4.4 High Version Manifest Implementation-Version 4.4 High Version pom parent-version 4.4 Low Version pom version 4.4 Highest
commons-compress-1.21.jarDescription:
Apache Commons Compress software defines an API for working with
compression and archive formats. These include: bzip2, gzip, pack200,
lzma, xz, Snappy, traditional Unix Compress, DEFLATE, DEFLATE64, LZ4,
Brotli, Zstandard and ar, cpio, jar, tar, zip, dump, 7z, arj.
License:
https://www.apache.org/licenses/LICENSE-2.0.txt File Path: /var/simplicite/.m2/repository/org/apache/commons/commons-compress/1.21/commons-compress-1.21.jar
MD5: 2a713d10331bc4e13459a3dc0463f16f
SHA1: 4ec95b60d4e86b5c95a0e919cb172a0af98011ef
SHA256: 6aecfd5459728a595601cfa07258d131972ffc39b492eb48bdd596577a2f244a
Referenced In Project/Scope: Simplicite Platform:compile
commons-compress-1.21.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.simplicite/simplicite@5.2.54
Evidence Type Source Name Value Confidence Vendor file name commons-compress High Vendor jar package name apache Highest Vendor jar package name commons Highest Vendor jar package name compress Highest Vendor Manifest automatic-module-name org.apache.commons.compress Medium Vendor Manifest build-jdk-spec 1.8 Low Vendor Manifest bundle-docurl https://commons.apache.org/proper/commons-compress/ Low Vendor Manifest bundle-symbolicname org.apache.commons.commons-compress Medium Vendor Manifest extension-name org.apache.commons.compress Medium Vendor Manifest implementation-build UNKNOWN@r60e3d9f6bef1e431f8738e881c051d706f81e6cf; 2021-07-09 16:56:00+0000 Low Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor Manifest Implementation-Vendor-Id org.apache Medium Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor pom artifactid commons-compress Highest Vendor pom artifactid commons-compress Low Vendor pom developer email bodewig at apache.org Low Vendor pom developer email chtompki at apache.org Low Vendor pom developer email damjan at apache.org Low Vendor pom developer email ebourg at apache.org Low Vendor pom developer email ggregory at apache.org Low Vendor pom developer email grobmeier at apache.org Low Vendor pom developer email julius at apache.org Low Vendor pom developer email peterlee at apache.org Low Vendor pom developer email sebb at apache.org Low Vendor pom developer email tcurdt at apache.org Low Vendor pom developer id bodewig Medium Vendor pom developer id chtompki Medium Vendor pom developer id damjan Medium Vendor pom developer id ebourg Medium Vendor pom developer id ggregory Medium Vendor pom developer id grobmeier Medium Vendor pom developer id julius Medium Vendor pom developer id peterlee Medium Vendor pom developer id sebb Medium Vendor pom developer id tcurdt Medium Vendor pom developer name Christian Grobmeier Medium Vendor pom developer name Damjan Jovanovic Medium Vendor pom developer name Emmanuel Bourg Medium Vendor pom developer name Gary Gregory Medium Vendor pom developer name Julius Davies Medium Vendor pom developer name Peter Alfred Lee Medium Vendor pom developer name Rob Tompkins Medium Vendor pom developer name Sebastian Bazley Medium Vendor pom developer name Stefan Bodewig Medium Vendor pom developer name Torsten Curdt Medium Vendor pom developer org The Apache Software Foundation Medium Vendor pom developer org URL https://www.apache.org/ Medium Vendor pom groupid org.apache.commons Highest Vendor pom name Apache Commons Compress High Vendor pom parent-artifactid commons-parent Low Vendor pom url https://commons.apache.org/proper/commons-compress/ Highest Product file name commons-compress High Product jar package name apache Highest Product jar package name commons Highest Product jar package name compress Highest Product Manifest automatic-module-name org.apache.commons.compress Medium Product Manifest build-jdk-spec 1.8 Low Product Manifest bundle-docurl https://commons.apache.org/proper/commons-compress/ Low Product Manifest Bundle-Name Apache Commons Compress Medium Product Manifest bundle-symbolicname org.apache.commons.commons-compress Medium Product Manifest extension-name org.apache.commons.compress Medium Product Manifest implementation-build UNKNOWN@r60e3d9f6bef1e431f8738e881c051d706f81e6cf; 2021-07-09 16:56:00+0000 Low Product Manifest Implementation-Title Apache Commons Compress High Product Manifest specification-title Apache Commons Compress Medium Product pom artifactid commons-compress Highest Product pom developer email bodewig at apache.org Low Product pom developer email chtompki at apache.org Low Product pom developer email damjan at apache.org Low Product pom developer email ebourg at apache.org Low Product pom developer email ggregory at apache.org Low Product pom developer email grobmeier at apache.org Low Product pom developer email julius at apache.org Low Product pom developer email peterlee at apache.org Low Product pom developer email sebb at apache.org Low Product pom developer email tcurdt at apache.org Low Product pom developer id bodewig Low Product pom developer id chtompki Low Product pom developer id damjan Low Product pom developer id ebourg Low Product pom developer id ggregory Low Product pom developer id grobmeier Low Product pom developer id julius Low Product pom developer id peterlee Low Product pom developer id sebb Low Product pom developer id tcurdt Low Product pom developer name Christian Grobmeier Low Product pom developer name Damjan Jovanovic Low Product pom developer name Emmanuel Bourg Low Product pom developer name Gary Gregory Low Product pom developer name Julius Davies Low Product pom developer name Peter Alfred Lee Low Product pom developer name Rob Tompkins Low Product pom developer name Sebastian Bazley Low Product pom developer name Stefan Bodewig Low Product pom developer name Torsten Curdt Low Product pom developer org The Apache Software Foundation Low Product pom developer org URL https://www.apache.org/ Low Product pom groupid org.apache.commons Highest Product pom name Apache Commons Compress High Product pom parent-artifactid commons-parent Medium Product pom url https://commons.apache.org/proper/commons-compress/ Medium Version file version 1.21 High Version Manifest Implementation-Version 1.21 High Version pom parent-version 1.21 Low Version pom version 1.21 Highest
CVE-2024-25710 suppress
Loop with Unreachable Exit Condition ('Infinite Loop') vulnerability in Apache Commons Compress.This issue affects Apache Commons Compress: from 1.3 through 1.25.0.
Users are recommended to upgrade to version 1.26.0 which fixes the issue.
CWE-835 Loop with Unreachable Exit Condition ('Infinite Loop')
CVSSv3:
Base Score: MEDIUM (5.5) Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H References:
Vulnerable Software & Versions:
CVE-2024-26308 suppress
Allocation of Resources Without Limits or Throttling vulnerability in Apache Commons Compress.This issue affects Apache Commons Compress: from 1.21 before 1.26.
Users are recommended to upgrade to version 1.26, which fixes the issue.
CWE-770 Allocation of Resources Without Limits or Throttling
CVSSv3:
Base Score: MEDIUM (5.5) Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H References:
Vulnerable Software & Versions:
commons-csv-1.9.0.jarDescription:
The Apache Commons CSV library provides a simple interface for reading and writing CSV files of various types. License:
https://www.apache.org/licenses/LICENSE-2.0.txt File Path: /var/simplicite/.m2/repository/org/apache/commons/commons-csv/1.9.0/commons-csv-1.9.0.jar
MD5: 75559edcb39c783299289690c5a45816
SHA1: b59d8f64cd0b83ee1c04ff1748de2504457018c1
SHA256: c418d6aab4db4f1f70983d355de8d7c1e755c754820a92294da2e5f5081022cc
Referenced In Project/Scope: Simplicite Platform:compile
commons-csv-1.9.0.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.simplicite/simplicite@5.2.54
Evidence Type Source Name Value Confidence Vendor file name commons-csv High Vendor jar package name apache Highest Vendor jar package name commons Highest Vendor jar package name csv Highest Vendor Manifest build-jdk-spec 1.8 Low Vendor Manifest bundle-docurl https://commons.apache.org/proper/commons-csv/ Low Vendor Manifest bundle-symbolicname org.apache.commons.commons-csv Medium Vendor Manifest implementation-build release@r8e25a2b30cae841101540c26ff21b79c51ad3eff; 2021-07-24 15:40:36+0000 Low Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor Manifest Implementation-Vendor-Id org.apache Medium Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor pom artifactid commons-csv Highest Vendor pom artifactid commons-csv Low Vendor pom developer email bayard@apache.org Low Vendor pom developer email britter@apache.org Low Vendor pom developer email chtompki@apache.org Low Vendor pom developer email ebourg@apache.org Low Vendor pom developer email ggregory at apache.org Low Vendor pom developer email mvdb@apache.org Low Vendor pom developer email yonik@apache.org Low Vendor pom developer id bayard Medium Vendor pom developer id britter Medium Vendor pom developer id chtompki Medium Vendor pom developer id ebourg Medium Vendor pom developer id ggregory Medium Vendor pom developer id mvdb Medium Vendor pom developer id yonik Medium Vendor pom developer name Benedikt Ritter Medium Vendor pom developer name Emmanuel Bourg Medium Vendor pom developer name Gary Gregory Medium Vendor pom developer name Henri Yandell Medium Vendor pom developer name Martin van den Bemt Medium Vendor pom developer name Rob Tompkins Medium Vendor pom developer name Yonik Seeley Medium Vendor pom developer org Apache Medium Vendor pom developer org The Apache Software Foundation Medium Vendor pom developer org URL https://www.apache.org/ Medium Vendor pom groupid org.apache.commons Highest Vendor pom name Apache Commons CSV High Vendor pom parent-artifactid commons-parent Low Vendor pom url https://commons.apache.org/proper/commons-csv/ Highest Product file name commons-csv High Product jar package name apache Highest Product jar package name commons Highest Product jar package name csv Highest Product Manifest build-jdk-spec 1.8 Low Product Manifest bundle-docurl https://commons.apache.org/proper/commons-csv/ Low Product Manifest Bundle-Name Apache Commons CSV Medium Product Manifest bundle-symbolicname org.apache.commons.commons-csv Medium Product Manifest implementation-build release@r8e25a2b30cae841101540c26ff21b79c51ad3eff; 2021-07-24 15:40:36+0000 Low Product Manifest Implementation-Title Apache Commons CSV High Product Manifest specification-title Apache Commons CSV Medium Product pom artifactid commons-csv Highest Product pom developer email bayard@apache.org Low Product pom developer email britter@apache.org Low Product pom developer email chtompki@apache.org Low Product pom developer email ebourg@apache.org Low Product pom developer email ggregory at apache.org Low Product pom developer email mvdb@apache.org Low Product pom developer email yonik@apache.org Low Product pom developer id bayard Low Product pom developer id britter Low Product pom developer id chtompki Low Product pom developer id ebourg Low Product pom developer id ggregory Low Product pom developer id mvdb Low Product pom developer id yonik Low Product pom developer name Benedikt Ritter Low Product pom developer name Emmanuel Bourg Low Product pom developer name Gary Gregory Low Product pom developer name Henri Yandell Low Product pom developer name Martin van den Bemt Low Product pom developer name Rob Tompkins Low Product pom developer name Yonik Seeley Low Product pom developer org Apache Low Product pom developer org The Apache Software Foundation Low Product pom developer org URL https://www.apache.org/ Low Product pom groupid org.apache.commons Highest Product pom name Apache Commons CSV High Product pom parent-artifactid commons-parent Medium Product pom url https://commons.apache.org/proper/commons-csv/ Medium Version file version 1.9.0 High Version Manifest Bundle-Version 1.9.0 High Version Manifest Implementation-Version 1.9.0 High Version pom parent-version 1.9.0 Low Version pom version 1.9.0 Highest
commons-digester-2.1.jarDescription:
The Digester package lets you configure an XML to Java object mapping module
which triggers certain actions called rules whenever a particular
pattern of nested XML elements is recognized.
License:
http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /var/simplicite/.m2/repository/commons-digester/commons-digester/2.1/commons-digester-2.1.jar
MD5: 528445033f22da28f5047b6abcd1c7c9
SHA1: 73a8001e7a54a255eef0f03521ec1805dc738ca0
SHA256: e0b2b980a84fc6533c5ce291f1917b32c507f62bcad64198fff44368c2196a3d
Referenced In Project/Scope: Simplicite Platform:compile
commons-digester-2.1.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/commons-validator/commons-validator@1.7
Evidence Type Source Name Value Confidence Vendor file name commons-digester High Vendor jar package name apache Highest Vendor jar package name commons Highest Vendor jar package name digester Highest Vendor jar package name rules Highest Vendor Manifest bundle-docurl http://commons.apache.org/digester/ Low Vendor Manifest bundle-symbolicname org.apache.commons.digester Medium Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor Manifest Implementation-Vendor-Id org.apache Medium Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor pom artifactid commons-digester Highest Vendor pom artifactid commons-digester Low Vendor pom developer email craigmcc@apache.org Low Vendor pom developer email jfarcand@apache.org Low Vendor pom developer email jstrachan@apache.org Low Vendor pom developer email jvanzyl@apache.org Low Vendor pom developer email rahul AT apache DOT org Low Vendor pom developer email rdonkin@apache.org Low Vendor pom developer email sanders@totalsync.com Low Vendor pom developer email simonetripodi AT apache DOT org Low Vendor pom developer email skitching@apache.org Low Vendor pom developer email tobrien@apache.org Low Vendor pom developer id craigmcc Medium Vendor pom developer id jfarcand Medium Vendor pom developer id jstrachan Medium Vendor pom developer id jvanzyl Medium Vendor pom developer id rahul Medium Vendor pom developer id rdonkin Medium Vendor pom developer id sanders Medium Vendor pom developer id simonetripodi Medium Vendor pom developer id skitching Medium Vendor pom developer id tobrien Medium Vendor pom developer name Craig McClanahan Medium Vendor pom developer name James Strachan Medium Vendor pom developer name Jason van Zyl Medium Vendor pom developer name Jean-Francois Arcand Medium Vendor pom developer name Rahul Akolkar Medium Vendor pom developer name Robert Burrell Donkin Medium Vendor pom developer name Scott Sanders Medium Vendor pom developer name Simon Kitching Medium Vendor pom developer name Simone Tripodi Medium Vendor pom developer name Tim OBrien Medium Vendor pom groupid commons-digester Highest Vendor pom name Commons Digester High Vendor pom parent-artifactid commons-parent Low Vendor pom parent-groupid org.apache.commons Medium Vendor pom url http://commons.apache.org/digester/ Highest Product file name commons-digester High Product jar package name apache Highest Product jar package name commons Highest Product jar package name digester Highest Product jar package name rules Highest Product Manifest bundle-docurl http://commons.apache.org/digester/ Low Product Manifest Bundle-Name Commons Digester Medium Product Manifest bundle-symbolicname org.apache.commons.digester Medium Product Manifest Implementation-Title Commons Digester High Product Manifest specification-title Commons Digester Medium Product pom artifactid commons-digester Highest Product pom developer email craigmcc@apache.org Low Product pom developer email jfarcand@apache.org Low Product pom developer email jstrachan@apache.org Low Product pom developer email jvanzyl@apache.org Low Product pom developer email rahul AT apache DOT org Low Product pom developer email rdonkin@apache.org Low Product pom developer email sanders@totalsync.com Low Product pom developer email simonetripodi AT apache DOT org Low Product pom developer email skitching@apache.org Low Product pom developer email tobrien@apache.org Low Product pom developer id craigmcc Low Product pom developer id jfarcand Low Product pom developer id jstrachan Low Product pom developer id jvanzyl Low Product pom developer id rahul Low Product pom developer id rdonkin Low Product pom developer id sanders Low Product pom developer id simonetripodi Low Product pom developer id skitching Low Product pom developer id tobrien Low Product pom developer name Craig McClanahan Low Product pom developer name James Strachan Low Product pom developer name Jason van Zyl Low Product pom developer name Jean-Francois Arcand Low Product pom developer name Rahul Akolkar Low Product pom developer name Robert Burrell Donkin Low Product pom developer name Scott Sanders Low Product pom developer name Simon Kitching Low Product pom developer name Simone Tripodi Low Product pom developer name Tim OBrien Low Product pom groupid commons-digester Highest Product pom name Commons Digester High Product pom parent-artifactid commons-parent Medium Product pom parent-groupid org.apache.commons Medium Product pom url http://commons.apache.org/digester/ Medium Version file version 2.1 High Version Manifest Bundle-Version 2.1 High Version Manifest Implementation-Version 2.1 High Version pom parent-version 2.1 Low Version pom version 2.1 Highest
commons-discovery-0.5.jarDescription:
The Apache Commons Discovery component is about discovering, or finding,
implementations for pluggable interfaces. License:
http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /var/simplicite/.m2/repository/commons-discovery/commons-discovery/0.5/commons-discovery-0.5.jar
MD5: b35120680c3a22cec7a037fce196cd97
SHA1: 3a8ac816bbe02d2f88523ef22cbf2c4abd71d6a8
SHA256: e5b7d58ae62e5b309d5c0ffa5a5b1d9d1e0f0c4c3cc18d1fe3103fd29f90149d
Referenced In Project/Scope: Simplicite Platform:compile
commons-discovery-0.5.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.simplicite/simplicite@5.2.54
Evidence Type Source Name Value Confidence Vendor file name commons-discovery High Vendor jar package name apache Highest Vendor jar package name commons Highest Vendor jar package name discovery Highest Vendor Manifest bundle-docurl http://commons.apache.org/discovery/ Low Vendor Manifest bundle-symbolicname org.apache.commons.discovery Medium Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor Manifest Implementation-Vendor-Id org.apache Medium Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor pom artifactid commons-discovery Highest Vendor pom artifactid commons-discovery Low Vendor pom developer email dims@apache.org Low Vendor pom developer email jstrachan@apache.org Low Vendor pom developer email matth@apache.org Low Vendor pom developer email rdonkin@apache.org Low Vendor pom developer email rwinston@eircom.net Low Vendor pom developer email simonetripodi@apache.org Low Vendor pom developer id costin Medium Vendor pom developer id craigmcc Medium Vendor pom developer id dims Medium Vendor pom developer id jstrachan Medium Vendor pom developer id matth Medium Vendor pom developer id rdonkin Medium Vendor pom developer id rsitze Medium Vendor pom developer id rwinston Medium Vendor pom developer id simonetripodi Medium Vendor pom developer name Costin Manolache Medium Vendor pom developer name Craig R. McClanahan Medium Vendor pom developer name Davanum Srinivas Medium Vendor pom developer name James Strachan Medium Vendor pom developer name Matthew Hawthorne Medium Vendor pom developer name Richard Sitze Medium Vendor pom developer name Robert Burrell Donkin Medium Vendor pom developer name Rory Winston Medium Vendor pom developer name Simone Tripodi Medium Vendor pom developer org SpiritSoft, Inc. Medium Vendor pom groupid commons-discovery Highest Vendor pom name Commons Discovery High Vendor pom parent-artifactid commons-parent Low Vendor pom parent-groupid org.apache.commons Medium Vendor pom url http://commons.apache.org/discovery/ Highest Product file name commons-discovery High Product jar package name apache Highest Product jar package name commons Highest Product jar package name discovery Highest Product Manifest bundle-docurl http://commons.apache.org/discovery/ Low Product Manifest Bundle-Name Commons Discovery Medium Product Manifest bundle-symbolicname org.apache.commons.discovery Medium Product Manifest Implementation-Title Commons Discovery High Product Manifest specification-title Commons Discovery Medium Product pom artifactid commons-discovery Highest Product pom developer email dims@apache.org Low Product pom developer email jstrachan@apache.org Low Product pom developer email matth@apache.org Low Product pom developer email rdonkin@apache.org Low Product pom developer email rwinston@eircom.net Low Product pom developer email simonetripodi@apache.org Low Product pom developer id costin Low Product pom developer id craigmcc Low Product pom developer id dims Low Product pom developer id jstrachan Low Product pom developer id matth Low Product pom developer id rdonkin Low Product pom developer id rsitze Low Product pom developer id rwinston Low Product pom developer id simonetripodi Low Product pom developer name Costin Manolache Low Product pom developer name Craig R. McClanahan Low Product pom developer name Davanum Srinivas Low Product pom developer name James Strachan Low Product pom developer name Matthew Hawthorne Low Product pom developer name Richard Sitze Low Product pom developer name Robert Burrell Donkin Low Product pom developer name Rory Winston Low Product pom developer name Simone Tripodi Low Product pom developer org SpiritSoft, Inc. Low Product pom groupid commons-discovery Highest Product pom name Commons Discovery High Product pom parent-artifactid commons-parent Medium Product pom parent-groupid org.apache.commons Medium Product pom url http://commons.apache.org/discovery/ Medium Version file version 0.5 High Version Manifest Bundle-Version 0.5 High Version Manifest Implementation-Version 0.5 High Version pom parent-version 0.5 Low Version pom version 0.5 Highest
CVE-2022-0869 suppress
Multiple Open Redirect in GitHub repository nitely/spirit prior to 0.12.3. CWE-601 URL Redirection to Untrusted Site ('Open Redirect')
CVSSv2:
Base Score: MEDIUM (5.8) Vector: /AV:N/AC:M/Au:N/C:P/I:P/A:N CVSSv3:
Base Score: MEDIUM (6.1) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N References:
Vulnerable Software & Versions:
commons-email-1.5.jarDescription:
Apache Commons Email aims to provide an API for sending email. It is built on top of
the JavaMail API, which it aims to simplify.
License:
http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /var/simplicite/.m2/repository/org/apache/commons/commons-email/1.5/commons-email-1.5.jar
MD5: e72657496d31f152aa26d4122e0850d9
SHA1: e8e677c6362eba14ff3c476ba63ccb83132dbd52
SHA256: ee8479906abb2c355a46a0a9845cfa1803bcc3c520a34baea4a6cf4e1f0f0cc1
Referenced In Project/Scope: Simplicite Platform:compile
commons-email-1.5.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.simplicite/simplicite@5.2.54
Evidence Type Source Name Value Confidence Vendor file name commons-email High Vendor jar package name apache Highest Vendor jar package name commons Highest Vendor jar package name email Highest Vendor Manifest bundle-docurl http://commons.apache.org/proper/commons-email/ Low Vendor Manifest bundle-symbolicname org.apache.commons.email Medium Vendor Manifest implementation-build trunk@r1803365; 2017-07-29 15:56:23+0200 Low Vendor Manifest implementation-url http://commons.apache.org/proper/commons-email/ Low Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor Manifest Implementation-Vendor-Id org.apache Medium Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor pom artifactid commons-email Highest Vendor pom artifactid commons-email Low Vendor pom developer email bspeakmon@apache.org Low Vendor pom developer email dion@apache.org Low Vendor pom developer email dlr@finemaltcoding.com Low Vendor pom developer email epugh@opensourceconnections.com Low Vendor pom developer email ggregory@apache.org Low Vendor pom developer email hps@intermeta.de Low Vendor pom developer email jason@zenplex.com Low Vendor pom developer email jmcnally@collab.net Low Vendor pom developer email Joe@Germuska.com Low Vendor pom developer email jon@latchkey.com Low Vendor pom developer email quintonm@bellsouth.net Low Vendor pom developer email rdonkin@apache.org Low Vendor pom developer email sgoeschl@apache.org Low Vendor pom developer email tn@apache.org Low Vendor pom developer id bspeakmon Medium Vendor pom developer id dion Medium Vendor pom developer id dlr Medium Vendor pom developer id epugh Medium Vendor pom developer id germuska Medium Vendor pom developer id ggregory Medium Vendor pom developer id henning Medium Vendor pom developer id jmcnally Medium Vendor pom developer id jon Medium Vendor pom developer id jvanzyl Medium Vendor pom developer id quintonm Medium Vendor pom developer id rdonkin Medium Vendor pom developer id scolebourne Medium Vendor pom developer id sgoeschl Medium Vendor pom developer id tn Medium Vendor pom developer name Ben Speakmon Medium Vendor pom developer name Daniel Rall Medium Vendor pom developer name dIon Gillard Medium Vendor pom developer name Eric Pugh Medium Vendor pom developer name Gary Gregory Medium Vendor pom developer name Henning P. Schmiedehausen Medium Vendor pom developer name Jason van Zyl Medium Vendor pom developer name Joe Germuska Medium Vendor pom developer name John McNally Medium Vendor pom developer name Jon Scott Stevens Medium Vendor pom developer name Quinton McCombs Medium Vendor pom developer name Robert Burrell Donkin Medium Vendor pom developer name Siegfried Goeschl Medium Vendor pom developer name Stephen Colebourne Medium Vendor pom developer name Thomas Neidhart Medium Vendor pom developer org CollabNet, Inc. Medium Vendor pom developer org INTERMETA - Gesellschaft fuer Mehrwertdienste mbH Medium Vendor pom developer org NequalsOne, LLC. Medium Vendor pom developer org OpenSource Connections Medium Vendor pom developer org The Apache Software Foundation Medium Vendor pom developer org Zenplex Medium Vendor pom groupid org.apache.commons Highest Vendor pom name Apache Commons Email High Vendor pom parent-artifactid commons-parent Low Vendor pom url http://commons.apache.org/proper/commons-email/ Highest Product file name commons-email High Product jar package name apache Highest Product jar package name commons Highest Product jar package name email Highest Product Manifest bundle-docurl http://commons.apache.org/proper/commons-email/ Low Product Manifest Bundle-Name Apache Commons Email Medium Product Manifest bundle-symbolicname org.apache.commons.email Medium Product Manifest implementation-build trunk@r1803365; 2017-07-29 15:56:23+0200 Low Product Manifest Implementation-Title Apache Commons Email High Product Manifest implementation-url http://commons.apache.org/proper/commons-email/ Low Product Manifest specification-title Apache Commons Email Medium Product pom artifactid commons-email Highest Product pom developer email bspeakmon@apache.org Low Product pom developer email dion@apache.org Low Product pom developer email dlr@finemaltcoding.com Low Product pom developer email epugh@opensourceconnections.com Low Product pom developer email ggregory@apache.org Low Product pom developer email hps@intermeta.de Low Product pom developer email jason@zenplex.com Low Product pom developer email jmcnally@collab.net Low Product pom developer email Joe@Germuska.com Low Product pom developer email jon@latchkey.com Low Product pom developer email quintonm@bellsouth.net Low Product pom developer email rdonkin@apache.org Low Product pom developer email sgoeschl@apache.org Low Product pom developer email tn@apache.org Low Product pom developer id bspeakmon Low Product pom developer id dion Low Product pom developer id dlr Low Product pom developer id epugh Low Product pom developer id germuska Low Product pom developer id ggregory Low Product pom developer id henning Low Product pom developer id jmcnally Low Product pom developer id jon Low Product pom developer id jvanzyl Low Product pom developer id quintonm Low Product pom developer id rdonkin Low Product pom developer id scolebourne Low Product pom developer id sgoeschl Low Product pom developer id tn Low Product pom developer name Ben Speakmon Low Product pom developer name Daniel Rall Low Product pom developer name dIon Gillard Low Product pom developer name Eric Pugh Low Product pom developer name Gary Gregory Low Product pom developer name Henning P. Schmiedehausen Low Product pom developer name Jason van Zyl Low Product pom developer name Joe Germuska Low Product pom developer name John McNally Low Product pom developer name Jon Scott Stevens Low Product pom developer name Quinton McCombs Low Product pom developer name Robert Burrell Donkin Low Product pom developer name Siegfried Goeschl Low Product pom developer name Stephen Colebourne Low Product pom developer name Thomas Neidhart Low Product pom developer org CollabNet, Inc. Low Product pom developer org INTERMETA - Gesellschaft fuer Mehrwertdienste mbH Low Product pom developer org NequalsOne, LLC. Low Product pom developer org OpenSource Connections Low Product pom developer org The Apache Software Foundation Low Product pom developer org Zenplex Low Product pom groupid org.apache.commons Highest Product pom name Apache Commons Email High Product pom parent-artifactid commons-parent Medium Product pom url http://commons.apache.org/proper/commons-email/ Medium Version file version 1.5 High Version Manifest Implementation-Version 1.5 High Version pom parent-version 1.5 Low Version pom version 1.5 Highest
commons-exec-1.3.jarDescription:
Apache Commons Exec is a library to reliably execute external processes from within the JVM. License:
http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /var/simplicite/.m2/repository/org/apache/commons/commons-exec/1.3/commons-exec-1.3.jar
MD5: 8bb8fa2edfd60d5c7ed6bf9923d14aa8
SHA1: 8dfb9facd0830a27b1b5f29f84593f0aeee7773b
SHA256: cb49812dc1bfb0ea4f20f398bcae1a88c6406e213e67f7524fb10d4f8ad9347b
Referenced In Project/Scope: Simplicite Platform:compile
commons-exec-1.3.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.simplicite/simplicite@5.2.54
Evidence Type Source Name Value Confidence Vendor file name commons-exec High Vendor jar package name apache Highest Vendor jar package name commons Highest Vendor jar package name exec Highest Vendor Manifest bundle-docurl http://commons.apache.org/proper/commons-exec/ Low Vendor Manifest bundle-symbolicname org.apache.commons.exec Medium Vendor Manifest implementation-build trunk@r1636211; 2014-11-02 23:51:55+0000 Low Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor Manifest Implementation-Vendor-Id org.apache Medium Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor pom artifactid commons-exec Highest Vendor pom artifactid commons-exec Low Vendor pom developer email ggregory@apache.org Low Vendor pom developer id brett Medium Vendor pom developer id ggregory Medium Vendor pom developer id sebb Medium Vendor pom developer id sgoeschl Medium Vendor pom developer id trygvis Medium Vendor pom developer name Brett Porter Medium Vendor pom developer name Gary Gregory Medium Vendor pom developer name Sebastian Bazley Medium Vendor pom developer name Siegfried Goeschl Medium Vendor pom developer name Trygve Laugstøl Medium Vendor pom developer org Apache Medium Vendor pom groupid org.apache.commons Highest Vendor pom name Apache Commons Exec High Vendor pom parent-artifactid commons-parent Low Vendor pom url http://commons.apache.org/proper/commons-exec/ Highest Product file name commons-exec High Product jar package name apache Highest Product jar package name commons Highest Product jar package name exec Highest Product Manifest bundle-docurl http://commons.apache.org/proper/commons-exec/ Low Product Manifest Bundle-Name Apache Commons Exec Medium Product Manifest bundle-symbolicname org.apache.commons.exec Medium Product Manifest implementation-build trunk@r1636211; 2014-11-02 23:51:55+0000 Low Product Manifest Implementation-Title Apache Commons Exec High Product Manifest specification-title Apache Commons Exec Medium Product pom artifactid commons-exec Highest Product pom developer email ggregory@apache.org Low Product pom developer id brett Low Product pom developer id ggregory Low Product pom developer id sebb Low Product pom developer id sgoeschl Low Product pom developer id trygvis Low Product pom developer name Brett Porter Low Product pom developer name Gary Gregory Low Product pom developer name Sebastian Bazley Low Product pom developer name Siegfried Goeschl Low Product pom developer name Trygve Laugstøl Low Product pom developer org Apache Low Product pom groupid org.apache.commons Highest Product pom name Apache Commons Exec High Product pom parent-artifactid commons-parent Medium Product pom url http://commons.apache.org/proper/commons-exec/ Medium Version file version 1.3 High Version Manifest Implementation-Version 1.3 High Version pom parent-version 1.3 Low Version pom version 1.3 Highest
commons-fileupload-1.4.jarDescription:
The Apache Commons FileUpload component provides a simple yet flexible means of adding support for multipart
file upload functionality to servlets and web applications.
License:
https://www.apache.org/licenses/LICENSE-2.0.txt File Path: /var/simplicite/.m2/repository/commons-fileupload/commons-fileupload/1.4/commons-fileupload-1.4.jar
MD5: 0c3b924dcaaa90c3fb93fe04ae96a35e
SHA1: f95188e3d372e20e7328706c37ef366e5d7859b0
SHA256: a4ec02336f49253ea50405698b79232b8c5cbf02cb60df3a674d77a749a1def7
Referenced In Project/Scope: Simplicite Platform:compile
commons-fileupload-1.4.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.simplicite/simplicite@5.2.54
Evidence Type Source Name Value Confidence Vendor file name commons-fileupload High Vendor jar package name apache Highest Vendor jar package name commons Highest Vendor jar package name fileupload Highest Vendor Manifest bundle-docurl http://commons.apache.org/proper/commons-fileupload/ Low Vendor Manifest bundle-symbolicname org.apache.commons.commons-fileupload Medium Vendor Manifest implementation-build UNKNOWN@r047f31576411beee69cf75584ae76531cc9ac753; 2018-12-24 07:06:18+0000 Low Vendor Manifest implementation-url http://commons.apache.org/proper/commons-fileupload/ Low Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor Manifest Implementation-Vendor-Id org.apache Medium Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor pom artifactid commons-fileupload Highest Vendor pom artifactid commons-fileupload Low Vendor pom developer email chtompki@apache.org Low Vendor pom developer email dion@apache.org Low Vendor pom developer email dlr@finemaltcoding.com Low Vendor pom developer email ggregory@apache.org Low Vendor pom developer email jason@zenplex.com Low Vendor pom developer email jmcnally@collab.net Low Vendor pom developer email jochen.wiedmann@gmail.com Low Vendor pom developer email martinc@apache.org Low Vendor pom developer email rdonkin@apache.org Low Vendor pom developer email sean |at| seansullivan |dot| com Low Vendor pom developer email simonetripodi@apache.org Low Vendor pom developer id chtompki Medium Vendor pom developer id dion Medium Vendor pom developer id dlr Medium Vendor pom developer id ggregory Medium Vendor pom developer id jmcnally Medium Vendor pom developer id jochen Medium Vendor pom developer id jvanzyl Medium Vendor pom developer id martinc Medium Vendor pom developer id rdonkin Medium Vendor pom developer id simonetripodi Medium Vendor pom developer id sullis Medium Vendor pom developer name Daniel Rall Medium Vendor pom developer name dIon Gillard Medium Vendor pom developer name Gary Gregory Medium Vendor pom developer name Jason van Zyl Medium Vendor pom developer name Jochen Wiedmann Medium Vendor pom developer name John McNally Medium Vendor pom developer name Martin Cooper Medium Vendor pom developer name Rob Tompkins Medium Vendor pom developer name Robert Burrell Donkin Medium Vendor pom developer name Sean C. Sullivan Medium Vendor pom developer name Simone Tripodi Medium Vendor pom developer org Adobe Medium Vendor pom developer org CollabNet Medium Vendor pom developer org Multitask Consulting Medium Vendor pom developer org Yahoo! Medium Vendor pom developer org Zenplex Medium Vendor pom groupid commons-fileupload Highest Vendor pom name Apache Commons FileUpload High Vendor pom parent-artifactid commons-parent Low Vendor pom parent-groupid org.apache.commons Medium Vendor pom url http://commons.apache.org/proper/commons-fileupload/ Highest Product file name commons-fileupload High Product jar package name apache Highest Product jar package name commons Highest Product jar package name fileupload Highest Product Manifest bundle-docurl http://commons.apache.org/proper/commons-fileupload/ Low Product Manifest Bundle-Name Apache Commons FileUpload Medium Product Manifest bundle-symbolicname org.apache.commons.commons-fileupload Medium Product Manifest implementation-build UNKNOWN@r047f31576411beee69cf75584ae76531cc9ac753; 2018-12-24 07:06:18+0000 Low Product Manifest Implementation-Title Apache Commons FileUpload High Product Manifest implementation-url http://commons.apache.org/proper/commons-fileupload/ Low Product Manifest specification-title Apache Commons FileUpload Medium Product pom artifactid commons-fileupload Highest Product pom developer email chtompki@apache.org Low Product pom developer email dion@apache.org Low Product pom developer email dlr@finemaltcoding.com Low Product pom developer email ggregory@apache.org Low Product pom developer email jason@zenplex.com Low Product pom developer email jmcnally@collab.net Low Product pom developer email jochen.wiedmann@gmail.com Low Product pom developer email martinc@apache.org Low Product pom developer email rdonkin@apache.org Low Product pom developer email sean |at| seansullivan |dot| com Low Product pom developer email simonetripodi@apache.org Low Product pom developer id chtompki Low Product pom developer id dion Low Product pom developer id dlr Low Product pom developer id ggregory Low Product pom developer id jmcnally Low Product pom developer id jochen Low Product pom developer id jvanzyl Low Product pom developer id martinc Low Product pom developer id rdonkin Low Product pom developer id simonetripodi Low Product pom developer id sullis Low Product pom developer name Daniel Rall Low Product pom developer name dIon Gillard Low Product pom developer name Gary Gregory Low Product pom developer name Jason van Zyl Low Product pom developer name Jochen Wiedmann Low Product pom developer name John McNally Low Product pom developer name Martin Cooper Low Product pom developer name Rob Tompkins Low Product pom developer name Robert Burrell Donkin Low Product pom developer name Sean C. Sullivan Low Product pom developer name Simone Tripodi Low Product pom developer org Adobe Low Product pom developer org CollabNet Low Product pom developer org Multitask Consulting Low Product pom developer org Yahoo! Low Product pom developer org Zenplex Low Product pom groupid commons-fileupload Highest Product pom name Apache Commons FileUpload High Product pom parent-artifactid commons-parent Medium Product pom parent-groupid org.apache.commons Medium Product pom url http://commons.apache.org/proper/commons-fileupload/ Medium Version file version 1.4 High Version Manifest Implementation-Version 1.4 High Version pom parent-version 1.4 Low Version pom version 1.4 Highest
CVE-2023-24998 suppress
Apache Commons FileUpload before 1.5 does not limit the number of request parts to be processed resulting in the possibility of an attacker triggering a DoS with a malicious upload or series of uploads.
Note that, like all of the file upload limits, the
new configuration option (FileUploadBase#setFileCountMax) is not
enabled by default and must be explicitly configured.
CWE-770 Allocation of Resources Without Limits or Throttling
CVSSv3:
Base Score: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H References:
Vulnerable Software & Versions: (show all )
commons-imaging-1.0-alpha2.jarDescription:
Apache Commons Imaging (previously Sanselan) is a pure-Java image library. License:
https://www.apache.org/licenses/LICENSE-2.0.txt File Path: /var/simplicite/.m2/repository/org/apache/commons/commons-imaging/1.0-alpha2/commons-imaging-1.0-alpha2.jar
MD5: b1b9d002d76145c50fe3947d7b9724e2
SHA1: 838bd680e85e4611cdc0a81c81174bb87927e255
SHA256: 64d649007364d70dcab24a1f895646e6976f5e2b339ba73a4af20642d041666a
Referenced In Project/Scope: Simplicite Platform:compile
commons-imaging-1.0-alpha2.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.simplicite/simplicite@5.2.54
Evidence Type Source Name Value Confidence Vendor file name commons-imaging High Vendor jar package name apache Highest Vendor jar package name commons Highest Vendor jar package name imaging Highest Vendor Manifest automatic-module-name org.apache.commons.imaging Medium Vendor Manifest build-jdk-spec 1.8 Low Vendor Manifest bundle-docurl https://commons.apache.org/proper/commons-imaging/ Low Vendor Manifest bundle-symbolicname org.apache.commons.commons-imaging Medium Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor pom artifactid commons-imaging Highest Vendor pom artifactid commons-imaging Low Vendor pom developer id clr Medium Vendor pom developer id cmchen Medium Vendor pom developer id cziegeler Medium Vendor pom developer id damjan Medium Vendor pom developer id jeremias Medium Vendor pom developer id mbenson Medium Vendor pom developer id pkoch Medium Vendor pom developer id yoavs Medium Vendor pom developer name Carsten Ziegeler Medium Vendor pom developer name Charles M. Chen Medium Vendor pom developer name Craig Russell Medium Vendor pom developer name Damjan Jovanovic Medium Vendor pom developer name Jeremias Maerki Medium Vendor pom developer name Matt Benson Medium Vendor pom developer name Philipp Koch Medium Vendor pom developer name Yoav Shapira Medium Vendor pom groupid org.apache.commons Highest Vendor pom name Apache Commons Imaging High Vendor pom parent-artifactid commons-parent Low Vendor pom url https://commons.apache.org/proper/commons-imaging/ Highest Product file name commons-imaging High Product jar package name apache Highest Product jar package name commons Highest Product jar package name imaging Highest Product Manifest automatic-module-name org.apache.commons.imaging Medium Product Manifest build-jdk-spec 1.8 Low Product Manifest bundle-docurl https://commons.apache.org/proper/commons-imaging/ Low Product Manifest Bundle-Name Apache Commons Imaging Medium Product Manifest bundle-symbolicname org.apache.commons.commons-imaging Medium Product Manifest Implementation-Title Apache Commons Imaging High Product Manifest specification-title Apache Commons Imaging Medium Product pom artifactid commons-imaging Highest Product pom developer id clr Low Product pom developer id cmchen Low Product pom developer id cziegeler Low Product pom developer id damjan Low Product pom developer id jeremias Low Product pom developer id mbenson Low Product pom developer id pkoch Low Product pom developer id yoavs Low Product pom developer name Carsten Ziegeler Low Product pom developer name Charles M. Chen Low Product pom developer name Craig Russell Low Product pom developer name Damjan Jovanovic Low Product pom developer name Jeremias Maerki Low Product pom developer name Matt Benson Low Product pom developer name Philipp Koch Low Product pom developer name Yoav Shapira Low Product pom groupid org.apache.commons Highest Product pom name Apache Commons Imaging High Product pom parent-artifactid commons-parent Medium Product pom url https://commons.apache.org/proper/commons-imaging/ Medium Version Manifest Implementation-Version 1.0-alpha2 High Version pom parent-version 1.0-alpha2 Low Version pom version 1.0-alpha2 Highest
commons-io-2.11.0.jarDescription:
The Apache Commons IO library contains utility classes, stream implementations, file filters,
file comparators, endian transformation classes, and much more.
License:
https://www.apache.org/licenses/LICENSE-2.0.txt File Path: /var/simplicite/.m2/repository/commons-io/commons-io/2.11.0/commons-io-2.11.0.jar
MD5: 3b4b7ccfaeceeac240b804839ee1a1ca
SHA1: a2503f302b11ebde7ebc3df41daebe0e4eea3689
SHA256: 961b2f6d87dbacc5d54abf45ab7a6e2495f89b75598962d8c723cea9bc210908
Referenced In Project/Scope: Simplicite Platform:compile
commons-io-2.11.0.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.simplicite/simplicite@5.2.54
Evidence Type Source Name Value Confidence Vendor file name commons-io High Vendor jar package name apache Highest Vendor jar package name commons Highest Vendor jar package name file Highest Vendor jar package name io Highest Vendor Manifest automatic-module-name org.apache.commons.io Medium Vendor Manifest build-jdk-spec 1.8 Low Vendor Manifest bundle-docurl https://commons.apache.org/proper/commons-io/ Low Vendor Manifest bundle-symbolicname org.apache.commons.commons-io Medium Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor pom artifactid commons-io Highest Vendor pom artifactid commons-io Low Vendor pom developer email bayard@apache.org Low Vendor pom developer email dion@apache.org Low Vendor pom developer email ggregory at apache.org Low Vendor pom developer email jeremias@apache.org Low Vendor pom developer email jochen.wiedmann@gmail.com Low Vendor pom developer email krosenvold@apache.org Low Vendor pom developer email martinc@apache.org Low Vendor pom developer email matth@apache.org Low Vendor pom developer email nicolaken@apache.org Low Vendor pom developer email roxspring@apache.org Low Vendor pom developer email sanders@apache.org Low Vendor pom developer id bayard Medium Vendor pom developer id dion Medium Vendor pom developer id ggregory Medium Vendor pom developer id jeremias Medium Vendor pom developer id jochen Medium Vendor pom developer id jukka Medium Vendor pom developer id krosenvold Medium Vendor pom developer id martinc Medium Vendor pom developer id matth Medium Vendor pom developer id niallp Medium Vendor pom developer id nicolaken Medium Vendor pom developer id roxspring Medium Vendor pom developer id sanders Medium Vendor pom developer id scolebourne Medium Vendor pom developer name dIon Gillard Medium Vendor pom developer name Gary Gregory Medium Vendor pom developer name Henri Yandell Medium Vendor pom developer name Jeremias Maerki Medium Vendor pom developer name Jochen Wiedmann Medium Vendor pom developer name Jukka Zitting Medium Vendor pom developer name Kristian Rosenvold Medium Vendor pom developer name Martin Cooper Medium Vendor pom developer name Matthew Hawthorne Medium Vendor pom developer name Niall Pemberton Medium Vendor pom developer name Nicola Ken Barozzi Medium Vendor pom developer name Rob Oxspring Medium Vendor pom developer name Scott Sanders Medium Vendor pom developer name Stephen Colebourne Medium Vendor pom developer org The Apache Software Foundation Medium Vendor pom developer org URL https://www.apache.org/ Medium Vendor pom groupid commons-io Highest Vendor pom name Apache Commons IO High Vendor pom parent-artifactid commons-parent Low Vendor pom parent-groupid org.apache.commons Medium Vendor pom url https://commons.apache.org/proper/commons-io/ Highest Product file name commons-io High Product jar package name apache Highest Product jar package name commons Highest Product jar package name file Highest Product jar package name io Highest Product Manifest automatic-module-name org.apache.commons.io Medium Product Manifest build-jdk-spec 1.8 Low Product Manifest bundle-docurl https://commons.apache.org/proper/commons-io/ Low Product Manifest Bundle-Name Apache Commons IO Medium Product Manifest bundle-symbolicname org.apache.commons.commons-io Medium Product Manifest Implementation-Title Apache Commons IO High Product Manifest specification-title Apache Commons IO Medium Product pom artifactid commons-io Highest Product pom developer email bayard@apache.org Low Product pom developer email dion@apache.org Low Product pom developer email ggregory at apache.org Low Product pom developer email jeremias@apache.org Low Product pom developer email jochen.wiedmann@gmail.com Low Product pom developer email krosenvold@apache.org Low Product pom developer email martinc@apache.org Low Product pom developer email matth@apache.org Low Product pom developer email nicolaken@apache.org Low Product pom developer email roxspring@apache.org Low Product pom developer email sanders@apache.org Low Product pom developer id bayard Low Product pom developer id dion Low Product pom developer id ggregory Low Product pom developer id jeremias Low Product pom developer id jochen Low Product pom developer id jukka Low Product pom developer id krosenvold Low Product pom developer id martinc Low Product pom developer id matth Low Product pom developer id niallp Low Product pom developer id nicolaken Low Product pom developer id roxspring Low Product pom developer id sanders Low Product pom developer id scolebourne Low Product pom developer name dIon Gillard Low Product pom developer name Gary Gregory Low Product pom developer name Henri Yandell Low Product pom developer name Jeremias Maerki Low Product pom developer name Jochen Wiedmann Low Product pom developer name Jukka Zitting Low Product pom developer name Kristian Rosenvold Low Product pom developer name Martin Cooper Low Product pom developer name Matthew Hawthorne Low Product pom developer name Niall Pemberton Low Product pom developer name Nicola Ken Barozzi Low Product pom developer name Rob Oxspring Low Product pom developer name Scott Sanders Low Product pom developer name Stephen Colebourne Low Product pom developer org The Apache Software Foundation Low Product pom developer org URL https://www.apache.org/ Low Product pom groupid commons-io Highest Product pom name Apache Commons IO High Product pom parent-artifactid commons-parent Medium Product pom parent-groupid org.apache.commons Medium Product pom url https://commons.apache.org/proper/commons-io/ Medium Version file version 2.11.0 High Version Manifest Bundle-Version 2.11.0 High Version Manifest Implementation-Version 2.11.0 High Version pom parent-version 2.11.0 Low Version pom version 2.11.0 Highest
commons-lang-2.6.jarDescription:
Commons Lang, a package of Java utility classes for the
classes that are in java.lang's hierarchy, or are considered to be so
standard as to justify existence in java.lang.
License:
http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /var/simplicite/.m2/repository/commons-lang/commons-lang/2.6/commons-lang-2.6.jar
MD5: 4d5c1693079575b362edf41500630bbd
SHA1: 0ce1edb914c94ebc388f086c6827e8bdeec71ac2
SHA256: 50f11b09f877c294d56f24463f47d28f929cf5044f648661c0f0cfbae9a2f49c
Referenced In Project/Scope: Simplicite Platform:compile
commons-lang-2.6.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.simplicite/simplicite@5.2.54
Evidence Type Source Name Value Confidence Vendor file name commons-lang High Vendor jar package name apache Highest Vendor jar package name commons Highest Vendor jar package name lang Highest Vendor Manifest bundle-docurl http://commons.apache.org/lang/ Low Vendor Manifest bundle-symbolicname org.apache.commons.lang Medium Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor Manifest Implementation-Vendor-Id org.apache Medium Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor pom artifactid commons-lang Highest Vendor pom artifactid commons-lang Low Vendor pom developer email bayard@apache.org Low Vendor pom developer email dlr@finemaltcoding.com Low Vendor pom developer email ggregory@seagullsw.com Low Vendor pom developer email jcarman@apache.org Low Vendor pom developer email joerg.schaible@gmx.de Low Vendor pom developer email oheger@apache.org Low Vendor pom developer email pbenedict@apache.org Low Vendor pom developer email phil@steitz.com Low Vendor pom developer email rdonkin@apache.org Low Vendor pom developer email scolebourne@joda.org Low Vendor pom developer email stevencaswell@apache.org Low Vendor pom developer id bayard Medium Vendor pom developer id dlr Medium Vendor pom developer id fredrik Medium Vendor pom developer id ggregory Medium Vendor pom developer id jcarman Medium Vendor pom developer id joehni Medium Vendor pom developer id mbenson Medium Vendor pom developer id niallp Medium Vendor pom developer id oheger Medium Vendor pom developer id pbenedict Medium Vendor pom developer id psteitz Medium Vendor pom developer id rdonkin Medium Vendor pom developer id scaswell Medium Vendor pom developer id scolebourne Medium Vendor pom developer name Daniel Rall Medium Vendor pom developer name Fredrik Westermarck Medium Vendor pom developer name Gary D. Gregory Medium Vendor pom developer name Henri Yandell Medium Vendor pom developer name James Carman Medium Vendor pom developer name Joerg Schaible Medium Vendor pom developer name Matt Benson Medium Vendor pom developer name Niall Pemberton Medium Vendor pom developer name Oliver Heger Medium Vendor pom developer name Paul Benedict Medium Vendor pom developer name Phil Steitz Medium Vendor pom developer name Robert Burrell Donkin Medium Vendor pom developer name Stephen Colebourne Medium Vendor pom developer name Steven Caswell Medium Vendor pom developer org Carman Consulting, Inc. Medium Vendor pom developer org CollabNet, Inc. Medium Vendor pom developer org Seagull Software Medium Vendor pom developer org SITA ATS Ltd Medium Vendor pom groupid commons-lang Highest Vendor pom name Commons Lang High Vendor pom parent-artifactid commons-parent Low Vendor pom parent-groupid org.apache.commons Medium Vendor pom url http://commons.apache.org/lang/ Highest Product file name commons-lang High Product jar package name apache Highest Product jar package name commons Highest Product jar package name lang Highest Product Manifest bundle-docurl http://commons.apache.org/lang/ Low Product Manifest Bundle-Name Commons Lang Medium Product Manifest bundle-symbolicname org.apache.commons.lang Medium Product Manifest Implementation-Title Commons Lang High Product Manifest specification-title Commons Lang Medium Product pom artifactid commons-lang Highest Product pom developer email bayard@apache.org Low Product pom developer email dlr@finemaltcoding.com Low Product pom developer email ggregory@seagullsw.com Low Product pom developer email jcarman@apache.org Low Product pom developer email joerg.schaible@gmx.de Low Product pom developer email oheger@apache.org Low Product pom developer email pbenedict@apache.org Low Product pom developer email phil@steitz.com Low Product pom developer email rdonkin@apache.org Low Product pom developer email scolebourne@joda.org Low Product pom developer email stevencaswell@apache.org Low Product pom developer id bayard Low Product pom developer id dlr Low Product pom developer id fredrik Low Product pom developer id ggregory Low Product pom developer id jcarman Low Product pom developer id joehni Low Product pom developer id mbenson Low Product pom developer id niallp Low Product pom developer id oheger Low Product pom developer id pbenedict Low Product pom developer id psteitz Low Product pom developer id rdonkin Low Product pom developer id scaswell Low Product pom developer id scolebourne Low Product pom developer name Daniel Rall Low Product pom developer name Fredrik Westermarck Low Product pom developer name Gary D. Gregory Low Product pom developer name Henri Yandell Low Product pom developer name James Carman Low Product pom developer name Joerg Schaible Low Product pom developer name Matt Benson Low Product pom developer name Niall Pemberton Low Product pom developer name Oliver Heger Low Product pom developer name Paul Benedict Low Product pom developer name Phil Steitz Low Product pom developer name Robert Burrell Donkin Low Product pom developer name Stephen Colebourne Low Product pom developer name Steven Caswell Low Product pom developer org Carman Consulting, Inc. Low Product pom developer org CollabNet, Inc. Low Product pom developer org Seagull Software Low Product pom developer org SITA ATS Ltd Low Product pom groupid commons-lang Highest Product pom name Commons Lang High Product pom parent-artifactid commons-parent Medium Product pom parent-groupid org.apache.commons Medium Product pom url http://commons.apache.org/lang/ Medium Version file version 2.6 High Version Manifest Bundle-Version 2.6 High Version Manifest Implementation-Version 2.6 High Version pom parent-version 2.6 Low Version pom version 2.6 Highest
commons-lang3-3.12.0.jarDescription:
Apache Commons Lang, a package of Java utility classes for the
classes that are in java.lang's hierarchy, or are considered to be so
standard as to justify existence in java.lang.
License:
https://www.apache.org/licenses/LICENSE-2.0.txt File Path: /var/simplicite/.m2/repository/org/apache/commons/commons-lang3/3.12.0/commons-lang3-3.12.0.jar
MD5: 19fe50567358922bdad277959ea69545
SHA1: c6842c86792ff03b9f1d1fe2aab8dc23aa6c6f0e
SHA256: d919d904486c037f8d193412da0c92e22a9fa24230b9d67a57855c5c31c7e94e
Referenced In Project/Scope: Simplicite Platform:compile
commons-lang3-3.12.0.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.simplicite/simplicite@5.2.54
Evidence Type Source Name Value Confidence Vendor file name commons-lang3 High Vendor jar package name apache Highest Vendor jar package name commons Highest Vendor jar package name lang3 Highest Vendor Manifest automatic-module-name org.apache.commons.lang3 Medium Vendor Manifest build-jdk-spec 1.8 Low Vendor Manifest bundle-docurl https://commons.apache.org/proper/commons-lang/ Low Vendor Manifest bundle-symbolicname org.apache.commons.lang3 Medium Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor pom artifactid commons-lang3 Highest Vendor pom artifactid commons-lang3 Low Vendor pom developer email bayard@apache.org Low Vendor pom developer email britter@apache.org Low Vendor pom developer email chtompki@apache.org Low Vendor pom developer email djones@apache.org Low Vendor pom developer email dlr@finemaltcoding.com Low Vendor pom developer email ggregory@apache.org Low Vendor pom developer email jcarman@apache.org Low Vendor pom developer email joerg.schaible@gmx.de Low Vendor pom developer email lguibert@apache.org Low Vendor pom developer email oheger@apache.org Low Vendor pom developer email pbenedict@apache.org Low Vendor pom developer email rdonkin@apache.org Low Vendor pom developer email scolebourne@joda.org Low Vendor pom developer email stevencaswell@apache.org Low Vendor pom developer id bayard Medium Vendor pom developer id britter Medium Vendor pom developer id chtompki Medium Vendor pom developer id djones Medium Vendor pom developer id dlr Medium Vendor pom developer id fredrik Medium Vendor pom developer id ggregory Medium Vendor pom developer id jcarman Medium Vendor pom developer id joehni Medium Vendor pom developer id lguibert Medium Vendor pom developer id mbenson Medium Vendor pom developer id niallp Medium Vendor pom developer id oheger Medium Vendor pom developer id pbenedict Medium Vendor pom developer id rdonkin Medium Vendor pom developer id scaswell Medium Vendor pom developer id scolebourne Medium Vendor pom developer name Benedikt Ritter Medium Vendor pom developer name Daniel Rall Medium Vendor pom developer name Duncan Jones Medium Vendor pom developer name Fredrik Westermarck Medium Vendor pom developer name Gary D. Gregory Medium Vendor pom developer name Henri Yandell Medium Vendor pom developer name James Carman Medium Vendor pom developer name Joerg Schaible Medium Vendor pom developer name Loic Guibert Medium Vendor pom developer name Matt Benson Medium Vendor pom developer name Niall Pemberton Medium Vendor pom developer name Oliver Heger Medium Vendor pom developer name Paul Benedict Medium Vendor pom developer name Rob Tompkins Medium Vendor pom developer name Robert Burrell Donkin Medium Vendor pom developer name Stephen Colebourne Medium Vendor pom developer name Steven Caswell Medium Vendor pom developer org Carman Consulting, Inc. Medium Vendor pom developer org CollabNet, Inc. Medium Vendor pom developer org SITA ATS Ltd Medium Vendor pom groupid org.apache.commons Highest Vendor pom name Apache Commons Lang High Vendor pom parent-artifactid commons-parent Low Vendor pom url https://commons.apache.org/proper/commons-lang/ Highest Product file name commons-lang3 High Product jar package name apache Highest Product jar package name commons Highest Product jar package name lang3 Highest Product Manifest automatic-module-name org.apache.commons.lang3 Medium Product Manifest build-jdk-spec 1.8 Low Product Manifest bundle-docurl https://commons.apache.org/proper/commons-lang/ Low Product Manifest Bundle-Name Apache Commons Lang Medium Product Manifest bundle-symbolicname org.apache.commons.lang3 Medium Product Manifest Implementation-Title Apache Commons Lang High Product Manifest specification-title Apache Commons Lang Medium Product pom artifactid commons-lang3 Highest Product pom developer email bayard@apache.org Low Product pom developer email britter@apache.org Low Product pom developer email chtompki@apache.org Low Product pom developer email djones@apache.org Low Product pom developer email dlr@finemaltcoding.com Low Product pom developer email ggregory@apache.org Low Product pom developer email jcarman@apache.org Low Product pom developer email joerg.schaible@gmx.de Low Product pom developer email lguibert@apache.org Low Product pom developer email oheger@apache.org Low Product pom developer email pbenedict@apache.org Low Product pom developer email rdonkin@apache.org Low Product pom developer email scolebourne@joda.org Low Product pom developer email stevencaswell@apache.org Low Product pom developer id bayard Low Product pom developer id britter Low Product pom developer id chtompki Low Product pom developer id djones Low Product pom developer id dlr Low Product pom developer id fredrik Low Product pom developer id ggregory Low Product pom developer id jcarman Low Product pom developer id joehni Low Product pom developer id lguibert Low Product pom developer id mbenson Low Product pom developer id niallp Low Product pom developer id oheger Low Product pom developer id pbenedict Low Product pom developer id rdonkin Low Product pom developer id scaswell Low Product pom developer id scolebourne Low Product pom developer name Benedikt Ritter Low Product pom developer name Daniel Rall Low Product pom developer name Duncan Jones Low Product pom developer name Fredrik Westermarck Low Product pom developer name Gary D. Gregory Low Product pom developer name Henri Yandell Low Product pom developer name James Carman Low Product pom developer name Joerg Schaible Low Product pom developer name Loic Guibert Low Product pom developer name Matt Benson Low Product pom developer name Niall Pemberton Low Product pom developer name Oliver Heger Low Product pom developer name Paul Benedict Low Product pom developer name Rob Tompkins Low Product pom developer name Robert Burrell Donkin Low Product pom developer name Stephen Colebourne Low Product pom developer name Steven Caswell Low Product pom developer org Carman Consulting, Inc. Low Product pom developer org CollabNet, Inc. Low Product pom developer org SITA ATS Ltd Low Product pom groupid org.apache.commons Highest Product pom name Apache Commons Lang High Product pom parent-artifactid commons-parent Medium Product pom url https://commons.apache.org/proper/commons-lang/ Medium Version file version 3.12.0 High Version Manifest Bundle-Version 3.12.0 High Version Manifest Implementation-Version 3.12.0 High Version pom parent-version 3.12.0 Low Version pom version 3.12.0 Highest
commons-logging-1.2.jarDescription:
Apache Commons Logging is a thin adapter allowing configurable bridging to other,
well known logging systems. License:
http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /var/simplicite/.m2/repository/commons-logging/commons-logging/1.2/commons-logging-1.2.jar
MD5: 040b4b4d8eac886f6b4a2a3bd2f31b00
SHA1: 4bfc12adfe4842bf07b657f0369c4cb522955686
SHA256: daddea1ea0be0f56978ab3006b8ac92834afeefbd9b7e4e6316fca57df0fa636
Referenced In Project/Scope: Simplicite Platform:compile
commons-logging-1.2.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.simplicite/simplicite@5.2.54
Evidence Type Source Name Value Confidence Vendor file name commons-logging High Vendor jar package name apache Highest Vendor jar package name commons Highest Vendor jar package name logging Highest Vendor Manifest bundle-docurl http://commons.apache.org/proper/commons-logging/ Low Vendor Manifest bundle-symbolicname org.apache.commons.logging Medium Vendor Manifest implementation-build tags/LOGGING_1_2_RC2@r1608092; 2014-07-05 20:11:44+0200 Low Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor Manifest Implementation-Vendor-Id org.apache Medium Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor pom artifactid commons-logging Highest Vendor pom artifactid commons-logging Low Vendor pom developer email baliuka@apache.org Low Vendor pom developer email costin@apache.org Low Vendor pom developer email craigmcc@apache.org Low Vendor pom developer email dennisl@apache.org Low Vendor pom developer email donaldp@apache.org Low Vendor pom developer email morgand@apache.org Low Vendor pom developer email rdonkin@apache.org Low Vendor pom developer email rsitze@apache.org Low Vendor pom developer email rwaldhoff@apache.org Low Vendor pom developer email sanders@apache.org Low Vendor pom developer email skitching@apache.org Low Vendor pom developer email tn@apache.org Low Vendor pom developer id baliuka Medium Vendor pom developer id bstansberry Medium Vendor pom developer id costin Medium Vendor pom developer id craigmcc Medium Vendor pom developer id dennisl Medium Vendor pom developer id donaldp Medium Vendor pom developer id morgand Medium Vendor pom developer id rdonkin Medium Vendor pom developer id rsitze Medium Vendor pom developer id rwaldhoff Medium Vendor pom developer id sanders Medium Vendor pom developer id skitching Medium Vendor pom developer id tn Medium Vendor pom developer name Brian Stansberry Medium Vendor pom developer name Costin Manolache Medium Vendor pom developer name Craig McClanahan Medium Vendor pom developer name Dennis Lundberg Medium Vendor pom developer name Juozas Baliuka Medium Vendor pom developer name Morgan Delagrange Medium Vendor pom developer name Peter Donald Medium Vendor pom developer name Richard Sitze Medium Vendor pom developer name Robert Burrell Donkin Medium Vendor pom developer name Rodney Waldhoff Medium Vendor pom developer name Scott Sanders Medium Vendor pom developer name Simon Kitching Medium Vendor pom developer name Thomas Neidhart Medium Vendor pom developer org Apache Medium Vendor pom developer org The Apache Software Foundation Medium Vendor pom groupid commons-logging Highest Vendor pom name Apache Commons Logging High Vendor pom parent-artifactid commons-parent Low Vendor pom parent-groupid org.apache.commons Medium Vendor pom url http://commons.apache.org/proper/commons-logging/ Highest Product file name commons-logging High Product jar package name apache Highest Product jar package name commons Highest Product jar package name logging Highest Product Manifest bundle-docurl http://commons.apache.org/proper/commons-logging/ Low Product Manifest Bundle-Name Apache Commons Logging Medium Product Manifest bundle-symbolicname org.apache.commons.logging Medium Product Manifest implementation-build tags/LOGGING_1_2_RC2@r1608092; 2014-07-05 20:11:44+0200 Low Product Manifest Implementation-Title Apache Commons Logging High Product Manifest specification-title Apache Commons Logging Medium Product pom artifactid commons-logging Highest Product pom developer email baliuka@apache.org Low Product pom developer email costin@apache.org Low Product pom developer email craigmcc@apache.org Low Product pom developer email dennisl@apache.org Low Product pom developer email donaldp@apache.org Low Product pom developer email morgand@apache.org Low Product pom developer email rdonkin@apache.org Low Product pom developer email rsitze@apache.org Low Product pom developer email rwaldhoff@apache.org Low Product pom developer email sanders@apache.org Low Product pom developer email skitching@apache.org Low Product pom developer email tn@apache.org Low Product pom developer id baliuka Low Product pom developer id bstansberry Low Product pom developer id costin Low Product pom developer id craigmcc Low Product pom developer id dennisl Low Product pom developer id donaldp Low Product pom developer id morgand Low Product pom developer id rdonkin Low Product pom developer id rsitze Low Product pom developer id rwaldhoff Low Product pom developer id sanders Low Product pom developer id skitching Low Product pom developer id tn Low Product pom developer name Brian Stansberry Low Product pom developer name Costin Manolache Low Product pom developer name Craig McClanahan Low Product pom developer name Dennis Lundberg Low Product pom developer name Juozas Baliuka Low Product pom developer name Morgan Delagrange Low Product pom developer name Peter Donald Low Product pom developer name Richard Sitze Low Product pom developer name Robert Burrell Donkin Low Product pom developer name Rodney Waldhoff Low Product pom developer name Scott Sanders Low Product pom developer name Simon Kitching Low Product pom developer name Thomas Neidhart Low Product pom developer org Apache Low Product pom developer org The Apache Software Foundation Low Product pom groupid commons-logging Highest Product pom name Apache Commons Logging High Product pom parent-artifactid commons-parent Medium Product pom parent-groupid org.apache.commons Medium Product pom url http://commons.apache.org/proper/commons-logging/ Medium Version file version 1.2 High Version Manifest Implementation-Version 1.2 High Version pom parent-version 1.2 Low Version pom version 1.2 Highest
commons-math3-3.6.1.jarDescription:
The Apache Commons Math project is a library of lightweight, self-contained mathematics and statistics components addressing the most common practical problems not immediately available in the Java programming language or commons-lang. License:
http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /var/simplicite/.m2/repository/org/apache/commons/commons-math3/3.6.1/commons-math3-3.6.1.jar
MD5: 5b730d97e4e6368069de1983937c508e
SHA1: e4ba98f1d4b3c80ec46392f25e094a6a2e58fcbf
SHA256: 1e56d7b058d28b65abd256b8458e3885b674c1d588fa43cd7d1cbb9c7ef2b308
Referenced In Project/Scope: Simplicite Platform:compile
commons-math3-3.6.1.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.simplicite/simplicite@5.2.54
Evidence Type Source Name Value Confidence Vendor file name commons-math3 High Vendor jar package name apache Highest Vendor jar package name commons Highest Vendor jar package name math3 Highest Vendor Manifest bundle-docurl http://commons.apache.org/proper/commons-math/ Low Vendor Manifest bundle-symbolicname org.apache.commons.math3 Medium Vendor Manifest implementation-build 16abfe5de688cc52fb0396e0609cb33044b15653; 2016-03-17 13:30:43-0400 Low Vendor Manifest implementation-url http://commons.apache.org/proper/commons-math/ Low Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor Manifest Implementation-Vendor-Id org.apache Medium Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor pom artifactid commons-math3 Highest Vendor pom artifactid commons-math3 Low Vendor pom developer email achou at apache dot org Low Vendor pom developer email billbarker at apache dot org Low Vendor pom developer email brentworden at apache dot org Low Vendor pom developer email celestin at apache dot org Low Vendor pom developer email dimpbx at apache dot org Low Vendor pom developer email erans at apache dot org Low Vendor pom developer email evanward at apache dot org Low Vendor pom developer email gregs at apache dot org Low Vendor pom developer email j3322ptm at yahoo dot de Low Vendor pom developer email luc at apache dot org Low Vendor pom developer email mdiggory at apache dot org Low Vendor pom developer email mikl at apache dot org Low Vendor pom developer email oertl at apache dot org Low Vendor pom developer email rdonkin at apache dot org Low Vendor pom developer email tn at apache dot org Low Vendor pom developer email tobrien at apache dot org Low Vendor pom developer id achou Medium Vendor pom developer id billbarker Medium Vendor pom developer id brentworden Medium Vendor pom developer id celestin Medium Vendor pom developer id dimpbx Medium Vendor pom developer id erans Medium Vendor pom developer id evanward Medium Vendor pom developer id gregs Medium Vendor pom developer id luc Medium Vendor pom developer id mdiggory Medium Vendor pom developer id mikl Medium Vendor pom developer id oertl Medium Vendor pom developer id pietsch Medium Vendor pom developer id rdonkin Medium Vendor pom developer id tn Medium Vendor pom developer id tobrien Medium Vendor pom developer name Albert Davidson Chou Medium Vendor pom developer name Bill Barker Medium Vendor pom developer name Brent Worden Medium Vendor pom developer name Dimitri Pourbaix Medium Vendor pom developer name Evan Ward Medium Vendor pom developer name Gilles Sadowski Medium Vendor pom developer name Greg Sterijevski Medium Vendor pom developer name J. Pietschmann Medium Vendor pom developer name Luc Maisonobe Medium Vendor pom developer name Mark Diggory Medium Vendor pom developer name Mikkel Meyer Andersen Medium Vendor pom developer name Otmar Ertl Medium Vendor pom developer name Robert Burrell Donkin Medium Vendor pom developer name Sébastien Brisard Medium Vendor pom developer name Thomas Neidhart Medium Vendor pom developer name Tim O'Brien Medium Vendor pom groupid org.apache.commons Highest Vendor pom name Apache Commons Math High Vendor pom parent-artifactid commons-parent Low Vendor pom url http://commons.apache.org/proper/commons-math/ Highest Product file name commons-math3 High Product jar package name apache Highest Product jar package name commons Highest Product jar package name math3 Highest Product Manifest bundle-docurl http://commons.apache.org/proper/commons-math/ Low Product Manifest Bundle-Name Apache Commons Math Medium Product Manifest bundle-symbolicname org.apache.commons.math3 Medium Product Manifest implementation-build 16abfe5de688cc52fb0396e0609cb33044b15653; 2016-03-17 13:30:43-0400 Low Product Manifest Implementation-Title Apache Commons Math High Product Manifest implementation-url http://commons.apache.org/proper/commons-math/ Low Product Manifest specification-title Apache Commons Math Medium Product pom artifactid commons-math3 Highest Product pom developer email achou at apache dot org Low Product pom developer email billbarker at apache dot org Low Product pom developer email brentworden at apache dot org Low Product pom developer email celestin at apache dot org Low Product pom developer email dimpbx at apache dot org Low Product pom developer email erans at apache dot org Low Product pom developer email evanward at apache dot org Low Product pom developer email gregs at apache dot org Low Product pom developer email j3322ptm at yahoo dot de Low Product pom developer email luc at apache dot org Low Product pom developer email mdiggory at apache dot org Low Product pom developer email mikl at apache dot org Low Product pom developer email oertl at apache dot org Low Product pom developer email rdonkin at apache dot org Low Product pom developer email tn at apache dot org Low Product pom developer email tobrien at apache dot org Low Product pom developer id achou Low Product pom developer id billbarker Low Product pom developer id brentworden Low Product pom developer id celestin Low Product pom developer id dimpbx Low Product pom developer id erans Low Product pom developer id evanward Low Product pom developer id gregs Low Product pom developer id luc Low Product pom developer id mdiggory Low Product pom developer id mikl Low Product pom developer id oertl Low Product pom developer id pietsch Low Product pom developer id rdonkin Low Product pom developer id tn Low Product pom developer id tobrien Low Product pom developer name Albert Davidson Chou Low Product pom developer name Bill Barker Low Product pom developer name Brent Worden Low Product pom developer name Dimitri Pourbaix Low Product pom developer name Evan Ward Low Product pom developer name Gilles Sadowski Low Product pom developer name Greg Sterijevski Low Product pom developer name J. Pietschmann Low Product pom developer name Luc Maisonobe Low Product pom developer name Mark Diggory Low Product pom developer name Mikkel Meyer Andersen Low Product pom developer name Otmar Ertl Low Product pom developer name Robert Burrell Donkin Low Product pom developer name Sébastien Brisard Low Product pom developer name Thomas Neidhart Low Product pom developer name Tim O'Brien Low Product pom groupid org.apache.commons Highest Product pom name Apache Commons Math High Product pom parent-artifactid commons-parent Medium Product pom url http://commons.apache.org/proper/commons-math/ Medium Version file version 3.6.1 High Version Manifest Bundle-Version 3.6.1 High Version Manifest Implementation-Version 3.6.1 High Version pom parent-version 3.6.1 Low Version pom version 3.6.1 Highest
commons-net-3.8.0.jarDescription:
Apache Commons Net library contains a collection of network utilities and protocol implementations.
Supported protocols include: Echo, Finger, FTP, NNTP, NTP, POP3(S), SMTP(S), Telnet, Whois
License:
https://www.apache.org/licenses/LICENSE-2.0.txt File Path: /var/simplicite/.m2/repository/commons-net/commons-net/3.8.0/commons-net-3.8.0.jar
MD5: d4b7197bf50afc96e2fa2657a339f037
SHA1: 63ea56587c8aaf05adab5cb0397e056bac8a2db0
SHA256: 352b0ba1c657d8930063a9b83878fb717deef2d29ee25d13943be9beccc64d49
Referenced In Project/Scope: Simplicite Platform:compile
commons-net-3.8.0.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.simplicite/simplicite@5.2.54
Evidence Type Source Name Value Confidence Vendor file name commons-net High Vendor jar package name apache Highest Vendor jar package name commons Highest Vendor jar package name echo Highest Vendor jar package name finger Highest Vendor jar package name ftp Highest Vendor jar package name net Highest Vendor jar package name nntp Highest Vendor jar package name pop3 Highest Vendor jar package name smtp Highest Vendor jar package name telnet Highest Vendor jar package name whois Highest Vendor Manifest automatic-module-name org.apache.commons.net Medium Vendor Manifest build-jdk-spec 1.8 Low Vendor Manifest bundle-docurl https://commons.apache.org/proper/commons-net/ Low Vendor Manifest bundle-symbolicname org.apache.commons.commons-net Medium Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor pom artifactid commons-net Highest Vendor pom artifactid commons-net Low Vendor pom developer email bruno.davanzo@hp.com Low Vendor pom developer email dfs@apache.org Low Vendor pom developer email ggregory@apache.org Low Vendor pom developer email Jeff.Brekke@qg.com Low Vendor pom developer email rwinston@apache.org Low Vendor pom developer email rwinston@checkfree.com Low Vendor pom developer email scohen@apache.org Low Vendor pom developer id brekke Medium Vendor pom developer id brudav Medium Vendor pom developer id dfs Medium Vendor pom developer id rwinston Medium Vendor pom developer id scohen Medium Vendor pom developer name Bruno D'Avanzo Medium Vendor pom developer name Daniel F. Savarese Medium Vendor pom developer name Gary Gregory Medium Vendor pom developer name Jeffrey D. Brekke Medium Vendor pom developer name Rory Winston Medium Vendor pom developer name Steve Cohen Medium Vendor pom developer org
<a href="http://www.savarese.com/">Savarese Software Research</a> Medium Vendor pom developer org Hewlett-Packard Medium Vendor pom developer org javactivity.org Medium Vendor pom developer org Quad/Graphics, Inc. Medium Vendor pom groupid commons-net Highest Vendor pom name Apache Commons Net High Vendor pom parent-artifactid commons-parent Low Vendor pom parent-groupid org.apache.commons Medium Vendor pom url https://commons.apache.org/proper/commons-net/ Highest Product file name commons-net High Product jar package name apache Highest Product jar package name commons Highest Product jar package name echo Highest Product jar package name finger Highest Product jar package name ftp Highest Product jar package name net Highest Product jar package name nntp Highest Product jar package name pop3 Highest Product jar package name smtp Highest Product jar package name telnet Highest Product jar package name whois Highest Product Manifest automatic-module-name org.apache.commons.net Medium Product Manifest build-jdk-spec 1.8 Low Product Manifest bundle-docurl https://commons.apache.org/proper/commons-net/ Low Product Manifest Bundle-Name Apache Commons Net Medium Product Manifest bundle-symbolicname org.apache.commons.commons-net Medium Product Manifest Implementation-Title Apache Commons Net High Product Manifest specification-title Apache Commons Net Medium Product pom artifactid commons-net Highest Product pom developer email bruno.davanzo@hp.com Low Product pom developer email dfs@apache.org Low Product pom developer email ggregory@apache.org Low Product pom developer email Jeff.Brekke@qg.com Low Product pom developer email rwinston@apache.org Low Product pom developer email rwinston@checkfree.com Low Product pom developer email scohen@apache.org Low Product pom developer id brekke Low Product pom developer id brudav Low Product pom developer id dfs Low Product pom developer id rwinston Low Product pom developer id scohen Low Product pom developer name Bruno D'Avanzo Low Product pom developer name Daniel F. Savarese Low Product pom developer name Gary Gregory Low Product pom developer name Jeffrey D. Brekke Low Product pom developer name Rory Winston Low Product pom developer name Steve Cohen Low Product pom developer org
<a href="http://www.savarese.com/">Savarese Software Research</a> Low Product pom developer org Hewlett-Packard Low Product pom developer org javactivity.org Low Product pom developer org Quad/Graphics, Inc. Low Product pom groupid commons-net Highest Product pom name Apache Commons Net High Product pom parent-artifactid commons-parent Medium Product pom parent-groupid org.apache.commons Medium Product pom url https://commons.apache.org/proper/commons-net/ Medium Version file version 3.8.0 High Version Manifest Bundle-Version 3.8.0 High Version Manifest Implementation-Version 3.8.0 High Version pom parent-version 3.8.0 Low Version pom version 3.8.0 Highest
CVE-2021-37533 suppress
Prior to Apache Commons Net 3.9.0, Net's FTP client trusts the host from PASV response by default. A malicious server can redirect the Commons Net code to use a different host, but the user has to connect to the malicious server in the first place. This may lead to leakage of information about services running on the private network of the client. The default in version 3.9.0 is now false to ignore such hosts, as cURL does. See https://issues.apache.org/jira/browse/NET-711. CWE-20 Improper Input Validation
CVSSv3:
Base Score: MEDIUM (6.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N References:
Vulnerable Software & Versions:
commons-pool2-2.11.1.jarDescription:
The Apache Commons Object Pooling Library. License:
https://www.apache.org/licenses/LICENSE-2.0.txt File Path: /var/simplicite/.m2/repository/org/apache/commons/commons-pool2/2.11.1/commons-pool2-2.11.1.jar
MD5: 2210a041929e7c94485d5402458340b9
SHA1: 8970fd110c965f285ed4c6e40be7630c62db6f68
SHA256: ea0505ee7515e58b1ac0e686e4d1a5d9f7d808e251a61bc371aa0595b9963f83
Referenced In Project/Scope: Simplicite Platform:compile
commons-pool2-2.11.1.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.simplicite/simplicite@5.2.54
Evidence Type Source Name Value Confidence Vendor file name commons-pool2 High Vendor jar package name apache Highest Vendor jar package name commons Highest Vendor jar package name pool2 Highest Vendor Manifest automatic-module-name org.apache.commons.pool2 Medium Vendor Manifest build-jdk-spec 1.8 Low Vendor Manifest bundle-docurl https://commons.apache.org/proper/commons-pool/ Low Vendor Manifest bundle-symbolicname org.apache.commons.commons-pool2 Medium Vendor Manifest implementation-build release@rabb1a0797b406566f0214c688871ab7e8fdc2601; 2021-08-14 13:51:45+0000 Low Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor Manifest Implementation-Vendor-Id org.apache Medium Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor pom artifactid commons-pool2 Highest Vendor pom artifactid commons-pool2 Low Vendor pom developer email ggregory at apache.org Low Vendor pom developer id craigmcc Medium Vendor pom developer id dirkv Medium Vendor pom developer id dweinr1 Medium Vendor pom developer id geirm Medium Vendor pom developer id ggregory Medium Vendor pom developer id mattsicker Medium Vendor pom developer id morgand Medium Vendor pom developer id rdonkin Medium Vendor pom developer id rwaldhoff Medium Vendor pom developer id sandymac Medium Vendor pom developer id simonetripodi Medium Vendor pom developer name Craig McClanahan Medium Vendor pom developer name David Weinrich Medium Vendor pom developer name Dirk Verbeeck Medium Vendor pom developer name Gary Gregory Medium Vendor pom developer name Geir Magnusson Medium Vendor pom developer name Matt Sicker Medium Vendor pom developer name Morgan Delagrange Medium Vendor pom developer name Robert Burrell Donkin Medium Vendor pom developer name Rodney Waldhoff Medium Vendor pom developer name Sandy McArthur Medium Vendor pom developer name Simone Tripodi Medium Vendor pom developer org The Apache Software Foundation Medium Vendor pom developer org URL https://www.apache.org/ Medium Vendor pom groupid org.apache.commons Highest Vendor pom name Apache Commons Pool High Vendor pom parent-artifactid commons-parent Low Vendor pom url https://commons.apache.org/proper/commons-pool/ Highest Product file name commons-pool2 High Product jar package name apache Highest Product jar package name commons Highest Product jar package name pool2 Highest Product Manifest automatic-module-name org.apache.commons.pool2 Medium Product Manifest build-jdk-spec 1.8 Low Product Manifest bundle-docurl https://commons.apache.org/proper/commons-pool/ Low Product Manifest Bundle-Name Apache Commons Pool Medium Product Manifest bundle-symbolicname org.apache.commons.commons-pool2 Medium Product Manifest implementation-build release@rabb1a0797b406566f0214c688871ab7e8fdc2601; 2021-08-14 13:51:45+0000 Low Product Manifest Implementation-Title Apache Commons Pool High Product Manifest specification-title Apache Commons Pool Medium Product pom artifactid commons-pool2 Highest Product pom developer email ggregory at apache.org Low Product pom developer id craigmcc Low Product pom developer id dirkv Low Product pom developer id dweinr1 Low Product pom developer id geirm Low Product pom developer id ggregory Low Product pom developer id mattsicker Low Product pom developer id morgand Low Product pom developer id rdonkin Low Product pom developer id rwaldhoff Low Product pom developer id sandymac Low Product pom developer id simonetripodi Low Product pom developer name Craig McClanahan Low Product pom developer name David Weinrich Low Product pom developer name Dirk Verbeeck Low Product pom developer name Gary Gregory Low Product pom developer name Geir Magnusson Low Product pom developer name Matt Sicker Low Product pom developer name Morgan Delagrange Low Product pom developer name Robert Burrell Donkin Low Product pom developer name Rodney Waldhoff Low Product pom developer name Sandy McArthur Low Product pom developer name Simone Tripodi Low Product pom developer org The Apache Software Foundation Low Product pom developer org URL https://www.apache.org/ Low Product pom groupid org.apache.commons Highest Product pom name Apache Commons Pool High Product pom parent-artifactid commons-parent Medium Product pom url https://commons.apache.org/proper/commons-pool/ Medium Version file version 2.11.1 High Version Manifest Bundle-Version 2.11.1 High Version Manifest Implementation-Version 2.11.1 High Version pom parent-version 2.11.1 Low Version pom version 2.11.1 Highest
commons-validator-1.7.jarDescription:
Apache Commons Validator provides the building blocks for both client side validation and server side data validation.
It may be used standalone or with a framework like Struts.
License:
https://www.apache.org/licenses/LICENSE-2.0.txt File Path: /var/simplicite/.m2/repository/commons-validator/commons-validator/1.7/commons-validator-1.7.jar
MD5: 4b6f22de69432bc03254b47310d59651
SHA1: 76069c915de3787f3ddd8726a56f47a95bfcbb0e
SHA256: 4d74f4ce4fb68b2617edad086df6defdf9338467d2377d2c62e69038e1c4f02f
Referenced In Project/Scope: Simplicite Platform:compile
commons-validator-1.7.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.simplicite/simplicite@5.2.54
Evidence Type Source Name Value Confidence Vendor file name commons-validator High Vendor jar package name apache Highest Vendor jar package name commons Highest Vendor jar package name validator Highest Vendor Manifest build-jdk-spec 1.8 Low Vendor Manifest bundle-docurl http://commons.apache.org/proper/commons-validator/ Low Vendor Manifest bundle-symbolicname org.apache.commons.commons-validator Medium Vendor Manifest implementation-build UNKNOWN@rf9bb21748a9f9c50fbc31862de25ed49433ecc88; 2020-08-03 16:50:38+0000 Low Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor Manifest Implementation-Vendor-Id org.apache Medium Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor pom artifactid commons-validator Highest Vendor pom artifactid commons-validator Low Vendor pom developer email craigmcc@apache.org Low Vendor pom developer email dgraham@apache.org Low Vendor pom developer email dwinterfeldt@apache.org Low Vendor pom developer email ggregory@apache.org Low Vendor pom developer email husted@apache.org Low Vendor pom developer email jmitchell NOSPAM apache.org Low Vendor pom developer email martinc@apache.org Low Vendor pom developer email mrdon@apache.org Low Vendor pom developer email rleland at apache.org Low Vendor pom developer email turner@apache.org Low Vendor pom developer id bayard Medium Vendor pom developer id britter Medium Vendor pom developer id bspeakmon Medium Vendor pom developer id craigmcc Medium Vendor pom developer id dgraham Medium Vendor pom developer id dwinterfeldt Medium Vendor pom developer id ggregory Medium Vendor pom developer id husted Medium Vendor pom developer id jmitchell Medium Vendor pom developer id martinc Medium Vendor pom developer id mrdon Medium Vendor pom developer id niallp Medium Vendor pom developer id nick Medium Vendor pom developer id rleland Medium Vendor pom developer id simonetripodi Medium Vendor pom developer id turner Medium Vendor pom developer name Ben Speakmon Medium Vendor pom developer name Benedikt Ritter Medium Vendor pom developer name Craig McClanahan Medium Vendor pom developer name David Graham Medium Vendor pom developer name David Winterfeldt Medium Vendor pom developer name Don Brown Medium Vendor pom developer name Gary Gregory Medium Vendor pom developer name Henri Yandell Medium Vendor pom developer name James Mitchell Medium Vendor pom developer name James Turner Medium Vendor pom developer name Martin Cooper Medium Vendor pom developer name Niall Pemberton Medium Vendor pom developer name Nick Burch Medium Vendor pom developer name Rob Leland Medium Vendor pom developer name SimoneTripodi Medium Vendor pom developer name Ted Husted Medium Vendor pom developer org EdgeTech, Inc Medium Vendor pom groupid commons-validator Highest Vendor pom name Apache Commons Validator High Vendor pom parent-artifactid commons-parent Low Vendor pom parent-groupid org.apache.commons Medium Vendor pom url http://commons.apache.org/proper/commons-validator/ Highest Product file name commons-validator High Product jar package name apache Highest Product jar package name commons Highest Product jar package name validator Highest Product Manifest build-jdk-spec 1.8 Low Product Manifest bundle-docurl http://commons.apache.org/proper/commons-validator/ Low Product Manifest Bundle-Name Apache Commons Validator Medium Product Manifest bundle-symbolicname org.apache.commons.commons-validator Medium Product Manifest implementation-build UNKNOWN@rf9bb21748a9f9c50fbc31862de25ed49433ecc88; 2020-08-03 16:50:38+0000 Low Product Manifest Implementation-Title Apache Commons Validator High Product Manifest specification-title Apache Commons Validator Medium Product pom artifactid commons-validator Highest Product pom developer email craigmcc@apache.org Low Product pom developer email dgraham@apache.org Low Product pom developer email dwinterfeldt@apache.org Low Product pom developer email ggregory@apache.org Low Product pom developer email husted@apache.org Low Product pom developer email jmitchell NOSPAM apache.org Low Product pom developer email martinc@apache.org Low Product pom developer email mrdon@apache.org Low Product pom developer email rleland at apache.org Low Product pom developer email turner@apache.org Low Product pom developer id bayard Low Product pom developer id britter Low Product pom developer id bspeakmon Low Product pom developer id craigmcc Low Product pom developer id dgraham Low Product pom developer id dwinterfeldt Low Product pom developer id ggregory Low Product pom developer id husted Low Product pom developer id jmitchell Low Product pom developer id martinc Low Product pom developer id mrdon Low Product pom developer id niallp Low Product pom developer id nick Low Product pom developer id rleland Low Product pom developer id simonetripodi Low Product pom developer id turner Low Product pom developer name Ben Speakmon Low Product pom developer name Benedikt Ritter Low Product pom developer name Craig McClanahan Low Product pom developer name David Graham Low Product pom developer name David Winterfeldt Low Product pom developer name Don Brown Low Product pom developer name Gary Gregory Low Product pom developer name Henri Yandell Low Product pom developer name James Mitchell Low Product pom developer name James Turner Low Product pom developer name Martin Cooper Low Product pom developer name Niall Pemberton Low Product pom developer name Nick Burch Low Product pom developer name Rob Leland Low Product pom developer name SimoneTripodi Low Product pom developer name Ted Husted Low Product pom developer org EdgeTech, Inc Low Product pom groupid commons-validator Highest Product pom name Apache Commons Validator High Product pom parent-artifactid commons-parent Medium Product pom parent-groupid org.apache.commons Medium Product pom url http://commons.apache.org/proper/commons-validator/ Medium Version file version 1.7 High Version Manifest Implementation-Version 1.7 High Version pom parent-version 1.7 Low Version pom version 1.7 Highest
commons-vfs2-2.9.0.jarDescription:
Apache Commons VFS is a Virtual File System library. License:
https://www.apache.org/licenses/LICENSE-2.0.txt File Path: /var/simplicite/.m2/repository/org/apache/commons/commons-vfs2/2.9.0/commons-vfs2-2.9.0.jar
MD5: beba9c4909dd2799ee95c8e0c280dbf2
SHA1: 48115c2fb1c5f0a2498a4365162d6b69adec73f3
SHA256: 266f96b77aa18773191f6992fc7910999bf8ee8a244ec67a3398b486eb726a7f
Referenced In Project/Scope: Simplicite Platform:compile
commons-vfs2-2.9.0.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.simplicite/simplicite@5.2.54
Evidence Type Source Name Value Confidence Vendor file name commons-vfs2 High Vendor jar package name apache Highest Vendor jar package name commons Highest Vendor jar package name vfs Highest Vendor jar package name vfs2 Highest Vendor Manifest build-jdk-spec 1.8 Low Vendor Manifest bundle-docurl http://commons.apache.org/proper/commons-vfs/ Low Vendor Manifest bundle-symbolicname org.apache.commons.vfs2 Medium Vendor Manifest implementation-build release@r832824a318126c6fc9fe345ed25b4a4452c00aef; 2021-07-17 11:41:51+0000 Low Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor Manifest Implementation-Vendor-Id org.apache Medium Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor pom artifactid commons-vfs2 Highest Vendor pom artifactid commons-vfs2 Low Vendor pom groupid org.apache.commons Highest Vendor pom name Apache Commons VFS High Vendor pom parent-artifactid commons-vfs2-project Low Vendor pom url http://commons.apache.org/proper/commons-vfs/ Highest Product file name commons-vfs2 High Product jar package name apache Highest Product jar package name commons Highest Product jar package name vfs Highest Product jar package name vfs2 Highest Product Manifest build-jdk-spec 1.8 Low Product Manifest bundle-docurl http://commons.apache.org/proper/commons-vfs/ Low Product Manifest Bundle-Name Apache Commons VFS Medium Product Manifest bundle-symbolicname org.apache.commons.vfs2 Medium Product Manifest implementation-build release@r832824a318126c6fc9fe345ed25b4a4452c00aef; 2021-07-17 11:41:51+0000 Low Product Manifest Implementation-Title Apache Commons VFS High Product Manifest specification-title Apache Commons VFS Medium Product pom artifactid commons-vfs2 Highest Product pom groupid org.apache.commons Highest Product pom name Apache Commons VFS High Product pom parent-artifactid commons-vfs2-project Medium Product pom url http://commons.apache.org/proper/commons-vfs/ Medium Version file version 2.9.0 High Version Manifest Bundle-Version 2.9.0 High Version Manifest Implementation-Version 2.9.0 High Version pom version 2.9.0 Highest
concat-map:0.0.1Description:
concatenative mapdashery License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/concat-map:0.0.1
Referenced In Projects/Scopes: simplicite-js:5.2.54/brace-expansion:1.1.11 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author.email mail@substack.net Highest Vendor package.json author.name James Halliday Highest Vendor package.json author.url http://substack.net Highest Vendor package.json description concatenative mapdashery Highest Vendor package.json name concat-map Highest Vendor package.json name concat-map_project Highest Product package.json name concat-map Highest Version package.json version 0.0.1 Highest
Related Dependencies concat-map:0.0.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?brace-expansion:1.1.11/concat-map:0.0.1 pkg:npm/concat-map@0.0.1 config-chain:1.1.13Description:
HANDLE CONFIGURATION ONCE AND FOR ALL License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?js-beautify:1.14.0/config-chain:^1.1.12
Referenced In Projects/Scopes: simplicite-js:5.2.54/js-beautify:1.14.0 simplicite-js:5.2.54 simplicite-js:5.2.54/@pnpm/npm-conf:2.2.2 Evidence Type Source Name Value Confidence Vendor package.json author Dominic Tarr <dominic.tarr@gmail.com> (http://dominictarr.com) Highest Vendor package.json description HANDLE CONFIGURATION ONCE AND FOR ALL Highest Vendor package.json homepage http://github.com/dominictarr/config-chain Highest Vendor package.json name config-chain Highest Vendor package.json name config-chain_project Highest Product package.json name config-chain Highest Version package.json version 1.1.13 Highest
Related Dependencies config-chain:1.1.13File Path: /var/simplicite/simplicite-5.2/package-lock.json?/config-chain:1.1.13 pkg:npm/config-chain@1.1.13 config-chain:1.1.13File Path: /var/simplicite/simplicite-5.2/package-lock.json?@pnpm/npm-conf:2.2.2/config-chain:^1.1.11 pkg:npm/config-chain@1.1.13 configstore:5.0.1Description:
Easily load and save config without having to think about where and how License:
BSD-2-Clause File Path: /var/simplicite/simplicite-5.2/package-lock.json?update-notifier:4.1.3/configstore:^5.0.1
Referenced In Projects/Scopes: simplicite-js:5.2.54/update-notifier:6.0.2 simplicite-js:5.2.54/update-notifier:4.1.3 simplicite-js:5.2.54/update-notifier:5.1.0 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author.email sindresorhus@gmail.com Highest Vendor package.json author.name Sindre Sorhus Highest Vendor package.json author.url sindresorhus.com Highest Vendor package.json description Easily load and save config without having to think about where and how Highest Vendor package.json name configstore Highest Vendor package.json name configstore_project Highest Product package.json name configstore Highest Version package.json version 5.0.1 Highest
Related Dependencies configstore:5.0.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?/configstore:5.0.1 pkg:npm/configstore@5.0.1 configstore:5.0.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?update-notifier:5.1.0/configstore:^5.0.1 pkg:npm/configstore@5.0.1 configstore:5.0.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?update-notifier:6.0.2/configstore:^6.0.0 pkg:npm/configstore@5.0.1 configstore:6.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?/configstore:6.0.0 pkg:npm/configstore@6.0.0 conscrypt-openjdk-uber-2.5.1.jarDescription:
Conscrypt: OpenJdk UberJAR License:
Apache 2: https://www.apache.org/licenses/LICENSE-2.0 File Path: /var/simplicite/.m2/repository/org/conscrypt/conscrypt-openjdk-uber/2.5.1/conscrypt-openjdk-uber-2.5.1.jar
MD5: ee6de6e578762d474b2ca5418e16815b
SHA1: 3658b276ab54bd600f754b3c8cf4b7cd77fc61e6
SHA256: 01f9c742cb592a151e2e62bd5397a8980628a967001fcdacd4aa4744678685f3
Referenced In Project/Scope: Simplicite Platform:compile
conscrypt-openjdk-uber-2.5.1.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.google.cloud/google-cloud-pubsub@1.114.4
Evidence Type Source Name Value Confidence Vendor file name conscrypt-openjdk-uber High Vendor jar package name conscrypt Highest Vendor Manifest automatic-module-name org.conscrypt Medium Vendor Manifest bundle-symbolicname org.conscrypt Medium Vendor Manifest source-compatibility 1.7 Low Vendor Manifest target-compatibility 1.7 Low Vendor pom artifactid conscrypt-openjdk-uber Highest Vendor pom artifactid conscrypt-openjdk-uber Low Vendor pom developer email conscrypt@googlegroups.com Low Vendor pom developer id conscrypt Medium Vendor pom developer name Conscrypt Contributors Medium Vendor pom developer org Google, Inc. Medium Vendor pom developer org URL https://www.google.com Medium Vendor pom groupid org.conscrypt Highest Vendor pom name org.conscrypt:conscrypt-openjdk-uber High Vendor pom url https://conscrypt.org/ Highest Product file name conscrypt-openjdk-uber High Product jar package name conscrypt Highest Product Manifest automatic-module-name org.conscrypt Medium Product Manifest Bundle-Name org.conscrypt Medium Product Manifest bundle-symbolicname org.conscrypt Medium Product Manifest Implementation-Title conscrypt-openjdk-uber High Product Manifest source-compatibility 1.7 Low Product Manifest target-compatibility 1.7 Low Product pom artifactid conscrypt-openjdk-uber Highest Product pom developer email conscrypt@googlegroups.com Low Product pom developer id conscrypt Low Product pom developer name Conscrypt Contributors Low Product pom developer org Google, Inc. Low Product pom developer org URL https://www.google.com Low Product pom groupid org.conscrypt Highest Product pom name org.conscrypt:conscrypt-openjdk-uber High Product pom url https://conscrypt.org/ Medium Version file version 2.5.1 High Version Manifest Bundle-Version 2.5.1 High Version Manifest Implementation-Version 2.5.1 High Version pom version 2.5.1 Highest
conscrypt-openjdk-uber-2.5.1.jar: conscrypt_openjdk_jni-windows-x86.dllFile Path: /var/simplicite/.m2/repository/org/conscrypt/conscrypt-openjdk-uber/2.5.1/conscrypt-openjdk-uber-2.5.1.jar/META-INF/native/conscrypt_openjdk_jni-windows-x86.dllMD5: 1837b5f2ee4d31f4c34e2c1afa2e5788SHA1: 7a2afc78dd37293c450301307f1bad4dcf88192fSHA256: 71599c8027fe32c3688ec00945b170300792f6965089d0e321356084bb7ce0aaReferenced In Project/Scope: Simplicite Platform:compile
Evidence Type Source Name Value Confidence Vendor file name conscrypt_openjdk_jni-windows-x86 High Product file name conscrypt_openjdk_jni-windows-x86 High Version file name conscrypt_openjdk_jni-windows-x86 Medium Version file version 86 Medium
conscrypt-openjdk-uber-2.5.1.jar: conscrypt_openjdk_jni-windows-x86_64.dllFile Path: /var/simplicite/.m2/repository/org/conscrypt/conscrypt-openjdk-uber/2.5.1/conscrypt-openjdk-uber-2.5.1.jar/META-INF/native/conscrypt_openjdk_jni-windows-x86_64.dllMD5: 26cd5423ca8df336f97ac6f82a1248feSHA1: f1b981e0caeac000a74ad069665beae9e831dcf2SHA256: e9337a1b2050da01d1626deefbbed517e312ab4acb8e1d8a214ee362fbae891aReferenced In Project/Scope: Simplicite Platform:compile
Evidence Type Source Name Value Confidence Vendor file name conscrypt_openjdk_jni-windows-x86_64 High Product file name conscrypt_openjdk_jni-windows-x86_64 High
console-browserify:1.1.0Description:
Emulate console for all the browsers File Path: /var/simplicite/simplicite-5.2/package-lock.json?/console-browserify:1.1.0Referenced In Projects/Scopes:
simplicite-js:5.2.54/jshint:2.13.1 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author Raynos <raynos2@gmail.com> Highest Vendor package.json bugs.email raynos2@gmail.com Highest Vendor package.json bugs.url https://github.com/Raynos/console-browserify/issues Highest Vendor package.json description Emulate console for all the browsers Highest Vendor package.json homepage https://github.com/Raynos/console-browserify Highest Vendor package.json name console-browserify Highest Vendor package.json name console-browserify_project Highest Product package.json name console-browserify Highest Version package.json version 1.1.0 Highest
Related Dependencies console-browserify:1.1.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?jshint:2.13.1/console-browserify:1.1.x pkg:npm/console-browserify@1.1.0 console-control-strings:1.1.0Description:
A library of cross-platform tested terminal/console command strings for doing things like color and cursor positioning. This is a subset of both ansi and vt100. All control codes included work on both Windows & Unix-like OSes, except where noted. License:
ISC File Path: /var/simplicite/simplicite-5.2/package-lock.json?npmlog:6.0.2/console-control-strings:^1.1.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/gauge:4.0.4 simplicite-js:5.2.54/npmlog:6.0.2 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author Rebecca Turner <me@re-becca.org> (http://re-becca.org/) Highest Vendor package.json description A library of cross-platform tested terminal/console command strings for doing things like color and cursor positioning. This is a subset of both ansi and vt100. All control codes included work on both Windows & Unix-like OSes, except where noted. Highest Vendor package.json name console-control-strings Highest Vendor package.json name console-control-strings_project Highest Product package.json name console-control-strings Highest Version package.json version 1.1.0 Highest
Related Dependencies console-control-strings:1.1.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?/console-control-strings:1.1.0 pkg:npm/console-control-strings@1.1.0 console-control-strings:1.1.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?gauge:4.0.4/console-control-strings:^1.1.0 pkg:npm/console-control-strings@1.1.0 convert-source-map:2.0.0Description:
Converts a source-map from/to different formats and allows adding/changing properties. License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/convert-source-map:2.0.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/@babel/core:7.23.9 simplicite-js:5.2.54/@babel/cli:7.23.9 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author.email thlorenz@gmx.de Highest Vendor package.json author.name Thorsten Lorenz Highest Vendor package.json author.url http://thlorenz.com Highest Vendor package.json description Converts a source-map from/to different formats and allows adding/changing properties. Highest Vendor package.json homepage https://github.com/thlorenz/convert-source-map Highest Vendor package.json name convert-source-map Highest Vendor package.json name convert-source-map_project Highest Product package.json name convert-source-map Highest Version package.json version 2.0.0 Highest
Related Dependencies convert-source-map:2.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/cli:7.23.9/convert-source-map:^2.0.0 pkg:npm/convert-source-map@2.0.0 convert-source-map:2.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/core:7.23.9/convert-source-map:^2.0.0 pkg:npm/convert-source-map@2.0.0 core-3.0.1.jarDescription:
Core barcode encoding/decoding library File Path: /var/simplicite/.m2/repository/com/google/zxing/core/3.0.1/core-3.0.1.jarMD5: 0a0184c3f92492f721d8631d6f5237deSHA1: 9ebf6cd580d67601fbf88fd007aab4703b19e4c2SHA256: 38c49045765281e4c170062fa3f48e4e988629bf985cab850c7497be5eaa72a1Referenced In Project/Scope: Simplicite Platform:compilecore-3.0.1.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.simplicite/simplicite@5.2.54
Evidence Type Source Name Value Confidence Vendor file name core High Vendor jar package name google Highest Vendor jar package name google Low Vendor jar package name zxing Highest Vendor jar package name zxing Low Vendor pom artifactid core Highest Vendor pom artifactid core Low Vendor pom groupid com.google.zxing Highest Vendor pom name ZXing Core High Vendor pom parent-artifactid zxing-parent Low Product file name core High Product jar package name google Highest Product jar package name zxing Highest Product jar package name zxing Low Product pom artifactid core Highest Product pom groupid com.google.zxing Highest Product pom name ZXing Core High Product pom parent-artifactid zxing-parent Medium Version file version 3.0.1 High Version pom version 3.0.1 Highest
core-js-compat:3.35.1Description:
core-js compat License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/core-js-compat:3.35.1
Referenced In Projects/Scopes: simplicite-js:5.2.54/@babel/preset-env:7.23.9 simplicite-js:5.2.54 simplicite-js:5.2.54/babel-plugin-polyfill-corejs3:0.9.0 Evidence Type Source Name Value Confidence Vendor package.json author.email zloirock@zloirock.ru Highest Vendor package.json author.name Denis Pushkarev Highest Vendor package.json author.url http://zloirock.ru Highest Vendor package.json description core-js compat Highest Vendor package.json name core-js-compat Highest Vendor package.json name core-js-compat_project Highest Product package.json name core-js-compat Highest Version package.json version 3.35.1 Highest
Related Dependencies core-js-compat:3.35.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/preset-env:7.23.9/core-js-compat:^3.31.0 pkg:npm/core-js-compat@3.35.1 core-js-compat:3.35.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?babel-plugin-polyfill-corejs3:0.9.0/core-js-compat:^3.34.0 pkg:npm/core-js-compat@3.35.1 core-js:3.31.0Description:
Standard library License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/core-js:3.31.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/@babel/node:7.23.9 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author.email zloirock@zloirock.ru Highest Vendor package.json author.name Denis Pushkarev Highest Vendor package.json author.url http://zloirock.ru Highest Vendor package.json description Standard library Highest Vendor package.json name core-js Highest Vendor package.json name core-js_project Highest Product package.json name core-js Highest Version package.json version 3.31.0 Highest
Related Dependencies core-js:3.31.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/node:7.23.9/core-js:^3.30.2 pkg:npm/core-js@3.31.0 core-util-is:1.0.3Description:
The `util.is*` functions introduced in Node v0.12. License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?readable-stream:1.1.14/core-util-is:~1.0.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/readable-stream:2.3.8 simplicite-js:5.2.54/readable-stream:1.1.14 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author Isaac Z. Schlueter <i@izs.me> (http://blog.izs.me/) Highest Vendor package.json bugs.url https://github.com/isaacs/core-util-is/issues Highest Vendor package.json description The `util.is*` functions introduced in Node v0.12. Highest Vendor package.json name core-util-is Highest Vendor package.json name core-util-is_project Highest Product package.json name core-util-is Highest Version package.json version 1.0.3 Highest
Related Dependencies core-util-is:1.0.3File Path: /var/simplicite/simplicite-5.2/package-lock.json?/core-util-is:1.0.3 pkg:npm/core-util-is@1.0.3 core-util-is:1.0.3File Path: /var/simplicite/simplicite-5.2/package-lock.json?readable-stream:2.3.8/core-util-is:~1.0.0 pkg:npm/core-util-is@1.0.3 cosmiconfig:7.1.0Description:
Find and load configuration from a package.json property, rc file, or CommonJS module License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?stylelint:14.16.1/cosmiconfig:^7.1.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/stylelint:14.16.1 simplicite-js:5.2.54 simplicite-js:5.2.54/depcheck:1.4.3 Evidence Type Source Name Value Confidence Vendor package.json author David Clark <david.dave.clark@gmail.com> Highest Vendor package.json bugs.url https://github.com/davidtheclark/cosmiconfig/issues Highest Vendor package.json description Find and load configuration from a package.json property, rc file, or CommonJS module Highest Vendor package.json homepage https://github.com/davidtheclark/cosmiconfig#readme Highest Vendor package.json name cosmiconfig Highest Vendor package.json name cosmiconfig_project Highest Product package.json name cosmiconfig Highest Version package.json version 7.1.0 Highest
Related Dependencies cosmiconfig:7.1.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?/cosmiconfig:7.1.0 pkg:npm/cosmiconfig@7.1.0 cosmiconfig:7.1.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?depcheck:1.4.3/cosmiconfig:^7.0.0 pkg:npm/cosmiconfig@7.1.0 cross-spawn:7.0.3Description:
Cross platform child_process#spawn and child_process#spawnSync License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?spawn-please:2.0.2/cross-spawn:^7.0.3
Referenced In Projects/Scopes: simplicite-js:5.2.54/eslint:8.56.0 simplicite-js:5.2.54/foreground-child:3.1.1 simplicite-js:5.2.54/spawn-please:2.0.2 simplicite-js:5.2.54/execa:5.1.1 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author André Cruz <andre@moxy.studio> Highest Vendor package.json description Cross platform child_process#spawn and child_process#spawnSync Highest Vendor package.json homepage https://github.com/moxystudio/node-cross-spawn Highest Vendor package.json name cross-spawn Highest Vendor package.json name cross-spawn_project Highest Product package.json name cross-spawn Highest Version package.json version 7.0.3 Highest
Related Dependencies cross-spawn:7.0.3File Path: /var/simplicite/simplicite-5.2/package-lock.json?/cross-spawn:7.0.3 pkg:npm/cross-spawn@7.0.3 cross-spawn:7.0.3File Path: /var/simplicite/simplicite-5.2/package-lock.json?eslint:8.56.0/cross-spawn:^7.0.2 pkg:npm/cross-spawn@7.0.3 cross-spawn:7.0.3File Path: /var/simplicite/simplicite-5.2/package-lock.json?execa:5.1.1/cross-spawn:^7.0.3 pkg:npm/cross-spawn@7.0.3 cross-spawn:7.0.3File Path: /var/simplicite/simplicite-5.2/package-lock.json?foreground-child:3.1.1/cross-spawn:^7.0.0 pkg:npm/cross-spawn@7.0.3 crypto-random-string:2.0.0Description:
Generate a cryptographically strong random string License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?unique-string:2.0.0/crypto-random-string:^2.0.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/unique-string:2.0.0 simplicite-js:5.2.54 simplicite-js:5.2.54/unique-string:3.0.0 Evidence Type Source Name Value Confidence Vendor package.json author.email sindresorhus@gmail.com Highest Vendor package.json author.name Sindre Sorhus Highest Vendor package.json author.url sindresorhus.com Highest Vendor package.json description Generate a cryptographically strong random string Highest Vendor package.json name crypto-random-string Highest Vendor package.json name crypto-random-string_project Highest Product package.json name crypto-random-string Highest Version package.json version 2.0.0 Highest
Related Dependencies crypto-random-string:2.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?/crypto-random-string:2.0.0 pkg:npm/crypto-random-string@2.0.0 crypto-random-string:2.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?unique-string:3.0.0/crypto-random-string:^4.0.0 pkg:npm/crypto-random-string@2.0.0 crypto-random-string:4.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?/crypto-random-string:4.0.0 pkg:npm/crypto-random-string@4.0.0 css-functions-list:3.1.0Description:
List of standard and browser specific CSS functions. License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?stylelint:14.16.1/css-functions-list:^3.1.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/stylelint:14.16.1 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author Ivan Nikolić <niksy5@gmail.com> (http://ivannikolic.com) Highest Vendor package.json bugs.url https://github.com/niksy/css-functions-list/issues Highest Vendor package.json description List of standard and browser specific CSS functions. Highest Vendor package.json homepage https://github.com/niksy/css-functions-list#readme Highest Vendor package.json name css-functions-list Highest Vendor package.json name css-functions-list_project Highest Product package.json name css-functions-list Highest Version package.json version 3.1.0 Highest
Related Dependencies css-functions-list:3.1.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?/css-functions-list:3.1.0 pkg:npm/css-functions-list@3.1.0 cssesc:3.0.0Description:
A JavaScript library for escaping CSS strings and identifiers while generating the shortest possible ASCII-only output. License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?postcss-selector-parser:6.0.13/cssesc:^3.0.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/postcss-selector-parser:6.0.13 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author.name Mathias Bynens Highest Vendor package.json author.url https://mathiasbynens.be/ Highest Vendor package.json bugs https://github.com/mathiasbynens/cssesc/issues Highest Vendor package.json description A JavaScript library for escaping CSS strings and identifiers while generating the shortest possible ASCII-only output. Highest Vendor package.json homepage https://mths.be/cssesc Highest Vendor package.json name cssesc Highest Vendor package.json name cssesc_project Highest Product package.json name cssesc Highest Version package.json version 3.0.0 Highest
Related Dependencies cssesc:3.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?/cssesc:3.0.0 pkg:npm/cssesc@3.0.0 curvesapi-1.06.jarDescription:
Implementation of various mathematical curves that define themselves over a set of control points. The API is written in Java. The curves supported are: Bezier, B-Spline, Cardinal Spline, Catmull-Rom Spline, Lagrange, Natural Cubic Spline, and NURBS. License:
BSD License: http://opensource.org/licenses/BSD-3-Clause File Path: /var/simplicite/.m2/repository/com/github/virtuald/curvesapi/1.06/curvesapi-1.06.jar
MD5: 049221bdb7f8d8a2065c02000e854ed4
SHA1: 159dd2e8956459a4eb0a9a6ecda9004d8d289708
SHA256: 38bb45c99e6153260c19b97b99b6a7370a067de63344de6d1ea11922acaed86b
Referenced In Project/Scope: Simplicite Platform:compile
curvesapi-1.06.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.apache.poi/poi-ooxml@4.1.2
Evidence Type Source Name Value Confidence Vendor file name curvesapi High Vendor jar package name graphbuilder Low Vendor jar package name math Low Vendor pom artifactid curvesapi Highest Vendor pom artifactid curvesapi Low Vendor pom developer id stormdollar Medium Vendor pom developer id virtuald Medium Vendor pom developer name Dustin Spicuzza Medium Vendor pom developer name stormdollar Medium Vendor pom groupid com.github.virtuald Highest Vendor pom name curvesapi High Vendor pom url virtuald/curvesapi Highest Product file name curvesapi High Product jar package name math Low Product pom artifactid curvesapi Highest Product pom developer id stormdollar Low Product pom developer id virtuald Low Product pom developer name Dustin Spicuzza Low Product pom developer name stormdollar Low Product pom groupid com.github.virtuald Highest Product pom name curvesapi High Product pom url virtuald/curvesapi High Version file version 1.06 High Version pom version 1.06 Highest
date-now:0.1.4Description:
A requirable version of Date.now() File Path: /var/simplicite/simplicite-5.2/package-lock.json?/date-now:0.1.4Referenced In Projects/Scopes:
simplicite-js:5.2.54/console-browserify:1.1.0 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author Raynos <raynos2@gmail.com> Highest Vendor package.json bugs.email raynos2@gmail.com Highest Vendor package.json bugs.url https://github.com/Colingo/date-now/issues Highest Vendor package.json description A requirable version of Date.now() Highest Vendor package.json homepage https://github.com/Colingo/date-now Highest Vendor package.json name date-now Highest Vendor package.json name date-now_project Highest Product package.json name date-now Highest Version package.json version 0.1.4 Highest
Related Dependencies date-now:0.1.4File Path: /var/simplicite/simplicite-5.2/package-lock.json?console-browserify:1.1.0/date-now:^0.1.4 pkg:npm/date-now@0.1.4 dd-plist-1.23.jarDescription:
This library enables Java applications to work with property lists in various formats.
Supported formats for reading and writing are OS X/iOS binary and XML property lists.
ASCII property lists are also supported.
The library also provides access to basic functions of NeXTSTEP/Cocoa classes like
NSDictionary, NSArray, etc.
License:
MIT License: http://opensource.org/licenses/mit File Path: /var/simplicite/.m2/repository/com/googlecode/plist/dd-plist/1.23/dd-plist-1.23.jar
MD5: 728c9b2138c0b5f38d017ec8f4ea97e4
SHA1: f522894abd90d6f5a15e9586e625407a7d50e80d
SHA256: 3d794f2808d0e90c7ec889658e843f92a24414bd4df18ecf9f1478726af1238c
Referenced In Project/Scope: Simplicite Platform:compile
dd-plist-1.23.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.apache.tika/tika-parsers@1.27
Evidence Type Source Name Value Confidence Vendor file name dd-plist High Vendor jar package name dd Highest Vendor jar package name plist Highest Vendor Manifest build-jdk-spec 1.8 Low Vendor Manifest bundle-docurl http://www.github.com/3breadt/dd-plist Low Vendor Manifest bundle-symbolicname com.googlecode.plist.dd-plist Medium Vendor pom artifactid dd-plist Highest Vendor pom artifactid dd-plist Low Vendor pom developer email daniel.dreibrodt@gmail.com Low Vendor pom developer id daniel.dreibrodt Medium Vendor pom developer name Daniel Dreibrodt Medium Vendor pom groupid com.googlecode.plist Highest Vendor pom name dd-plist High Vendor pom url http://www.github.com/3breadt/dd-plist Highest Product file name dd-plist High Product jar package name dd Highest Product jar package name nsarray Highest Product jar package name plist Highest Product Manifest build-jdk-spec 1.8 Low Product Manifest bundle-docurl http://www.github.com/3breadt/dd-plist Low Product Manifest Bundle-Name dd-plist Medium Product Manifest bundle-symbolicname com.googlecode.plist.dd-plist Medium Product pom artifactid dd-plist Highest Product pom developer email daniel.dreibrodt@gmail.com Low Product pom developer id daniel.dreibrodt Low Product pom developer name Daniel Dreibrodt Low Product pom groupid com.googlecode.plist Highest Product pom name dd-plist High Product pom url http://www.github.com/3breadt/dd-plist Medium Version file version 1.23 High Version pom version 1.23 Highest
debug:4.3.4Description:
Lightweight debugging utility for Node.js and the browser License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?tuf-js:1.1.7/debug:^4.3.4
Referenced In Projects/Scopes: simplicite-js:5.2.54/rc-config-loader:4.1.3 simplicite-js:5.2.54/socks-proxy-agent:7.0.0 simplicite-js:5.2.54/@eslint/eslintrc:2.1.4 simplicite-js:5.2.54/@babel/traverse:7.23.9 simplicite-js:5.2.54/http-proxy-agent:5.0.0 simplicite-js:5.2.54/license-report:6.5.0 simplicite-js:5.2.54/agentkeepalive:4.3.0 simplicite-js:5.2.54/@babel/core:7.23.9 simplicite-js:5.2.54 simplicite-js:5.2.54/@humanwhocodes/config-array:0.11.13 simplicite-js:5.2.54/depcheck:1.4.3 simplicite-js:5.2.54/https-proxy-agent:5.0.1 simplicite-js:5.2.54/eslint:8.56.0 simplicite-js:5.2.54/stylelint:14.16.1 simplicite-js:5.2.54/eslint-plugin-jsdoc:48.0.4 simplicite-js:5.2.54/agent-base:6.0.2 simplicite-js:5.2.54/@babel/helper-define-polyfill-provider:0.5.0 simplicite-js:5.2.54/tuf-js:1.1.7 Evidence Type Source Name Value Confidence Vendor package.json author Josh Junon <josh.junon@protonmail.com> Highest Vendor package.json description Lightweight debugging utility for Node.js and the browser Highest Vendor package.json name debug Highest Vendor package.json name debug_project Highest Product package.json name debug Highest Version package.json version 4.3.4 Highest
Related Dependencies debug:4.3.4File Path: /var/simplicite/simplicite-5.2/package-lock.json?/debug:4.3.4 pkg:npm/debug@4.3.4 debug:4.3.4File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/core:7.23.9/debug:^4.1.0 pkg:npm/debug@4.3.4 debug:4.3.4File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/helper-define-polyfill-provider:0.5.0/debug:^4.1.1 pkg:npm/debug@4.3.4 debug:4.3.4File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/traverse:7.23.9/debug:^4.3.1 pkg:npm/debug@4.3.4 debug:4.3.4File Path: /var/simplicite/simplicite-5.2/package-lock.json?@eslint/eslintrc:2.1.4/debug:^4.3.2 pkg:npm/debug@4.3.4 debug:4.3.4File Path: /var/simplicite/simplicite-5.2/package-lock.json?@humanwhocodes/config-array:0.11.13/debug:^4.1.1 pkg:npm/debug@4.3.4 debug:4.3.4File Path: /var/simplicite/simplicite-5.2/package-lock.json?agent-base:6.0.2/debug:4 pkg:npm/debug@4.3.4 debug:4.3.4File Path: /var/simplicite/simplicite-5.2/package-lock.json?agentkeepalive:4.3.0/debug:^4.1.0 pkg:npm/debug@4.3.4 debug:4.3.4File Path: /var/simplicite/simplicite-5.2/package-lock.json?depcheck:1.4.3/debug:^4.2.0 pkg:npm/debug@4.3.4 debug:4.3.4File Path: /var/simplicite/simplicite-5.2/package-lock.json?eslint-plugin-jsdoc:48.0.4/debug:^4.3.4 pkg:npm/debug@4.3.4 debug:4.3.4File Path: /var/simplicite/simplicite-5.2/package-lock.json?eslint:8.56.0/debug:^4.3.2 pkg:npm/debug@4.3.4 debug:4.3.4File Path: /var/simplicite/simplicite-5.2/package-lock.json?http-proxy-agent:5.0.0/debug:4 pkg:npm/debug@4.3.4 debug:4.3.4File Path: /var/simplicite/simplicite-5.2/package-lock.json?https-proxy-agent:5.0.1/debug:4 pkg:npm/debug@4.3.4 debug:4.3.4File Path: /var/simplicite/simplicite-5.2/package-lock.json?license-report:6.5.0/debug:^4.3.4 pkg:npm/debug@4.3.4 debug:4.3.4File Path: /var/simplicite/simplicite-5.2/package-lock.json?rc-config-loader:4.1.3/debug:^4.3.4 pkg:npm/debug@4.3.4 debug:4.3.4File Path: /var/simplicite/simplicite-5.2/package-lock.json?socks-proxy-agent:7.0.0/debug:^4.3.3 pkg:npm/debug@4.3.4 debug:4.3.4File Path: /var/simplicite/simplicite-5.2/package-lock.json?stylelint:14.16.1/debug:^4.3.4 pkg:npm/debug@4.3.4 dec-0.1.2.jarDescription:
Brotli is a generic-purpose lossless compression algorithm. License:
http://www.opensource.org/licenses/mit-license.php File Path: /var/simplicite/.m2/repository/org/brotli/dec/0.1.2/dec-0.1.2.jar
MD5: 4b1cd14cf29733941cc536b27e6aedfa
SHA1: 0c26a897ae0d524809eef1c786cc6183b4ddcc3b
SHA256: 615c0c3efef990d77831104475fba6a1f7971388691d4bad1471ad84101f6d52
Referenced In Project/Scope: Simplicite Platform:compile
dec-0.1.2.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.apache.tika/tika-parsers@1.27
Evidence Type Source Name Value Confidence Vendor file name dec High Vendor jar package name brotli Highest Vendor jar package name dec Highest Vendor Manifest bundle-docurl http://brotli.org/dec Low Vendor Manifest bundle-symbolicname org.brotli.dec Medium Vendor pom artifactid dec Highest Vendor pom artifactid dec Low Vendor pom groupid org.brotli Highest Vendor pom name : High Vendor pom parent-artifactid parent Low Product file name dec High Product jar package name brotli Highest Product jar package name dec Highest Product Manifest bundle-docurl http://brotli.org/dec Low Product Manifest Bundle-Name org.brotli:dec Medium Product Manifest bundle-symbolicname org.brotli.dec Medium Product pom artifactid dec Highest Product pom groupid org.brotli Highest Product pom name : High Product pom parent-artifactid parent Medium Version file version 0.1.2 High Version Manifest Bundle-Version 0.1.2 High Version pom version 0.1.2 Highest
decamelize-keys:1.1.1Description:
Convert object keys from camelCase to lowercase with a custom separator License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?meow:9.0.0/decamelize-keys:^1.1.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/meow:9.0.0 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author.email sindresorhus@gmail.com Highest Vendor package.json author.name Sindre Sorhus Highest Vendor package.json author.url http://sindresorhus.com Highest Vendor package.json description Convert object keys from camelCase to lowercase with a custom separator Highest Vendor package.json name decamelize-keys Highest Vendor package.json name decamelize-keys_project Highest Product package.json name decamelize-keys Highest Version package.json version 1.1.1 Highest
Related Dependencies decamelize-keys:1.1.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?/decamelize-keys:1.1.1 pkg:npm/decamelize-keys@1.1.1 decamelize:1.2.0Description:
Convert a camelized string into a lowercased one with a custom separator: unicornRainbow → unicorn_rainbow License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?meow:9.0.0/decamelize:^1.2.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/meow:9.0.0 simplicite-js:5.2.54/decamelize-keys:1.1.1 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author.email sindresorhus@gmail.com Highest Vendor package.json author.name Sindre Sorhus Highest Vendor package.json author.url sindresorhus.com Highest Vendor package.json description Convert a camelized string into a lowercased one with a custom separator: unicornRainbow → unicorn_rainbow Highest Vendor package.json name decamelize Highest Vendor package.json name decamelize_project Highest Product package.json name decamelize Highest Version package.json version 1.2.0 Highest
Related Dependencies decamelize:1.2.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?/decamelize:1.2.0 pkg:npm/decamelize@1.2.0 decamelize:1.2.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?decamelize-keys:1.1.1/decamelize:^1.1.0 pkg:npm/decamelize@1.2.0 decompress-response:6.0.0Description:
Decompress a HTTP response if needed License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?got:13.0.0/decompress-response:^6.0.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/got:12.6.1 simplicite-js:5.2.54/got:9.6.0 simplicite-js:5.2.54 simplicite-js:5.2.54/got:13.0.0 Evidence Type Source Name Value Confidence Vendor package.json author.email sindresorhus@gmail.com Highest Vendor package.json author.name Sindre Sorhus Highest Vendor package.json author.url https://sindresorhus.com Highest Vendor package.json description Decompress a HTTP response if needed Highest Vendor package.json name decompress-response Highest Vendor package.json name decompress-response_project Highest Product package.json name decompress-response Highest Version package.json version 6.0.0 Highest
Related Dependencies decompress-response:3.3.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?/decompress-response:3.3.0 pkg:npm/decompress-response@3.3.0 decompress-response:6.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?/decompress-response:6.0.0 pkg:npm/decompress-response@6.0.0 decompress-response:6.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?got:12.6.1/decompress-response:^6.0.0 pkg:npm/decompress-response@6.0.0 decompress-response:6.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?got:9.6.0/decompress-response:^3.3.0 pkg:npm/decompress-response@6.0.0 deep-extend:0.6.0Description:
Recursive object extending License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?rc:1.2.8/deep-extend:^0.6.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/rc:1.2.8 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author Viacheslav Lotsmanov <lotsmanov89@gmail.com> Highest Vendor package.json bugs https://github.com/unclechu/node-deep-extend/issues Highest Vendor package.json description Recursive object extending Highest Vendor package.json homepage https://github.com/unclechu/node-deep-extend Highest Vendor package.json name deep-extend Highest Vendor package.json name deep-extend_project Highest Product package.json name deep-extend Highest Version package.json version 0.6.0 Highest
Related Dependencies deep-extend:0.6.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?/deep-extend:0.6.0 pkg:npm/deep-extend@0.6.0 deep-is:0.1.4Description:
node's assert.deepEqual algorithm except for NaN being equal to NaN License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?optionator:0.9.3/deep-is:^0.1.3
Referenced In Projects/Scopes: simplicite-js:5.2.54/optionator:0.9.3 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author.email thlorenz@gmx.de Highest Vendor package.json author.name Thorsten Lorenz Highest Vendor package.json author.url http://thlorenz.com Highest Vendor package.json description node's assert.deepEqual algorithm except for NaN being equal to NaN Highest Vendor package.json name deep-is Highest Vendor package.json name deep-is_project Highest Product package.json name deep-is Highest Version package.json version 0.1.4 Highest
Related Dependencies deep-is:0.1.4File Path: /var/simplicite/simplicite-5.2/package-lock.json?/deep-is:0.1.4 pkg:npm/deep-is@0.1.4 defaults:1.0.4Description:
merge single level defaults over a config object License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?wcwidth:1.0.1/defaults:^1.0.3
Referenced In Projects/Scopes: simplicite-js:5.2.54/wcwidth:1.0.1 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author Elijah Insua <tmpvar@gmail.com> Highest Vendor package.json description merge single level defaults over a config object Highest Vendor package.json name defaults Highest Vendor package.json name defaults_project Highest Product package.json name defaults Highest Version package.json version 1.0.4 Highest
Related Dependencies defaults:1.0.4File Path: /var/simplicite/simplicite-5.2/package-lock.json?/defaults:1.0.4 pkg:npm/defaults@1.0.4 defer-to-connect:1.1.3Description:
The safe way to handle the `connect` socket event License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/defer-to-connect:1.1.3
Referenced In Project/Scope: simplicite-js:5.2.54
Evidence Type Source Name Value Confidence Vendor package.json author Szymon Marczak Highest Vendor package.json bugs.url https://github.com/szmarczak/defer-to-connect/issues Highest Vendor package.json description The safe way to handle the `connect` socket event Highest Vendor package.json homepage https://github.com/szmarczak/defer-to-connect#readme Highest Vendor package.json name defer-to-connect Highest Vendor package.json name defer-to-connect_project Highest Product package.json name defer-to-connect Highest Version package.json version 1.1.3 Highest
defer-to-connect:2.0.1Description:
The safe way to handle the `connect` socket event License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/defer-to-connect:2.0.1
Referenced In Projects/Scopes: simplicite-js:5.2.54/@szmarczak/http-timer:5.0.1 simplicite-js:5.2.54 simplicite-js:5.2.54/@szmarczak/http-timer:1.1.2 Evidence Type Source Name Value Confidence Vendor package.json author Szymon Marczak Highest Vendor package.json bugs.url https://github.com/szmarczak/defer-to-connect/issues Highest Vendor package.json description The safe way to handle the `connect` socket event Highest Vendor package.json homepage https://github.com/szmarczak/defer-to-connect#readme Highest Vendor package.json name defer-to-connect Highest Vendor package.json name defer-to-connect_project Highest Product package.json name defer-to-connect Highest Version package.json version 2.0.1 Highest
Related Dependencies defer-to-connect:2.0.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?@szmarczak/http-timer:1.1.2/defer-to-connect:^1.0.1 pkg:npm/defer-to-connect@2.0.1 defer-to-connect:2.0.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?@szmarczak/http-timer:5.0.1/defer-to-connect:^2.0.1 pkg:npm/defer-to-connect@2.0.1 define-properties:1.2.0Description:
Define multiple non-enumerable properties at once. Uses `Object.defineProperty` when available; falls back to standard assignment in older engines. License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?string.prototype.trimstart:1.0.6/define-properties:^1.1.4
Referenced In Projects/Scopes: simplicite-js:5.2.54/function.prototype.name:1.1.5 simplicite-js:5.2.54/string.prototype.trimend:1.0.6 simplicite-js:5.2.54/object.getownpropertydescriptors:2.1.6 simplicite-js:5.2.54/globalthis:1.0.3 simplicite-js:5.2.54/array.prototype.reduce:1.0.5 simplicite-js:5.2.54/string.prototype.trim:1.2.7 simplicite-js:5.2.54/regexp.prototype.flags:1.5.0 simplicite-js:5.2.54 simplicite-js:5.2.54/string.prototype.trimstart:1.0.6 simplicite-js:5.2.54/object.assign:4.1.4 Evidence Type Source Name Value Confidence Vendor package.json author Jordan Harband <ljharb@gmail.com> Highest Vendor package.json description Define multiple non-enumerable properties at once. Uses `Object.defineProperty` when available; falls back to standard assignment in older engines. Highest Vendor package.json name define-properties Highest Vendor package.json name define-properties_project Highest Product package.json name define-properties Highest Version package.json version 1.2.0 Highest
Related Dependencies define-properties:1.2.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?/define-properties:1.2.0 pkg:npm/define-properties@1.2.0 define-properties:1.2.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?array.prototype.reduce:1.0.5/define-properties:^1.1.4 pkg:npm/define-properties@1.2.0 define-properties:1.2.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?function.prototype.name:1.1.5/define-properties:^1.1.3 pkg:npm/define-properties@1.2.0 define-properties:1.2.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?globalthis:1.0.3/define-properties:^1.1.3 pkg:npm/define-properties@1.2.0 define-properties:1.2.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?object.assign:4.1.4/define-properties:^1.1.4 pkg:npm/define-properties@1.2.0 define-properties:1.2.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?object.getownpropertydescriptors:2.1.6/define-properties:^1.2.0 pkg:npm/define-properties@1.2.0 define-properties:1.2.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?regexp.prototype.flags:1.5.0/define-properties:^1.2.0 pkg:npm/define-properties@1.2.0 define-properties:1.2.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?string.prototype.trim:1.2.7/define-properties:^1.1.4 pkg:npm/define-properties@1.2.0 define-properties:1.2.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?string.prototype.trimend:1.0.6/define-properties:^1.1.4 pkg:npm/define-properties@1.2.0 delegates:1.0.0Description:
delegate methods and accessors to another property License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/delegates:1.0.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/are-we-there-yet:3.0.1 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json description delegate methods and accessors to another property Highest Vendor package.json name delegates Highest Vendor package.json name delegates_project Highest Product package.json name delegates Highest Version package.json version 1.0.0 Highest
Related Dependencies delegates:1.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?are-we-there-yet:3.0.1/delegates:^1.0.0 pkg:npm/delegates@1.0.0 depcheck:1.4.3Description:
Check dependencies in your node module License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?npm-check:6.0.1/depcheck:^1.3.1
Referenced In Projects/Scopes: simplicite-js:5.2.54/npm-check:6.0.1 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author.email lukic.djordje@gmail.com Highest Vendor package.json author.name Djordje Lukic Highest Vendor package.json description Check dependencies in your node module Highest Vendor package.json name depcheck Highest Vendor package.json name depcheck_project Highest Product package.json name depcheck Highest Version package.json version 1.4.3 Highest
Related Dependencies depcheck:1.4.3File Path: /var/simplicite/simplicite-5.2/package-lock.json?/depcheck:1.4.3 pkg:npm/depcheck@1.4.3 depd:2.0.0Description:
Deprecate all the things License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/depd:2.0.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/agentkeepalive:4.3.0 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author Douglas Christopher Wilson <doug@somethingdoug.com> Highest Vendor package.json description Deprecate all the things Highest Vendor package.json name depd Highest Vendor package.json name depd_project Highest Product package.json name depd Highest Version package.json version 2.0.0 Highest
Related Dependencies depd:2.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?agentkeepalive:4.3.0/depd:^2.0.0 pkg:npm/depd@2.0.0 deps-regex:0.1.4Description:
Regular expression for matching javascript require statements. License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/deps-regex:0.1.4
Referenced In Projects/Scopes: simplicite-js:5.2.54 simplicite-js:5.2.54/depcheck:1.4.3 Evidence Type Source Name Value Confidence Vendor package.json author Mathieu Dutour <mathieu@dutour.me> Highest Vendor package.json bugs.url https://github.com/mathieudutour/deps-regex/issues Highest Vendor package.json description Regular expression for matching javascript require statements. Highest Vendor package.json homepage https://github.com/mathieudutour/deps-regex Highest Vendor package.json name deps-regex Highest Vendor package.json name deps-regex_project Highest Product package.json name deps-regex Highest Version package.json version 0.1.4 Highest
Related Dependencies deps-regex:0.1.4File Path: /var/simplicite/simplicite-5.2/package-lock.json?depcheck:1.4.3/deps-regex:^0.1.4 pkg:npm/deps-regex@0.1.4 diff-match-patch:1.0.5Description:
npm package for https://github.com/google/diff-match-patch License:
Apache-2.0 File Path: /var/simplicite/simplicite-5.2/package-lock.json?/diff-match-patch:1.0.5
Referenced In Projects/Scopes: simplicite-js:5.2.54 simplicite-js:5.2.54/ace-diff:3.0.3 Evidence Type Source Name Value Confidence Vendor package.json description npm package for https://github.com/google/diff-match-patch Highest Vendor package.json name diff-match-patch Highest Vendor package.json name diff-match-patch_project Highest Product package.json name diff-match-patch Highest Version package.json version 1.0.5 Highest
Related Dependencies diff-match-patch:1.0.5File Path: /var/simplicite/simplicite-5.2/package-lock.json?ace-diff:3.0.3/diff-match-patch:^1.0.5 pkg:npm/diff-match-patch@1.0.5 diffutils-1.3.0.jarDescription:
The DiffUtils library for computing diffs, applying patches, generationg side-by-side view in Java. License:
The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /var/simplicite/.m2/repository/com/googlecode/java-diff-utils/diffutils/1.3.0/diffutils-1.3.0.jar
MD5: 638158a6bca62926aa9986c92ccb15e0
SHA1: 7e060dd5b19431e6d198e91ff670644372f60fbd
SHA256: 61ba4dc49adca95243beaa0569adc2a23aedb5292ae78aa01186fa782ebdc5c2
Referenced In Project/Scope: Simplicite Platform:compile
diffutils-1.3.0.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.simplicite/simplicite@5.2.54
Evidence Type Source Name Value Confidence Vendor file name diffutils High Vendor jar package name diffutils Highest Vendor Manifest bundle-symbolicname com.googlecode.java-diff-utils.diffutils Medium Vendor pom artifactid diffutils Highest Vendor pom artifactid diffutils Low Vendor pom groupid com.googlecode.java-diff-utils Highest Vendor pom name java-diff-utils High Vendor pom url http://code.google.com/p/java-diff-utils/ Highest Product file name diffutils High Product jar package name diffutils Highest Product Manifest Bundle-Name java-diff-utils Medium Product Manifest bundle-symbolicname com.googlecode.java-diff-utils.diffutils Medium Product pom artifactid diffutils Highest Product pom groupid com.googlecode.java-diff-utils Highest Product pom name java-diff-utils High Product pom url http://code.google.com/p/java-diff-utils/ Medium Version file version 1.3.0 High Version Manifest Bundle-Version 1.3.0 High Version pom version 1.3.0 Highest
dir-glob:3.0.1Description:
Convert directories to glob compatible strings License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?globby:11.1.0/dir-glob:^3.0.1
Referenced In Projects/Scopes: simplicite-js:5.2.54 simplicite-js:5.2.54/globby:11.1.0 Evidence Type Source Name Value Confidence Vendor package.json author.email kevinmartensson@gmail.com Highest Vendor package.json author.name Kevin Mårtensson Highest Vendor package.json author.url github.com/kevva Highest Vendor package.json description Convert directories to glob compatible strings Highest Vendor package.json name dir-glob Highest Vendor package.json name dir-glob_project Highest Product package.json name dir-glob Highest Version package.json version 3.0.1 Highest
Related Dependencies dir-glob:3.0.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?/dir-glob:3.0.1 pkg:npm/dir-glob@3.0.1 docdash:2.0.2Description:
A clean, responsive documentation template theme for JSDoc 3 inspired by lodash and minami License:
Apache-2.0 File Path: /var/simplicite/simplicite-5.2/package-lock.json?/docdash:2.0.2
Referenced In Project/Scope: simplicite-js:5.2.54
Evidence Type Source Name Value Confidence Vendor package.json author Clement Moron <clement.moron@gmail.com> Highest Vendor package.json description A clean, responsive documentation template theme for JSDoc 3 inspired by lodash and minami Highest Vendor package.json name docdash Highest Vendor package.json name docdash_project Highest Product package.json name docdash Highest Version package.json version 2.0.2 Highest
doctrine:3.0.0Description:
JSDoc parser License:
Apache-2.0 File Path: /var/simplicite/simplicite-5.2/package-lock.json?eslint:8.56.0/doctrine:^3.0.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/eslint:8.56.0 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json description JSDoc parser Highest Vendor package.json homepage https://github.com/eslint/doctrine Highest Vendor package.json maintainers.email nicholas+npm@nczconsulting.com Highest Vendor package.json maintainers.email utatane.tea@gmail.com Highest Vendor package.json maintainers.name Nicholas C. Zakas Highest Vendor package.json maintainers.name Yusuke Suzuki Highest Vendor package.json maintainers.web https://github.com/Constellation Highest Vendor package.json maintainers.web https://www.nczonline.net Highest Vendor package.json name doctrine Highest Vendor package.json name doctrine_project Highest Product package.json name doctrine Highest Version package.json version 3.0.0 Highest
Related Dependencies doctrine:3.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?/doctrine:3.0.0 pkg:npm/doctrine@3.0.0 docusign-esign-java-3.14.0.jarDescription:
The official DocuSign eSignature JAVA client is based on version 2 of the DocuSign REST API and provides libraries for JAVA application integration. It is recommended that you use this version of the library for new development. License:
DocuSign Java Client License: https://raw.githubusercontent.com/docusign/docusign-java-client/master/LICENSE File Path: /var/simplicite/.m2/repository/com/docusign/docusign-esign-java/3.14.0/docusign-esign-java-3.14.0.jar
MD5: 9918c72f296fb6032208ac18f3732952
SHA1: e548b03bc892e8017f07b8bafe5c92de59941b61
SHA256: b1c1d69645cbbb48859b0bab92a38fd710e06f63975620976ed3b1b706d08319
Referenced In Project/Scope: Simplicite Platform:provided
docusign-esign-java-3.14.0.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.simplicite/simplicite@5.2.54
Evidence Type Source Name Value Confidence Vendor file name docusign-esign-java High Vendor jar package name api Highest Vendor jar package name client Highest Vendor jar package name docusign Highest Vendor jar package name docusign Low Vendor jar package name esign Highest Vendor jar package name esign Low Vendor jar package name model Low Vendor pom artifactid docusign-esign-java Highest Vendor pom artifactid docusign-esign-java Low Vendor pom developer email devcenter@docusign.com Low Vendor pom developer name DocuSign Developer Center Medium Vendor pom developer org DocuSign Medium Vendor pom developer org URL https://developers.docusign.com Medium Vendor pom groupid com.docusign Highest Vendor pom name docusign-esign-java High Vendor pom url https://developers.docusign.com Highest Product file name docusign-esign-java High Product jar package name api Highest Product jar package name client Highest Product jar package name docusign Highest Product jar package name esign Highest Product jar package name esign Low Product jar package name model Low Product pom artifactid docusign-esign-java Highest Product pom developer email devcenter@docusign.com Low Product pom developer name DocuSign Developer Center Low Product pom developer org DocuSign Low Product pom developer org URL https://developers.docusign.com Low Product pom groupid com.docusign Highest Product pom name docusign-esign-java High Product pom url https://developers.docusign.com Medium Version file version 3.14.0 High Version pom version 3.14.0 Highest
docx4j-ImportXHTML-8.2.1.jarDescription:
docx4j-ImportXHTML converts XHTML to OpenXML WordML (docx) using docx4j
License:
LGPL v2.1: http://www.gnu.org/licenses/lgpl-2.1.html File Path: /var/simplicite/.m2/repository/org/docx4j/docx4j-ImportXHTML/8.2.1/docx4j-ImportXHTML-8.2.1.jar
MD5: bac211a763b6851384c3efa44fe82eb4
SHA1: c097fd27a2346ab4412b9c61b98945b1831ebc39
SHA256: 34a88dd7a94f5eca46879250f9e0cb8ac5e174829aa8f01f734e47a1dd91efc5
Referenced In Project/Scope: Simplicite Platform:compile
docx4j-ImportXHTML-8.2.1.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.simplicite/simplicite@5.2.54
Evidence Type Source Name Value Confidence Vendor file name docx4j-ImportXHTML High Vendor jar package name convert Low Vendor jar package name docx4j Highest Vendor jar package name docx4j Low Vendor jar package name in Low Vendor pom artifactid docx4j-ImportXHTML Highest Vendor pom artifactid docx4j-ImportXHTML Low Vendor pom developer email jharrop@plutext.com Low Vendor pom developer id jharrop Medium Vendor pom developer name Jason Harrop Medium Vendor pom developer org Plutext Medium Vendor pom groupid org.docx4j Highest Vendor pom name docx4j-ImportXHTML High Vendor pom url http://www.docx4java.org/ Highest Product file name docx4j-ImportXHTML High Product jar package name convert Low Product jar package name docx4j Highest Product jar package name in Low Product jar package name xhtml Low Product pom artifactid docx4j-ImportXHTML Highest Product pom developer email jharrop@plutext.com Low Product pom developer id jharrop Low Product pom developer name Jason Harrop Low Product pom developer org Plutext Low Product pom groupid org.docx4j Highest Product pom name docx4j-ImportXHTML High Product pom url http://www.docx4java.org/ Medium Version file version 8.2.1 High Version pom version 8.2.1 Highest
docx4j-JAXB-ReferenceImpl-11.2.9.jarDescription:
config specifying that docx4j should use the JAXB reference impls License:
Apache 2: http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /var/simplicite/.m2/repository/org/docx4j/docx4j-JAXB-ReferenceImpl/11.2.9/docx4j-JAXB-ReferenceImpl-11.2.9.jar
MD5: f781b5f96a97131dfab997bb67aad004
SHA1: ddbfc5b22e6a09d3cc801140ce76e474776f7ac2
SHA256: f3f17502f0659b0de3abef6409548e6a0d74e7e13d899a6013ea35a18a19b5bf
Referenced In Project/Scope: Simplicite Platform:compile
docx4j-JAXB-ReferenceImpl-11.2.9.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.simplicite/simplicite@5.2.54
Evidence Type Source Name Value Confidence Vendor file name docx4j-JAXB-ReferenceImpl High Vendor jar package name docx4j Highest Vendor jar package name docx4j Low Vendor jar package name jaxb Highest Vendor jar package name jaxb Low Vendor jar package name ri Low Vendor pom artifactid docx4j-JAXB-ReferenceImpl Highest Vendor pom artifactid docx4j-JAXB-ReferenceImpl Low Vendor pom developer email jason@plutext.org Low Vendor pom developer name Jason Harrop Medium Vendor pom developer org Plutext Medium Vendor pom developer org URL http://www.plutext.com Medium Vendor pom groupid org.docx4j Highest Vendor pom name docx4j-JAXB-ReferenceImpl High Vendor pom url http://www.docx4java.org/docx4j-JAXB-ReferenceImpl/ Highest Product file name docx4j-JAXB-ReferenceImpl High Product jar package name docx4j Highest Product jar package name jaxb Highest Product jar package name jaxb Low Product jar package name ri Low Product pom artifactid docx4j-JAXB-ReferenceImpl Highest Product pom developer email jason@plutext.org Low Product pom developer name Jason Harrop Low Product pom developer org Plutext Low Product pom developer org URL http://www.plutext.com Low Product pom groupid org.docx4j Highest Product pom name docx4j-JAXB-ReferenceImpl High Product pom url http://www.docx4java.org/docx4j-JAXB-ReferenceImpl/ Medium Version file version 11.2.9 High Version pom version 11.2.9 Highest
docx4j-core-11.2.9.jarDescription:
docx4j is a library which helps you to work with the Office Open
XML file format as used in docx
documents, pptx presentations, and xlsx spreadsheets. License:
Apache 2: http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /var/simplicite/.m2/repository/org/docx4j/docx4j-core/11.2.9/docx4j-core-11.2.9.jar
MD5: 68339af41973a57fcb24a6b464498f63
SHA1: 78f7fc21ab817f1ed728bb33e78a15ab7e1dd74a
SHA256: c7baa6c3a196ad7232006edb369a1304455abe42671685afb0d549101e086b4c
Referenced In Project/Scope: Simplicite Platform:compile
docx4j-core-11.2.9.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.simplicite/simplicite@5.2.54
Evidence Type Source Name Value Confidence Vendor file name docx4j-core High Vendor jar package name and Highest Vendor jar package name docx4j Highest Vendor jar package name docx4j Low Vendor jar package name format Highest Vendor jar package name in Highest Vendor jar package name org Highest Vendor jar package name xml Highest Vendor pom artifactid docx4j-core Highest Vendor pom artifactid docx4j-core Low Vendor pom developer email jason@plutext.org Low Vendor pom developer name Jason Harrop Medium Vendor pom developer org Plutext Medium Vendor pom developer org URL http://www.plutext.com Medium Vendor pom groupid org.docx4j Highest Vendor pom name docx4j-core High Vendor pom url http://www.docx4java.org/docx4j-core/ Highest Product file name docx4j-core High Product jar package name and Highest Product jar package name docx4j Highest Product jar package name format Highest Product jar package name in Highest Product jar package name org Highest Product jar package name xml Highest Product pom artifactid docx4j-core Highest Product pom developer email jason@plutext.org Low Product pom developer name Jason Harrop Low Product pom developer org Plutext Low Product pom developer org URL http://www.plutext.com Low Product pom groupid org.docx4j Highest Product pom name docx4j-core High Product pom url http://www.docx4java.org/docx4j-core/ Medium Version file version 11.2.9 High Version pom version 11.2.9 Highest
docx4j-openxml-objects-11.2.9.jarDescription:
Our JAXB representation of OpenXML, except for pml and sml (handled separately) License:
Apache 2: http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /var/simplicite/.m2/repository/org/docx4j/docx4j-openxml-objects/11.2.9/docx4j-openxml-objects-11.2.9.jar
MD5: be8c6edf33347da19ae19b42b49160a8
SHA1: d8fb8895ec6aea9fae5a2e6afe1c66dc61ced549
SHA256: 1444b2e329e88f3236e749d5cf3c23744eb7858f1d2c89902e42685a474aec06
Referenced In Project/Scope: Simplicite Platform:compile
docx4j-openxml-objects-11.2.9.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.docx4j/docx4j-core@11.2.9
Evidence Type Source Name Value Confidence Vendor file name docx4j-openxml-objects High Vendor jar package name docx4j Highest Vendor jar package name docx4j Low Vendor jar package name org Highest Vendor pom artifactid docx4j-openxml-objects Highest Vendor pom artifactid docx4j-openxml-objects Low Vendor pom developer email jason@plutext.org Low Vendor pom developer name Jason Harrop Medium Vendor pom developer org Plutext Medium Vendor pom developer org URL http://www.plutext.com Medium Vendor pom groupid org.docx4j Highest Vendor pom name docx4j-openxml-objects High Vendor pom url http://www.docx4java.org/docx4j-openxml-objects/ Highest Product file name docx4j-openxml-objects High Product jar package name docx4j Highest Product jar package name org Highest Product pom artifactid docx4j-openxml-objects Highest Product pom developer email jason@plutext.org Low Product pom developer name Jason Harrop Low Product pom developer org Plutext Low Product pom developer org URL http://www.plutext.com Low Product pom groupid org.docx4j Highest Product pom name docx4j-openxml-objects High Product pom url http://www.docx4java.org/docx4j-openxml-objects/ Medium Version file version 11.2.9 High Version pom version 11.2.9 Highest
docx4j-openxml-objects-pml-11.2.9.jarDescription:
Our JAXB representation of OpenXML Presentation Markup Language (pml) License:
Apache 2: http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /var/simplicite/.m2/repository/org/docx4j/docx4j-openxml-objects-pml/11.2.9/docx4j-openxml-objects-pml-11.2.9.jar
MD5: 334971a5b2bca26054cda0f28af42bf7
SHA1: ae8ac27bc6949a16ac13d44a0ace4b043ac0a4fb
SHA256: a7a2dae98f8ebcd69e8fa557869ee1030b9742089365bd71e2d9a82f46ebf3ae
Referenced In Project/Scope: Simplicite Platform:compile
docx4j-openxml-objects-pml-11.2.9.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.docx4j/docx4j-core@11.2.9
Evidence Type Source Name Value Confidence Vendor file name docx4j-openxml-objects-pml High Vendor jar package name pml Highest Vendor jar package name pml Low Vendor jar package name pptx4j Low Vendor pom artifactid docx4j-openxml-objects-pml Highest Vendor pom artifactid docx4j-openxml-objects-pml Low Vendor pom developer email jason@plutext.org Low Vendor pom developer name Jason Harrop Medium Vendor pom developer org Plutext Medium Vendor pom developer org URL http://www.plutext.com Medium Vendor pom groupid org.docx4j Highest Vendor pom name docx4j-openxml-objects-pml High Vendor pom url http://www.docx4java.org/docx4j-openxml-objects-pml/ Highest Product file name docx4j-openxml-objects-pml High Product jar package name pml Highest Product jar package name pml Low Product pom artifactid docx4j-openxml-objects-pml Highest Product pom developer email jason@plutext.org Low Product pom developer name Jason Harrop Low Product pom developer org Plutext Low Product pom developer org URL http://www.plutext.com Low Product pom groupid org.docx4j Highest Product pom name docx4j-openxml-objects-pml High Product pom url http://www.docx4java.org/docx4j-openxml-objects-pml/ Medium Version file version 11.2.9 High Version pom version 11.2.9 Highest
docx4j-openxml-objects-sml-11.2.9.jarDescription:
Our JAXB representation of OpenXML Spreadsheet Markup Language (sml) License:
Apache 2: http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /var/simplicite/.m2/repository/org/docx4j/docx4j-openxml-objects-sml/11.2.9/docx4j-openxml-objects-sml-11.2.9.jar
MD5: 5afb7490b73c6ac25a5c9dfc38c0de21
SHA1: f6914a455f3b19c6aa9d4eccb0cd3096d1be0c72
SHA256: 0fe802ac08e0d200b0fb0cbf7244e012125d39eb13e33ae4859387f7d77862b4
Referenced In Project/Scope: Simplicite Platform:compile
docx4j-openxml-objects-sml-11.2.9.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.docx4j/docx4j-core@11.2.9
Evidence Type Source Name Value Confidence Vendor file name docx4j-openxml-objects-sml High Vendor jar package name sml Highest Vendor jar package name sml Low Vendor jar package name xlsx4j Low Vendor pom artifactid docx4j-openxml-objects-sml Highest Vendor pom artifactid docx4j-openxml-objects-sml Low Vendor pom developer email jason@plutext.org Low Vendor pom developer name Jason Harrop Medium Vendor pom developer org Plutext Medium Vendor pom developer org URL http://www.plutext.com Medium Vendor pom groupid org.docx4j Highest Vendor pom name docx4j-openxml-objects-sml High Vendor pom url http://www.docx4java.org/docx4j-openxml-objects-sml/ Highest Product file name docx4j-openxml-objects-sml High Product jar package name sml Highest Product jar package name sml Low Product pom artifactid docx4j-openxml-objects-sml Highest Product pom developer email jason@plutext.org Low Product pom developer name Jason Harrop Low Product pom developer org Plutext Low Product pom developer org URL http://www.plutext.com Low Product pom groupid org.docx4j Highest Product pom name docx4j-openxml-objects-sml High Product pom url http://www.docx4java.org/docx4j-openxml-objects-sml/ Medium Version file version 11.2.9 High Version pom version 11.2.9 Highest
dom-serializer:0.2.2Description:
render dom nodes to string License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/dom-serializer:0.2.2
Referenced In Projects/Scopes: simplicite-js:5.2.54 simplicite-js:5.2.54/domutils:1.5.1 Evidence Type Source Name Value Confidence Vendor package.json author Felix Boehm <me@feedic.com> Highest Vendor package.json description render dom nodes to string Highest Vendor package.json name dom-serializer Highest Vendor package.json name dom-serializer_project Highest Product package.json name dom-serializer Highest Version package.json version 0.2.2 Highest
Related Dependencies dom-serializer:0.2.2File Path: /var/simplicite/simplicite-5.2/package-lock.json?domutils:1.5.1/dom-serializer:0 pkg:npm/dom-serializer@0.2.2 domelementtype:1.3.1Description:
all the types of nodes in htmlparser2's dom License:
BSD-2-Clause File Path: /var/simplicite/simplicite-5.2/package-lock.json?/domelementtype:1.3.1
Referenced In Projects/Scopes: simplicite-js:5.2.54/htmlparser2:3.8.3 simplicite-js:5.2.54/domhandler:2.3.0 simplicite-js:5.2.54 simplicite-js:5.2.54/domutils:1.5.1 Evidence Type Source Name Value Confidence Vendor package.json author Felix Boehm <me@feedic.com> Highest Vendor package.json description all the types of nodes in htmlparser2's dom Highest Vendor package.json name domelementtype Highest Vendor package.json name domelementtype_project Highest Product package.json name domelementtype Highest Version package.json version 1.3.1 Highest
Related Dependencies domelementtype:1.3.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?domhandler:2.3.0/domelementtype:1 pkg:npm/domelementtype@1.3.1 domelementtype:1.3.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?domutils:1.5.1/domelementtype:1 pkg:npm/domelementtype@1.3.1 domelementtype:1.3.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?htmlparser2:3.8.3/domelementtype:1 pkg:npm/domelementtype@1.3.1 domelementtype:2.3.0Description:
all the types of nodes in htmlparser2's dom License:
BSD-2-Clause File Path: /var/simplicite/simplicite-5.2/package-lock.json?/domelementtype:2.3.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/dom-serializer:0.2.2 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author Felix Boehm <me@feedic.com> Highest Vendor package.json description all the types of nodes in htmlparser2's dom Highest Vendor package.json name domelementtype Highest Vendor package.json name domelementtype_project Highest Product package.json name domelementtype Highest Version package.json version 2.3.0 Highest
Related Dependencies domelementtype:2.3.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?dom-serializer:0.2.2/domelementtype:^2.0.1 pkg:npm/domelementtype@2.3.0 domhandler:2.3.0Description:
handler for htmlparser2 that turns pages into a dom File Path: /var/simplicite/simplicite-5.2/package-lock.json?/domhandler:2.3.0Referenced In Projects/Scopes:
simplicite-js:5.2.54/htmlparser2:3.8.3 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author Felix Boehm <me@feedic.com> Highest Vendor package.json description handler for htmlparser2 that turns pages into a dom Highest Vendor package.json name domhandler Highest Vendor package.json name domhandler_project Highest Product package.json name domhandler Highest Version package.json version 2.3.0 Highest
Related Dependencies domhandler:2.3.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?htmlparser2:3.8.3/domhandler:2.3 pkg:npm/domhandler@2.3.0 domutils:1.5.1Description:
utilities for working with htmlparser2's dom File Path: /var/simplicite/simplicite-5.2/package-lock.json?/domutils:1.5.1Referenced In Projects/Scopes:
simplicite-js:5.2.54/htmlparser2:3.8.3 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author Felix Boehm <me@feedic.com> Highest Vendor package.json description utilities for working with htmlparser2's dom Highest Vendor package.json name domutils Highest Vendor package.json name domutils_project Highest Product package.json name domutils Highest Version package.json version 1.5.1 Highest
Related Dependencies domutils:1.5.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?htmlparser2:3.8.3/domutils:1.5 pkg:npm/domutils@1.5.1 dot-prop:5.3.0Description:
Get, set, or delete a property from a nested object using a dot path License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/dot-prop:5.3.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/configstore:6.0.0 simplicite-js:5.2.54 simplicite-js:5.2.54/configstore:5.0.1 Evidence Type Source Name Value Confidence Vendor package.json author.email sindresorhus@gmail.com Highest Vendor package.json author.name Sindre Sorhus Highest Vendor package.json author.url sindresorhus.com Highest Vendor package.json description Get, set, or delete a property from a nested object using a dot path Highest Vendor package.json name dot-prop Highest Vendor package.json name dot-prop_project Highest Product package.json name dot-prop Highest Version package.json version 5.3.0 Highest
Related Dependencies dot-prop:5.3.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?configstore:5.0.1/dot-prop:^5.2.0 pkg:npm/dot-prop@5.3.0 dot-prop:5.3.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?configstore:6.0.0/dot-prop:^6.0.1 pkg:npm/dot-prop@5.3.0 dot-prop:6.0.1Description:
Get, set, or delete a property from a nested object using a dot path License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/dot-prop:6.0.1
Referenced In Project/Scope: simplicite-js:5.2.54
Evidence Type Source Name Value Confidence Vendor package.json author.email sindresorhus@gmail.com Highest Vendor package.json author.name Sindre Sorhus Highest Vendor package.json author.url https://sindresorhus.com Highest Vendor package.json description Get, set, or delete a property from a nested object using a dot path Highest Vendor package.json name dot-prop Highest Vendor package.json name dot-prop_project Highest Product package.json name dot-prop Highest Version package.json version 6.0.1 Highest
dtd-parser-1.4.4.jarDescription:
SAX-like API for parsing XML DTDs. License:
Eclipse Distribution License - v 1.0: http://www.eclipse.org/org/documents/edl-v10.php File Path: /var/simplicite/.m2/repository/com/sun/xml/dtd-parser/dtd-parser/1.4.4/dtd-parser-1.4.4.jar
MD5: f711370da18d104e1edcc44b7e831e95
SHA1: 77b8756371b63d4004a53c90a731945f34ea4c71
SHA256: 13d244b7dc112f05ea51b8320fc0b20628e4bea631e1230875df155c56082c59
Referenced In Project/Scope: Simplicite Platform:compile
dtd-parser-1.4.4.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.glassfish.jaxb/jaxb-xjc@2.3.4
Evidence Type Source Name Value Confidence Vendor file name dtd-parser High Vendor jar package name sun Highest Vendor jar package name xml Highest Vendor jar (hint) package name oracle Highest Vendor Manifest bundle-docurl https://www.eclipse.org Low Vendor Manifest bundle-symbolicname com.sun.xml.dtd-parser Medium Vendor Manifest implementation-build-id 1.4.4 - b4b14d5 Low Vendor pom artifactid dtd-parser Highest Vendor pom artifactid dtd-parser Low Vendor pom developer email Roman.Grigoriadi@oracle.com Low Vendor pom developer id bravehorsie Medium Vendor pom developer name Roman Grigoriadi Medium Vendor pom groupid com.sun.xml.dtd-parser Highest Vendor pom name DTD Parser High Vendor pom parent-artifactid project Low Vendor pom parent-groupid org.eclipse.ee4j Medium Vendor pom url eclipse-ee4j/jaxb-dtd-parser Highest Product file name dtd-parser High Product jar package name sun Highest Product jar package name xml Highest Product Manifest bundle-docurl https://www.eclipse.org Low Product Manifest Bundle-Name DTD Parser Medium Product Manifest bundle-symbolicname com.sun.xml.dtd-parser Medium Product Manifest implementation-build-id 1.4.4 - b4b14d5 Low Product pom artifactid dtd-parser Highest Product pom developer email Roman.Grigoriadi@oracle.com Low Product pom developer id bravehorsie Low Product pom developer name Roman Grigoriadi Low Product pom groupid com.sun.xml.dtd-parser Highest Product pom name DTD Parser High Product pom parent-artifactid project Medium Product pom parent-groupid org.eclipse.ee4j Medium Product pom url eclipse-ee4j/jaxb-dtd-parser High Version file version 1.4.4 High Version Manifest Bundle-Version 1.4.4 High Version Manifest implementation-build-id 1.4.4 Low Version pom parent-version 1.4.4 Low Version pom version 1.4.4 Highest
duplexer3:0.1.5Description:
Like duplexer but using streams3 License:
BSD-3-Clause File Path: /var/simplicite/simplicite-5.2/package-lock.json?got:9.6.0/duplexer3:^0.1.4
Referenced In Projects/Scopes: simplicite-js:5.2.54/got:9.6.0 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json description Like duplexer but using streams3 Highest Vendor package.json name duplexer3 Highest Vendor package.json name duplexer3_project Highest Product package.json name duplexer3 Highest Version package.json version 0.1.5 Highest
Related Dependencies duplexer3:0.1.5File Path: /var/simplicite/simplicite-5.2/package-lock.json?/duplexer3:0.1.5 pkg:npm/duplexer3@0.1.5 eastasianwidth:0.2.0Description:
Get East Asian Width from a character. License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?string-width:5.1.2/eastasianwidth:^0.2.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/string-width:5.1.2 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author Masaki Komagata Highest Vendor package.json description Get East Asian Width from a character. Highest Vendor package.json name eastasianwidth Highest Vendor package.json name eastasianwidth_project Highest Product package.json name eastasianwidth Highest Version package.json version 0.2.0 Highest
Related Dependencies eastasianwidth:0.2.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?/eastasianwidth:0.2.0 pkg:npm/eastasianwidth@0.2.0 eddsa-0.3.0.jarDescription:
Implementation of EdDSA in Java License:
CC0 1.0 Universal: https://creativecommons.org/publicdomain/zero/1.0/ File Path: /var/simplicite/.m2/repository/net/i2p/crypto/eddsa/0.3.0/eddsa-0.3.0.jar
MD5: ee7de3b6f19de76a06e465efc978f669
SHA1: 1901c8d4d8bffb7d79027686cfb91e704217c3e1
SHA256: 4dda1120db856640dbec04140ed23242215a075fe127bdefa0dcfa29fb31267d
Referenced In Project/Scope: Simplicite Platform:compile
eddsa-0.3.0.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.eclipse.jgit/org.eclipse.jgit.ssh.apache@6.1.0.202203080745-r
Evidence Type Source Name Value Confidence Vendor file name eddsa High Vendor jar package name crypto Highest Vendor jar package name eddsa Highest Vendor jar package name i2p Highest Vendor jar package name net Highest Vendor Manifest automatic-module-name net.i2p.crypto.eddsa Medium Vendor Manifest bundle-symbolicname net.i2p.crypto.eddsa Medium Vendor pom artifactid eddsa Highest Vendor pom artifactid eddsa Low Vendor pom developer email str4d@i2pmail.org Low Vendor pom developer id str4d Medium Vendor pom developer name str4d Medium Vendor pom groupid net.i2p.crypto Highest Vendor pom name EdDSA-Java High Vendor pom url str4d/ed25519-java Highest Product file name eddsa High Product jar package name crypto Highest Product jar package name eddsa Highest Product jar package name i2p Highest Product jar package name net Highest Product Manifest automatic-module-name net.i2p.crypto.eddsa Medium Product Manifest Bundle-Name EdDSA-Java Medium Product Manifest bundle-symbolicname net.i2p.crypto.eddsa Medium Product pom artifactid eddsa Highest Product pom developer email str4d@i2pmail.org Low Product pom developer id str4d Low Product pom developer name str4d Low Product pom groupid net.i2p.crypto Highest Product pom name EdDSA-Java High Product pom url str4d/ed25519-java High Version file version 0.3.0 High Version Manifest Bundle-Version 0.3.0 High Version pom version 0.3.0 Highest
editorconfig:0.15.3Description:
EditorConfig File Locator and Interpreter for Node.js License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?js-beautify:1.14.0/editorconfig:^0.15.3
Referenced In Projects/Scopes: simplicite-js:5.2.54/js-beautify:1.14.0 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author EditorConfig Team Highest Vendor package.json bugs https://github.com/editorconfig/editorconfig-core-js/issues Highest Vendor package.json description EditorConfig File Locator and Interpreter for Node.js Highest Vendor package.json name editorconfig Highest Vendor package.json name editorconfig_project Highest Product package.json name editorconfig Highest Version package.json version 0.15.3 Highest
Related Dependencies editorconfig:0.15.3File Path: /var/simplicite/simplicite-5.2/package-lock.json?/editorconfig:0.15.3 pkg:npm/editorconfig@0.15.3 ehcache-3.9.6.jar (shaded: org.ehcache.modules:ehcache-107:3.9.6)Description:
The JSR-107 compatibility module of Ehcache 3 License:
The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /var/simplicite/.m2/repository/org/ehcache/ehcache/3.9.6/ehcache-3.9.6.jar/META-INF/maven/org.ehcache.modules/ehcache-107/pom.xml
MD5: 13c94acb6584e8f0305a98ade3df97e7
SHA1: d0cd4e5dfcc655527b4c390291cfc42c418935b9
SHA256: 5a3e9568b9a4b6a7972279d92b604769070aade315882ed0330cacf6243505a6
Referenced In Project/Scope: Simplicite Platform:compile
Evidence Type Source Name Value Confidence Vendor pom artifactid ehcache-107 Low Vendor pom developer email tc-oss@softwareag.com Low Vendor pom developer name Terracotta Engineers Medium Vendor pom developer org Terracotta Inc., a wholly-owned subsidiary of Software AG USA, Inc. Medium Vendor pom developer org URL http://ehcache.org Medium Vendor pom groupid org.ehcache.modules Highest Vendor pom name Ehcache 3 JSR-107 module High Vendor pom organization name Terracotta Inc., a wholly-owned subsidiary of Software AG USA, Inc. High Vendor pom organization url http://terracotta.org Medium Vendor pom url http://ehcache.org Highest Product pom artifactid ehcache-107 Highest Product pom developer email tc-oss@softwareag.com Low Product pom developer name Terracotta Engineers Low Product pom developer org Terracotta Inc., a wholly-owned subsidiary of Software AG USA, Inc. Low Product pom developer org URL http://ehcache.org Low Product pom groupid org.ehcache.modules Highest Product pom name Ehcache 3 JSR-107 module High Product pom organization name Terracotta Inc., a wholly-owned subsidiary of Software AG USA, Inc. Low Product pom organization url http://terracotta.org Low Product pom url http://ehcache.org Medium Version pom version 3.9.6 Highest
ehcache-3.9.6.jar (shaded: org.ehcache.modules:ehcache-api:3.9.6)Description:
The API module of Ehcache 3 License:
The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /var/simplicite/.m2/repository/org/ehcache/ehcache/3.9.6/ehcache-3.9.6.jar/META-INF/maven/org.ehcache.modules/ehcache-api/pom.xml
MD5: de091a511003ad153bf8f2b1fb430474
SHA1: 7bdbd3589b3bb6fb7552067cd43128625145be04
SHA256: ac3d73e785d839a019faa5446e8d7feb00f708557191345e82b59f1d48379d19
Referenced In Project/Scope: Simplicite Platform:compile
Evidence Type Source Name Value Confidence Vendor pom artifactid ehcache-api Low Vendor pom developer email tc-oss@softwareag.com Low Vendor pom developer name Terracotta Engineers Medium Vendor pom developer org Terracotta Inc., a wholly-owned subsidiary of Software AG USA, Inc. Medium Vendor pom developer org URL http://ehcache.org Medium Vendor pom groupid org.ehcache.modules Highest Vendor pom name Ehcache 3 API module High Vendor pom organization name Terracotta Inc., a wholly-owned subsidiary of Software AG USA, Inc. High Vendor pom organization url http://terracotta.org Medium Vendor pom url http://ehcache.org Highest Product pom artifactid ehcache-api Highest Product pom developer email tc-oss@softwareag.com Low Product pom developer name Terracotta Engineers Low Product pom developer org Terracotta Inc., a wholly-owned subsidiary of Software AG USA, Inc. Low Product pom developer org URL http://ehcache.org Low Product pom groupid org.ehcache.modules Highest Product pom name Ehcache 3 API module High Product pom organization name Terracotta Inc., a wholly-owned subsidiary of Software AG USA, Inc. Low Product pom organization url http://terracotta.org Low Product pom url http://ehcache.org Medium Version pom version 3.9.6 Highest
ehcache-3.9.6.jar (shaded: org.ehcache.modules:ehcache-core:3.9.6)Description:
The Core module of Ehcache 3 License:
The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /var/simplicite/.m2/repository/org/ehcache/ehcache/3.9.6/ehcache-3.9.6.jar/META-INF/maven/org.ehcache.modules/ehcache-core/pom.xml
MD5: 57178604434be0022c4815062e52e26b
SHA1: c46d1c2fd9d0fd1ae74c40ef82f7582a3053a6b7
SHA256: 3eea5cd5a9b8583c24bf77bb85b2d568ce6fe672ba6dd9d754fe457aa89ec74d
Referenced In Project/Scope: Simplicite Platform:compile
Evidence Type Source Name Value Confidence Vendor pom artifactid ehcache-core Low Vendor pom developer email tc-oss@softwareag.com Low Vendor pom developer name Terracotta Engineers Medium Vendor pom developer org Terracotta Inc., a wholly-owned subsidiary of Software AG USA, Inc. Medium Vendor pom developer org URL http://ehcache.org Medium Vendor pom groupid org.ehcache.modules Highest Vendor pom name Ehcache 3 Core module High Vendor pom organization name Terracotta Inc., a wholly-owned subsidiary of Software AG USA, Inc. High Vendor pom organization url http://terracotta.org Medium Vendor pom url http://ehcache.org Highest Product pom artifactid ehcache-core Highest Product pom developer email tc-oss@softwareag.com Low Product pom developer name Terracotta Engineers Low Product pom developer org Terracotta Inc., a wholly-owned subsidiary of Software AG USA, Inc. Low Product pom developer org URL http://ehcache.org Low Product pom groupid org.ehcache.modules Highest Product pom name Ehcache 3 Core module High Product pom organization name Terracotta Inc., a wholly-owned subsidiary of Software AG USA, Inc. Low Product pom organization url http://terracotta.org Low Product pom url http://ehcache.org Medium Version pom version 3.9.6 Highest
ehcache-3.9.6.jar (shaded: org.ehcache.modules:ehcache-impl:3.9.6)Description:
The implementation module of Ehcache 3 License:
The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /var/simplicite/.m2/repository/org/ehcache/ehcache/3.9.6/ehcache-3.9.6.jar/META-INF/maven/org.ehcache.modules/ehcache-impl/pom.xml
MD5: 956f6047a239689f506d981c715b8a61
SHA1: 8e194f6b76fb23899d8091719fc70516ecdc0c65
SHA256: 7b19e56f8525654a0cb4f3355a518d39721562d8cd1da34be3b7fcabdc1b8e3a
Referenced In Project/Scope: Simplicite Platform:compile
Evidence Type Source Name Value Confidence Vendor pom artifactid ehcache-impl Low Vendor pom developer email tc-oss@softwareag.com Low Vendor pom developer name Terracotta Engineers Medium Vendor pom developer org Terracotta Inc., a wholly-owned subsidiary of Software AG USA, Inc. Medium Vendor pom developer org URL http://ehcache.org Medium Vendor pom groupid org.ehcache.modules Highest Vendor pom name Ehcache 3 Implementation module High Vendor pom organization name Terracotta Inc., a wholly-owned subsidiary of Software AG USA, Inc. High Vendor pom organization url http://terracotta.org Medium Vendor pom url http://ehcache.org Highest Product pom artifactid ehcache-impl Highest Product pom developer email tc-oss@softwareag.com Low Product pom developer name Terracotta Engineers Low Product pom developer org Terracotta Inc., a wholly-owned subsidiary of Software AG USA, Inc. Low Product pom developer org URL http://ehcache.org Low Product pom groupid org.ehcache.modules Highest Product pom name Ehcache 3 Implementation module High Product pom organization name Terracotta Inc., a wholly-owned subsidiary of Software AG USA, Inc. Low Product pom organization url http://terracotta.org Low Product pom url http://ehcache.org Medium Version pom version 3.9.6 Highest
ehcache-3.9.6.jar (shaded: org.ehcache.modules:ehcache-xml:3.9.6)Description:
The module containing all XML parsing logic Ehcache 3 License:
The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /var/simplicite/.m2/repository/org/ehcache/ehcache/3.9.6/ehcache-3.9.6.jar/META-INF/maven/org.ehcache.modules/ehcache-xml/pom.xml
MD5: 298122afe88cc7c818768b30abd92733
SHA1: 84fcb1a938a1ffc9b815eaf1c0ca36a6866c11f1
SHA256: 800fe5e94fe94f682f75ac2ed9e8fb89e1562daf063b9732f2b75943e82d79eb
Referenced In Project/Scope: Simplicite Platform:compile
Evidence Type Source Name Value Confidence Vendor pom artifactid ehcache-xml Low Vendor pom developer email tc-oss@softwareag.com Low Vendor pom developer name Terracotta Engineers Medium Vendor pom developer org Terracotta Inc., a wholly-owned subsidiary of Software AG USA, Inc. Medium Vendor pom developer org URL http://ehcache.org Medium Vendor pom groupid org.ehcache.modules Highest Vendor pom name Ehcache 3 XML Parsing module High Vendor pom organization name Terracotta Inc., a wholly-owned subsidiary of Software AG USA, Inc. High Vendor pom organization url http://terracotta.org Medium Vendor pom url http://ehcache.org Highest Product pom artifactid ehcache-xml Highest Product pom developer email tc-oss@softwareag.com Low Product pom developer name Terracotta Engineers Low Product pom developer org Terracotta Inc., a wholly-owned subsidiary of Software AG USA, Inc. Low Product pom developer org URL http://ehcache.org Low Product pom groupid org.ehcache.modules Highest Product pom name Ehcache 3 XML Parsing module High Product pom organization name Terracotta Inc., a wholly-owned subsidiary of Software AG USA, Inc. Low Product pom organization url http://terracotta.org Low Product pom url http://ehcache.org Medium Version pom version 3.9.6 Highest
ehcache-3.9.6.jar (shaded: org.ehcache:sizeof:0.4.0)Description:
SizeOf engine, extracted from Ehcache License:
The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /var/simplicite/.m2/repository/org/ehcache/ehcache/3.9.6/ehcache-3.9.6.jar/META-INF/maven/org.ehcache/sizeof/pom.xml
MD5: 4c6f7de9f499531083e2a0d03392f3cf
SHA1: 73ae8131061b4f5b29fa15819c0ed429ac4708d4
SHA256: e9a89defb70a370e182e4eb1e4ced5e8b5a0ebc3c21d1da4342ed040bf02d4ad
Referenced In Project/Scope: Simplicite Platform:compile
Evidence Type Source Name Value Confidence Vendor pom artifactid sizeof Low Vendor pom groupid org.ehcache Highest Vendor pom name Ehcache SizeOf Engine High Vendor pom organization name Terracotta High Vendor pom organization url http://terracotta.org Medium Vendor pom url ehcache/sizeof Highest Product pom artifactid sizeof Highest Product pom groupid org.ehcache Highest Product pom name Ehcache SizeOf Engine High Product pom organization name Terracotta Low Product pom organization url http://terracotta.org Low Product pom url ehcache/sizeof High Version pom version 0.4.0 Highest
ehcache-3.9.6.jar (shaded: org.terracotta:offheap-store:2.5.2)Description:
A library that offers data structures allocated off the java heap. License:
The Apache License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /var/simplicite/.m2/repository/org/ehcache/ehcache/3.9.6/ehcache-3.9.6.jar/META-INF/maven/org.terracotta/offheap-store/pom.xml
MD5: d089641b4a80a158a3bc42c39610173a
SHA1: 8b22532136a07c5a03aa5b571d55e3bd4919b43d
SHA256: 79fdf6cc2cfa6c9332864109cbf13e69cfbeb7b381023793e40d35c3e959c9cb
Referenced In Project/Scope: Simplicite Platform:compile
Evidence Type Source Name Value Confidence Vendor pom artifactid offheap-store Low Vendor pom developer email chris.dennis@terracottatech.com Low Vendor pom developer name Chris Dennis Medium Vendor pom developer org Terracotta Inc., a wholly-owned subsidiary of Software AG USA, Inc. Medium Vendor pom developer org URL https://terracotta.org Medium Vendor pom groupid org.terracotta Highest Vendor pom name Terracotta Off-Heap Store High Vendor pom url Terracotta-OSS/offheap-store/ Highest Product pom artifactid offheap-store Highest Product pom developer email chris.dennis@terracottatech.com Low Product pom developer name Chris Dennis Low Product pom developer org Terracotta Inc., a wholly-owned subsidiary of Software AG USA, Inc. Low Product pom developer org URL https://terracotta.org Low Product pom groupid org.terracotta Highest Product pom name Terracotta Off-Heap Store High Product pom url Terracotta-OSS/offheap-store/ High Version pom version 2.5.2 Highest
ehcache-3.9.6.jar (shaded: org.terracotta:statistics:2.1)Description:
A statistics framework used inside Ehcache and the Terracotta products License:
The Apache License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /var/simplicite/.m2/repository/org/ehcache/ehcache/3.9.6/ehcache-3.9.6.jar/META-INF/maven/org.terracotta/statistics/pom.xml
MD5: c2e7d02d7e332392956c557deed20543
SHA1: 56e7b6d8a273bd82f2d7066b7063de656763f2b7
SHA256: c97d57efb3ac671e65a39fc2109e354ef5ea665a1a6490491e5a348e0dbf1ebb
Referenced In Project/Scope: Simplicite Platform:compile
Evidence Type Source Name Value Confidence Vendor pom artifactid statistics Low Vendor pom developer email chris.dennis@terracottatech.com Low Vendor pom developer email Chris.Schanck@terracottatech.com Low Vendor pom developer email ludovic.orban@terracottatech.com Low Vendor pom developer name Chris Dennis Medium Vendor pom developer name Chris Schanck Medium Vendor pom developer name Ludovic Orban Medium Vendor pom developer org Terracotta Inc., a wholly-owned subsidiary of Software AG USA, Inc. Medium Vendor pom developer org URL https://terracotta.org Medium Vendor pom groupid org.terracotta Highest Vendor pom name Terracotta Statistics High Vendor pom url Terracotta-OSS/statistics Highest Product pom artifactid statistics Highest Product pom developer email chris.dennis@terracottatech.com Low Product pom developer email Chris.Schanck@terracottatech.com Low Product pom developer email ludovic.orban@terracottatech.com Low Product pom developer name Chris Dennis Low Product pom developer name Chris Schanck Low Product pom developer name Ludovic Orban Low Product pom developer org Terracotta Inc., a wholly-owned subsidiary of Software AG USA, Inc. Low Product pom developer org URL https://terracotta.org Low Product pom groupid org.terracotta Highest Product pom name Terracotta Statistics High Product pom url Terracotta-OSS/statistics High Version pom version 2.1 Highest
ehcache-3.9.6.jar (shaded: org.terracotta:terracotta-utilities-tools:0.0.9)Description:
Utility classes/methods for common Java tasks License:
The Apache License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /var/simplicite/.m2/repository/org/ehcache/ehcache/3.9.6/ehcache-3.9.6.jar/META-INF/maven/org.terracotta/terracotta-utilities-tools/pom.xml
MD5: a55b2ab2781f5fdd83ae6c23d9e42887
SHA1: 6ee0ebbb1f94e470f04d3a5737a0650e9d02e30e
SHA256: 7703955943c1f9ab2f4343a0f21a8aa61d159df0eaf2a2786c81be464dda6aaa
Referenced In Project/Scope: Simplicite Platform:compile
Evidence Type Source Name Value Confidence Vendor pom artifactid terracotta-utilities-tools Low Vendor pom developer email clifford.johnson@softwareag.com Low Vendor pom developer name Clifford W Johnson Medium Vendor pom developer org Terracotta Inc., a wholly-owned subsidiary of Software AG USA, Inc. Medium Vendor pom developer org URL https://terracotta.org Medium Vendor pom groupid org.terracotta Highest Vendor pom name Terracotta Utilities Tools High Vendor pom parent-artifactid terracotta-utilities-parent Low Vendor pom url Terracotta-OSS/terracotta-utilities/ Highest Product pom artifactid terracotta-utilities-tools Highest Product pom developer email clifford.johnson@softwareag.com Low Product pom developer name Clifford W Johnson Low Product pom developer org Terracotta Inc., a wholly-owned subsidiary of Software AG USA, Inc. Low Product pom developer org URL https://terracotta.org Low Product pom groupid org.terracotta Highest Product pom name Terracotta Utilities Tools High Product pom parent-artifactid terracotta-utilities-parent Medium Product pom url Terracotta-OSS/terracotta-utilities/ High Version pom version 0.0.9 Highest
ehcache-3.9.6.jarDescription:
End-user ehcache3 jar artifact License:
The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /var/simplicite/.m2/repository/org/ehcache/ehcache/3.9.6/ehcache-3.9.6.jar
MD5: f3cad96e513526c473610fb449ed411a
SHA1: c63362936308b841f81dbc7cd40384ffc473c595
SHA256: e1a0f4f270ed4a5b194cb632369a2d851472122d436b548a5a22430acad9cd24
Referenced In Project/Scope: Simplicite Platform:compile
ehcache-3.9.6.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.simplicite/simplicite@5.2.54
Evidence Type Source Name Value Confidence Vendor file name ehcache High Vendor jar package name ehcache Highest Vendor jar package name org Highest Vendor jar package name terracotta Highest Vendor Manifest build-time 2021-08-24T21:33:09+0000 Low Vendor Manifest bundle-docurl http://ehcache.org Low Vendor Manifest bundle-symbolicname org.ehcache Medium Vendor Manifest provide-capability osgi.service;objectClass:List="javax.cache.spi.CachingProvider",osgi.service;objectClass:List="org.ehcache.core.spi.service.ServiceFactory",osgi.service;objectClass:List="org.ehcache.xml.CacheManagerServiceConfigurationParser",osgi.service;objectClass:List="org.ehcache.xml.CacheServiceConfigurationParser" Low Vendor Manifest service-component OSGI-INF/*.xml Low Vendor pom artifactid ehcache Highest Vendor pom artifactid ehcache Low Vendor pom developer email tc-oss@softwareag.com Low Vendor pom developer name Terracotta Engineers Medium Vendor pom developer org Terracotta Inc., a wholly-owned subsidiary of Software AG USA, Inc. Medium Vendor pom developer org URL http://ehcache.org Medium Vendor pom groupid org.ehcache Highest Vendor pom name Ehcache High Vendor pom organization name Terracotta Inc., a wholly-owned subsidiary of Software AG USA, Inc. High Vendor pom organization url http://terracotta.org Medium Vendor pom url http://ehcache.org Highest Product file name ehcache High Product jar package name cache Highest Product jar package name cachemanagerserviceconfigurationparser Highest Product jar package name cacheserviceconfigurationparser Highest Product jar package name core Highest Product jar package name ehcache Highest Product jar package name org Highest Product jar package name osgi Highest Product jar package name service Highest Product jar package name spi Highest Product jar package name terracotta Highest Product jar package name xml Highest Product Manifest build-time 2021-08-24T21:33:09+0000 Low Product Manifest bundle-docurl http://ehcache.org Low Product Manifest Bundle-Name Ehcache 3 Medium Product Manifest bundle-symbolicname org.ehcache Medium Product Manifest Implementation-Title ehcache-dist High Product Manifest provide-capability osgi.service;objectClass:List="javax.cache.spi.CachingProvider",osgi.service;objectClass:List="org.ehcache.core.spi.service.ServiceFactory",osgi.service;objectClass:List="org.ehcache.xml.CacheManagerServiceConfigurationParser",osgi.service;objectClass:List="org.ehcache.xml.CacheServiceConfigurationParser" Low Product Manifest service-component OSGI-INF/*.xml Low Product pom artifactid ehcache Highest Product pom developer email tc-oss@softwareag.com Low Product pom developer name Terracotta Engineers Low Product pom developer org Terracotta Inc., a wholly-owned subsidiary of Software AG USA, Inc. Low Product pom developer org URL http://ehcache.org Low Product pom groupid org.ehcache Highest Product pom name Ehcache High Product pom organization name Terracotta Inc., a wholly-owned subsidiary of Software AG USA, Inc. Low Product pom organization url http://terracotta.org Low Product pom url http://ehcache.org Medium Version file version 3.9.6 High Version Manifest Bundle-Version 3.9.6 High Version pom version 3.9.6 Highest
ehcache-3.9.6.jar: sizeof-agent.jarFile Path: /var/simplicite/.m2/repository/org/ehcache/ehcache/3.9.6/ehcache-3.9.6.jar/org/ehcache/sizeof/impl/sizeof-agent.jarMD5: ebbbeb86eb031d51e9607e2e5581ec70SHA1: fb0f17e0abef2dce271fe80fff4ec331bb635a2aSHA256: e0bc6c03760bf71296d00ca2c15eb4b9bfa19f60a287edf002b2b2423f993d88Referenced In Project/Scope: Simplicite Platform:compile
Evidence Type Source Name Value Confidence Vendor file name sizeof-agent High Vendor jar package name ehcache Low Vendor jar package name impl Low Vendor jar package name sizeof Low Product file name sizeof-agent High Product jar package name impl Low Product jar package name sizeof Low Product jar package name sizeofagent Low
electron-to-chromium:1.4.656Description:
Provides a list of electron-to-chromium version mappings License:
ISC File Path: /var/simplicite/simplicite-5.2/package-lock.json?/electron-to-chromium:1.4.656
Referenced In Projects/Scopes: simplicite-js:5.2.54/browserslist:4.22.3 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author Kilian Valkhof Highest Vendor package.json description Provides a list of electron-to-chromium version mappings Highest Vendor package.json name electron-to-chromium Highest Vendor package.json name electron-to-chromium_project Highest Product package.json name electron-to-chromium Highest Version package.json version 1.4.656 Highest
Related Dependencies electron-to-chromium:1.4.656File Path: /var/simplicite/simplicite-5.2/package-lock.json?browserslist:4.22.3/electron-to-chromium:^1.4.648 pkg:npm/electron-to-chromium@1.4.656 emoji-regex:8.0.0Description:
A regular expression to match all Emoji-only symbols as per the Unicode Standard. License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?string-width-cjs:4.2.3/emoji-regex:^8.0.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/string-width:4.2.3 simplicite-js:5.2.54/string-width-cjs:4.2.3 simplicite-js:5.2.54/string-width:5.1.2 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author.name Mathias Bynens Highest Vendor package.json author.url https://mathiasbynens.be/ Highest Vendor package.json bugs https://github.com/mathiasbynens/emoji-regex/issues Highest Vendor package.json description A regular expression to match all Emoji-only symbols as per the Unicode Standard. Highest Vendor package.json homepage https://mths.be/emoji-regex Highest Vendor package.json name emoji-regex Highest Vendor package.json name emoji-regex_project Highest Product package.json name emoji-regex Highest Version package.json version 8.0.0 Highest
Related Dependencies emoji-regex:8.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?/emoji-regex:8.0.0 pkg:npm/emoji-regex@8.0.0 emoji-regex:8.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?string-width:4.2.3/emoji-regex:^8.0.0 pkg:npm/emoji-regex@8.0.0 emoji-regex:8.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?string-width:5.1.2/emoji-regex:^9.2.2 pkg:npm/emoji-regex@8.0.0 emoji-regex:9.2.2File Path: /var/simplicite/simplicite-5.2/package-lock.json?/emoji-regex:9.2.2 pkg:npm/emoji-regex@9.2.2 encoding:0.1.13Description:
Convert encodings, uses iconv-lite License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/encoding:0.1.13
Referenced In Project/Scope: simplicite-js:5.2.54
Evidence Type Source Name Value Confidence Vendor package.json author Andris Reinman Highest Vendor package.json description Convert encodings, uses iconv-lite Highest Vendor package.json name encoding Highest Vendor package.json name encoding_project Highest Product package.json name encoding Highest Version package.json version 0.1.13 Highest
end-of-stream:1.4.4Description:
Call a callback when a readable/writable/duplex stream has completed or failed. License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?pump:3.0.0/end-of-stream:^1.1.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/pump:3.0.0 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author Mathias Buus <mathiasbuus@gmail.com> Highest Vendor package.json bugs.url https://github.com/mafintosh/end-of-stream/issues Highest Vendor package.json description Call a callback when a readable/writable/duplex stream has completed or failed. Highest Vendor package.json homepage https://github.com/mafintosh/end-of-stream Highest Vendor package.json name end-of-stream Highest Vendor package.json name end-of-stream_project Highest Product package.json name end-of-stream Highest Version package.json version 1.4.4 Highest
Related Dependencies end-of-stream:1.4.4File Path: /var/simplicite/simplicite-5.2/package-lock.json?/end-of-stream:1.4.4 pkg:npm/end-of-stream@1.4.4 entities:1.0.0Description:
Encode & decode XML/HTML entities with ease License:
BSD-like File Path: /var/simplicite/simplicite-5.2/package-lock.json?/entities:1.0.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/htmlparser2:3.8.3 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author Felix Boehm <me@feedic.com> Highest Vendor package.json description Encode & decode XML/HTML entities with ease Highest Vendor package.json name entities Highest Vendor package.json name entities_project Highest Product package.json name entities Highest Version package.json version 1.0.0 Highest
Related Dependencies entities:1.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?htmlparser2:3.8.3/entities:1.0 pkg:npm/entities@1.0.0 entities:2.1.0Description:
Encode & decode XML and HTML entities with ease License:
BSD-2-Clause File Path: /var/simplicite/simplicite-5.2/package-lock.json?/entities:2.1.0
Referenced In Projects/Scopes: simplicite-js:5.2.54 simplicite-js:5.2.54/markdown-it:12.3.2 Evidence Type Source Name Value Confidence Vendor package.json author Felix Boehm <me@feedic.com> Highest Vendor package.json description Encode & decode XML and HTML entities with ease Highest Vendor package.json name entities Highest Vendor package.json name entities_project Highest Product package.json name entities Highest Version package.json version 2.1.0 Highest
Related Dependencies entities:2.1.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?markdown-it:12.3.2/entities:~2.1.0 pkg:npm/entities@2.1.0 entities:2.2.0Description:
Encode & decode XML and HTML entities with ease License:
BSD-2-Clause File Path: /var/simplicite/simplicite-5.2/package-lock.json?/entities:2.2.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/dom-serializer:0.2.2 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author Felix Boehm <me@feedic.com> Highest Vendor package.json description Encode & decode XML and HTML entities with ease Highest Vendor package.json name entities Highest Vendor package.json name entities_project Highest Product package.json name entities Highest Version package.json version 2.2.0 Highest
Related Dependencies entities:2.2.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?dom-serializer:0.2.2/entities:^2.0.0 pkg:npm/entities@2.2.0 env-paths:2.2.1Description:
Get paths for storing things like data, config, cache, etc License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?node-gyp:9.4.0/env-paths:^2.2.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/node-gyp:9.4.0 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author.email sindresorhus@gmail.com Highest Vendor package.json author.name Sindre Sorhus Highest Vendor package.json author.url sindresorhus.com Highest Vendor package.json description Get paths for storing things like data, config, cache, etc Highest Vendor package.json name env-paths Highest Vendor package.json name env-paths_project Highest Product package.json name env-paths Highest Version package.json version 2.2.1 Highest
Related Dependencies env-paths:2.2.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?/env-paths:2.2.1 pkg:npm/env-paths@2.2.1 eol:0.9.1Description:
Newline character converter License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?license-report:6.5.0/eol:^0.9.1
Referenced In Projects/Scopes: simplicite-js:5.2.54/license-report:6.5.0 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author Ryan Van Etten Highest Vendor package.json bugs.url https://github.com/ryanve/eol/issues Highest Vendor package.json description Newline character converter Highest Vendor package.json homepage https://github.com/ryanve/eol Highest Vendor package.json name eol Highest Vendor package.json name eol_project Highest Product package.json name eol Highest Version package.json version 0.9.1 Highest
Related Dependencies eol:0.9.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?/eol:0.9.1 pkg:npm/eol@0.9.1 err-code:2.0.3Description:
Create an error with a code License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?promise-retry:2.0.1/err-code:^2.0.2
Referenced In Projects/Scopes: simplicite-js:5.2.54 simplicite-js:5.2.54/promise-retry:2.0.1 Evidence Type Source Name Value Confidence Vendor package.json author IndigoUnited <hello@indigounited.com> (http://indigounited.com) Highest Vendor package.json bugs.url https://github.com/IndigoUnited/js-err-code/issues/ Highest Vendor package.json description Create an error with a code Highest Vendor package.json name err-code Highest Vendor package.json name err-code_project Highest Product package.json name err-code Highest Version package.json version 2.0.3 Highest
Related Dependencies err-code:2.0.3File Path: /var/simplicite/simplicite-5.2/package-lock.json?/err-code:2.0.3 pkg:npm/err-code@2.0.3 error-ex:1.3.2Description:
Easy error subclassing and stack customization License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?parse-json:5.2.0/error-ex:^1.3.1
Referenced In Projects/Scopes: simplicite-js:5.2.54 simplicite-js:5.2.54/parse-json:5.2.0 Evidence Type Source Name Value Confidence Vendor package.json description Easy error subclassing and stack customization Highest Vendor package.json name error-ex Highest Vendor package.json name error-ex_project Highest Product package.json name error-ex Highest Version package.json version 1.3.2 Highest
Related Dependencies error-ex:1.3.2File Path: /var/simplicite/simplicite-5.2/package-lock.json?/error-ex:1.3.2 pkg:npm/error-ex@1.3.2 error_prone_annotations-2.3.4.jarLicense:
Apache 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /var/simplicite/.m2/repository/com/google/errorprone/error_prone_annotations/2.3.4/error_prone_annotations-2.3.4.jar
MD5: 67beeee58df00366100061c7da82f4c2
SHA1: dac170e4594de319655ffb62f41cbd6dbb5e601e
SHA256: baf7d6ea97ce606c53e11b6854ba5f2ce7ef5c24dddf0afa18d1260bd25b002c
Referenced In Project/Scope: Simplicite Platform:compile
error_prone_annotations-2.3.4.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.google.protobuf/protobuf-java-util@3.17.3
Evidence Type Source Name Value Confidence Vendor file name error_prone_annotations High Vendor jar package name annotations Highest Vendor jar package name errorprone Highest Vendor jar package name google Highest Vendor Manifest automatic-module-name com.google.errorprone.annotations Medium Vendor pom artifactid error_prone_annotations Highest Vendor pom artifactid error_prone_annotations Low Vendor pom groupid com.google.errorprone Highest Vendor pom name error-prone annotations High Vendor pom parent-artifactid error_prone_parent Low Product file name error_prone_annotations High Product jar package name annotations Highest Product jar package name errorprone Highest Product jar package name google Highest Product Manifest automatic-module-name com.google.errorprone.annotations Medium Product pom artifactid error_prone_annotations Highest Product pom groupid com.google.errorprone Highest Product pom name error-prone annotations High Product pom parent-artifactid error_prone_parent Medium Version file version 2.3.4 High Version pom version 2.3.4 Highest
es-abstract:1.21.2Description:
ECMAScript spec abstract operations. License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?string.prototype.trimstart:1.0.6/es-abstract:^1.20.4
Referenced In Projects/Scopes: simplicite-js:5.2.54/function.prototype.name:1.1.5 simplicite-js:5.2.54/string.prototype.trimend:1.0.6 simplicite-js:5.2.54/object.getownpropertydescriptors:2.1.6 simplicite-js:5.2.54/array.prototype.reduce:1.0.5 simplicite-js:5.2.54/string.prototype.trim:1.2.7 simplicite-js:5.2.54 simplicite-js:5.2.54/string.prototype.trimstart:1.0.6 Evidence Type Source Name Value Confidence Vendor package.json author.email ljharb@gmail.com Highest Vendor package.json author.name Jordan Harband Highest Vendor package.json author.url http://ljharb.codes Highest Vendor package.json description ECMAScript spec abstract operations. Highest Vendor package.json name es-abstract Highest Vendor package.json name es-abstract_project Highest Product package.json name es-abstract Highest Version package.json version 1.21.2 Highest
Related Dependencies es-abstract:1.21.2File Path: /var/simplicite/simplicite-5.2/package-lock.json?/es-abstract:1.21.2 pkg:npm/es-abstract@1.21.2 es-abstract:1.21.2File Path: /var/simplicite/simplicite-5.2/package-lock.json?array.prototype.reduce:1.0.5/es-abstract:^1.20.4 pkg:npm/es-abstract@1.21.2 es-abstract:1.21.2File Path: /var/simplicite/simplicite-5.2/package-lock.json?function.prototype.name:1.1.5/es-abstract:^1.19.0 pkg:npm/es-abstract@1.21.2 es-abstract:1.21.2File Path: /var/simplicite/simplicite-5.2/package-lock.json?object.getownpropertydescriptors:2.1.6/es-abstract:^1.21.2 pkg:npm/es-abstract@1.21.2 es-abstract:1.21.2File Path: /var/simplicite/simplicite-5.2/package-lock.json?string.prototype.trim:1.2.7/es-abstract:^1.20.4 pkg:npm/es-abstract@1.21.2 es-abstract:1.21.2File Path: /var/simplicite/simplicite-5.2/package-lock.json?string.prototype.trimend:1.0.6/es-abstract:^1.20.4 pkg:npm/es-abstract@1.21.2 es-array-method-boxes-properly:1.0.0Description:
Utility package to determine if an `Array.prototype` method properly boxes the callback's receiver and third argument. License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/es-array-method-boxes-properly:1.0.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/array.prototype.reduce:1.0.5 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author Jordan Harband <ljharb@gmail.com> Highest Vendor package.json bugs.url https://github.com/ljharb/es-array-method-boxes-properly/issues Highest Vendor package.json description Utility package to determine if an `Array.prototype` method properly boxes the callback's receiver and third argument. Highest Vendor package.json homepage https://github.com/ljharb/es-array-method-boxes-properly#readme Highest Vendor package.json name es-array-method-boxes-properly Highest Vendor package.json name es-array-method-boxes-properly_project Highest Product package.json name es-array-method-boxes-properly Highest Version package.json version 1.0.0 Highest
Related Dependencies es-array-method-boxes-properly:1.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?array.prototype.reduce:1.0.5/es-array-method-boxes-properly:^1.0.0 pkg:npm/es-array-method-boxes-properly@1.0.0 es-set-tostringtag:2.0.1Description:
A helper to optimistically set Symbol.toStringTag, when possible. License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/es-set-tostringtag:2.0.1
Referenced In Projects/Scopes: simplicite-js:5.2.54/es-abstract:1.21.2 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author Jordan Harband <ljharb@gmail.com> Highest Vendor package.json bugs.url https://github.com/es-shims/es-set-tostringtag/issues Highest Vendor package.json description A helper to optimistically set Symbol.toStringTag, when possible. Highest Vendor package.json homepage https://github.com/es-shims/es-set-tostringtag#readme Highest Vendor package.json name es-set-tostringtag Highest Vendor package.json name es-set-tostringtag_project Highest Product package.json name es-set-tostringtag Highest Version package.json version 2.0.1 Highest
Related Dependencies es-set-tostringtag:2.0.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?es-abstract:1.21.2/es-set-tostringtag:^2.0.1 pkg:npm/es-set-tostringtag@2.0.1 es-to-primitive:1.2.1Description:
ECMAScript “ToPrimitive” algorithm. Provides ES5 and ES2015 versions. License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/es-to-primitive:1.2.1
Referenced In Projects/Scopes: simplicite-js:5.2.54/es-abstract:1.21.2 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author Jordan Harband <ljharb@gmail.com> Highest Vendor package.json description ECMAScript “ToPrimitive” algorithm. Provides ES5 and ES2015 versions. Highest Vendor package.json name es-to-primitive Highest Vendor package.json name es-to-primitive_project Highest Product package.json name es-to-primitive Highest Version package.json version 1.2.1 Highest
Related Dependencies es-to-primitive:1.2.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?es-abstract:1.21.2/es-to-primitive:^1.2.1 pkg:npm/es-to-primitive@1.2.1 escalade:3.1.1Description:
A tiny (183B to 210B) and fast utility to ascend parent directories License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?yargs:16.2.0/escalade:^3.1.1
Referenced In Projects/Scopes: simplicite-js:5.2.54/yargs:16.2.0 simplicite-js:5.2.54 simplicite-js:5.2.54/update-browserslist-db:1.0.13 Evidence Type Source Name Value Confidence Vendor package.json author.email luke.edwards05@gmail.com Highest Vendor package.json author.name Luke Edwards Highest Vendor package.json author.url https://lukeed.com Highest Vendor package.json description A tiny (183B to 210B) and fast utility to ascend parent directories Highest Vendor package.json name escalade Highest Vendor package.json name escalade_project Highest Product package.json name escalade Highest Version package.json version 3.1.1 Highest
Related Dependencies escalade:3.1.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?/escalade:3.1.1 pkg:npm/escalade@3.1.1 escalade:3.1.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?update-browserslist-db:1.0.13/escalade:^3.1.1 pkg:npm/escalade@3.1.1 escape-goat:2.1.1Description:
Escape a string for use in HTML or the inverse License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?pupa:2.1.1/escape-goat:^2.0.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/pupa:2.1.1 simplicite-js:5.2.54/pupa:3.1.0 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author.email sindresorhus@gmail.com Highest Vendor package.json author.name Sindre Sorhus Highest Vendor package.json author.url sindresorhus.com Highest Vendor package.json description Escape a string for use in HTML or the inverse Highest Vendor package.json name escape-goat Highest Vendor package.json name escape-goat_project Highest Product package.json name escape-goat Highest Version package.json version 2.1.1 Highest
Related Dependencies escape-goat:2.1.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?/escape-goat:2.1.1 pkg:npm/escape-goat@2.1.1 escape-goat:2.1.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?pupa:3.1.0/escape-goat:^4.0.0 pkg:npm/escape-goat@2.1.1 escape-goat:4.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?/escape-goat:4.0.0 pkg:npm/escape-goat@4.0.0 escape-string-regexp:1.0.5Description:
Escape RegExp special characters License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?figures:3.2.0/escape-string-regexp:^1.0.5
Referenced In Projects/Scopes: simplicite-js:5.2.54/figures:3.2.0 simplicite-js:5.2.54 simplicite-js:5.2.54/chalk:2.4.2 Evidence Type Source Name Value Confidence Vendor package.json author.email sindresorhus@gmail.com Highest Vendor package.json author.name Sindre Sorhus Highest Vendor package.json author.url sindresorhus.com Highest Vendor package.json description Escape RegExp special characters Highest Vendor package.json name escape-string-regexp Highest Vendor package.json name escape-string-regexp_project Highest Product package.json name escape-string-regexp Highest Version package.json version 1.0.5 Highest
Related Dependencies escape-string-regexp:1.0.5File Path: /var/simplicite/simplicite-5.2/package-lock.json?/escape-string-regexp:1.0.5 pkg:npm/escape-string-regexp@1.0.5 escape-string-regexp:1.0.5File Path: /var/simplicite/simplicite-5.2/package-lock.json?chalk:2.4.2/escape-string-regexp:^1.0.5 pkg:npm/escape-string-regexp@1.0.5 escape-string-regexp:2.0.0Description:
Escape RegExp special characters License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/escape-string-regexp:2.0.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/jsdoc:4.0.2 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author.email sindresorhus@gmail.com Highest Vendor package.json author.name Sindre Sorhus Highest Vendor package.json author.url sindresorhus.com Highest Vendor package.json description Escape RegExp special characters Highest Vendor package.json name escape-string-regexp Highest Vendor package.json name escape-string-regexp_project Highest Product package.json name escape-string-regexp Highest Version package.json version 2.0.0 Highest
Related Dependencies escape-string-regexp:2.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?jsdoc:4.0.2/escape-string-regexp:^2.0.0 pkg:npm/escape-string-regexp@2.0.0 escape-string-regexp:4.0.0Description:
Escape RegExp special characters License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/escape-string-regexp:4.0.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/eslint:8.56.0 simplicite-js:5.2.54/eslint-plugin-jsdoc:48.0.4 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author.email sindresorhus@gmail.com Highest Vendor package.json author.name Sindre Sorhus Highest Vendor package.json author.url https://sindresorhus.com Highest Vendor package.json description Escape RegExp special characters Highest Vendor package.json name escape-string-regexp Highest Vendor package.json name escape-string-regexp_project Highest Product package.json name escape-string-regexp Highest Version package.json version 4.0.0 Highest
Related Dependencies escape-string-regexp:4.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?eslint-plugin-jsdoc:48.0.4/escape-string-regexp:^4.0.0 pkg:npm/escape-string-regexp@4.0.0 escape-string-regexp:4.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?eslint:8.56.0/escape-string-regexp:^4.0.0 pkg:npm/escape-string-regexp@4.0.0 eslint-plugin-jsdoc:48.0.4Description:
JSDoc linting rules for ESLint. License:
BSD-3-Clause File Path: /var/simplicite/simplicite-5.2/package-lock.json?/eslint-plugin-jsdoc:48.0.4
Referenced In Project/Scope: simplicite-js:5.2.54
Evidence Type Source Name Value Confidence Vendor package.json author.email gajus@gajus.com Highest Vendor package.json author.name Gajus Kuizinas Highest Vendor package.json author.url http://gajus.com Highest Vendor package.json description JSDoc linting rules for ESLint. Highest Vendor package.json name eslint-plugin-jsdoc Highest Vendor package.json name eslint-plugin-jsdoc_project Highest Product package.json name eslint-plugin-jsdoc Highest Version package.json version 48.0.4 Highest
eslint-scope:7.2.2Description:
ECMAScript scope analyzer for ESLint License:
BSD-2-Clause File Path: /var/simplicite/simplicite-5.2/package-lock.json?/eslint-scope:7.2.2
Referenced In Projects/Scopes: simplicite-js:5.2.54/eslint:8.56.0 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json bugs.url https://github.com/eslint/eslint-scope/issues Highest Vendor package.json description ECMAScript scope analyzer for ESLint Highest Vendor package.json homepage http://github.com/eslint/eslint-scope Highest Vendor package.json name eslint-scope Highest Vendor package.json name eslint-scope_project Highest Product package.json name eslint-scope Highest Version package.json version 7.2.2 Highest
Related Dependencies eslint-scope:7.2.2File Path: /var/simplicite/simplicite-5.2/package-lock.json?eslint:8.56.0/eslint-scope:^7.2.2 pkg:npm/eslint-scope@7.2.2 eslint-visitor-keys:3.4.3Description:
Constants and utilities about visitor keys to traverse AST. License:
Apache-2.0 File Path: /var/simplicite/simplicite-5.2/package-lock.json?espree:9.6.1/eslint-visitor-keys:^3.4.1
Referenced In Projects/Scopes: simplicite-js:5.2.54/espree:9.6.1 simplicite-js:5.2.54/eslint:8.56.0 simplicite-js:5.2.54 simplicite-js:5.2.54/@eslint-community/eslint-utils:4.4.0 Evidence Type Source Name Value Confidence Vendor package.json author Toru Nagashima (https://github.com/mysticatea) Highest Vendor package.json bugs.url https://github.com/eslint/eslint-visitor-keys/issues Highest Vendor package.json description Constants and utilities about visitor keys to traverse AST. Highest Vendor package.json homepage https://github.com/eslint/eslint-visitor-keys#readme Highest Vendor package.json name eslint-visitor-keys Highest Vendor package.json name eslint-visitor-keys_project Highest Product package.json name eslint-visitor-keys Highest Version package.json version 3.4.3 Highest
Related Dependencies eslint-visitor-keys:3.4.3File Path: /var/simplicite/simplicite-5.2/package-lock.json?/eslint-visitor-keys:3.4.3 pkg:npm/eslint-visitor-keys@3.4.3 eslint-visitor-keys:3.4.3File Path: /var/simplicite/simplicite-5.2/package-lock.json?@eslint-community/eslint-utils:4.4.0/eslint-visitor-keys:^3.3.0 pkg:npm/eslint-visitor-keys@3.4.3 eslint-visitor-keys:3.4.3File Path: /var/simplicite/simplicite-5.2/package-lock.json?eslint:8.56.0/eslint-visitor-keys:^3.4.3 pkg:npm/eslint-visitor-keys@3.4.3 eslint:8.56.0Description:
An AST-based pattern checker for JavaScript. License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/eslint:8.56.0
Referenced In Project/Scope: simplicite-js:5.2.54
Evidence Type Source Name Value Confidence Vendor package.json author Nicholas C. Zakas <nicholas+npm@nczconsulting.com> Highest Vendor package.json bugs https://github.com/eslint/eslint/issues/ Highest Vendor package.json description An AST-based pattern checker for JavaScript. Highest Vendor package.json homepage https://eslint.org Highest Vendor package.json name eslint Highest Vendor package.json name eslint_project Highest Product package.json name eslint Highest Version package.json version 8.56.0 Highest
espree:9.6.1Description:
An Esprima-compatible JavaScript parser built on Acorn License:
BSD-2-Clause File Path: /var/simplicite/simplicite-5.2/package-lock.json?/espree:9.6.1
Referenced In Projects/Scopes: simplicite-js:5.2.54/eslint:8.56.0 simplicite-js:5.2.54/@eslint/eslintrc:2.1.4 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author Nicholas C. Zakas <nicholas+npm@nczconsulting.com> Highest Vendor package.json bugs.url https://github.com/eslint/espree/issues Highest Vendor package.json description An Esprima-compatible JavaScript parser built on Acorn Highest Vendor package.json homepage https://github.com/eslint/espree Highest Vendor package.json name espree Highest Vendor package.json name espree_project Highest Product package.json name espree Highest Version package.json version 9.6.1 Highest
Related Dependencies espree:9.6.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?@eslint/eslintrc:2.1.4/espree:^9.6.0 pkg:npm/espree@9.6.1 espree:9.6.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?eslint:8.56.0/espree:^9.6.1 pkg:npm/espree@9.6.1 esprima:4.0.1Description:
ECMAScript parsing infrastructure for multipurpose analysis License:
BSD-2-Clause File Path: /var/simplicite/simplicite-5.2/package-lock.json?js-yaml:3.14.1/esprima:^4.0.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/js-yaml:3.14.1 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author.email ariya.hidayat@gmail.com Highest Vendor package.json author.name Ariya Hidayat Highest Vendor package.json bugs.url https://github.com/jquery/esprima/issues Highest Vendor package.json description ECMAScript parsing infrastructure for multipurpose analysis Highest Vendor package.json homepage http://esprima.org Highest Vendor package.json maintainers.email ariya.hidayat@gmail.com Highest Vendor package.json maintainers.name Ariya Hidayat Highest Vendor package.json maintainers.web http://ariya.ofilabs.com Highest Vendor package.json name esprima Highest Vendor package.json name esprima_project Highest Product package.json name esprima Highest Version package.json version 4.0.1 Highest
Related Dependencies esprima:4.0.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?/esprima:4.0.1 pkg:npm/esprima@4.0.1 esquery:1.5.0Description:
A query library for ECMAScript AST using a CSS selector like query language. License:
BSD-3-Clause File Path: /var/simplicite/simplicite-5.2/package-lock.json?/esquery:1.5.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/eslint:8.56.0 simplicite-js:5.2.54/eslint-plugin-jsdoc:48.0.4 simplicite-js:5.2.54 simplicite-js:5.2.54/@es-joy/jsdoccomment:0.41.0 Evidence Type Source Name Value Confidence Vendor package.json author Joel Feenstra <jrfeenst+esquery@gmail.com> Highest Vendor package.json bugs https://github.com/estools/esquery/issues Highest Vendor package.json description A query library for ECMAScript AST using a CSS selector like query language. Highest Vendor package.json homepage https://github.com/estools/esquery/ Highest Vendor package.json name esquery Highest Vendor package.json name esquery_project Highest Product package.json name esquery Highest Version package.json version 1.5.0 Highest
Related Dependencies esquery:1.5.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?@es-joy/jsdoccomment:0.41.0/esquery:^1.5.0 pkg:npm/esquery@1.5.0 esquery:1.5.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?eslint-plugin-jsdoc:48.0.4/esquery:^1.5.0 pkg:npm/esquery@1.5.0 esquery:1.5.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?eslint:8.56.0/esquery:^1.4.2 pkg:npm/esquery@1.5.0 esrecurse:4.3.0Description:
ECMAScript AST recursive visitor License:
BSD-2-Clause File Path: /var/simplicite/simplicite-5.2/package-lock.json?/esrecurse:4.3.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/eslint-scope:7.2.2 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json description ECMAScript AST recursive visitor Highest Vendor package.json homepage https://github.com/estools/esrecurse Highest Vendor package.json maintainers.email utatane.tea@gmail.com Highest Vendor package.json maintainers.name Yusuke Suzuki Highest Vendor package.json maintainers.web https://github.com/Constellation Highest Vendor package.json name esrecurse Highest Vendor package.json name esrecurse_project Highest Product package.json name esrecurse Highest Version package.json version 4.3.0 Highest
Related Dependencies esrecurse:4.3.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?eslint-scope:7.2.2/esrecurse:^4.3.0 pkg:npm/esrecurse@4.3.0 estraverse:5.3.0Description:
ECMAScript JS AST traversal functions License:
BSD-2-Clause File Path: /var/simplicite/simplicite-5.2/package-lock.json?/estraverse:5.3.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/esquery:1.5.0 simplicite-js:5.2.54/eslint-scope:7.2.2 simplicite-js:5.2.54/esrecurse:4.3.0 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json description ECMAScript JS AST traversal functions Highest Vendor package.json homepage https://github.com/estools/estraverse Highest Vendor package.json maintainers.email utatane.tea@gmail.com Highest Vendor package.json maintainers.name Yusuke Suzuki Highest Vendor package.json maintainers.web http://github.com/Constellation Highest Vendor package.json name estraverse Highest Vendor package.json name estraverse_project Highest Product package.json name estraverse Highest Version package.json version 5.3.0 Highest
Related Dependencies estraverse:5.3.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?eslint-scope:7.2.2/estraverse:^5.2.0 pkg:npm/estraverse@5.3.0 estraverse:5.3.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?esquery:1.5.0/estraverse:^5.1.0 pkg:npm/estraverse@5.3.0 estraverse:5.3.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?esrecurse:4.3.0/estraverse:^5.2.0 pkg:npm/estraverse@5.3.0 estree-walker:2.0.2Description:
Traverse an ESTree-compliant AST License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/estree-walker:2.0.2
Referenced In Projects/Scopes: simplicite-js:5.2.54/@vue/compiler-sfc:3.3.4 simplicite-js:5.2.54/@vue/compiler-core:3.3.4 simplicite-js:5.2.54/@vue/reactivity-transform:3.3.4 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author Rich Harris Highest Vendor package.json description Traverse an ESTree-compliant AST Highest Vendor package.json name estree-walker Highest Vendor package.json name estree-walker_project Highest Product package.json name estree-walker Highest Version package.json version 2.0.2 Highest
Related Dependencies estree-walker:2.0.2File Path: /var/simplicite/simplicite-5.2/package-lock.json?@vue/compiler-core:3.3.4/estree-walker:^2.0.2 pkg:npm/estree-walker@2.0.2 estree-walker:2.0.2File Path: /var/simplicite/simplicite-5.2/package-lock.json?@vue/compiler-sfc:3.3.4/estree-walker:^2.0.2 pkg:npm/estree-walker@2.0.2 estree-walker:2.0.2File Path: /var/simplicite/simplicite-5.2/package-lock.json?@vue/reactivity-transform:3.3.4/estree-walker:^2.0.2 pkg:npm/estree-walker@2.0.2 esutils:2.0.3Description:
utility box for ECMAScript language tools License:
BSD-2-Clause File Path: /var/simplicite/simplicite-5.2/package-lock.json?/esutils:2.0.3
Referenced In Projects/Scopes: simplicite-js:5.2.54/eslint:8.56.0 simplicite-js:5.2.54/doctrine:3.0.0 simplicite-js:5.2.54/@babel/preset-modules:0.1.6-no-external-plugins simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json description utility box for ECMAScript language tools Highest Vendor package.json homepage https://github.com/estools/esutils Highest Vendor package.json maintainers.email utatane.tea@gmail.com Highest Vendor package.json maintainers.name Yusuke Suzuki Highest Vendor package.json maintainers.web http://github.com/Constellation Highest Vendor package.json name esutils Highest Vendor package.json name esutils_project Highest Product package.json name esutils Highest Version package.json version 2.0.3 Highest
Related Dependencies esutils:2.0.3File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/preset-modules:0.1.6-no-external-plugins/esutils:^2.0.2 pkg:npm/esutils@2.0.3 esutils:2.0.3File Path: /var/simplicite/simplicite-5.2/package-lock.json?doctrine:3.0.0/esutils:^2.0.2 pkg:npm/esutils@2.0.3 esutils:2.0.3File Path: /var/simplicite/simplicite-5.2/package-lock.json?eslint:8.56.0/esutils:^2.0.2 pkg:npm/esutils@2.0.3 execa:5.1.1Description:
Process execution for humans License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?npm-check:6.0.1/execa:^5.0.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/npm-check:6.0.1 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author.email sindresorhus@gmail.com Highest Vendor package.json author.name Sindre Sorhus Highest Vendor package.json author.url https://sindresorhus.com Highest Vendor package.json description Process execution for humans Highest Vendor package.json name execa Highest Vendor package.json name execa_project Highest Product package.json name execa Highest Version package.json version 5.1.1 Highest
Related Dependencies execa:5.1.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?/execa:5.1.1 pkg:npm/execa@5.1.1 exit:0.1.2Description:
A replacement for process.exit that ensures stdio are fully drained before exiting. File Path: /var/simplicite/simplicite-5.2/package-lock.json?/exit:0.1.2Referenced In Projects/Scopes:
simplicite-js:5.2.54/jshint:2.13.1 simplicite-js:5.2.54 simplicite-js:5.2.54/cli:1.0.1 Evidence Type Source Name Value Confidence Vendor package.json author.name "Cowboy" Ben Alman Highest Vendor package.json author.url http://benalman.com/ Highest Vendor package.json bugs.url https://github.com/cowboy/node-exit/issues Highest Vendor package.json description A replacement for process.exit that ensures stdio are fully drained before exiting. Highest Vendor package.json homepage https://github.com/cowboy/node-exit Highest Vendor package.json name exit Highest Vendor package.json name exit_project Highest Product package.json name exit Highest Version package.json version 0.1.2 Highest
Related Dependencies exit:0.1.2File Path: /var/simplicite/simplicite-5.2/package-lock.json?cli:1.0.1/exit:0.1.2 pkg:npm/exit@0.1.2 exit:0.1.2File Path: /var/simplicite/simplicite-5.2/package-lock.json?jshint:2.13.1/exit:0.1.x pkg:npm/exit@0.1.2 exponential-backoff:3.1.1Description:
A utility that allows retrying a function with an exponential delay between attempts. License:
Apache-2.0 File Path: /var/simplicite/simplicite-5.2/package-lock.json?node-gyp:9.4.0/exponential-backoff:^3.1.1
Referenced In Projects/Scopes: simplicite-js:5.2.54/node-gyp:9.4.0 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author Sami Sayegh Highest Vendor package.json bugs.url https://github.com/coveo/exponential-backoff/issues Highest Vendor package.json description A utility that allows retrying a function with an exponential delay between attempts. Highest Vendor package.json homepage https://github.com/coveo/exponential-backoff#readme Highest Vendor package.json name exponential-backoff Highest Vendor package.json name exponential-backoff_project Highest Product package.json name exponential-backoff Highest Version package.json version 3.1.1 Highest
Related Dependencies exponential-backoff:3.1.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?/exponential-backoff:3.1.1 pkg:npm/exponential-backoff@3.1.1 external-editor:3.1.0Description:
Edit a string with the users preferred text editor using $VISUAL or $ENVIRONMENT License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?inquirer:7.3.3/external-editor:^3.0.3
Referenced In Projects/Scopes: simplicite-js:5.2.54/inquirer:7.3.3 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author Kevin Gravier <kevin@mrkmg.com> (https://mrkmg.com) Highest Vendor package.json bugs.url https://github.com/mrkmg/node-external-editor/issues Highest Vendor package.json description Edit a string with the users preferred text editor using $VISUAL or $ENVIRONMENT Highest Vendor package.json homepage https://github.com/mrkmg/node-external-editor#readme Highest Vendor package.json name external-editor Highest Vendor package.json name external-editor_project Highest Product package.json name external-editor Highest Version package.json version 3.1.0 Highest
Related Dependencies external-editor:3.1.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?/external-editor:3.1.0 pkg:npm/external-editor@3.1.0 failureaccess-1.0.1.jarDescription:
Contains
com.google.common.util.concurrent.internal.InternalFutureFailureAccess and
InternalFutures. Most users will never need to use this artifact. Its
classes is conceptually a part of Guava, but they're in this separate
artifact so that Android libraries can use them without pulling in all of
Guava (just as they can use ListenableFuture by depending on the
listenablefuture artifact).
License:
http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /var/simplicite/.m2/repository/com/google/guava/failureaccess/1.0.1/failureaccess-1.0.1.jar
MD5: 091883993ef5bfa91da01dcc8fc52236
SHA1: 1dcf1de382a0bf95a3d8b0849546c88bac1292c9
SHA256: a171ee4c734dd2da837e4b16be9df4661afab72a41adaf31eb84dfdaf936ca26
Referenced In Project/Scope: Simplicite Platform:compile
failureaccess-1.0.1.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.google.guava/guava@30.1.1-jre
Evidence Type Source Name Value Confidence Vendor file name failureaccess High Vendor jar package name common Highest Vendor jar package name concurrent Highest Vendor jar package name google Highest Vendor jar package name util Highest Vendor Manifest bundle-docurl https://github.com/google/guava/ Low Vendor Manifest bundle-symbolicname com.google.guava.failureaccess Medium Vendor pom artifactid failureaccess Highest Vendor pom artifactid failureaccess Low Vendor pom groupid com.google.guava Highest Vendor pom name Guava InternalFutureFailureAccess and InternalFutures High Vendor pom parent-artifactid guava-parent Low Product file name failureaccess High Product jar package name common Highest Product jar package name concurrent Highest Product jar package name google Highest Product jar package name util Highest Product Manifest bundle-docurl https://github.com/google/guava/ Low Product Manifest Bundle-Name Guava InternalFutureFailureAccess and InternalFutures Medium Product Manifest bundle-symbolicname com.google.guava.failureaccess Medium Product pom artifactid failureaccess Highest Product pom groupid com.google.guava Highest Product pom name Guava InternalFutureFailureAccess and InternalFutures High Product pom parent-artifactid guava-parent Medium Version file version 1.0.1 High Version Manifest Bundle-Version 1.0.1 High Version pom parent-version 1.0.1 Low Version pom version 1.0.1 Highest
fast-and-simple-minify-1.0.jarDescription:
fast-and-simple-minify is a combined java-port of the JSMin and CSSMin utility with some additional features License:
The Apache License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /var/simplicite/.m2/repository/ch/simschla/fast-and-simple-minify/1.0/fast-and-simple-minify-1.0.jar
MD5: 762fd1d990bb4e97a7581d2cd3255fc1
SHA1: ade6ae013ee38869b79eeb0661203451ddc16f46
SHA256: 86e94527a0705c1ac20ff2b80e7d673975cc92f988210cc440f5bd1bb44087b5
Referenced In Project/Scope: Simplicite Platform:compile
fast-and-simple-minify-1.0.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.simplicite/simplicite@5.2.54
Evidence Type Source Name Value Confidence Vendor file name fast-and-simple-minify High Vendor jar package name ch Highest Vendor jar package name ch Low Vendor jar package name minify Highest Vendor jar package name minify Low Vendor jar package name simschla Highest Vendor jar package name simschla Low Vendor pom artifactid fast-and-simple-minify Highest Vendor pom artifactid fast-and-simple-minify Low Vendor pom developer email github@survive.ch Low Vendor pom developer name Simon Schlachter Medium Vendor pom groupid ch.simschla Highest Vendor pom name fast-and-simple-minify High Vendor pom url simschla/fast-and-simple-minify Highest Product file name fast-and-simple-minify High Product jar package name ch Highest Product jar package name minify Highest Product jar package name minify Low Product jar package name simschla Highest Product jar package name simschla Low Product pom artifactid fast-and-simple-minify Highest Product pom developer email github@survive.ch Low Product pom developer name Simon Schlachter Low Product pom groupid ch.simschla Highest Product pom name fast-and-simple-minify High Product pom url simschla/fast-and-simple-minify High Version file version 1.0 High Version pom version 1.0 Highest
fast-deep-equal:3.1.3Description:
Fast deep equal License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?ajv:8.12.0/fast-deep-equal:^3.1.1
Referenced In Projects/Scopes: simplicite-js:5.2.54/ajv:8.12.0 simplicite-js:5.2.54/eslint:8.56.0 simplicite-js:5.2.54 simplicite-js:5.2.54/ajv:6.12.6 Evidence Type Source Name Value Confidence Vendor package.json author Evgeny Poberezkin Highest Vendor package.json bugs.url https://github.com/epoberezkin/fast-deep-equal/issues Highest Vendor package.json description Fast deep equal Highest Vendor package.json homepage https://github.com/epoberezkin/fast-deep-equal#readme Highest Vendor package.json name fast-deep-equal Highest Vendor package.json name fast-deep-equal_project Highest Product package.json name fast-deep-equal Highest Version package.json version 3.1.3 Highest
Related Dependencies fast-deep-equal:3.1.3File Path: /var/simplicite/simplicite-5.2/package-lock.json?/fast-deep-equal:3.1.3 pkg:npm/fast-deep-equal@3.1.3 fast-deep-equal:3.1.3File Path: /var/simplicite/simplicite-5.2/package-lock.json?ajv:6.12.6/fast-deep-equal:^3.1.1 pkg:npm/fast-deep-equal@3.1.3 fast-deep-equal:3.1.3File Path: /var/simplicite/simplicite-5.2/package-lock.json?eslint:8.56.0/fast-deep-equal:^3.1.3 pkg:npm/fast-deep-equal@3.1.3 fast-glob:3.3.0Description:
It's a very fast and efficient glob library for Node.js License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?stylelint:14.16.1/fast-glob:^3.2.12
Referenced In Projects/Scopes: simplicite-js:5.2.54/stylelint:14.16.1 simplicite-js:5.2.54 simplicite-js:5.2.54/globby:11.1.0 Evidence Type Source Name Value Confidence Vendor package.json author.name Denis Malinochkin Highest Vendor package.json author.url https://mrmlnc.com Highest Vendor package.json description It's a very fast and efficient glob library for Node.js Highest Vendor package.json name fast-glob Highest Vendor package.json name fast-glob_project Highest Product package.json name fast-glob Highest Version package.json version 3.3.0 Highest
Related Dependencies fast-glob:3.3.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?/fast-glob:3.3.0 pkg:npm/fast-glob@3.3.0 fast-glob:3.3.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?globby:11.1.0/fast-glob:^3.2.9 pkg:npm/fast-glob@3.3.0 fast-json-stable-stringify:2.1.0Description:
deterministic `JSON.stringify()` - a faster version of substack's json-stable-strigify without jsonify License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/fast-json-stable-stringify:2.1.0
Referenced In Projects/Scopes: simplicite-js:5.2.54 simplicite-js:5.2.54/ajv:6.12.6 Evidence Type Source Name Value Confidence Vendor package.json author.email mail@substack.net Highest Vendor package.json author.name James Halliday Highest Vendor package.json author.url http://substack.net Highest Vendor package.json description deterministic `JSON.stringify()` - a faster version of substack's json-stable-strigify without jsonify Highest Vendor package.json homepage https://github.com/epoberezkin/fast-json-stable-stringify Highest Vendor package.json name fast-json-stable-stringify Highest Vendor package.json name fast-json-stable-stringify_project Highest Product package.json name fast-json-stable-stringify Highest Version package.json version 2.1.0 Highest
Related Dependencies fast-json-stable-stringify:2.1.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?ajv:6.12.6/fast-json-stable-stringify:^2.0.0 pkg:npm/fast-json-stable-stringify@2.1.0 fast-levenshtein:2.0.6Description:
Efficient implementation of Levenshtein algorithm with locale-specific collator support. License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?optionator:0.9.3/fast-levenshtein:^2.0.6
Referenced In Projects/Scopes: simplicite-js:5.2.54/optionator:0.9.3 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author Ramesh Nair <ram@hiddentao.com> (http://www.hiddentao.com/) Highest Vendor package.json description Efficient implementation of Levenshtein algorithm with locale-specific collator support. Highest Vendor package.json name fast-levenshtein Highest Vendor package.json name fast-levenshtein_project Highest Product package.json name fast-levenshtein Highest Version package.json version 2.0.6 Highest
Related Dependencies fast-levenshtein:2.0.6File Path: /var/simplicite/simplicite-5.2/package-lock.json?/fast-levenshtein:2.0.6 pkg:npm/fast-levenshtein@2.0.6 fast-memoize:2.5.2Description:
Fastest memoization lib that supports N arguments License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?npm-check-updates:16.14.14/fast-memoize:^2.5.2
Referenced In Projects/Scopes: simplicite-js:5.2.54/npm-check-updates:16.14.14 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author Caio Gondim <me@caiogondim.com> (http://caiogondim.com) Highest Vendor package.json bugs.url https://github.com/caiogondim/fast-memoize/issues Highest Vendor package.json description Fastest memoization lib that supports N arguments Highest Vendor package.json homepage https://github.com/caiogondim/fast-memoize#readme Highest Vendor package.json name fast-memoize Highest Vendor package.json name fast-memoize_project Highest Product package.json name fast-memoize Highest Version package.json version 2.5.2 Highest
Related Dependencies fast-memoize:2.5.2File Path: /var/simplicite/simplicite-5.2/package-lock.json?/fast-memoize:2.5.2 pkg:npm/fast-memoize@2.5.2 fastest-levenshtein:1.0.16Description:
Fastest Levenshtein distance implementation in JS. License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?stylelint:14.16.1/fastest-levenshtein:^1.0.16
Referenced In Projects/Scopes: simplicite-js:5.2.54/stylelint:14.16.1 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author Kasper U. Weihe Highest Vendor package.json bugs.url https://github.com/ka-weihe/fastest-levenshtein/issues Highest Vendor package.json description Fastest Levenshtein distance implementation in JS. Highest Vendor package.json homepage https://github.com/ka-weihe/fastest-levenshtein#README Highest Vendor package.json name fastest-levenshtein Highest Vendor package.json name fastest-levenshtein_project Highest Product package.json name fastest-levenshtein Highest Version package.json version 1.0.16 Highest
Related Dependencies fastest-levenshtein:1.0.16File Path: /var/simplicite/simplicite-5.2/package-lock.json?/fastest-levenshtein:1.0.16 pkg:npm/fastest-levenshtein@1.0.16 fastq:1.15.0Description:
Fast, in memory work queue License:
ISC File Path: /var/simplicite/simplicite-5.2/package-lock.json?/fastq:1.15.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/@nodelib/fs.walk:1.2.8 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author Matteo Collina <hello@matteocollina.com> Highest Vendor package.json bugs.url https://github.com/mcollina/fastq/issues Highest Vendor package.json description Fast, in memory work queue Highest Vendor package.json homepage https://github.com/mcollina/fastq#readme Highest Vendor package.json name fastq Highest Vendor package.json name fastq_project Highest Product package.json name fastq Highest Version package.json version 1.15.0 Highest
Related Dependencies fastq:1.15.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?@nodelib/fs.walk:1.2.8/fastq:^1.6.0 pkg:npm/fastq@1.15.0 figures:3.2.0Description:
Unicode symbols with Windows CMD fallbacks License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?inquirer:7.3.3/figures:^3.0.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/inquirer:7.3.3 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author.email sindresorhus@gmail.com Highest Vendor package.json author.name Sindre Sorhus Highest Vendor package.json author.url https://sindresorhus.com Highest Vendor package.json description Unicode symbols with Windows CMD fallbacks Highest Vendor package.json name figures Highest Vendor package.json name figures_project Highest Product package.json name figures Highest Version package.json version 3.2.0 Highest
Related Dependencies figures:3.2.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?/figures:3.2.0 pkg:npm/figures@3.2.0 file-entry-cache:6.0.1Description:
Super simple cache for file metadata, useful for process that work o a given series of files and that only need to repeat the job on the changed ones since the previous run of the process License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?stylelint:14.16.1/file-entry-cache:^6.0.1
Referenced In Projects/Scopes: simplicite-js:5.2.54/eslint:8.56.0 simplicite-js:5.2.54/stylelint:14.16.1 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author.name Roy Riojas Highest Vendor package.json author.url http://royriojas.com Highest Vendor package.json description Super simple cache for file metadata, useful for process that work o a given series of files and that only need to repeat the job on the changed ones since the previous run of the process Highest Vendor package.json name file-entry-cache Highest Vendor package.json name file-entry-cache_project Highest Product package.json name file-entry-cache Highest Version package.json version 6.0.1 Highest
Related Dependencies file-entry-cache:6.0.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?/file-entry-cache:6.0.1 pkg:npm/file-entry-cache@6.0.1 file-entry-cache:6.0.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?eslint:8.56.0/file-entry-cache:^6.0.1 pkg:npm/file-entry-cache@6.0.1 fill-range:7.0.1Description:
Fill in a range of numbers or letters, optionally passing an increment or `step` to use, or create a regex-compatible range with `options.toRegex` License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/fill-range:7.0.1
Referenced In Projects/Scopes: simplicite-js:5.2.54/braces:3.0.2 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author Jon Schlinkert (https://github.com/jonschlinkert) Highest Vendor package.json bugs.url https://github.com/jonschlinkert/fill-range/issues Highest Vendor package.json description Fill in a range of numbers or letters, optionally passing an increment or `step` to use, or create a regex-compatible range with `options.toRegex` Highest Vendor package.json homepage https://github.com/jonschlinkert/fill-range Highest Vendor package.json name fill-range Highest Vendor package.json name fill-range_project Highest Product package.json name fill-range Highest Version package.json version 7.0.1 Highest
Related Dependencies fill-range:7.0.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?braces:3.0.2/fill-range:^7.0.1 pkg:npm/fill-range@7.0.1 find-cache-dir:2.1.0Description:
Finds the common standard cache directory License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/find-cache-dir:2.1.0
Referenced In Projects/Scopes: simplicite-js:5.2.54 simplicite-js:5.2.54/@babel/register:7.23.7 Evidence Type Source Name Value Confidence Vendor package.json description Finds the common standard cache directory Highest Vendor package.json name find-cache-dir Highest Vendor package.json name find-cache-dir_project Highest Product package.json name find-cache-dir Highest Version package.json version 2.1.0 Highest
Related Dependencies find-cache-dir:2.1.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/register:7.23.7/find-cache-dir:^2.0.0 pkg:npm/find-cache-dir@2.1.0 find-up:3.0.0Description:
Find a file or directory by walking up parent directories License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/find-up:3.0.0
Referenced In Projects/Scopes: simplicite-js:5.2.54 simplicite-js:5.2.54/pkg-dir:3.0.0 Evidence Type Source Name Value Confidence Vendor package.json author.email sindresorhus@gmail.com Highest Vendor package.json author.name Sindre Sorhus Highest Vendor package.json author.url sindresorhus.com Highest Vendor package.json description Find a file or directory by walking up parent directories Highest Vendor package.json name find-up Highest Vendor package.json name find-up_project Highest Product package.json name find-up Highest Version package.json version 3.0.0 Highest
Related Dependencies find-up:3.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?pkg-dir:3.0.0/find-up:^3.0.0 pkg:npm/find-up@3.0.0 find-up:4.1.0Description:
Find a file or directory by walking up parent directories License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/find-up:4.1.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/read-pkg-up:7.0.1 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author.email sindresorhus@gmail.com Highest Vendor package.json author.name Sindre Sorhus Highest Vendor package.json author.url sindresorhus.com Highest Vendor package.json description Find a file or directory by walking up parent directories Highest Vendor package.json name find-up Highest Vendor package.json name find-up_project Highest Product package.json name find-up Highest Version package.json version 4.1.0 Highest
Related Dependencies find-up:4.1.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?read-pkg-up:7.0.1/find-up:^4.1.0 pkg:npm/find-up@4.1.0 find-up:5.0.0Description:
Find a file or directory by walking up parent directories License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?preferred-pm:3.0.3/find-up:^5.0.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/pkg-dir:4.2.0 simplicite-js:5.2.54/eslint:8.56.0 simplicite-js:5.2.54/preferred-pm:3.0.3 simplicite-js:5.2.54/npm-check-updates:16.14.14 simplicite-js:5.2.54 simplicite-js:5.2.54/pkg-dir:5.0.0 Evidence Type Source Name Value Confidence Vendor package.json author.email sindresorhus@gmail.com Highest Vendor package.json author.name Sindre Sorhus Highest Vendor package.json author.url https://sindresorhus.com Highest Vendor package.json description Find a file or directory by walking up parent directories Highest Vendor package.json name find-up Highest Vendor package.json name find-up_project Highest Product package.json name find-up Highest Version package.json version 5.0.0 Highest
Related Dependencies find-up:4.1.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?/find-up:4.1.0 pkg:npm/find-up@4.1.0 find-up:5.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?/find-up:5.0.0 pkg:npm/find-up@5.0.0 find-up:5.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?eslint:8.56.0/find-up:^5.0.0 pkg:npm/find-up@5.0.0 find-up:5.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?npm-check-updates:16.14.14/find-up:5.0.0 pkg:npm/find-up@5.0.0 find-up:5.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?pkg-dir:4.2.0/find-up:^4.0.0 pkg:npm/find-up@5.0.0 find-up:5.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?pkg-dir:5.0.0/find-up:^5.0.0 pkg:npm/find-up@5.0.0 find-yarn-workspace-root2:1.2.16Description:
Algorithm for finding the root of a yarn workspace, extracted from yarnpkg.com License:
Apache-2.0 File Path: /var/simplicite/simplicite-5.2/package-lock.json?preferred-pm:3.0.3/find-yarn-workspace-root2:1.2.16
Referenced In Projects/Scopes: simplicite-js:5.2.54/preferred-pm:3.0.3 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author Square, Inc. Highest Vendor package.json bugs.url https://github.com/bluelovers/find-yarn-workspace-root/issues Highest Vendor package.json description Algorithm for finding the root of a yarn workspace, extracted from yarnpkg.com Highest Vendor package.json homepage https://github.com/bluelovers/find-yarn-workspace-root/#readme Highest Vendor package.json name find-yarn-workspace-root2 Highest Vendor package.json name find-yarn-workspace-root2_project Highest Product package.json name find-yarn-workspace-root2 Highest Version package.json version 1.2.16 Highest
Related Dependencies find-yarn-workspace-root2:1.2.16File Path: /var/simplicite/simplicite-5.2/package-lock.json?/find-yarn-workspace-root2:1.2.16 pkg:npm/find-yarn-workspace-root2@1.2.16 firebase-admin-8.0.1.jarDescription:
This is the official Firebase Admin Java SDK. Build extraordinary native JVM apps in
minutes with Firebase. The Firebase platform can power your app’s backend, user
authentication, static hosting, and more.
License:
Apache License, Version 2.0: https://www.apache.org/licenses/LICENSE-2.0.txt File Path: /var/simplicite/.m2/repository/com/google/firebase/firebase-admin/8.0.1/firebase-admin-8.0.1.jar
MD5: ad737768e02962f728b4de7f0f5150cb
SHA1: 948994c3364ece7d973133885abd5f9ff5eb19a9
SHA256: f54d541dc92f18a073956cc033fb00428c98d6494e56701ca35392e9653525d5
Referenced In Project/Scope: Simplicite Platform:compile
firebase-admin-8.0.1.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.simplicite/simplicite@5.2.54
Evidence Type Source Name Value Confidence Vendor file name firebase-admin High Vendor jar package name firebase Highest Vendor jar package name firebase Low Vendor jar package name google Highest Vendor jar package name google Low Vendor jar package name user Highest Vendor pom artifactid firebase-admin Highest Vendor pom artifactid firebase-admin Low Vendor pom developer id firebase Medium Vendor pom developer name Firebase Medium Vendor pom developer org Firebase Medium Vendor pom developer org URL https://firebase.google.com/ Medium Vendor pom groupid com.google.firebase Highest Vendor pom name firebase-admin High Vendor pom organization name Firebase High Vendor pom organization url https://firebase.google.com/ Medium Vendor pom url https://firebase.google.com/ Highest Product file name firebase-admin High Product jar package name firebase Highest Product jar package name firebase Low Product jar package name google Highest Product jar package name user Highest Product pom artifactid firebase-admin Highest Product pom developer id firebase Low Product pom developer name Firebase Low Product pom developer org Firebase Low Product pom developer org URL https://firebase.google.com/ Low Product pom groupid com.google.firebase Highest Product pom name firebase-admin High Product pom organization name Firebase Low Product pom organization url https://firebase.google.com/ Low Product pom url https://firebase.google.com/ Medium Version file version 8.0.1 High Version pom version 8.0.1 Highest
flat-cache:3.0.4Description:
A stupidly simple key/value storage using files to persist some data License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/flat-cache:3.0.4
Referenced In Projects/Scopes: simplicite-js:5.2.54/file-entry-cache:6.0.1 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author.name Roy Riojas Highest Vendor package.json author.url http://royriojas.com Highest Vendor package.json description A stupidly simple key/value storage using files to persist some data Highest Vendor package.json name flat-cache Highest Vendor package.json name flat-cache_project Highest Product package.json name flat-cache Highest Version package.json version 3.0.4 Highest
Related Dependencies flat-cache:3.0.4File Path: /var/simplicite/simplicite-5.2/package-lock.json?file-entry-cache:6.0.1/flat-cache:^3.0.4 pkg:npm/flat-cache@3.0.4 flatted:3.2.7Description:
A super light and fast circular JSON parser. License:
ISC File Path: /var/simplicite/simplicite-5.2/package-lock.json?/flatted:3.2.7
Referenced In Projects/Scopes: simplicite-js:5.2.54/flat-cache:3.0.4 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author Andrea Giammarchi Highest Vendor package.json bugs.url https://github.com/WebReflection/flatted/issues Highest Vendor package.json description A super light and fast circular JSON parser. Highest Vendor package.json homepage https://github.com/WebReflection/flatted#readme Highest Vendor package.json name flatted Highest Vendor package.json name flatted_project Highest Product package.json name flatted Highest Version package.json version 3.2.7 Highest
Related Dependencies flatted:3.2.7File Path: /var/simplicite/simplicite-5.2/package-lock.json?flat-cache:3.0.4/flatted:^3.1.0 pkg:npm/flatted@3.2.7 fontbox-2.0.23.jarDescription:
The Apache FontBox library is an open source Java tool to obtain low level information
from font files. FontBox is a subproject of Apache PDFBox.
License:
https://www.apache.org/licenses/LICENSE-2.0.txt File Path: /var/simplicite/.m2/repository/org/apache/pdfbox/fontbox/2.0.23/fontbox-2.0.23.jar
MD5: f9aa90c666c88ff29e3cd34c15d538ca
SHA1: 1a6b960dd2c1b1f8a5f5d6668b2930b50ff4324d
SHA256: 5b8a00ee90b1e7ec29b00a96230c667279cac5e61cfd6cfc5efb6294ff4639b1
Referenced In Project/Scope: Simplicite Platform:compile
fontbox-2.0.23.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.simplicite/simplicite@5.2.54
Evidence Type Source Name Value Confidence Vendor file name fontbox High Vendor jar package name apache Highest Vendor jar package name fontbox Highest Vendor Manifest automatic-module-name org.apache.fontbox Medium Vendor Manifest bundle-docurl http://pdfbox.apache.org Low Vendor Manifest bundle-symbolicname org.apache.pdfbox.fontbox Medium Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor Manifest Implementation-Vendor-Id org.apache.pdfbox Medium Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor pom artifactid fontbox Highest Vendor pom artifactid fontbox Low Vendor pom groupid org.apache.pdfbox Highest Vendor pom name Apache FontBox High Vendor pom parent-artifactid pdfbox-parent Low Vendor pom url http://pdfbox.apache.org/ Highest Product file name fontbox High Product jar package name apache Highest Product jar package name fontbox Highest Product Manifest automatic-module-name org.apache.fontbox Medium Product Manifest bundle-docurl http://pdfbox.apache.org Low Product Manifest Bundle-Name Apache FontBox Medium Product Manifest bundle-symbolicname org.apache.pdfbox.fontbox Medium Product Manifest Implementation-Title Apache FontBox High Product Manifest specification-title Apache FontBox Medium Product pom artifactid fontbox Highest Product pom groupid org.apache.pdfbox Highest Product pom name Apache FontBox High Product pom parent-artifactid pdfbox-parent Medium Product pom url http://pdfbox.apache.org/ Medium Version file version 2.0.23 High Version Manifest Bundle-Version 2.0.23 High Version Manifest Implementation-Version 2.0.23 High Version pom version 2.0.23 Highest
for-each:0.3.3Description:
A better forEach License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?which-typed-array:1.1.9/for-each:^0.3.3
Referenced In Projects/Scopes: simplicite-js:5.2.54/is-typed-array:1.1.10 simplicite-js:5.2.54/typed-array-length:1.0.4 simplicite-js:5.2.54/which-typed-array:1.1.9 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author Raynos <raynos2@gmail.com> Highest Vendor package.json bugs.email raynos2@gmail.com Highest Vendor package.json bugs.url https://github.com/Raynos/for-each/issues Highest Vendor package.json description A better forEach Highest Vendor package.json homepage https://github.com/Raynos/for-each Highest Vendor package.json name for-each Highest Vendor package.json name for-each_project Highest Product package.json name for-each Highest Version package.json version 0.3.3 Highest
Related Dependencies for-each:0.3.3File Path: /var/simplicite/simplicite-5.2/package-lock.json?/for-each:0.3.3 pkg:npm/for-each@0.3.3 for-each:0.3.3File Path: /var/simplicite/simplicite-5.2/package-lock.json?is-typed-array:1.1.10/for-each:^0.3.3 pkg:npm/for-each@0.3.3 for-each:0.3.3File Path: /var/simplicite/simplicite-5.2/package-lock.json?typed-array-length:1.0.4/for-each:^0.3.3 pkg:npm/for-each@0.3.3 foreground-child:3.1.1Description:
Run a child as if it's the foreground process. Give it stdio. Exit when it exits. License:
ISC File Path: /var/simplicite/simplicite-5.2/package-lock.json?glob:10.3.3/foreground-child:^3.1.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/glob:10.3.10 simplicite-js:5.2.54 simplicite-js:5.2.54/glob:10.3.3 Evidence Type Source Name Value Confidence Vendor package.json author Isaac Z. Schlueter <i@izs.me> (http://blog.izs.me/) Highest Vendor package.json description Run a child as if it's the foreground process. Give it stdio. Exit when it exits. Highest Vendor package.json name foreground-child Highest Vendor package.json name foreground-child_project Highest Product package.json name foreground-child Highest Version package.json version 3.1.1 Highest
Related Dependencies foreground-child:3.1.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?/foreground-child:3.1.1 pkg:npm/foreground-child@3.1.1 foreground-child:3.1.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?glob:10.3.10/foreground-child:^3.1.0 pkg:npm/foreground-child@3.1.1 form-data-encoder:2.1.4Description:
Encode FormData content into the multipart/form-data format License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?got:13.0.0/form-data-encoder:^2.1.2
Referenced In Projects/Scopes: simplicite-js:5.2.54/got:12.6.1 simplicite-js:5.2.54 simplicite-js:5.2.54/got:13.0.0 Evidence Type Source Name Value Confidence Vendor package.json author Nick K. Highest Vendor package.json description Encode FormData content into the multipart/form-data format Highest Vendor package.json name form-data-encoder Highest Vendor package.json name form-data-encoder_project Highest Product package.json name form-data-encoder Highest Version package.json version 2.1.4 Highest
Related Dependencies form-data-encoder:2.1.4File Path: /var/simplicite/simplicite-5.2/package-lock.json?/form-data-encoder:2.1.4 pkg:npm/form-data-encoder@2.1.4 form-data-encoder:2.1.4File Path: /var/simplicite/simplicite-5.2/package-lock.json?got:12.6.1/form-data-encoder:^2.1.2 pkg:npm/form-data-encoder@2.1.4 fp-and-or:0.1.4Description:
Simple `and` and `or` functional programming predicates License:
ISC File Path: /var/simplicite/simplicite-5.2/package-lock.json?npm-check-updates:16.14.14/fp-and-or:^0.1.4
Referenced In Projects/Scopes: simplicite-js:5.2.54/npm-check-updates:16.14.14 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author.email raineorshine@gmail.com Highest Vendor package.json author.name Raine Revere Highest Vendor package.json author.url https://github.com/raineorshine Highest Vendor package.json description Simple `and` and `or` functional programming predicates Highest Vendor package.json name fp-and-or Highest Vendor package.json name fp-and-or_project Highest Product package.json name fp-and-or Highest Version package.json version 0.1.4 Highest
Related Dependencies fp-and-or:0.1.4File Path: /var/simplicite/simplicite-5.2/package-lock.json?/fp-and-or:0.1.4 pkg:npm/fp-and-or@0.1.4 fs-extra:8.1.0Description:
fs-extra contains methods that aren't included in the vanilla Node.js fs package. Such as mkdir -p, cp -r, and rm -rf. License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?npm-audit-html:1.5.0/fs-extra:^8.1.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/npm-audit-html:1.5.0 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author JP Richardson <jprichardson@gmail.com> Highest Vendor package.json description fs-extra contains methods that aren't included in the vanilla Node.js fs package. Such as mkdir -p, cp -r, and rm -rf. Highest Vendor package.json homepage https://github.com/jprichardson/node-fs-extra Highest Vendor package.json name fs-extra Highest Vendor package.json name fs-extra_project Highest Product package.json name fs-extra Highest Version package.json version 8.1.0 Highest
Related Dependencies fs-extra:8.1.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?/fs-extra:8.1.0 pkg:npm/fs-extra@8.1.0 fs-minipass:2.1.0Description:
fs read and write streams based on minipass License:
ISC File Path: /var/simplicite/simplicite-5.2/package-lock.json?/fs-minipass:2.1.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/tar:6.1.15 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author Isaac Z. Schlueter <i@izs.me> (http://blog.izs.me/) Highest Vendor package.json bugs.url https://github.com/npm/fs-minipass/issues Highest Vendor package.json description fs read and write streams based on minipass Highest Vendor package.json homepage https://github.com/npm/fs-minipass#readme Highest Vendor package.json name fs-minipass Highest Vendor package.json name fs-minipass_project Highest Product package.json name fs-minipass Highest Version package.json version 2.1.0 Highest
Related Dependencies fs-minipass:2.1.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?tar:6.1.15/fs-minipass:^2.0.0 pkg:npm/fs-minipass@2.1.0 fs-minipass:3.0.2Description:
fs read and write streams based on minipass License:
ISC File Path: /var/simplicite/simplicite-5.2/package-lock.json?pacote:15.2.0/fs-minipass:^3.0.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/cacache:17.1.3 simplicite-js:5.2.54/pacote:15.2.0 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author GitHub Inc. Highest Vendor package.json bugs.url https://github.com/npm/fs-minipass/issues Highest Vendor package.json description fs read and write streams based on minipass Highest Vendor package.json homepage https://github.com/npm/fs-minipass#readme Highest Vendor package.json name fs-minipass Highest Vendor package.json name fs-minipass_project Highest Product package.json name fs-minipass Highest Version package.json version 3.0.2 Highest
Related Dependencies fs-minipass:3.0.2File Path: /var/simplicite/simplicite-5.2/package-lock.json?/fs-minipass:3.0.2 pkg:npm/fs-minipass@3.0.2 fs-minipass:3.0.2File Path: /var/simplicite/simplicite-5.2/package-lock.json?cacache:17.1.3/fs-minipass:^3.0.0 pkg:npm/fs-minipass@3.0.2 fs-readdir-recursive:1.1.0Description:
Recursively read a directory License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/fs-readdir-recursive:1.1.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/@babel/cli:7.23.9 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author.email me@jongleberry.com Highest Vendor package.json author.name Jonathan Ong Highest Vendor package.json author.twitter https://twitter.com/jongleberry Highest Vendor package.json author.url http://jongleberry.com Highest Vendor package.json description Recursively read a directory Highest Vendor package.json name fs-readdir-recursive Highest Vendor package.json name fs-readdir-recursive_project Highest Product package.json name fs-readdir-recursive Highest Version package.json version 1.1.0 Highest
Related Dependencies fs-readdir-recursive:1.1.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/cli:7.23.9/fs-readdir-recursive:^1.1.0 pkg:npm/fs-readdir-recursive@1.1.0 fs.realpath:1.0.0Description:
Use node's fs.realpath, but fall back to the JS implementation if the native one fails License:
ISC File Path: /var/simplicite/simplicite-5.2/package-lock.json?glob:7.2.3/fs.realpath:^1.0.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/glob:7.2.3 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author Isaac Z. Schlueter <i@izs.me> (http://blog.izs.me/) Highest Vendor package.json description Use node's fs.realpath, but fall back to the JS implementation if the native one fails Highest Vendor package.json name fs.realpath Highest Vendor package.json name fs.realpath_project Highest Product package.json name fs.realpath Highest Version package.json version 1.0.0 Highest
Related Dependencies fs.realpath:1.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?/fs.realpath:1.0.0 pkg:npm/fs.realpath@1.0.0 function-bind:1.1.1Description:
Implementation of Function.prototype.bind License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?has:1.0.3/function-bind:^1.1.1
Referenced In Projects/Scopes: simplicite-js:5.2.54/call-bind:1.0.2 simplicite-js:5.2.54/has:1.0.3 simplicite-js:5.2.54/get-intrinsic:1.2.1 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author Raynos <raynos2@gmail.com> Highest Vendor package.json bugs.email raynos2@gmail.com Highest Vendor package.json bugs.url https://github.com/Raynos/function-bind/issues Highest Vendor package.json description Implementation of Function.prototype.bind Highest Vendor package.json homepage https://github.com/Raynos/function-bind Highest Vendor package.json name function-bind Highest Vendor package.json name function-bind_project Highest Product package.json name function-bind Highest Version package.json version 1.1.1 Highest
Related Dependencies function-bind:1.1.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?/function-bind:1.1.1 pkg:npm/function-bind@1.1.1 function-bind:1.1.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?call-bind:1.0.2/function-bind:^1.1.1 pkg:npm/function-bind@1.1.1 function-bind:1.1.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?get-intrinsic:1.2.1/function-bind:^1.1.1 pkg:npm/function-bind@1.1.1 function.prototype.name:1.1.5Description:
An ES2015 spec-compliant `Function.prototype.name` shim License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/function.prototype.name:1.1.5
Referenced In Projects/Scopes: simplicite-js:5.2.54/es-abstract:1.21.2 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author Jordan Harband <ljharb@gmail.com> Highest Vendor package.json description An ES2015 spec-compliant `Function.prototype.name` shim Highest Vendor package.json name function.prototype.name Highest Vendor package.json name function.prototype.name_project Highest Product package.json name function.prototype.name Highest Version package.json version 1.1.5 Highest
Related Dependencies function.prototype.name:1.1.5File Path: /var/simplicite/simplicite-5.2/package-lock.json?es-abstract:1.21.2/function.prototype.name:^1.1.5 pkg:npm/function.prototype.name@1.1.5 functions-have-names:1.2.3Description:
Does this JS environment support the `name` property on functions? License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?regexp.prototype.flags:1.5.0/functions-have-names:^1.2.3
Referenced In Projects/Scopes: simplicite-js:5.2.54/function.prototype.name:1.1.5 simplicite-js:5.2.54/regexp.prototype.flags:1.5.0 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author Jordan Harband <ljharb@gmail.com> Highest Vendor package.json bugs.url https://github.com/inspect-js/functions-have-names/issues Highest Vendor package.json description Does this JS environment support the `name` property on functions? Highest Vendor package.json homepage https://github.com/inspect-js/functions-have-names#readme Highest Vendor package.json name functions-have-names Highest Vendor package.json name functions-have-names_project Highest Product package.json name functions-have-names Highest Version package.json version 1.2.3 Highest
Related Dependencies functions-have-names:1.2.3File Path: /var/simplicite/simplicite-5.2/package-lock.json?/functions-have-names:1.2.3 pkg:npm/functions-have-names@1.2.3 functions-have-names:1.2.3File Path: /var/simplicite/simplicite-5.2/package-lock.json?function.prototype.name:1.1.5/functions-have-names:^1.2.2 pkg:npm/functions-have-names@1.2.3 fuzzywuzzy-1.3.1.jar (shaded: me.xdrop:diffutils:1.3)File Path: /var/simplicite/.m2/repository/me/xdrop/fuzzywuzzy/1.3.1/fuzzywuzzy-1.3.1.jar/META-INF/maven/me.xdrop/diffutils/pom.xmlMD5: 9d75ff06b99ebf130bb19c8e085714b2SHA1: edcb90cdd072a9291d9580eb01656c925a73cdadSHA256: 8f44a4acb88339f7d9d858d504a8f88d268e4fc6094d0e55f8918227b87709bfReferenced In Project/Scope: Simplicite Platform:compile
Evidence Type Source Name Value Confidence Vendor pom artifactid diffutils Low Vendor pom groupid me.xdrop Highest Vendor pom name diffutils High Product pom artifactid diffutils Highest Product pom groupid me.xdrop Highest Product pom name diffutils High Version pom version 1.3 Highest
fuzzywuzzy-1.3.1.jar (shaded: me.xdrop:fuzzywuzzy-build:1.3.1)Description:
Fuzzy string matching algorithm for Java License:
GPL 2: https://www.gnu.org/licenses/old-licenses/gpl-2.0.html File Path: /var/simplicite/.m2/repository/me/xdrop/fuzzywuzzy/1.3.1/fuzzywuzzy-1.3.1.jar/META-INF/maven/me.xdrop/fuzzywuzzy-build/pom.xml
MD5: c15930598f1712ac392d73ef1fc51fa0
SHA1: 5d8908e51ae7bb25697600f6b0238a63b1289e22
SHA256: d60db08c740e18d5bf4bebfe4e7afca866a4dc57dac047d090807e55f1a707b9
Referenced In Project/Scope: Simplicite Platform:compile
Evidence Type Source Name Value Confidence Vendor pom artifactid fuzzywuzzy-build Low Vendor pom developer id xdrop Medium Vendor pom developer name Panayiotis P Medium Vendor pom groupid me.xdrop Highest Vendor pom name fuzzywuzzy - build High Product pom artifactid fuzzywuzzy-build Highest Product pom developer id xdrop Low Product pom developer name Panayiotis P Low Product pom groupid me.xdrop Highest Product pom name fuzzywuzzy - build High Version pom version 1.3.1 Highest
fuzzywuzzy-1.3.1.jarDescription:
Fuzzy string searching implementation of the well-known fuzzywuzzy algorithm in Java License:
GPL 2: https://www.gnu.org/licenses/old-licenses/gpl-2.0.html File Path: /var/simplicite/.m2/repository/me/xdrop/fuzzywuzzy/1.3.1/fuzzywuzzy-1.3.1.jar
MD5: c740aacfef63c5c3dd2c74bc4ca5df0c
SHA1: c691e88d356f92a29f22c68c56a053efba8569d0
SHA256: 99947e309302a45870e48453e8f53faefa2ed03eea3bbc0e8fe8003905773bd3
Referenced In Project/Scope: Simplicite Platform:compile
fuzzywuzzy-1.3.1.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.simplicite/simplicite@5.2.54
Evidence Type Source Name Value Confidence Vendor file name fuzzywuzzy High Vendor jar package name fuzzywuzzy Highest Vendor jar package name fuzzywuzzy Low Vendor jar package name me Highest Vendor jar package name me Low Vendor jar package name xdrop Highest Vendor jar package name xdrop Low Vendor pom artifactid fuzzywuzzy Highest Vendor pom artifactid fuzzywuzzy Low Vendor pom developer id xdrop Medium Vendor pom developer name Panayiotis P Medium Vendor pom groupid me.xdrop Highest Vendor pom name fuzzywuzzy High Vendor pom url xdrop/fuzzywuzzy Highest Product file name fuzzywuzzy High Product jar package name fuzzywuzzy Highest Product jar package name fuzzywuzzy Low Product jar package name me Highest Product jar package name xdrop Highest Product jar package name xdrop Low Product pom artifactid fuzzywuzzy Highest Product pom developer id xdrop Low Product pom developer name Panayiotis P Low Product pom groupid me.xdrop Highest Product pom name fuzzywuzzy High Product pom url xdrop/fuzzywuzzy High Version file version 1.3.1 High Version pom version 1.3.1 Highest
gauge:4.0.4Description:
A terminal based horizontal gauge License:
ISC File Path: /var/simplicite/simplicite-5.2/package-lock.json?npmlog:6.0.2/gauge:^4.0.3
Referenced In Projects/Scopes: simplicite-js:5.2.54/npmlog:6.0.2 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author GitHub Inc. Highest Vendor package.json bugs.url https://github.com/npm/gauge/issues Highest Vendor package.json description A terminal based horizontal gauge Highest Vendor package.json homepage https://github.com/npm/gauge Highest Vendor package.json name gauge Highest Vendor package.json name gauge_project Highest Product package.json name gauge Highest Version package.json version 4.0.4 Highest
Related Dependencies gauge:4.0.4File Path: /var/simplicite/simplicite-5.2/package-lock.json?/gauge:4.0.4 pkg:npm/gauge@4.0.4 gax-2.4.1.jarDescription:
Google Api eXtensions for Java License:
BSD: https://github.com/googleapis/gax-java/blob/master/LICENSE File Path: /var/simplicite/.m2/repository/com/google/api/gax/2.4.1/gax-2.4.1.jar
MD5: 1f86e65eb3f5f8d3e0e1f015c6885de1
SHA1: 5dced409330c9d80420621ec0407a0f1d19c2e11
SHA256: 57f627e1934e295ad3f476191936c62e703f695dcb0e56ca2a460d1f420c6014
Referenced In Project/Scope: Simplicite Platform:compile
gax-2.4.1.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.simplicite/simplicite@5.2.54
Evidence Type Source Name Value Confidence Vendor file name gax High Vendor jar package name api Highest Vendor jar package name gax Highest Vendor jar package name google Highest Vendor Manifest Implementation-Vendor Google High Vendor Manifest specification-vendor Google Low Vendor pom artifactid gax Highest Vendor pom artifactid gax Low Vendor pom developer email googleapis@googlegroups.com Low Vendor pom developer id GoogleAPIs Medium Vendor pom developer name GoogleAPIs Medium Vendor pom developer org Google LLC Medium Vendor pom developer org URL https://www.google.com Medium Vendor pom groupid com.google.api Highest Vendor pom name GAX (Google Api eXtensions) for Java High Vendor pom url googleapis/gax-java Highest Product file name gax High Product jar package name api Highest Product jar package name gax Highest Product jar package name google Highest Product Manifest Implementation-Title gax High Product Manifest specification-title gax Medium Product pom artifactid gax Highest Product pom developer email googleapis@googlegroups.com Low Product pom developer id GoogleAPIs Low Product pom developer name GoogleAPIs Low Product pom developer org Google LLC Low Product pom developer org URL https://www.google.com Low Product pom groupid com.google.api Highest Product pom name GAX (Google Api eXtensions) for Java High Product pom url googleapis/gax-java High Version file version 2.4.1 High Version Manifest Implementation-Version 2.4.1 High Version pom version 2.4.1 Highest
gax-grpc-2.4.1.jarDescription:
Google Api eXtensions for Java License:
BSD: https://github.com/googleapis/gax-java/blob/master/LICENSE File Path: /var/simplicite/.m2/repository/com/google/api/gax-grpc/2.4.1/gax-grpc-2.4.1.jar
MD5: 0dd17b33909c06ce2953d269f7160feb
SHA1: c49be346136d03ec8ece55bbc15f25b7a0c23e8a
SHA256: 68ef606e08266bf724532c7fb54e183bf043d8eee76465b34f107c042e6ea68b
Referenced In Project/Scope: Simplicite Platform:compile
gax-grpc-2.4.1.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.google.cloud/google-cloud-core-grpc@2.1.4
Evidence Type Source Name Value Confidence Vendor file name gax-grpc High Vendor jar package name api Highest Vendor jar package name gax Highest Vendor jar package name google Highest Vendor jar package name grpc Highest Vendor Manifest Implementation-Vendor Google High Vendor Manifest specification-vendor Google Low Vendor pom artifactid gax-grpc Highest Vendor pom artifactid gax-grpc Low Vendor pom developer email googleapis@googlegroups.com Low Vendor pom developer id GoogleAPIs Medium Vendor pom developer name GoogleAPIs Medium Vendor pom developer org Google LLC Medium Vendor pom developer org URL https://www.google.com Medium Vendor pom groupid com.google.api Highest Vendor pom name GAX (Google Api eXtensions) for Java High Vendor pom url googleapis/gax-java Highest Product file name gax-grpc High Product jar package name api Highest Product jar package name gax Highest Product jar package name google Highest Product jar package name grpc Highest Product Manifest Implementation-Title gax-grpc High Product Manifest specification-title gax-grpc Medium Product pom artifactid gax-grpc Highest Product pom developer email googleapis@googlegroups.com Low Product pom developer id GoogleAPIs Low Product pom developer name GoogleAPIs Low Product pom developer org Google LLC Low Product pom developer org URL https://www.google.com Low Product pom groupid com.google.api Highest Product pom name GAX (Google Api eXtensions) for Java High Product pom url googleapis/gax-java High Version file version 2.4.1 High Version Manifest Implementation-Version 2.4.1 High Version pom version 2.4.1 Highest
gax-httpjson-0.89.1.jarDescription:
Google Api eXtensions for Java License:
BSD: https://github.com/googleapis/gax-java/blob/master/LICENSE File Path: /var/simplicite/.m2/repository/com/google/api/gax-httpjson/0.89.1/gax-httpjson-0.89.1.jar
MD5: c06c1ccfe151172fddbf63ccaf84c411
SHA1: 5a29f187bd05a5e5e5ac3edac482f16f5b6c13f7
SHA256: 42869cdf1fd6c95c1dfd8dee6ac01d9965422155ad4f8a82cf51bfd9bd5a0dbf
Referenced In Project/Scope: Simplicite Platform:compile
gax-httpjson-0.89.1.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.google.cloud/google-cloud-storage@2.1.4
Evidence Type Source Name Value Confidence Vendor file name gax-httpjson High Vendor jar package name api Highest Vendor jar package name gax Highest Vendor jar package name google Highest Vendor jar package name httpjson Highest Vendor Manifest Implementation-Vendor Google High Vendor Manifest specification-vendor Google Low Vendor pom artifactid gax-httpjson Highest Vendor pom artifactid gax-httpjson Low Vendor pom developer email googleapis@googlegroups.com Low Vendor pom developer id GoogleAPIs Medium Vendor pom developer name GoogleAPIs Medium Vendor pom developer org Google LLC Medium Vendor pom developer org URL https://www.google.com Medium Vendor pom groupid com.google.api Highest Vendor pom name GAX (Google Api eXtensions) for Java High Vendor pom url googleapis/gax-java Highest Product file name gax-httpjson High Product jar package name api Highest Product jar package name gax Highest Product jar package name google Highest Product jar package name httpjson Highest Product Manifest Implementation-Title gax-httpjson High Product Manifest specification-title gax-httpjson Medium Product pom artifactid gax-httpjson Highest Product pom developer email googleapis@googlegroups.com Low Product pom developer id GoogleAPIs Low Product pom developer name GoogleAPIs Low Product pom developer org Google LLC Low Product pom developer org URL https://www.google.com Low Product pom groupid com.google.api Highest Product pom name GAX (Google Api eXtensions) for Java High Product pom url googleapis/gax-java High Version file version 0.89.1 High Version Manifest Implementation-Version 0.89.1 High Version pom version 0.89.1 Highest
gensync:1.0.0-beta.2Description:
Allows users to use generators in order to write common functions that can be both sync or async. License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/gensync:1.0.0-beta.2
Referenced In Projects/Scopes: simplicite-js:5.2.54/@babel/core:7.23.9 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author Logan Smyth <loganfsmyth@gmail.com> Highest Vendor package.json description Allows users to use generators in order to write common functions that can be both sync or async. Highest Vendor package.json homepage https://github.com/loganfsmyth/gensync Highest Vendor package.json name gensync Highest Vendor package.json name gensync_project Highest Product package.json name gensync Highest Version package.json version 1.0.0-beta.2 Highest
Related Dependencies gensync:1.0.0-beta.2File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/core:7.23.9/gensync:^1.0.0-beta.2 pkg:npm/gensync@1.0.0-beta.2 geoapi-3.0.1.jarDescription:
The development community in building GIS solutions is sustaining an enormous level
of effort. The GeoAPI project aims to reduce duplication and increase interoperability
by providing neutral, interface-only APIs derived from OGC/ISO Standards.
License:
https://raw.githubusercontent.com/opengeospatial/geoapi/master/LICENSE.txt File Path: /var/simplicite/.m2/repository/org/opengis/geoapi/3.0.1/geoapi-3.0.1.jar
MD5: fa9a86892774b94b2bde0446ebbebd62
SHA1: a69b261841b0794b82b8d42fcd6e9a370eb62809
SHA256: ca1dfeba112d0dea575c7abba76a8ecd6ea7818e508de964302a9cfc4779b837
Referenced In Project/Scope: Simplicite Platform:compile
geoapi-3.0.1.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.apache.tika/tika-parsers@1.27
Evidence Type Source Name Value Confidence Vendor file name geoapi High Vendor jar package name opengis Highest Vendor Manifest bundle-docurl http://www.geoapi.org Low Vendor Manifest bundle-symbolicname org.opengis.geoapi Medium Vendor Manifest implementation-url http://www.geoapi.org Low Vendor Manifest Implementation-Vendor The GeoAPI project High Vendor Manifest specification-vendor Open Geospatial Consortium Low Vendor pom artifactid geoapi Highest Vendor pom artifactid geoapi Low Vendor pom developer email martin.desruisseaux@geomatys.fr Low Vendor pom developer id desruisseaux Medium Vendor pom developer name Martin Desruisseaux Medium Vendor pom developer org Geomatys Medium Vendor pom developer org URL http://www.geomatys.com Medium Vendor pom groupid org.opengis Highest Vendor pom name GeoAPI High Vendor pom parent-artifactid geoapi-parent Low Product file name geoapi High Product jar package name opengis Highest Product Manifest bundle-docurl http://www.geoapi.org Low Product Manifest Bundle-Name GeoAPI Medium Product Manifest bundle-symbolicname org.opengis.geoapi Medium Product Manifest implementation-url http://www.geoapi.org Low Product Manifest specification-title GeoAPI Medium Product pom artifactid geoapi Highest Product pom developer email martin.desruisseaux@geomatys.fr Low Product pom developer id desruisseaux Low Product pom developer name Martin Desruisseaux Low Product pom developer org Geomatys Low Product pom developer org URL http://www.geomatys.com Low Product pom groupid org.opengis Highest Product pom name GeoAPI High Product pom parent-artifactid geoapi-parent Medium Version file version 3.0.1 High Version Manifest Bundle-Version 3.0.1 High Version Manifest specification-version 3.0.1 High Version pom version 3.0.1 Highest
get-caller-file:2.0.5License:
ISC File Path: /var/simplicite/simplicite-5.2/package-lock.json?yargs:16.2.0/get-caller-file:^2.0.5
Referenced In Projects/Scopes: simplicite-js:5.2.54/yargs:16.2.0 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author Stefan Penner Highest Vendor package.json bugs.url https://github.com/stefanpenner/get-caller-file/issues Highest Vendor package.json description Highest Vendor package.json homepage https://github.com/stefanpenner/get-caller-file#readme Highest Vendor package.json name get-caller-file Highest Vendor package.json name get-caller-file_project Highest Product package.json name get-caller-file Highest Version package.json version 2.0.5 Highest
Related Dependencies get-caller-file:2.0.5File Path: /var/simplicite/simplicite-5.2/package-lock.json?/get-caller-file:2.0.5 pkg:npm/get-caller-file@2.0.5 get-intrinsic:1.2.1Description:
Get and robustly cache all JS language-level intrinsics at first require time License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?side-channel:1.0.4/get-intrinsic:^1.0.2
Referenced In Projects/Scopes: simplicite-js:5.2.54/es-abstract:1.21.2 simplicite-js:5.2.54/call-bind:1.0.2 simplicite-js:5.2.54/side-channel:1.0.4 simplicite-js:5.2.54/internal-slot:1.0.5 simplicite-js:5.2.54/safe-array-concat:1.0.0 simplicite-js:5.2.54 simplicite-js:5.2.54/is-array-buffer:3.0.2 simplicite-js:5.2.54/gopd:1.0.1 simplicite-js:5.2.54/get-symbol-description:1.0.0 simplicite-js:5.2.54/has-property-descriptors:1.0.0 simplicite-js:5.2.54/safe-regex-test:1.0.0 simplicite-js:5.2.54/es-set-tostringtag:2.0.1 Evidence Type Source Name Value Confidence Vendor package.json author Jordan Harband <ljharb@gmail.com> Highest Vendor package.json bugs.url https://github.com/ljharb/get-intrinsic/issues Highest Vendor package.json description Get and robustly cache all JS language-level intrinsics at first require time Highest Vendor package.json homepage https://github.com/ljharb/get-intrinsic#readme Highest Vendor package.json name get-intrinsic Highest Vendor package.json name get-intrinsic_project Highest Product package.json name get-intrinsic Highest Version package.json version 1.2.1 Highest
Related Dependencies get-intrinsic:1.2.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?/get-intrinsic:1.2.1 pkg:npm/get-intrinsic@1.2.1 get-intrinsic:1.2.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?call-bind:1.0.2/get-intrinsic:^1.0.2 pkg:npm/get-intrinsic@1.2.1 get-intrinsic:1.2.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?es-abstract:1.21.2/get-intrinsic:^1.2.0 pkg:npm/get-intrinsic@1.2.1 get-intrinsic:1.2.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?es-set-tostringtag:2.0.1/get-intrinsic:^1.1.3 pkg:npm/get-intrinsic@1.2.1 get-intrinsic:1.2.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?get-symbol-description:1.0.0/get-intrinsic:^1.1.1 pkg:npm/get-intrinsic@1.2.1 get-intrinsic:1.2.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?gopd:1.0.1/get-intrinsic:^1.1.3 pkg:npm/get-intrinsic@1.2.1 get-intrinsic:1.2.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?has-property-descriptors:1.0.0/get-intrinsic:^1.1.1 pkg:npm/get-intrinsic@1.2.1 get-intrinsic:1.2.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?internal-slot:1.0.5/get-intrinsic:^1.2.0 pkg:npm/get-intrinsic@1.2.1 get-intrinsic:1.2.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?is-array-buffer:3.0.2/get-intrinsic:^1.2.0 pkg:npm/get-intrinsic@1.2.1 get-intrinsic:1.2.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?safe-array-concat:1.0.0/get-intrinsic:^1.2.0 pkg:npm/get-intrinsic@1.2.1 get-intrinsic:1.2.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?safe-regex-test:1.0.0/get-intrinsic:^1.1.3 pkg:npm/get-intrinsic@1.2.1 get-stdin:5.0.1Description:
Get stdin as a string or buffer License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/get-stdin:5.0.1
Referenced In Projects/Scopes: simplicite-js:5.2.54/split-text-to-chunks:1.0.0 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author.email sindresorhus@gmail.com Highest Vendor package.json author.name Sindre Sorhus Highest Vendor package.json author.url sindresorhus.com Highest Vendor package.json description Get stdin as a string or buffer Highest Vendor package.json name get-stdin Highest Vendor package.json name get-stdin_project Highest Product package.json name get-stdin Highest Version package.json version 5.0.1 Highest
Related Dependencies get-stdin:5.0.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?split-text-to-chunks:1.0.0/get-stdin:^5.0.1 pkg:npm/get-stdin@5.0.1 get-stdin:8.0.0Description:
Get stdin as a string or buffer License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?npm-check-updates:16.14.14/get-stdin:^8.0.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/npm-check-updates:16.14.14 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author.email sindresorhus@gmail.com Highest Vendor package.json author.name Sindre Sorhus Highest Vendor package.json author.url https://sindresorhus.com Highest Vendor package.json description Get stdin as a string or buffer Highest Vendor package.json name get-stdin Highest Vendor package.json name get-stdin_project Highest Product package.json name get-stdin Highest Version package.json version 8.0.0 Highest
Related Dependencies get-stdin:8.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?/get-stdin:8.0.0 pkg:npm/get-stdin@8.0.0 get-stream:5.2.0Description:
Get a stream as a string, buffer, or array License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/get-stream:5.2.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/cacheable-request:6.1.0 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author.email sindresorhus@gmail.com Highest Vendor package.json author.name Sindre Sorhus Highest Vendor package.json author.url https://sindresorhus.com Highest Vendor package.json description Get a stream as a string, buffer, or array Highest Vendor package.json name get-stream Highest Vendor package.json name get-stream_project Highest Product package.json name get-stream Highest Version package.json version 5.2.0 Highest
Related Dependencies get-stream:5.2.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?cacheable-request:6.1.0/get-stream:^5.1.0 pkg:npm/get-stream@5.2.0 get-stream:6.0.1Description:
Get a stream as a string, buffer, or array License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?got:13.0.0/get-stream:^6.0.1
Referenced In Projects/Scopes: simplicite-js:5.2.54/cacheable-request:10.2.12 simplicite-js:5.2.54/got:12.6.1 simplicite-js:5.2.54/execa:5.1.1 simplicite-js:5.2.54/got:9.6.0 simplicite-js:5.2.54 simplicite-js:5.2.54/got:13.0.0 Evidence Type Source Name Value Confidence Vendor package.json author.email sindresorhus@gmail.com Highest Vendor package.json author.name Sindre Sorhus Highest Vendor package.json author.url https://sindresorhus.com Highest Vendor package.json description Get a stream as a string, buffer, or array Highest Vendor package.json name get-stream Highest Vendor package.json name get-stream_project Highest Product package.json name get-stream Highest Version package.json version 6.0.1 Highest
Related Dependencies get-stream:4.1.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?/get-stream:4.1.0 pkg:npm/get-stream@4.1.0 get-stream:6.0.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?/get-stream:6.0.1 pkg:npm/get-stream@6.0.1 get-stream:6.0.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?cacheable-request:10.2.12/get-stream:^6.0.1 pkg:npm/get-stream@6.0.1 get-stream:6.0.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?execa:5.1.1/get-stream:^6.0.0 pkg:npm/get-stream@6.0.1 get-stream:6.0.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?got:12.6.1/get-stream:^6.0.1 pkg:npm/get-stream@6.0.1 get-stream:6.0.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?got:9.6.0/get-stream:^4.1.0 pkg:npm/get-stream@6.0.1 get-symbol-description:1.0.0Description:
Gets the description of a Symbol. Handles `Symbol()` vs `Symbol('')` properly when possible. License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/get-symbol-description:1.0.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/es-abstract:1.21.2 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author Jordan Harband <ljharb@gmail.com> Highest Vendor package.json bugs.url https://github.com/inspect-js/get-symbol-description/issues Highest Vendor package.json description Gets the description of a Symbol. Handles `Symbol()` vs `Symbol('')` properly when possible. Highest Vendor package.json homepage https://github.com/inspect-js/get-symbol-description#readme Highest Vendor package.json name get-symbol-description Highest Vendor package.json name get-symbol-description_project Highest Product package.json name get-symbol-description Highest Version package.json version 1.0.0 Highest
Related Dependencies get-symbol-description:1.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?es-abstract:1.21.2/get-symbol-description:^1.0.0 pkg:npm/get-symbol-description@1.0.0 giturl:1.0.3Description:
Transfer git url to web url License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?npm-check:6.0.1/giturl:^1.0.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/npm-check:6.0.1 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author fengmk2 <fengmk2@gmail.com> (http://fengmk2.github.com) Highest Vendor package.json bugs.email fengmk2@gmail.com Highest Vendor package.json bugs.url https://github.com/repo-utils/giturl/issues Highest Vendor package.json description Transfer git url to web url Highest Vendor package.json homepage https://github.com/repo-utils/giturl Highest Vendor package.json name giturl Highest Vendor package.json name giturl_project Highest Product package.json name giturl Highest Version package.json version 1.0.3 Highest
Related Dependencies giturl:1.0.3File Path: /var/simplicite/simplicite-5.2/package-lock.json?/giturl:1.0.3 pkg:npm/giturl@1.0.3 glob-parent:5.1.2Description:
Extract the non-magic parent path from a glob string. License:
ISC File Path: /var/simplicite/simplicite-5.2/package-lock.json?/glob-parent:5.1.2
Referenced In Projects/Scopes: simplicite-js:5.2.54/chokidar:3.5.3 simplicite-js:5.2.54 simplicite-js:5.2.54/fast-glob:3.3.0 Evidence Type Source Name Value Confidence Vendor package.json author Gulp Team <team@gulpjs.com> (https://gulpjs.com/) Highest Vendor package.json description Extract the non-magic parent path from a glob string. Highest Vendor package.json name glob-parent Highest Vendor package.json name glob-parent_project Highest Product package.json name glob-parent Highest Version package.json version 5.1.2 Highest
Related Dependencies glob-parent:5.1.2File Path: /var/simplicite/simplicite-5.2/package-lock.json?chokidar:3.5.3/glob-parent:~5.1.2 pkg:npm/glob-parent@5.1.2 glob-parent:5.1.2File Path: /var/simplicite/simplicite-5.2/package-lock.json?fast-glob:3.3.0/glob-parent:^5.1.2 pkg:npm/glob-parent@5.1.2 glob-parent:6.0.2Description:
Extract the non-magic parent path from a glob string. License:
ISC File Path: /var/simplicite/simplicite-5.2/package-lock.json?/glob-parent:6.0.2
Referenced In Projects/Scopes: simplicite-js:5.2.54/eslint:8.56.0 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author Gulp Team <team@gulpjs.com> (https://gulpjs.com/) Highest Vendor package.json description Extract the non-magic parent path from a glob string. Highest Vendor package.json name glob-parent Highest Vendor package.json name glob-parent_project Highest Product package.json name glob-parent Highest Version package.json version 6.0.2 Highest
Related Dependencies glob-parent:6.0.2File Path: /var/simplicite/simplicite-5.2/package-lock.json?eslint:8.56.0/glob-parent:^6.0.2 pkg:npm/glob-parent@6.0.2 glob:10.3.3Description:
the most correct and second fastest glob implementation in JavaScript License:
ISC File Path: /var/simplicite/simplicite-5.2/package-lock.json?/glob:10.3.3
Referenced In Projects/Scopes: simplicite-js:5.2.54/read-package-json:6.0.4 simplicite-js:5.2.54/cacache:17.1.3 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author Isaac Z. Schlueter <i@izs.me> (https://blog.izs.me/) Highest Vendor package.json description the most correct and second fastest glob implementation in JavaScript Highest Vendor package.json name glob Highest Vendor package.json name glob_project Highest Product package.json name glob Highest Version package.json version 10.3.3 Highest
Related Dependencies glob:10.3.3File Path: /var/simplicite/simplicite-5.2/package-lock.json?cacache:17.1.3/glob:^10.2.2 pkg:npm/glob@10.3.3 glob:10.3.3File Path: /var/simplicite/simplicite-5.2/package-lock.json?read-package-json:6.0.4/glob:^10.2.2 pkg:npm/glob@10.3.3 glob:7.2.3Description:
a little globber License:
ISC File Path: /var/simplicite/simplicite-5.2/package-lock.json?rimraf:3.0.2/glob:^7.1.3
Referenced In Projects/Scopes: simplicite-js:5.2.54/js-beautify:1.14.0 simplicite-js:5.2.54/rimraf:3.0.2 simplicite-js:5.2.54/rimraf:5.0.5 simplicite-js:5.2.54/node-gyp:9.4.0 simplicite-js:5.2.54/@babel/cli:7.23.9 simplicite-js:5.2.54 simplicite-js:5.2.54/cli:1.0.1 Evidence Type Source Name Value Confidence Vendor package.json author Isaac Z. Schlueter <i@izs.me> (http://blog.izs.me/) Highest Vendor package.json description a little globber Highest Vendor package.json name glob Highest Vendor package.json name glob_project Highest Product package.json name glob Highest Version package.json version 7.2.3 Highest
Related Dependencies glob:10.3.10File Path: /var/simplicite/simplicite-5.2/package-lock.json?/glob:10.3.10 pkg:npm/glob@10.3.10 glob:7.2.3File Path: /var/simplicite/simplicite-5.2/package-lock.json?/glob:7.2.3 pkg:npm/glob@7.2.3 glob:7.2.3File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/cli:7.23.9/glob:^7.2.0 pkg:npm/glob@7.2.3 glob:7.2.3File Path: /var/simplicite/simplicite-5.2/package-lock.json?cli:1.0.1/glob:^7.1.1 pkg:npm/glob@7.2.3 glob:7.2.3File Path: /var/simplicite/simplicite-5.2/package-lock.json?js-beautify:1.14.0/glob:^7.1.3 pkg:npm/glob@7.2.3 glob:7.2.3File Path: /var/simplicite/simplicite-5.2/package-lock.json?node-gyp:9.4.0/glob:^7.1.4 pkg:npm/glob@7.2.3 glob:7.2.3File Path: /var/simplicite/simplicite-5.2/package-lock.json?rimraf:5.0.5/glob:^10.3.7 pkg:npm/glob@7.2.3 global-dirs:2.1.0Description:
Get the directory of globally installed packages and binaries License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?is-installed-globally:0.3.2/global-dirs:^2.0.1
Referenced In Projects/Scopes: simplicite-js:5.2.54/is-installed-globally:0.4.0 simplicite-js:5.2.54/is-installed-globally:0.3.2 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author.email sindresorhus@gmail.com Highest Vendor package.json author.name Sindre Sorhus Highest Vendor package.json author.url https://sindresorhus.com Highest Vendor package.json description Get the directory of globally installed packages and binaries Highest Vendor package.json name global-dirs Highest Vendor package.json name global-dirs_project Highest Product package.json name global-dirs Highest Version package.json version 2.1.0 Highest
Related Dependencies global-dirs:2.1.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?/global-dirs:2.1.0 pkg:npm/global-dirs@2.1.0 global-dirs:2.1.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?is-installed-globally:0.4.0/global-dirs:^3.0.0 pkg:npm/global-dirs@2.1.0 global-dirs:3.0.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?/global-dirs:3.0.1 pkg:npm/global-dirs@3.0.1 global-modules:2.0.0Description:
The directory used by npm for globally installed npm modules. License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?stylelint:14.16.1/global-modules:^2.0.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/npm-check:6.0.1 simplicite-js:5.2.54/stylelint:14.16.1 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author Jon Schlinkert (https://github.com/jonschlinkert) Highest Vendor package.json bugs.url https://github.com/jonschlinkert/global-modules/issues Highest Vendor package.json description The directory used by npm for globally installed npm modules. Highest Vendor package.json homepage https://github.com/jonschlinkert/global-modules Highest Vendor package.json name global-modules Highest Vendor package.json name global-modules_project Highest Product package.json name global-modules Highest Version package.json version 2.0.0 Highest
Related Dependencies global-modules:2.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?/global-modules:2.0.0 pkg:npm/global-modules@2.0.0 global-modules:2.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?npm-check:6.0.1/global-modules:^2.0.0 pkg:npm/global-modules@2.0.0 global-prefix:3.0.0Description:
Get the npm global path prefix. License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/global-prefix:3.0.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/global-modules:2.0.0 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author Jon Schlinkert (https://github.com/jonschlinkert) Highest Vendor package.json bugs.url https://github.com/jonschlinkert/global-prefix/issues Highest Vendor package.json description Get the npm global path prefix. Highest Vendor package.json homepage https://github.com/jonschlinkert/global-prefix Highest Vendor package.json name global-prefix Highest Vendor package.json name global-prefix_project Highest Product package.json name global-prefix Highest Version package.json version 3.0.0 Highest
Related Dependencies global-prefix:3.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?global-modules:2.0.0/global-prefix:^3.0.0 pkg:npm/global-prefix@3.0.0 globals:11.12.0Description:
Global identifiers from different JavaScript environments License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/globals:11.12.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/@babel/plugin-transform-classes:7.23.8 simplicite-js:5.2.54/@babel/traverse:7.23.9 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author.email sindresorhus@gmail.com Highest Vendor package.json author.name Sindre Sorhus Highest Vendor package.json author.url sindresorhus.com Highest Vendor package.json description Global identifiers from different JavaScript environments Highest Vendor package.json name globals Highest Vendor package.json name globals_project Highest Product package.json name globals Highest Version package.json version 11.12.0 Highest
Related Dependencies globals:11.12.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/plugin-transform-classes:7.23.8/globals:^11.1.0 pkg:npm/globals@11.12.0 globals:11.12.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/traverse:7.23.9/globals:^11.1.0 pkg:npm/globals@11.12.0 globals:13.20.0Description:
Global identifiers from different JavaScript environments License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/globals:13.20.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/eslint:8.56.0 simplicite-js:5.2.54/@eslint/eslintrc:2.1.4 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author.email sindresorhus@gmail.com Highest Vendor package.json author.name Sindre Sorhus Highest Vendor package.json author.url https://sindresorhus.com Highest Vendor package.json description Global identifiers from different JavaScript environments Highest Vendor package.json name globals Highest Vendor package.json name globals_project Highest Product package.json name globals Highest Version package.json version 13.20.0 Highest
Related Dependencies globals:13.20.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?eslint:8.56.0/globals:^13.19.0 pkg:npm/globals@13.20.0 globals:13.24.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?/globals:13.24.0 pkg:npm/globals@13.24.0 globals:13.24.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?@eslint/eslintrc:2.1.4/globals:^13.19.0 pkg:npm/globals@13.24.0 globalthis:1.0.3Description:
ECMAScript spec-compliant polyfill/shim for `globalThis` License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/globalthis:1.0.3
Referenced In Projects/Scopes: simplicite-js:5.2.54/es-abstract:1.21.2 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author Jordan Harband <ljharb@gmail.com> Highest Vendor package.json description ECMAScript spec-compliant polyfill/shim for `globalThis` Highest Vendor package.json name globalthis Highest Vendor package.json name globalthis_project Highest Product package.json name globalthis Highest Version package.json version 1.0.3 Highest
Related Dependencies globalthis:1.0.3File Path: /var/simplicite/simplicite-5.2/package-lock.json?es-abstract:1.21.2/globalthis:^1.0.3 pkg:npm/globalthis@1.0.3 globby:11.1.0Description:
User-friendly glob matching License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?stylelint:14.16.1/globby:^11.1.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/npm-check:6.0.1 simplicite-js:5.2.54/stylelint:14.16.1 simplicite-js:5.2.54/npm-check-updates:16.14.14 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author.email sindresorhus@gmail.com Highest Vendor package.json author.name Sindre Sorhus Highest Vendor package.json author.url https://sindresorhus.com Highest Vendor package.json description User-friendly glob matching Highest Vendor package.json name globby Highest Vendor package.json name globby_project Highest Product package.json name globby Highest Version package.json version 11.1.0 Highest
Related Dependencies globby:11.1.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?/globby:11.1.0 pkg:npm/globby@11.1.0 globby:11.1.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?npm-check-updates:16.14.14/globby:^11.0.4 pkg:npm/globby@11.1.0 globby:11.1.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?npm-check:6.0.1/globby:^11.0.2 pkg:npm/globby@11.1.0 globjoin:0.1.4Description:
Join paths and globs. License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?stylelint:14.16.1/globjoin:^0.1.4
Referenced In Projects/Scopes: simplicite-js:5.2.54/stylelint:14.16.1 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author Amobiz Highest Vendor package.json bugs.url https://github.com/amobiz/globjoin/issues Highest Vendor package.json description Join paths and globs. Highest Vendor package.json homepage https://github.com/amobiz/globjoin Highest Vendor package.json name globjoin Highest Vendor package.json name globjoin_project Highest Product package.json name globjoin Highest Version package.json version 0.1.4 Highest
Related Dependencies globjoin:0.1.4File Path: /var/simplicite/simplicite-5.2/package-lock.json?/globjoin:0.1.4 pkg:npm/globjoin@0.1.4 google-api-client-1.32.1.jarDescription:
The Google API Client Library for Java provides functionality common to all Google APIs; for example HTTP transport, error handling, authentication, JSON parsing, media download/upload, and batching. License:
http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /var/simplicite/.m2/repository/com/google/api-client/google-api-client/1.32.1/google-api-client-1.32.1.jar
MD5: ab8897bdbaebe699ac834baefb6e2d40
SHA1: 3e216f54e59e3c6f01bc52beeeed9010724e0edf
SHA256: 77adc2aeface4fc92a698bafa0f8bab716ab051bb21cb410600f5de2a7e6b30e
Referenced In Project/Scope: Simplicite Platform:compile
google-api-client-1.32.1.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.simplicite/simplicite@5.2.54
Evidence Type Source Name Value Confidence Vendor file name google-api-client High Vendor jar package name api Highest Vendor jar package name client Highest Vendor jar package name google Highest Vendor jar package name googleapis Highest Vendor Manifest automatic-module-name google.api.client Medium Vendor Manifest build-jdk-spec 1.8 Low Vendor Manifest bundle-docurl https://developers.google.com/api-client-library/java/ Low Vendor Manifest bundle-symbolicname com.google.api.client.googleapis Medium Vendor Manifest Implementation-Vendor Google High Vendor Manifest Implementation-Vendor-Id com.google.api-client Medium Vendor pom artifactid google-api-client Highest Vendor pom artifactid google-api-client Low Vendor pom groupid com.google.api-client Highest Vendor pom name Google APIs Client Library for Java High Vendor pom parent-artifactid google-api-client-parent Low Product file name google-api-client High Product jar package name api Highest Product jar package name client Highest Product jar package name google Highest Product jar package name googleapis Highest Product Manifest automatic-module-name google.api.client Medium Product Manifest build-jdk-spec 1.8 Low Product Manifest bundle-docurl https://developers.google.com/api-client-library/java/ Low Product Manifest Bundle-Name Google APIs Client Library for Java Medium Product Manifest bundle-symbolicname com.google.api.client.googleapis Medium Product Manifest Implementation-Title Google APIs Client Library for Java High Product pom artifactid google-api-client Highest Product pom groupid com.google.api-client Highest Product pom name Google APIs Client Library for Java High Product pom parent-artifactid google-api-client-parent Medium Version file version 1.32.1 High Version Manifest Bundle-Version 1.32.1 High Version Manifest Implementation-Version 1.32.1 High Version pom version 1.32.1 Highest
google-api-client-gson-1.32.1.jarDescription:
GSON extensions to the Google APIs Client Library for Java License:
http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /var/simplicite/.m2/repository/com/google/api-client/google-api-client-gson/1.32.1/google-api-client-gson-1.32.1.jar
MD5: 3fb4a71b614190f543f45b29f8b911a9
SHA1: 0bcd14452a94d85d584864c72b4be2c2229acd14
SHA256: 76bd3e253c4a225a7b476c436b5dcb02fe48e22782b9887c02d1a3fffecd4a4c
Referenced In Project/Scope: Simplicite Platform:compile
google-api-client-gson-1.32.1.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.simplicite/simplicite@5.2.54
Evidence Type Source Name Value Confidence Vendor file name google-api-client-gson High Vendor jar package name api Highest Vendor jar package name client Highest Vendor jar package name google Highest Vendor jar package name googleapis Highest Vendor Manifest automatic-module-name google.api.client.gson Medium Vendor Manifest build-jdk-spec 1.8 Low Vendor Manifest bundle-docurl https://googleapis.dev/java/google-api-client/1.32.1/index.html Low Vendor Manifest bundle-symbolicname com.google.api.client.googleapis.notifications.json.gson Medium Vendor Manifest Implementation-Vendor Google High Vendor Manifest Implementation-Vendor-Id com.google.api-client Medium Vendor pom artifactid google-api-client-gson Highest Vendor pom artifactid google-api-client-gson Low Vendor pom groupid com.google.api-client Highest Vendor pom name GSON extensions to the Google APIs Client Library for Java High Vendor pom parent-artifactid google-api-client-parent Low Product file name google-api-client-gson High Product jar package name api Highest Product jar package name client Highest Product jar package name google Highest Product jar package name googleapis Highest Product Manifest automatic-module-name google.api.client.gson Medium Product Manifest build-jdk-spec 1.8 Low Product Manifest bundle-docurl https://googleapis.dev/java/google-api-client/1.32.1/index.html Low Product Manifest Bundle-Name GSON extensions to the Google APIs Client Library for Java Medium Product Manifest bundle-symbolicname com.google.api.client.googleapis.notifications.json.gson Medium Product Manifest Implementation-Title GSON extensions to the Google APIs Client Library for Java High Product pom artifactid google-api-client-gson Highest Product pom groupid com.google.api-client Highest Product pom name GSON extensions to the Google APIs Client Library for Java High Product pom parent-artifactid google-api-client-parent Medium Version file version 1.32.1 High Version Manifest Bundle-Version 1.32.1 High Version Manifest Implementation-Version 1.32.1 High Version pom version 1.32.1 Highest
google-api-services-calendar-v3-rev20210804-1.32.1.jarLicense:
The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /var/simplicite/.m2/repository/com/google/apis/google-api-services-calendar/v3-rev20210804-1.32.1/google-api-services-calendar-v3-rev20210804-1.32.1.jar
MD5: 37a443276d961e591d8bf1902c6654ab
SHA1: f86ed9f4ede41d69c995f2e6ce9a9edcf128ddc9
SHA256: ec2e3682c0fdc96404e606b7765ecbfe2f4de4fcf67c62d76144c027b611aa2d
Referenced In Project/Scope: Simplicite Platform:compile
google-api-services-calendar-v3-rev20210804-1.32.1.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.simplicite/simplicite@5.2.54
Evidence Type Source Name Value Confidence Vendor file name google-api-services-calendar-v3-rev20210804 High Vendor jar package name api Highest Vendor jar package name calendar Highest Vendor jar package name google Highest Vendor jar package name services Highest Vendor Manifest automatic-module-name com.google.api.services.calendar Medium Vendor Manifest build-jdk-spec 1.8 Low Vendor pom artifactid google-api-services-calendar Highest Vendor pom artifactid google-api-services-calendar Low Vendor pom groupid com.google.apis Highest Vendor pom name Calendar API v3-rev20210804-1.32.1 High Vendor pom organization name Google High Vendor pom organization url http://www.google.com/ Medium Product file name google-api-services-calendar-v3-rev20210804 High Product jar package name api Highest Product jar package name calendar Highest Product jar package name google Highest Product jar package name services Highest Product Manifest automatic-module-name com.google.api.services.calendar Medium Product Manifest build-jdk-spec 1.8 Low Product pom artifactid google-api-services-calendar Highest Product pom groupid com.google.apis Highest Product pom name Calendar API v3-rev20210804-1.32.1 High Product pom organization name Google Low Product pom organization url http://www.google.com/ Low Version pom version v3-rev20210804-1.32.1 Highest
google-api-services-drive-v3-rev20210725-1.32.1.jarLicense:
The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /var/simplicite/.m2/repository/com/google/apis/google-api-services-drive/v3-rev20210725-1.32.1/google-api-services-drive-v3-rev20210725-1.32.1.jar
MD5: a8237e9fc7c5b5f89fd91b1ec43216e1
SHA1: 9779ff7c932a2731e707cd5bce295a71a3a44a46
SHA256: 1dd0644e57ec6fc13e7486bb30f95810f71b617ed820f1be404ac3dc38b4a419
Referenced In Project/Scope: Simplicite Platform:compile
google-api-services-drive-v3-rev20210725-1.32.1.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.simplicite/simplicite@5.2.54
Evidence Type Source Name Value Confidence Vendor file name google-api-services-drive-v3-rev20210725 High Vendor jar package name api Highest Vendor jar package name drive Highest Vendor jar package name google Highest Vendor jar package name services Highest Vendor Manifest automatic-module-name com.google.api.services.drive Medium Vendor Manifest build-jdk-spec 1.8 Low Vendor pom artifactid google-api-services-drive Highest Vendor pom artifactid google-api-services-drive Low Vendor pom groupid com.google.apis Highest Vendor pom name Drive API v3-rev20210725-1.32.1 High Vendor pom organization name Google High Vendor pom organization url http://www.google.com/ Medium Product file name google-api-services-drive-v3-rev20210725 High Product jar package name api Highest Product jar package name drive Highest Product jar package name google Highest Product jar package name services Highest Product Manifest automatic-module-name com.google.api.services.drive Medium Product Manifest build-jdk-spec 1.8 Low Product pom artifactid google-api-services-drive Highest Product pom groupid com.google.apis Highest Product pom name Drive API v3-rev20210725-1.32.1 High Product pom organization name Google Low Product pom organization url http://www.google.com/ Low Version pom version v3-rev20210725-1.32.1 Highest
google-api-services-gmail-v1-rev20210614-1.32.1.jarLicense:
The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /var/simplicite/.m2/repository/com/google/apis/google-api-services-gmail/v1-rev20210614-1.32.1/google-api-services-gmail-v1-rev20210614-1.32.1.jar
MD5: 90003e1802549bac7b98a8d30add1215
SHA1: 11c761e27444acc5eb4d41dc6e4867b51f0ecdfa
SHA256: 67d306b01a66ee26557678b70fd7cfc721dcaf6d82986224d34407d4b9b7e037
Referenced In Project/Scope: Simplicite Platform:compile
google-api-services-gmail-v1-rev20210614-1.32.1.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.simplicite/simplicite@5.2.54
Evidence Type Source Name Value Confidence Vendor file name google-api-services-gmail-v1-rev20210614 High Vendor jar package name api Highest Vendor jar package name gmail Highest Vendor jar package name google Highest Vendor jar package name services Highest Vendor Manifest automatic-module-name com.google.api.services.gmail Medium Vendor Manifest build-jdk-spec 1.8 Low Vendor pom artifactid google-api-services-gmail Highest Vendor pom artifactid google-api-services-gmail Low Vendor pom groupid com.google.apis Highest Vendor pom name Gmail API v1-rev20210614-1.32.1 High Vendor pom organization name Google High Vendor pom organization url http://www.google.com/ Medium Product file name google-api-services-gmail-v1-rev20210614 High Product jar package name api Highest Product jar package name gmail Highest Product jar package name google Highest Product jar package name services Highest Product Manifest automatic-module-name com.google.api.services.gmail Medium Product Manifest build-jdk-spec 1.8 Low Product pom artifactid google-api-services-gmail Highest Product pom groupid com.google.apis Highest Product pom name Gmail API v1-rev20210614-1.32.1 High Product pom organization name Google Low Product pom organization url http://www.google.com/ Low Version pom version v1-rev20210614-1.32.1 Highest
google-api-services-plus-v1-rev20190328-1.30.10.jarLicense:
The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /var/simplicite/.m2/repository/com/google/apis/google-api-services-plus/v1-rev20190328-1.30.10/google-api-services-plus-v1-rev20190328-1.30.10.jar
MD5: 27f1e9ce42ebc0956aeac57c24de46b3
SHA1: 5134f9422badf1c956d5c922aad72c6eebeea6a3
SHA256: 8df825f167faac9115d3d6efa92f3a901b7901c4564d5a7e4f2ea1c0de1ddf2e
Referenced In Project/Scope: Simplicite Platform:compile
google-api-services-plus-v1-rev20190328-1.30.10.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.simplicite/simplicite@5.2.54
Evidence Type Source Name Value Confidence Vendor file name google-api-services-plus-v1-rev20190328 High Vendor jar package name api Highest Vendor jar package name google Highest Vendor jar package name plus Highest Vendor jar package name services Highest Vendor Manifest automatic-module-name com.google.api.services.plus Medium Vendor Manifest build-jdk-spec 1.8 Low Vendor pom artifactid google-api-services-plus Highest Vendor pom artifactid google-api-services-plus Low Vendor pom groupid com.google.apis Highest Vendor pom name Google+ API v1-rev20190328-1.30.10 High Vendor pom organization name Google High Vendor pom organization url http://www.google.com/ Medium Product file name google-api-services-plus-v1-rev20190328 High Product jar package name api Highest Product jar package name google Highest Product jar package name plus Highest Product jar package name services Highest Product Manifest automatic-module-name com.google.api.services.plus Medium Product Manifest build-jdk-spec 1.8 Low Product pom artifactid google-api-services-plus Highest Product pom groupid com.google.apis Highest Product pom name Google+ API v1-rev20190328-1.30.10 High Product pom organization name Google Low Product pom organization url http://www.google.com/ Low Version pom version v1-rev20190328-1.30.10 Highest
google-api-services-sheets-v4-rev20210629-1.32.1.jarLicense:
The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /var/simplicite/.m2/repository/com/google/apis/google-api-services-sheets/v4-rev20210629-1.32.1/google-api-services-sheets-v4-rev20210629-1.32.1.jar
MD5: 47ec72d0d21ea49affca8dfe00162baa
SHA1: 9f51b6639b9e7ca036e45c767c92f6c9929247c6
SHA256: f768e78cf563e10fab81338182e30ada2747a787d2647f71f7f1f50142e9945e
Referenced In Project/Scope: Simplicite Platform:compile
google-api-services-sheets-v4-rev20210629-1.32.1.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.simplicite/simplicite@5.2.54
Evidence Type Source Name Value Confidence Vendor file name google-api-services-sheets-v4-rev20210629 High Vendor jar package name api Highest Vendor jar package name google Highest Vendor jar package name services Highest Vendor jar package name sheets Highest Vendor Manifest automatic-module-name com.google.api.services.sheets Medium Vendor Manifest build-jdk-spec 1.8 Low Vendor pom artifactid google-api-services-sheets Highest Vendor pom artifactid google-api-services-sheets Low Vendor pom groupid com.google.apis Highest Vendor pom name Google Sheets API v4-rev20210629-1.32.1 High Vendor pom organization name Google High Vendor pom organization url http://www.google.com/ Medium Product file name google-api-services-sheets-v4-rev20210629 High Product jar package name api Highest Product jar package name google Highest Product jar package name services Highest Product jar package name sheets Highest Product Manifest automatic-module-name com.google.api.services.sheets Medium Product Manifest build-jdk-spec 1.8 Low Product pom artifactid google-api-services-sheets Highest Product pom groupid com.google.apis Highest Product pom name Google Sheets API v4-rev20210629-1.32.1 High Product pom organization name Google Low Product pom organization url http://www.google.com/ Low Version pom version v4-rev20210629-1.32.1 Highest
google-api-services-storage-v1-rev20210914-1.32.1.jarLicense:
The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /var/simplicite/.m2/repository/com/google/apis/google-api-services-storage/v1-rev20210914-1.32.1/google-api-services-storage-v1-rev20210914-1.32.1.jar
MD5: 7dcd44564fbc9747ffa3a77182ef7e4f
SHA1: 70f5f4c0368d8bf7a7dac77d8af7a53ea8fa41ae
SHA256: c8cddc6b675a70599ed60f501a569891c1871b7eff35b38092cdb8b76dfa9451
Referenced In Project/Scope: Simplicite Platform:compile
google-api-services-storage-v1-rev20210914-1.32.1.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.simplicite/simplicite@5.2.54
Evidence Type Source Name Value Confidence Vendor file name google-api-services-storage-v1-rev20210914 High Vendor jar package name api Highest Vendor jar package name google Highest Vendor jar package name services Highest Vendor jar package name storage Highest Vendor Manifest automatic-module-name com.google.api.services.storage Medium Vendor Manifest build-jdk-spec 1.8 Low Vendor pom artifactid google-api-services-storage Highest Vendor pom artifactid google-api-services-storage Low Vendor pom groupid com.google.apis Highest Vendor pom name Cloud Storage JSON API v1-rev20210914-1.32.1 High Vendor pom organization name Google High Vendor pom organization url http://www.google.com/ Medium Product file name google-api-services-storage-v1-rev20210914 High Product jar package name api Highest Product jar package name google Highest Product jar package name services Highest Product jar package name storage Highest Product Manifest automatic-module-name com.google.api.services.storage Medium Product Manifest build-jdk-spec 1.8 Low Product pom artifactid google-api-services-storage Highest Product pom groupid com.google.apis Highest Product pom name Cloud Storage JSON API v1-rev20210914-1.32.1 High Product pom organization name Google Low Product pom organization url http://www.google.com/ Low Version pom version v1-rev20210914-1.32.1 Highest
google-api-services-translate-v2-rev20170525-1.30.1.jarLicense:
The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /var/simplicite/.m2/repository/com/google/apis/google-api-services-translate/v2-rev20170525-1.30.1/google-api-services-translate-v2-rev20170525-1.30.1.jar
MD5: 49b810431970d3585119ebae4d372955
SHA1: d190fa670e88901a2e5247ea394f7ae2cc394c15
SHA256: ae3b32be4e5a9450a36f8fed26ea5f26bc624ec15fb4a0f1160c6c8cf0e35559
Referenced In Project/Scope: Simplicite Platform:compile
google-api-services-translate-v2-rev20170525-1.30.1.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.simplicite/simplicite@5.2.54
Evidence Type Source Name Value Confidence Vendor file name google-api-services-translate-v2-rev20170525 High Vendor jar package name api Highest Vendor jar package name google Highest Vendor jar package name services Highest Vendor jar package name translate Highest Vendor Manifest automatic-module-name com.google.api.services.translate Medium Vendor Manifest build-jdk-spec 1.8 Low Vendor pom artifactid google-api-services-translate Highest Vendor pom artifactid google-api-services-translate Low Vendor pom groupid com.google.apis Highest Vendor pom name Google Cloud Translation API v2-rev20170525-1.30.1 High Vendor pom organization name Google High Vendor pom organization url http://www.google.com/ Medium Product file name google-api-services-translate-v2-rev20170525 High Product jar package name api Highest Product jar package name google Highest Product jar package name services Highest Product jar package name translate Highest Product Manifest automatic-module-name com.google.api.services.translate Medium Product Manifest build-jdk-spec 1.8 Low Product pom artifactid google-api-services-translate Highest Product pom groupid com.google.apis Highest Product pom name Google Cloud Translation API v2-rev20170525-1.30.1 High Product pom organization name Google Low Product pom organization url http://www.google.com/ Low Version pom version v2-rev20170525-1.30.1 Highest
google-api-services-youtube-v3-rev20210915-1.32.1.jarLicense:
The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /var/simplicite/.m2/repository/com/google/apis/google-api-services-youtube/v3-rev20210915-1.32.1/google-api-services-youtube-v3-rev20210915-1.32.1.jar
MD5: 42609e482cd3a6a092156db1bb524c1c
SHA1: d58625dda3387fb1b5932b53ecd184449ff48f14
SHA256: 7b2835ef981b287f5e5cbbc9b93a08326f80cc53ebbd4a649fdce92ee7853be5
Referenced In Project/Scope: Simplicite Platform:compile
google-api-services-youtube-v3-rev20210915-1.32.1.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.simplicite/simplicite@5.2.54
Evidence Type Source Name Value Confidence Vendor file name google-api-services-youtube-v3-rev20210915 High Vendor jar package name api Highest Vendor jar package name google Highest Vendor jar package name services Highest Vendor jar package name youtube Highest Vendor Manifest automatic-module-name com.google.api.services.youtube Medium Vendor Manifest build-jdk-spec 1.8 Low Vendor pom artifactid google-api-services-youtube Highest Vendor pom artifactid google-api-services-youtube Low Vendor pom groupid com.google.apis Highest Vendor pom name YouTube Data API v3 v3-rev20210915-1.32.1 High Vendor pom organization name Google High Vendor pom organization url http://www.google.com/ Medium Product file name google-api-services-youtube-v3-rev20210915 High Product jar package name api Highest Product jar package name google Highest Product jar package name services Highest Product jar package name youtube Highest Product Manifest automatic-module-name com.google.api.services.youtube Medium Product Manifest build-jdk-spec 1.8 Low Product pom artifactid google-api-services-youtube Highest Product pom groupid com.google.apis Highest Product pom name YouTube Data API v3 v3-rev20210915-1.32.1 High Product pom organization name Google Low Product pom organization url http://www.google.com/ Low Version pom version v3-rev20210915-1.32.1 Highest
google-auth-library-credentials-1.1.0.jarFile Path: /var/simplicite/.m2/repository/com/google/auth/google-auth-library-credentials/1.1.0/google-auth-library-credentials-1.1.0.jarMD5: a540ffc780389df78a0133771e17ffb1SHA1: 7474b57ebbf57a1b80ee214a0b2b533887748c1cSHA256: 6e92f773bf4431d6ab51b5419e116b0dd31a901677e4ff96dcce48f4f2b76778Referenced In Project/Scope: Simplicite Platform:compilegoogle-auth-library-credentials-1.1.0.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.google.cloud/google-cloud-storage@2.1.4
Evidence Type Source Name Value Confidence Vendor file name google-auth-library-credentials High Vendor jar package name auth Highest Vendor jar package name credentials Highest Vendor jar package name google Highest Vendor Manifest automatic-module-name com.google.auth Medium Vendor Manifest build-jdk-spec 1.8 Low Vendor pom artifactid google-auth-library-credentials Highest Vendor pom artifactid google-auth-library-credentials Low Vendor pom groupid com.google.auth Highest Vendor pom name Google Auth Library for Java - Credentials High Vendor pom parent-artifactid google-auth-library-parent Low Product file name google-auth-library-credentials High Product jar package name auth Highest Product jar package name credentials Highest Product jar package name google Highest Product Manifest automatic-module-name com.google.auth Medium Product Manifest build-jdk-spec 1.8 Low Product pom artifactid google-auth-library-credentials Highest Product pom groupid com.google.auth Highest Product pom name Google Auth Library for Java - Credentials High Product pom parent-artifactid google-auth-library-parent Medium Version file version 1.1.0 High Version pom version 1.1.0 Highest
google-auth-library-oauth2-http-1.1.0.jarFile Path: /var/simplicite/.m2/repository/com/google/auth/google-auth-library-oauth2-http/1.1.0/google-auth-library-oauth2-http-1.1.0.jarMD5: 75d253cc91a49b849959673e933956daSHA1: 5e1faa257968291f3f79c4e9884ac606b09a1bc8SHA256: c23ebfe3ee67534143f9e2509526d4eefbb806d4ce5180754a6c721fa941c186Referenced In Project/Scope: Simplicite Platform:compilegoogle-auth-library-oauth2-http-1.1.0.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.google.cloud/google-cloud-storage@2.1.4
Evidence Type Source Name Value Confidence Vendor file name google-auth-library-oauth2-http High Vendor jar package name auth Highest Vendor jar package name google Highest Vendor jar package name http Highest Vendor jar package name oauth2 Highest Vendor Manifest automatic-module-name com.google.auth.oauth2 Medium Vendor Manifest build-jdk-spec 1.8 Low Vendor pom artifactid google-auth-library-oauth2-http Highest Vendor pom artifactid google-auth-library-oauth2-http Low Vendor pom groupid com.google.auth Highest Vendor pom name Google Auth Library for Java - OAuth2 HTTP High Vendor pom parent-artifactid google-auth-library-parent Low Product file name google-auth-library-oauth2-http High Product jar package name auth Highest Product jar package name google Highest Product jar package name http Highest Product jar package name oauth2 Highest Product Manifest automatic-module-name com.google.auth.oauth2 Medium Product Manifest build-jdk-spec 1.8 Low Product pom artifactid google-auth-library-oauth2-http Highest Product pom groupid com.google.auth Highest Product pom name Google Auth Library for Java - OAuth2 HTTP High Product pom parent-artifactid google-auth-library-parent Medium Version file version 1.1.0 High Version pom version 1.1.0 Highest
google-cloud-core-2.1.4.jarDescription:
Core module for the google-cloud.
File Path: /var/simplicite/.m2/repository/com/google/cloud/google-cloud-core/2.1.4/google-cloud-core-2.1.4.jarMD5: 7e1bccd28e0fe063399c3c41b243ac57SHA1: 82341cf77bfd7f3935a2d983407663e54a548cfeSHA256: bc89942886d3efd44398f8d94afdd5b8a58d312dd46ff991944bb11d118f8d02Referenced In Project/Scope: Simplicite Platform:compilegoogle-cloud-core-2.1.4.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.simplicite/simplicite@5.2.54
Evidence Type Source Name Value Confidence Vendor file name google-cloud-core High Vendor jar package name cloud Highest Vendor jar package name google Highest Vendor Manifest artifactid google-cloud-core Low Vendor Manifest build-jdk-spec 1.8 Low Vendor Manifest Implementation-Vendor Google LLC High Vendor Manifest specification-vendor Google LLC Low Vendor pom artifactid google-cloud-core Highest Vendor pom artifactid google-cloud-core Low Vendor pom groupid com.google.cloud Highest Vendor pom name Google Cloud Core High Vendor pom parent-artifactid google-cloud-core-parent Low Vendor pom url googleapis/java-core Highest Product file name google-cloud-core High Product jar package name cloud Highest Product jar package name google Highest Product Manifest artifactid google-cloud-core Low Product Manifest build-jdk-spec 1.8 Low Product Manifest Implementation-Title Google Cloud Core High Product Manifest specification-title Google Cloud Core Medium Product pom artifactid google-cloud-core Highest Product pom groupid com.google.cloud Highest Product pom name Google Cloud Core High Product pom parent-artifactid google-cloud-core-parent Medium Product pom url googleapis/java-core High Version file version 2.1.4 High Version Manifest Implementation-Version 2.1.4 High Version Manifest version 2.1.4 Medium Version pom version 2.1.4 Highest
google-cloud-core-grpc-2.1.4.jarDescription:
Core gRPC module for the google-cloud.
File Path: /var/simplicite/.m2/repository/com/google/cloud/google-cloud-core-grpc/2.1.4/google-cloud-core-grpc-2.1.4.jarMD5: 2d0970c0045f273bb0354f4da53fc338SHA1: f27b2c1d3dbe4edb6c5add1538e5f8c4c95d089bSHA256: 279ad084876da1a7d45a01b73b6b0867a59dec31cd158cd182872dd72d73492eReferenced In Project/Scope: Simplicite Platform:compilegoogle-cloud-core-grpc-2.1.4.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.simplicite/simplicite@5.2.54
Evidence Type Source Name Value Confidence Vendor file name google-cloud-core-grpc High Vendor jar package name cloud Highest Vendor jar package name google Highest Vendor jar package name grpc Highest Vendor Manifest artifactid google-cloud-core-grpc Low Vendor Manifest build-jdk-spec 1.8 Low Vendor Manifest Implementation-Vendor Google LLC High Vendor Manifest specification-vendor Google LLC Low Vendor pom artifactid google-cloud-core-grpc Highest Vendor pom artifactid google-cloud-core-grpc Low Vendor pom groupid com.google.cloud Highest Vendor pom name Google Cloud Core gRPC High Vendor pom parent-artifactid google-cloud-core-parent Low Vendor pom url googleapis/java-core Highest Product file name google-cloud-core-grpc High Product jar package name cloud Highest Product jar package name google Highest Product jar package name grpc Highest Product Manifest artifactid google-cloud-core-grpc Low Product Manifest build-jdk-spec 1.8 Low Product Manifest Implementation-Title Google Cloud Core gRPC High Product Manifest specification-title Google Cloud Core gRPC Medium Product pom artifactid google-cloud-core-grpc Highest Product pom groupid com.google.cloud Highest Product pom name Google Cloud Core gRPC High Product pom parent-artifactid google-cloud-core-parent Medium Product pom url googleapis/java-core High Version file version 2.1.4 High Version Manifest Implementation-Version 2.1.4 High Version Manifest version 2.1.4 Medium Version pom version 2.1.4 Highest
google-cloud-core-http-2.1.4.jarDescription:
Core http module for the google-cloud.
File Path: /var/simplicite/.m2/repository/com/google/cloud/google-cloud-core-http/2.1.4/google-cloud-core-http-2.1.4.jarMD5: 7519d02de39e2e17d8187680801f5226SHA1: a4257935f6855be8a80320a580598d62a849e0d4SHA256: 895f44d137deff4b7b46f4f50641563acedc058e81f2152adca8e1aa348e3676Referenced In Project/Scope: Simplicite Platform:compilegoogle-cloud-core-http-2.1.4.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.simplicite/simplicite@5.2.54
Evidence Type Source Name Value Confidence Vendor file name google-cloud-core-http High Vendor jar package name cloud Highest Vendor jar package name google Highest Vendor jar package name http Highest Vendor Manifest artifactid google-cloud-core-http Low Vendor Manifest build-jdk-spec 1.8 Low Vendor Manifest Implementation-Vendor Google LLC High Vendor Manifest specification-vendor Google LLC Low Vendor pom artifactid google-cloud-core-http Highest Vendor pom artifactid google-cloud-core-http Low Vendor pom groupid com.google.cloud Highest Vendor pom name Google Cloud Core HTTP High Vendor pom parent-artifactid google-cloud-core-parent Low Vendor pom url googleapis/java-core Highest Product file name google-cloud-core-http High Product jar package name cloud Highest Product jar package name google Highest Product jar package name http Highest Product Manifest artifactid google-cloud-core-http Low Product Manifest build-jdk-spec 1.8 Low Product Manifest Implementation-Title Google Cloud Core HTTP High Product Manifest specification-title Google Cloud Core HTTP Medium Product pom artifactid google-cloud-core-http Highest Product pom groupid com.google.cloud Highest Product pom name Google Cloud Core HTTP High Product pom parent-artifactid google-cloud-core-parent Medium Product pom url googleapis/java-core High Version file version 2.1.4 High Version Manifest Implementation-Version 2.1.4 High Version Manifest version 2.1.4 Medium Version pom version 2.1.4 Highest
google-cloud-firestore-2.6.1.jarDescription:
Java idiomatic client for Google Cloud Firestore. License:
Apache-2.0: https://www.apache.org/licenses/LICENSE-2.0.txt File Path: /var/simplicite/.m2/repository/com/google/cloud/google-cloud-firestore/2.6.1/google-cloud-firestore-2.6.1.jar
MD5: 089a4baeb81874c4461546f51f17fc9f
SHA1: fea3ad6874eb21a0cec7e7b27d5608fbcbce2f03
SHA256: bdc1d50e2f40c1fc9ded4af406e2813e4fa0e8b17d42335dd0e52c45b205b937
Referenced In Project/Scope: Simplicite Platform:compile
google-cloud-firestore-2.6.1.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.google.firebase/firebase-admin@8.0.1
Evidence Type Source Name Value Confidence Vendor file name google-cloud-firestore High Vendor jar package name cloud Highest Vendor jar package name firestore Highest Vendor jar package name google Highest Vendor Manifest artifactid google-cloud-firestore Low Vendor Manifest build-jdk-spec 1.8 Low Vendor Manifest Implementation-Vendor Google LLC High Vendor Manifest specification-vendor Google LLC Low Vendor pom artifactid google-cloud-firestore Highest Vendor pom artifactid google-cloud-firestore Low Vendor pom developer email andrealin@google.com Low Vendor pom developer email garrettjones@google.com Low Vendor pom developer email hzyi@google.com Low Vendor pom developer email lesv@google.com Low Vendor pom developer email michaelbausor@google.com Low Vendor pom developer email mrschmidt@google.com Low Vendor pom developer email neowu@google.com Low Vendor pom developer email pongad@google.com Low Vendor pom developer email shinfan@google.com Low Vendor pom developer email tswast@google.com Low Vendor pom developer email vam@google.com Low Vendor pom developer id andreamlin Medium Vendor pom developer id garrettjonesgoogle Medium Vendor pom developer id hzyi-google Medium Vendor pom developer id lesv Medium Vendor pom developer id michaelbausor Medium Vendor pom developer id neozwu Medium Vendor pom developer id pongad Medium Vendor pom developer id schmidt_sebastian Medium Vendor pom developer id shinfan Medium Vendor pom developer id tswast Medium Vendor pom developer id vam-google Medium Vendor pom developer name Andrea Lin Medium Vendor pom developer name Garrett Jones Medium Vendor pom developer name Hanzhen Yi Medium Vendor pom developer name Les Vogel Medium Vendor pom developer name Michael Darakananda Medium Vendor pom developer name Micheal Bausor Medium Vendor pom developer name Neo Wu Medium Vendor pom developer name Sebastian Schmidt Medium Vendor pom developer name Shin Fan Medium Vendor pom developer name Tim Swast Medium Vendor pom developer name Vadym Matsishevskyi Medium Vendor pom developer org Google Medium Vendor pom groupid com.google.cloud Highest Vendor pom name Google Cloud Firestore High Vendor pom organization name Google LLC High Vendor pom url googleapis/java-firestore Highest Product file name google-cloud-firestore High Product jar package name cloud Highest Product jar package name firestore Highest Product jar package name google Highest Product Manifest artifactid google-cloud-firestore Low Product Manifest build-jdk-spec 1.8 Low Product Manifest Implementation-Title Google Cloud Firestore High Product Manifest specification-title Google Cloud Firestore Medium Product pom artifactid google-cloud-firestore Highest Product pom developer email andrealin@google.com Low Product pom developer email garrettjones@google.com Low Product pom developer email hzyi@google.com Low Product pom developer email lesv@google.com Low Product pom developer email michaelbausor@google.com Low Product pom developer email mrschmidt@google.com Low Product pom developer email neowu@google.com Low Product pom developer email pongad@google.com Low Product pom developer email shinfan@google.com Low Product pom developer email tswast@google.com Low Product pom developer email vam@google.com Low Product pom developer id andreamlin Low Product pom developer id garrettjonesgoogle Low Product pom developer id hzyi-google Low Product pom developer id lesv Low Product pom developer id michaelbausor Low Product pom developer id neozwu Low Product pom developer id pongad Low Product pom developer id schmidt_sebastian Low Product pom developer id shinfan Low Product pom developer id tswast Low Product pom developer id vam-google Low Product pom developer name Andrea Lin Low Product pom developer name Garrett Jones Low Product pom developer name Hanzhen Yi Low Product pom developer name Les Vogel Low Product pom developer name Michael Darakananda Low Product pom developer name Micheal Bausor Low Product pom developer name Neo Wu Low Product pom developer name Sebastian Schmidt Low Product pom developer name Shin Fan Low Product pom developer name Tim Swast Low Product pom developer name Vadym Matsishevskyi Low Product pom developer org Google Low Product pom groupid com.google.cloud Highest Product pom name Google Cloud Firestore High Product pom organization name Google LLC Low Product pom url googleapis/java-firestore High Version file version 2.6.1 High Version Manifest Implementation-Version 2.6.1 High Version Manifest version 2.6.1 Medium Version pom version 2.6.1 Highest
google-cloud-pubsub-1.114.4.jarDescription:
Java idiomatic client for Google Cloud Pub/Sub License:
Apache-2.0: https://www.apache.org/licenses/LICENSE-2.0.txt File Path: /var/simplicite/.m2/repository/com/google/cloud/google-cloud-pubsub/1.114.4/google-cloud-pubsub-1.114.4.jar
MD5: 9c08e8a72e01044d0c09291a44e3afab
SHA1: 0500ce71f1018140e26cd22afc03df17b8164085
SHA256: 3cbe8b158cabd3435b6eefef6178bac0badb244a978e9d1fd18faf44f9559216
Referenced In Project/Scope: Simplicite Platform:compile
google-cloud-pubsub-1.114.4.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.simplicite/simplicite@5.2.54
Evidence Type Source Name Value Confidence Vendor file name google-cloud-pubsub High Vendor jar package name cloud Highest Vendor jar package name google Highest Vendor jar package name pubsub Highest Vendor Manifest artifactid google-cloud-pubsub Low Vendor Manifest build-jdk-spec 1.8 Low Vendor Manifest Implementation-Vendor Google LLC High Vendor Manifest specification-vendor Google LLC Low Vendor pom artifactid google-cloud-pubsub Highest Vendor pom artifactid google-cloud-pubsub Low Vendor pom developer email chingor@google.com Low Vendor pom developer id chingor Medium Vendor pom developer name Jeff Ching Medium Vendor pom developer org Google Medium Vendor pom groupid com.google.cloud Highest Vendor pom name Google Cloud Pub/Sub High Vendor pom organization name Google LLC High Vendor pom url googleapis/java-pubsub Highest Product file name google-cloud-pubsub High Product jar package name cloud Highest Product jar package name google Highest Product jar package name pubsub Highest Product Manifest artifactid google-cloud-pubsub Low Product Manifest build-jdk-spec 1.8 Low Product Manifest Implementation-Title Google Cloud Pub/Sub High Product Manifest specification-title Google Cloud Pub/Sub Medium Product pom artifactid google-cloud-pubsub Highest Product pom developer email chingor@google.com Low Product pom developer id chingor Low Product pom developer name Jeff Ching Low Product pom developer org Google Low Product pom groupid com.google.cloud Highest Product pom name Google Cloud Pub/Sub High Product pom organization name Google LLC Low Product pom url googleapis/java-pubsub High Version file version 1.114.4 High Version Manifest Implementation-Version 1.114.4 High Version Manifest version 1.114.4 Medium Version pom version 1.114.4 Highest
google-cloud-storage-2.1.4.jarDescription:
Java idiomatic client for Google Cloud Storage. License:
Apache-2.0: https://www.apache.org/licenses/LICENSE-2.0.txt File Path: /var/simplicite/.m2/repository/com/google/cloud/google-cloud-storage/2.1.4/google-cloud-storage-2.1.4.jar
MD5: 86f02993fd8d41778e17421a760376ea
SHA1: 192a4967111aec8fa14c6c805a60287fd42b0155
SHA256: f91dc7c1eef5afce79ce367ebb14cd186f05086397d1351443c312e4e5559617
Referenced In Project/Scope: Simplicite Platform:compile
google-cloud-storage-2.1.4.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.simplicite/simplicite@5.2.54
Evidence Type Source Name Value Confidence Vendor file name google-cloud-storage High Vendor jar package name cloud Highest Vendor jar package name google Highest Vendor jar package name storage Highest Vendor Manifest artifactid google-cloud-storage Low Vendor Manifest build-jdk-spec 1.8 Low Vendor Manifest Implementation-Vendor Google LLC High Vendor Manifest specification-vendor Google LLC Low Vendor pom artifactid google-cloud-storage Highest Vendor pom artifactid google-cloud-storage Low Vendor pom developer email chingor@google.com Low Vendor pom developer id chingor Medium Vendor pom developer name Jeff Ching Medium Vendor pom developer org Google Medium Vendor pom groupid com.google.cloud Highest Vendor pom name Google Cloud Storage High Vendor pom organization name Google LLC High Vendor pom url googleapis/java-storage Highest Product file name google-cloud-storage High Product jar package name cloud Highest Product jar package name google Highest Product jar package name storage Highest Product Manifest artifactid google-cloud-storage Low Product Manifest build-jdk-spec 1.8 Low Product Manifest Implementation-Title Google Cloud Storage High Product Manifest specification-title Google Cloud Storage Medium Product pom artifactid google-cloud-storage Highest Product pom developer email chingor@google.com Low Product pom developer id chingor Low Product pom developer name Jeff Ching Low Product pom developer org Google Low Product pom groupid com.google.cloud Highest Product pom name Google Cloud Storage High Product pom organization name Google LLC Low Product pom url googleapis/java-storage High Version file version 2.1.4 High Version Manifest Implementation-Version 2.1.4 High Version Manifest version 2.1.4 Medium Version pom version 2.1.4 Highest
google-cloud-storage-2.4.0.jarDescription:
jclouds components to access Google Cloud Storage File Path: /var/simplicite/.m2/repository/org/apache/jclouds/provider/google-cloud-storage/2.4.0/google-cloud-storage-2.4.0.jarMD5: 935d5f66416e6bc222a5ddbcc4af5819SHA1: f15802cae53be95ca6504ad5caced03089293d80SHA256: 0671a6e1d1e69ee84648b3f133256042ec19fee4c9909e827712effce020fb24Referenced In Project/Scope: Simplicite Platform:compilegoogle-cloud-storage-2.4.0.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.simplicite/simplicite@5.2.54
Evidence Type Source Name Value Confidence Vendor file name google-cloud-storage High Vendor jar package name jclouds Highest Vendor Manifest bundle-symbolicname google-cloud-storage Medium Vendor Manifest implementation-url https://jclouds.apache.org/google-cloud-storage/ Low Vendor Manifest Implementation-Vendor jclouds High Vendor Manifest Implementation-Vendor-Id org.apache.jclouds Medium Vendor Manifest specification-vendor jclouds Low Vendor pom artifactid google-cloud-storage Highest Vendor pom artifactid google-cloud-storage Low Vendor pom groupid org.apache.jclouds.provider Highest Vendor pom name jclouds Google Cloud Storage provider High Vendor pom parent-artifactid jclouds-project Low Vendor pom parent-groupid org.apache.jclouds Medium Product file name google-cloud-storage High Product jar package name jclouds Highest Product Manifest Bundle-Name jclouds Google Cloud Storage provider Medium Product Manifest bundle-symbolicname google-cloud-storage Medium Product Manifest Implementation-Title jclouds Google Cloud Storage provider High Product Manifest implementation-url https://jclouds.apache.org/google-cloud-storage/ Low Product Manifest specification-title jclouds jclouds Google Cloud Storage provider Medium Product pom artifactid google-cloud-storage Highest Product pom groupid org.apache.jclouds.provider Highest Product pom name jclouds Google Cloud Storage provider High Product pom parent-artifactid jclouds-project Medium Product pom parent-groupid org.apache.jclouds Medium Version file version 2.4.0 High Version Manifest Bundle-Version 2.4.0 High Version Manifest Implementation-Version 2.4.0 High Version pom version 2.4.0 Highest
google-http-client-1.40.0.jarDescription:
Google HTTP Client Library for Java. Functionality that works on all supported Java platforms,
including Java 7 (or higher) desktop (SE) and web (EE), Android, and Google App Engine.
License:
http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /var/simplicite/.m2/repository/com/google/http-client/google-http-client/1.40.0/google-http-client-1.40.0.jar
MD5: 50d47962ad50b9a6a2ae7015df5c43ee
SHA1: d18d5505dbe71ab4636001a9c3d69921dba56727
SHA256: b8cf1d7fe650a7c1a6072fe882b2c2063eab7f6d3b7475dd39122d27f9d73136
Referenced In Project/Scope: Simplicite Platform:compile
google-http-client-1.40.0.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.simplicite/simplicite@5.2.54
Evidence Type Source Name Value Confidence Vendor file name google-http-client High Vendor jar package name api Highest Vendor jar package name client Highest Vendor jar package name google Highest Vendor jar package name http Highest Vendor Manifest automatic-module-name com.google.api.client Medium Vendor Manifest build-jdk-spec 1.8 Low Vendor Manifest bundle-docurl https://www.google.com/ Low Vendor Manifest bundle-symbolicname com.google.http-client.google-http-client Medium Vendor Manifest Implementation-Vendor Google High Vendor Manifest Implementation-Vendor-Id com.google.http-client Medium Vendor pom artifactid google-http-client Highest Vendor pom artifactid google-http-client Low Vendor pom groupid com.google.http-client Highest Vendor pom name Google HTTP Client Library for Java High Vendor pom parent-artifactid google-http-client-parent Low Product file name google-http-client High Product jar package name api Highest Product jar package name client Highest Product jar package name google Highest Product jar package name http Highest Product Manifest automatic-module-name com.google.api.client Medium Product Manifest build-jdk-spec 1.8 Low Product Manifest bundle-docurl https://www.google.com/ Low Product Manifest Bundle-Name Google HTTP Client Library for Java Medium Product Manifest bundle-symbolicname com.google.http-client.google-http-client Medium Product Manifest Implementation-Title Google HTTP Client Library for Java High Product pom artifactid google-http-client Highest Product pom groupid com.google.http-client Highest Product pom name Google HTTP Client Library for Java High Product pom parent-artifactid google-http-client-parent Medium Version file version 1.40.0 High Version Manifest Bundle-Version 1.40.0 High Version Manifest Implementation-Version 1.40.0 High Version pom version 1.40.0 Highest
google-http-client-apache-v2-1.40.0.jarDescription:
Google HTTP Client Library for Java License:
http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /var/simplicite/.m2/repository/com/google/http-client/google-http-client-apache-v2/1.40.0/google-http-client-apache-v2-1.40.0.jar
MD5: cdec7271d1b694afd1db7c5ce54c9cbc
SHA1: d845bcfe730cb14a07b17120ee391e1edc7a2500
SHA256: c5e74b1c3a107ef50212051f076c72dd3410b1806ea89dcc5e333f995948ebc8
Referenced In Project/Scope: Simplicite Platform:compile
google-http-client-apache-v2-1.40.0.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.simplicite/simplicite@5.2.54
Evidence Type Source Name Value Confidence Vendor file name google-http-client-apache-v2 High Vendor jar package name api Highest Vendor jar package name client Highest Vendor jar package name google Highest Vendor jar package name http Highest Vendor Manifest automatic-module-name com.google.api.client.http.apache.v2 Medium Vendor Manifest build-jdk-spec 1.8 Low Vendor Manifest bundle-docurl https://www.google.com/ Low Vendor Manifest bundle-symbolicname com.google.http-client.google-http-client-apache-v2 Medium Vendor pom artifactid google-http-client-apache-v2 Highest Vendor pom artifactid google-http-client-apache-v2 Low Vendor pom groupid com.google.http-client Highest Vendor pom name Apache HTTP transport v2 for the Google HTTP Client Library for Java. High Vendor pom parent-artifactid google-http-client-parent Low Product file name google-http-client-apache-v2 High Product jar package name api Highest Product jar package name client Highest Product jar package name google Highest Product jar package name http Highest Product Manifest automatic-module-name com.google.api.client.http.apache.v2 Medium Product Manifest build-jdk-spec 1.8 Low Product Manifest bundle-docurl https://www.google.com/ Low Product Manifest Bundle-Name Apache HTTP transport v2 for the Google HTTP Client Library for Java. Medium Product Manifest bundle-symbolicname com.google.http-client.google-http-client-apache-v2 Medium Product pom artifactid google-http-client-apache-v2 Highest Product pom groupid com.google.http-client Highest Product pom name Apache HTTP transport v2 for the Google HTTP Client Library for Java. High Product pom parent-artifactid google-http-client-parent Medium Version file version 1.40.0 High Version Manifest Bundle-Version 1.40.0 High Version pom version 1.40.0 Highest
google-http-client-appengine-1.40.0.jarFile Path: /var/simplicite/.m2/repository/com/google/http-client/google-http-client-appengine/1.40.0/google-http-client-appengine-1.40.0.jarMD5: a200c158747ce799d321150a5b13532eSHA1: 10ffe0c4e9819d05b875faf265e20cd1ae5ca391SHA256: a9ac09b244dbf94e43f1a9b6e10b80f115f779b3909b27145e4462063daa8a1dReferenced In Project/Scope: Simplicite Platform:compilegoogle-http-client-appengine-1.40.0.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.simplicite/simplicite@5.2.54
Evidence Type Source Name Value Confidence Vendor file name google-http-client-appengine High Vendor jar package name api Highest Vendor jar package name client Highest Vendor jar package name extensions Highest Vendor jar package name google Highest Vendor Manifest automatic-module-name com.google.api.client.extensions.appengine Medium Vendor Manifest build-jdk-spec 1.8 Low Vendor pom artifactid google-http-client-appengine Highest Vendor pom artifactid google-http-client-appengine Low Vendor pom groupid com.google.http-client Highest Vendor pom name Google App Engine extensions to the Google HTTP Client Library for Java. High Vendor pom parent-artifactid google-http-client-parent Low Product file name google-http-client-appengine High Product jar package name api Highest Product jar package name client Highest Product jar package name extensions Highest Product jar package name google Highest Product Manifest automatic-module-name com.google.api.client.extensions.appengine Medium Product Manifest build-jdk-spec 1.8 Low Product pom artifactid google-http-client-appengine Highest Product pom groupid com.google.http-client Highest Product pom name Google App Engine extensions to the Google HTTP Client Library for Java. High Product pom parent-artifactid google-http-client-parent Medium Version file version 1.40.0 High Version pom version 1.40.0 Highest
google-http-client-gson-1.40.0.jarFile Path: /var/simplicite/.m2/repository/com/google/http-client/google-http-client-gson/1.40.0/google-http-client-gson-1.40.0.jarMD5: 6d215e99eed6a07356f890b2f669b3daSHA1: 20eb1d7fe604dc18cb48adedce7b354ccf499898SHA256: 6c5c98d468e16edc728e47c3d3486c69c407daeec247bad9ebfeeedae44aa4a9Referenced In Project/Scope: Simplicite Platform:compilegoogle-http-client-gson-1.40.0.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.simplicite/simplicite@5.2.54
Evidence Type Source Name Value Confidence Vendor file name google-http-client-gson High Vendor jar package name api Highest Vendor jar package name client Highest Vendor jar package name google Highest Vendor jar package name json Highest Vendor Manifest automatic-module-name com.google.api.client.json.gson Medium Vendor Manifest build-jdk-spec 1.8 Low Vendor pom artifactid google-http-client-gson Highest Vendor pom artifactid google-http-client-gson Low Vendor pom groupid com.google.http-client Highest Vendor pom name GSON extensions to the Google HTTP Client Library for Java. High Vendor pom parent-artifactid google-http-client-parent Low Product file name google-http-client-gson High Product jar package name api Highest Product jar package name client Highest Product jar package name google Highest Product jar package name json Highest Product Manifest automatic-module-name com.google.api.client.json.gson Medium Product Manifest build-jdk-spec 1.8 Low Product pom artifactid google-http-client-gson Highest Product pom groupid com.google.http-client Highest Product pom name GSON extensions to the Google HTTP Client Library for Java. High Product pom parent-artifactid google-http-client-parent Medium Version file version 1.40.0 High Version pom version 1.40.0 Highest
google-http-client-jackson-1.29.2.jarLicense:
http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /var/simplicite/.m2/repository/com/google/http-client/google-http-client-jackson/1.29.2/google-http-client-jackson-1.29.2.jar
MD5: 72ad680f4cd70758086ec12492544fcd
SHA1: 98ba3a73bbfcabbaa1105fc013305d319f6ebf32
SHA256: 54478a70cc90eb7fd7e6ab89a447a41fb1f4f98201bf4d5418d4647751538552
Referenced In Project/Scope: Simplicite Platform:compile
google-http-client-jackson-1.29.2.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.simplicite/simplicite@5.2.54
Evidence Type Source Name Value Confidence Vendor file name google-http-client-jackson High Vendor jar package name api Highest Vendor jar package name client Highest Vendor jar package name google Highest Vendor jar package name json Highest Vendor Manifest automatic-module-name com.google.api.client.json.jackson Medium Vendor Manifest bundle-docurl http://www.google.com/ Low Vendor Manifest bundle-symbolicname com.google.http-client.google-http-client-jackson Medium Vendor Manifest originally-created-by Apache Maven Bundle Plugin Low Vendor pom artifactid google-http-client-jackson Highest Vendor pom artifactid google-http-client-jackson Low Vendor pom groupid com.google.http-client Highest Vendor pom name Jackson extensions to the Google HTTP Client Library for Java. High Vendor pom parent-artifactid google-http-client-parent Low Product file name google-http-client-jackson High Product jar package name api Highest Product jar package name client Highest Product jar package name google Highest Product jar package name json Highest Product Manifest automatic-module-name com.google.api.client.json.jackson Medium Product Manifest bundle-docurl http://www.google.com/ Low Product Manifest Bundle-Name Jackson extensions to the Google HTTP Client Library for Java. Medium Product Manifest bundle-symbolicname com.google.http-client.google-http-client-jackson Medium Product Manifest originally-created-by Apache Maven Bundle Plugin Low Product pom artifactid google-http-client-jackson Highest Product pom groupid com.google.http-client Highest Product pom name Jackson extensions to the Google HTTP Client Library for Java. High Product pom parent-artifactid google-http-client-parent Medium Version file version 1.29.2 High Version Manifest Bundle-Version 1.29.2 High Version pom version 1.29.2 Highest
CVE-2020-13956 suppress
Apache HttpClient versions prior to version 4.5.13 and 5.0.3 can misinterpret malformed authority component in request URIs passed to the library as java.net.URI object and pick the wrong target host for request execution. NVD-CWE-noinfo
CVSSv2:
Base Score: MEDIUM (5.0) Vector: /AV:N/AC:L/Au:N/C:N/I:P/A:N CVSSv3:
Base Score: MEDIUM (5.3) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N References:
Vulnerable Software & Versions: (show all )
google-http-client-jackson2-1.40.0.jarFile Path: /var/simplicite/.m2/repository/com/google/http-client/google-http-client-jackson2/1.40.0/google-http-client-jackson2-1.40.0.jarMD5: e89ef887e8998c08889a9af60371ce3eSHA1: cb3c88bb3f255e10ebfc423698fb251d1b214cd2SHA256: c7997a3eee9980b2c4f1999cb52b9b453b5e65114a5cb046ec15e15e49dd6d22Referenced In Project/Scope: Simplicite Platform:compilegoogle-http-client-jackson2-1.40.0.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.simplicite/simplicite@5.2.54
Evidence Type Source Name Value Confidence Vendor file name google-http-client-jackson2 High Vendor jar package name api Highest Vendor jar package name client Highest Vendor jar package name google Highest Vendor jar package name json Highest Vendor Manifest automatic-module-name com.google.api.client.json.jackson2 Medium Vendor Manifest build-jdk-spec 1.8 Low Vendor pom artifactid google-http-client-jackson2 Highest Vendor pom artifactid google-http-client-jackson2 Low Vendor pom groupid com.google.http-client Highest Vendor pom name Jackson 2 extensions to the Google HTTP Client Library for Java. High Vendor pom parent-artifactid google-http-client-parent Low Product file name google-http-client-jackson2 High Product jar package name api Highest Product jar package name client Highest Product jar package name google Highest Product jar package name json Highest Product Manifest automatic-module-name com.google.api.client.json.jackson2 Medium Product Manifest build-jdk-spec 1.8 Low Product pom artifactid google-http-client-jackson2 Highest Product pom groupid com.google.http-client Highest Product pom name Jackson 2 extensions to the Google HTTP Client Library for Java. High Product pom parent-artifactid google-http-client-parent Medium Version file version 1.40.0 High Version pom version 1.40.0 Highest
google-java-format-1.11.0.jarDescription:
A Java source code formatter that follows Google Java Style.
File Path: /var/simplicite/.m2/repository/com/google/googlejavaformat/google-java-format/1.11.0/google-java-format-1.11.0.jarMD5: a8e0485cee059bfc0a62cd8a491f4562SHA1: 6deca3d92cbff57be7e5a288cc6fdbf7f90e64ddSHA256: 6865907d78a745018fb47b604d493c563bddfd7f6129b995e71156d9b7ec673cReferenced In Project/Scope: Simplicite Platform:compilegoogle-java-format-1.11.0.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.simplicite/simplicite@5.2.54
Evidence Type Source Name Value Confidence Vendor file name google-java-format High Vendor jar package name formatter Highest Vendor jar package name google Highest Vendor jar package name googlejavaformat Highest Vendor jar package name java Highest Vendor Manifest automatic-module-name com.google.googlejavaformat Medium Vendor Manifest implementation-url https://github.com/google/google-java-format/google-java-format Low Vendor Manifest Implementation-Vendor Google Inc. High Vendor Manifest Implementation-Vendor-Id com.google.googlejavaformat Medium Vendor pom artifactid google-java-format Highest Vendor pom artifactid google-java-format Low Vendor pom groupid com.google.googlejavaformat Highest Vendor pom name Google Java Format High Vendor pom parent-artifactid google-java-format-parent Low Product file name google-java-format High Product jar package name formatter Highest Product jar package name google Highest Product jar package name googlejavaformat Highest Product jar package name java Highest Product Manifest automatic-module-name com.google.googlejavaformat Medium Product Manifest Implementation-Title Google Java Format High Product Manifest implementation-url https://github.com/google/google-java-format/google-java-format Low Product pom artifactid google-java-format Highest Product pom groupid com.google.googlejavaformat Highest Product pom name Google Java Format High Product pom parent-artifactid google-java-format-parent Medium Version file version 1.11.0 High Version Manifest Implementation-Version 1.11.0 High Version pom version 1.11.0 Highest
google-oauth-client-1.32.1.jarDescription:
Google OAuth Client Library for Java. Functionality that works on all supported Java platforms,
including Java 7 (or higher) desktop (SE) and web (EE), Android, and Google App Engine.
License:
https://www.apache.org/licenses/LICENSE-2.0.txt File Path: /var/simplicite/.m2/repository/com/google/oauth-client/google-oauth-client/1.32.1/google-oauth-client-1.32.1.jar
MD5: 6f010b506d86723504a75fe7b185216d
SHA1: 58edd8b2fd2e10eef6fd194ebb9c933054c4a744
SHA256: 063039e4ad5ff52fc06a05e2f1a0e347cee4cbf11ea9b79aeb7a9b45d7c6dbf2
Referenced In Project/Scope: Simplicite Platform:compile
google-oauth-client-1.32.1.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.simplicite/simplicite@5.2.54
Evidence Type Source Name Value Confidence Vendor file name google-oauth-client High Vendor jar package name api Highest Vendor jar package name auth Highest Vendor jar package name client Highest Vendor jar package name google Highest Vendor Manifest automatic-module-name com.google.api.client.auth Medium Vendor Manifest build-jdk-spec 1.8 Low Vendor Manifest bundle-docurl https://www.google.com/ Low Vendor Manifest bundle-requiredexecutionenvironment JavaSE-1.7 Low Vendor Manifest bundle-symbolicname com.google.oauth-client Medium Vendor Manifest Implementation-Vendor Google High Vendor Manifest Implementation-Vendor-Id com.google.oauth-client Medium Vendor pom artifactid google-oauth-client Highest Vendor pom artifactid google-oauth-client Low Vendor pom groupid com.google.oauth-client Highest Vendor pom name Google OAuth Client Library for Java High Vendor pom parent-artifactid google-oauth-client-parent Low Product file name google-oauth-client High Product jar package name api Highest Product jar package name auth Highest Product jar package name client Highest Product jar package name google Highest Product Manifest automatic-module-name com.google.api.client.auth Medium Product Manifest build-jdk-spec 1.8 Low Product Manifest bundle-docurl https://www.google.com/ Low Product Manifest Bundle-Name Google OAuth Client Library for Java Medium Product Manifest bundle-requiredexecutionenvironment JavaSE-1.7 Low Product Manifest bundle-symbolicname com.google.oauth-client Medium Product Manifest Implementation-Title Google OAuth Client Library for Java High Product pom artifactid google-oauth-client Highest Product pom groupid com.google.oauth-client Highest Product pom name Google OAuth Client Library for Java High Product pom parent-artifactid google-oauth-client-parent Medium Version file version 1.32.1 High Version Manifest Bundle-Version 1.32.1 High Version Manifest Implementation-Version 1.32.1 High Version pom version 1.32.1 Highest
CVE-2021-22573 suppress
The vulnerability is that IDToken verifier does not verify if token is properly signed. Signature verification makes sure that the token's payload comes from valid provider, not from someone else. An attacker can provide a compromised token with custom payload. The token will pass the validation on the client side. We recommend upgrading to version 1.33.3 or above CWE-347 Improper Verification of Cryptographic Signature
CVSSv2:
Base Score: LOW (3.5) Vector: /AV:N/AC:M/Au:S/C:N/I:P/A:N CVSSv3:
Base Score: HIGH (7.3) Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N References:
Vulnerable Software & Versions:
googlecloud-2.4.0.jarDescription:
jclouds components common to Google Cloud products File Path: /var/simplicite/.m2/repository/org/apache/jclouds/common/googlecloud/2.4.0/googlecloud-2.4.0.jarMD5: d4d56554f7170451abab0c773c53d39aSHA1: 2a6f27ae2a7cc35442660337b59082d0a9cf647fSHA256: bf4a2309869e86a2c3197e16a6f9484660ebdb23b0376d01db5fae64d64accd5Referenced In Project/Scope: Simplicite Platform:compilegooglecloud-2.4.0.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.apache.jclouds.provider/google-cloud-storage@2.4.0
Evidence Type Source Name Value Confidence Vendor file name googlecloud High Vendor jar package name googlecloud Highest Vendor jar package name jclouds Highest Vendor Manifest bundle-symbolicname googlecloud Medium Vendor Manifest implementation-url https://jclouds.apache.org/googlecloud/ Low Vendor Manifest Implementation-Vendor jclouds High Vendor Manifest Implementation-Vendor-Id org.apache.jclouds Medium Vendor Manifest specification-vendor jclouds Low Vendor pom artifactid googlecloud Highest Vendor pom artifactid googlecloud Low Vendor pom groupid org.apache.jclouds.common Highest Vendor pom name jclouds Google Cloud Core High Vendor pom parent-artifactid jclouds-project Low Vendor pom parent-groupid org.apache.jclouds Medium Product file name googlecloud High Product jar package name googlecloud Highest Product jar package name jclouds Highest Product Manifest Bundle-Name jclouds Google Cloud Core Medium Product Manifest bundle-symbolicname googlecloud Medium Product Manifest Implementation-Title jclouds Google Cloud Core High Product Manifest implementation-url https://jclouds.apache.org/googlecloud/ Low Product Manifest specification-title jclouds jclouds Google Cloud Core Medium Product pom artifactid googlecloud Highest Product pom groupid org.apache.jclouds.common Highest Product pom name jclouds Google Cloud Core High Product pom parent-artifactid jclouds-project Medium Product pom parent-groupid org.apache.jclouds Medium Version file version 2.4.0 High Version Manifest Bundle-Version 2.4.0 High Version Manifest Implementation-Version 2.4.0 High Version pom version 2.4.0 Highest
gopd:1.0.1Description:
`Object.getOwnPropertyDescriptor`, but accounts for IE's broken implementation. License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?which-typed-array:1.1.9/gopd:^1.0.1
Referenced In Projects/Scopes: simplicite-js:5.2.54/es-abstract:1.21.2 simplicite-js:5.2.54/is-typed-array:1.1.10 simplicite-js:5.2.54/which-typed-array:1.1.9 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author Jordan Harband <ljharb@gmail.com> Highest Vendor package.json bugs.url https://github.com/ljharb/gopd/issues Highest Vendor package.json description `Object.getOwnPropertyDescriptor`, but accounts for IE's broken implementation. Highest Vendor package.json homepage https://github.com/ljharb/gopd#readme Highest Vendor package.json name gopd Highest Vendor package.json name gopd_project Highest Product package.json name gopd Highest Version package.json version 1.0.1 Highest
Related Dependencies gopd:1.0.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?/gopd:1.0.1 pkg:npm/gopd@1.0.1 gopd:1.0.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?es-abstract:1.21.2/gopd:^1.0.1 pkg:npm/gopd@1.0.1 gopd:1.0.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?is-typed-array:1.1.10/gopd:^1.0.1 pkg:npm/gopd@1.0.1 got:12.6.1Description:
Human-friendly and powerful HTTP request library for Node.js License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?package-json:8.1.1/got:^12.1.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/package-json:8.1.1 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json description Human-friendly and powerful HTTP request library for Node.js Highest Vendor package.json name got Highest Vendor package.json name got_project Highest Product package.json name got Highest Version package.json version 12.6.1 Highest
Related Dependencies got:12.6.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?/got:12.6.1 pkg:npm/got@12.6.1 got:13.0.0Description:
Human-friendly and powerful HTTP request library for Node.js License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/got:13.0.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/license-report:6.5.0 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json description Human-friendly and powerful HTTP request library for Node.js Highest Vendor package.json name got Highest Vendor package.json name got_project Highest Product package.json name got Highest Version package.json version 13.0.0 Highest
Related Dependencies got:13.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?license-report:6.5.0/got:^13.0.0 pkg:npm/got@13.0.0 got:9.6.0Description:
Simplified HTTP requests License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/got:9.6.0
Referenced In Projects/Scopes: simplicite-js:5.2.54 simplicite-js:5.2.54/package-json:6.5.0 Evidence Type Source Name Value Confidence Vendor package.json description Simplified HTTP requests Highest Vendor package.json name got Highest Vendor package.json name got_project Highest Product package.json name got Highest Version package.json version 9.6.0 Highest
Related Dependencies got:9.6.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?package-json:6.5.0/got:^9.6.0 pkg:npm/got@9.6.0 CVE-2022-33987 suppress
The got package before 12.1.0 (also fixed in 11.8.5) for Node.js allows a redirect to a UNIX socket. NVD-CWE-noinfo
CVSSv2:
Base Score: MEDIUM (5.0) Vector: /AV:N/AC:L/Au:N/C:N/I:P/A:N CVSSv3:
Base Score: MEDIUM (5.3) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N References:
Vulnerable Software & Versions:
graceful-fs:4.2.11Description:
A drop-in replacement for fs, making various improvements. License:
ISC File Path: /var/simplicite/simplicite-5.2/package-lock.json?configstore:6.0.0/graceful-fs:^4.2.6
Referenced In Projects/Scopes: simplicite-js:5.2.54/configstore:6.0.0 simplicite-js:5.2.54/@pnpm/network.ca-file:1.0.2 simplicite-js:5.2.54/klaw:3.0.0 simplicite-js:5.2.54/load-yaml-file:0.2.0 simplicite-js:5.2.54/fs-extra:8.1.0 simplicite-js:5.2.54/node-gyp:9.4.0 simplicite-js:5.2.54 simplicite-js:5.2.54/configstore:5.0.1 Evidence Type Source Name Value Confidence Vendor package.json description A drop-in replacement for fs, making various improvements. Highest Vendor package.json name graceful-fs Highest Vendor package.json name graceful-fs_project Highest Product package.json name graceful-fs Highest Version package.json version 4.2.11 Highest
Related Dependencies graceful-fs:4.2.10File Path: /var/simplicite/simplicite-5.2/package-lock.json?/graceful-fs:4.2.10 pkg:npm/graceful-fs@4.2.10 graceful-fs:4.2.10File Path: /var/simplicite/simplicite-5.2/package-lock.json?@pnpm/network.ca-file:1.0.2/graceful-fs:4.2.10 pkg:npm/graceful-fs@4.2.10 graceful-fs:4.2.11File Path: /var/simplicite/simplicite-5.2/package-lock.json?/graceful-fs:4.2.11 pkg:npm/graceful-fs@4.2.11 graceful-fs:4.2.11File Path: /var/simplicite/simplicite-5.2/package-lock.json?configstore:5.0.1/graceful-fs:^4.1.2 pkg:npm/graceful-fs@4.2.11 graceful-fs:4.2.11File Path: /var/simplicite/simplicite-5.2/package-lock.json?fs-extra:8.1.0/graceful-fs:^4.2.0 pkg:npm/graceful-fs@4.2.11 graceful-fs:4.2.11File Path: /var/simplicite/simplicite-5.2/package-lock.json?klaw:3.0.0/graceful-fs:^4.1.9 pkg:npm/graceful-fs@4.2.11 graceful-fs:4.2.11File Path: /var/simplicite/simplicite-5.2/package-lock.json?load-yaml-file:0.2.0/graceful-fs:^4.1.5 pkg:npm/graceful-fs@4.2.11 graceful-fs:4.2.11File Path: /var/simplicite/simplicite-5.2/package-lock.json?node-gyp:9.4.0/graceful-fs:^4.2.6 pkg:npm/graceful-fs@4.2.11 graphemer:1.4.0Description:
A JavaScript library that breaks strings into their individual user-perceived characters (including emojis!) License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/graphemer:1.4.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/eslint:8.56.0 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author Matt Davies <matt@filament.so> (https://github.com/mattpauldavies) Highest Vendor package.json bugs https://github.com/flmnt/graphemer/issues Highest Vendor package.json description A JavaScript library that breaks strings into their individual user-perceived characters (including emojis!) Highest Vendor package.json homepage https://github.com/flmnt/graphemer Highest Vendor package.json name graphemer Highest Vendor package.json name graphemer_project Highest Product package.json name graphemer Highest Version package.json version 1.4.0 Highest
Related Dependencies graphemer:1.4.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?eslint:8.56.0/graphemer:^1.4.0 pkg:npm/graphemer@1.4.0 graphics2d-0.32.jarDescription:
Graphics2D Bridge for Apache PDFBox File Path: /var/simplicite/.m2/repository/de/rototor/pdfbox/graphics2d/0.32/graphics2d-0.32.jarMD5: 164b89cef806e962457f2dda37915993SHA1: d8892871a9a1446e94f25eb625a7eec3bfa31b15SHA256: 37f8f387395f96c214ac44f7475c7a2e1f832dfc1de289a3610e0ffbf728f679Referenced In Project/Scope: Simplicite Platform:compilegraphics2d-0.32.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.openhtmltopdf/openhtmltopdf-pdfbox@1.0.10
Evidence Type Source Name Value Confidence Vendor file name graphics2d High Vendor jar package name de Highest Vendor jar package name graphics2d Highest Vendor jar package name pdfbox Highest Vendor jar package name rototor Highest Vendor Manifest automatic-module-name de.rototor.pdfbox.graphics2d Medium Vendor Manifest build-jdk-spec 11 Low Vendor pom artifactid graphics2d Highest Vendor pom artifactid graphics2d Low Vendor pom groupid de.rototor.pdfbox Highest Vendor pom name PDFBox-Graphics2d High Vendor pom parent-artifactid pdfboxgraphics2d-parent Low Product file name graphics2d High Product jar package name de Highest Product jar package name graphics2d Highest Product jar package name pdfbox Highest Product jar package name rototor Highest Product Manifest automatic-module-name de.rototor.pdfbox.graphics2d Medium Product Manifest build-jdk-spec 11 Low Product pom artifactid graphics2d Highest Product pom groupid de.rototor.pdfbox Highest Product pom name PDFBox-Graphics2d High Product pom parent-artifactid pdfboxgraphics2d-parent Medium Version file version 0.32 High Version pom version 0.32 Highest
grib-4.5.5.jarDescription:
Decoder for the GRIB format.
File Path: /var/simplicite/.m2/repository/edu/ucar/grib/4.5.5/grib-4.5.5.jarMD5: 0cb80276d8ea89cacc1d5632dbf39fe9SHA1: cfe552910e9a8d57ce71134796abb281a74ead16SHA256: 1e0492135f421f554c4651a95225f27f2a3230e993329f69348110f8521c32d9Referenced In Project/Scope: Simplicite Platform:compilegrib-4.5.5.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.apache.tika/tika-parsers@1.27
Evidence Type Source Name Value Confidence Vendor file name grib High Vendor jar package name collection Highest Vendor jar package name grib Highest Vendor jar package name thredds Highest Vendor jar package name ucar Highest Vendor Manifest built-on 20150306.1537 Low Vendor Manifest Implementation-Vendor UCAR/Unidata High Vendor Manifest Implementation-Vendor-Id edu.ucar Medium Vendor pom artifactid grib Highest Vendor pom artifactid grib Low Vendor pom developer email caron@unidata.ucar.edu Low Vendor pom developer id caron Medium Vendor pom developer name John Caron Medium Vendor pom developer name Robb Kambic Medium Vendor pom developer org UCAR/UNIDATA Medium Vendor pom developer org URL http://www.unidata.ucar.edu/ Medium Vendor pom groupid edu.ucar Highest Vendor pom name GRIB IOSP and Feature Collection High Vendor pom parent-artifactid thredds-parent Low Vendor pom url http://www.unidata.ucar.edu/software/netcdf-java/ Highest Product file name grib High Product jar package name collection Highest Product jar package name grib Highest Product jar package name thredds Highest Product jar package name ucar Highest Product Manifest built-on 20150306.1537 Low Product Manifest Implementation-Title GRIB IOSP and Feature Collection High Product pom artifactid grib Highest Product pom developer email caron@unidata.ucar.edu Low Product pom developer id caron Low Product pom developer name John Caron Low Product pom developer name Robb Kambic Low Product pom developer org UCAR/UNIDATA Low Product pom developer org URL http://www.unidata.ucar.edu/ Low Product pom groupid edu.ucar Highest Product pom name GRIB IOSP and Feature Collection High Product pom parent-artifactid thredds-parent Medium Product pom url http://www.unidata.ucar.edu/software/netcdf-java/ Medium Version file version 4.5.5 High Version Manifest Implementation-Version 4.5.5 High Version pom version 4.5.5 Highest
grpc-core-1.40.1.jarDescription:
gRPC: Core License:
Apache 2.0: https://opensource.org/licenses/Apache-2.0 File Path: /var/simplicite/.m2/repository/io/grpc/grpc-core/1.40.1/grpc-core-1.40.1.jar
MD5: 1797c07e8514720eefcca36af23b36a1
SHA1: 1db817d971cdeba5017e1adf056ca0f8f8a2d748
SHA256: c32e97f7b937445cde40e88760df8a308bc2c2420ff0d00a3ce2025fde939e0f
Referenced In Project/Scope: Simplicite Platform:compile
grpc-core-1.40.1.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.google.cloud/google-cloud-core-grpc@2.1.4
Evidence Type Source Name Value Confidence Vendor file name grpc-core High Vendor jar package name grpc Highest Vendor jar package name io Highest Vendor Manifest source-compatibility 1.7 Low Vendor Manifest target-compatibility 1.7 Low Vendor pom artifactid grpc-core Highest Vendor pom artifactid grpc-core Low Vendor pom developer email grpc-io@googlegroups.com Low Vendor pom developer id grpc.io Medium Vendor pom developer name gRPC Contributors Medium Vendor pom developer org gRPC Authors Medium Vendor pom developer org URL https://www.google.com Medium Vendor pom groupid io.grpc Highest Vendor pom name io.grpc:grpc-core High Vendor pom url grpc/grpc-java Highest Product file name grpc-core High Product jar package name grpc Highest Product jar package name io Highest Product Manifest Implementation-Title grpc-core High Product Manifest source-compatibility 1.7 Low Product Manifest target-compatibility 1.7 Low Product pom artifactid grpc-core Highest Product pom developer email grpc-io@googlegroups.com Low Product pom developer id grpc.io Low Product pom developer name gRPC Contributors Low Product pom developer org gRPC Authors Low Product pom developer org URL https://www.google.com Low Product pom groupid io.grpc Highest Product pom name io.grpc:grpc-core High Product pom url grpc/grpc-java High Version file version 1.40.1 High Version Manifest Implementation-Version 1.40.1 High Version pom version 1.40.1 Highest
Related Dependencies grpc-alts-1.40.1.jarFile Path: /var/simplicite/.m2/repository/io/grpc/grpc-alts/1.40.1/grpc-alts-1.40.1.jar MD5: bee524cca9a4f4222c863192ce9e2355 SHA1: 5b0269646fc3da7433119356b36fb8716d57acee SHA256: 4bf7631599068278a166f1c4d2f34c956d1b7271fb55ee53da00c58c026a5879 pkg:maven/io.grpc/grpc-alts@1.40.1 grpc-api-1.40.1.jarFile Path: /var/simplicite/.m2/repository/io/grpc/grpc-api/1.40.1/grpc-api-1.40.1.jar MD5: 4426b1b3239235b1350cf03f5787de3e SHA1: 2bff3c4914cbeecc6284da74edae6737a0a183cd SHA256: 9c33559cba6ad4eb3f2ed8a24a0c12eb591595f565d95122d2f1da28a20caa37 pkg:maven/io.grpc/grpc-api@1.40.1 grpc-auth-1.40.1.jarFile Path: /var/simplicite/.m2/repository/io/grpc/grpc-auth/1.40.1/grpc-auth-1.40.1.jar MD5: 611f4fe8dd3b2d73e9b5600768554eee SHA1: 7c30d0207c392f78c9443fd65bd7eb6c63b8f7b6 SHA256: 585918135cde2ecb800eab158db7b0598b536d09fd1a622955cf68a14c1fb372 pkg:maven/io.grpc/grpc-auth@1.40.1 grpc-context-1.40.1.jarFile Path: /var/simplicite/.m2/repository/io/grpc/grpc-context/1.40.1/grpc-context-1.40.1.jar MD5: 35d54e6d7987721db7be679e084bf060 SHA1: 115297cced45e41370f101dcc028a39fb5f65fcd SHA256: 8ac7129db6ad9976aa38811d51a51d2535e7875a21e87b7bafad2c84cb9de265 pkg:maven/io.grpc/grpc-context@1.40.1 grpc-grpclb-1.40.1.jarFile Path: /var/simplicite/.m2/repository/io/grpc/grpc-grpclb/1.40.1/grpc-grpclb-1.40.1.jar MD5: 0549264ec63ad730cbf97d33574058b8 SHA1: 223bd7eb87e73a6085e51485c546d04abf28d0cb SHA256: 60af7950afd84fe4cca09bb796bca02c9187a3a8802e5393b1560eabff4acb15 pkg:maven/io.grpc/grpc-grpclb@1.40.1 grpc-netty-shaded-1.40.1.jarFile Path: /var/simplicite/.m2/repository/io/grpc/grpc-netty-shaded/1.40.1/grpc-netty-shaded-1.40.1.jar MD5: 33d4f126a0aa364e0f430870fedbe9a9 SHA1: bfbbd4f3ce33526c9599709d4b92546227bd0e9b SHA256: 9c51df1fe3dee030831944e9e9d6ae7a527f8dc0ac683f6a63fa5a1e2c326c51 pkg:maven/io.grpc/grpc-netty-shaded@1.40.1 grpc-stub-1.40.1.jarFile Path: /var/simplicite/.m2/repository/io/grpc/grpc-stub/1.40.1/grpc-stub-1.40.1.jar MD5: e06b9adb30aebe66a77e05534c3033d9 SHA1: d852f1d8ac800c9a2c047ae70370dd833c603c52 SHA256: 110730e0b57e77f17530b8ecd7972447a531410b06b6ad1c1f910884a5a13638 pkg:maven/io.grpc/grpc-stub@1.40.1 CVE-2023-33953 suppress
gRPC contains a vulnerability that allows hpack table accounting errors could lead to unwanted disconnects between clients and servers in exceptional cases/ Three vectors were found that allow the following DOS attacks:
- Unbounded memory buffering in the HPACK parser
- Unbounded CPU consumption in the HPACK parser
The unbounded CPU consumption is down to a copy that occurred per-input-block in the parser, and because that could be unbounded due to the memory copy bug we end up with an O(n^2) parsing loop, with n selected by the client.
The unbounded memory buffering bugs:
- The header size limit check was behind the string reading code, so we needed to first buffer up to a 4 gigabyte string before rejecting it as longer than 8 or 16kb.
- HPACK varints have an encoding quirk whereby an infinite number of 0’s can be added at the start of an integer. gRPC’s hpack parser needed to read all of them before concluding a parse.
- gRPC’s metadata overflow check was performed per frame, so that the following sequence of frames could cause infinite buffering: HEADERS: containing a: 1 CONTINUATION: containing a: 2 CONTINUATION: containing a: 3 etc… CWE-834 Excessive Iteration, CWE-770 Allocation of Resources Without Limits or Throttling
CVSSv3:
Base Score: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H References:
Vulnerable Software & Versions: (show all )
CVE-2023-44487 suppress
CISA Known Exploited Vulnerability: Product: IETF HTTP/2 Name: HTTP/2 Rapid Reset Attack Vulnerability Date Added: 2023-10-10 Description: HTTP/2 contains a rapid reset vulnerability that allows for a distributed denial-of-service attack (DDoS). Required Action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable. Due Date: 2023-10-31 Notes: https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack/
The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023. CWE-400 Uncontrolled Resource Consumption
CVSSv3:
Base Score: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H References:
Vulnerable Software & Versions: (show all )
CVE-2023-4785 suppress
Lack of error handling in the TCP server in Google's gRPC starting version 1.23 on posix-compatible platforms (ex. Linux) allows an attacker to cause a denial of service by initiating a significant number of connections with the server. Note that gRPC C++ Python, and Ruby are affected, but gRPC Java, and Go are NOT affected. NVD-CWE-noinfo
CVSSv3:
Base Score: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H References:
Vulnerable Software & Versions: (show all )
CVE-2023-32732 suppress
gRPC contains a vulnerability whereby a client can cause a termination of connection between a HTTP2 proxy and a gRPC server: a base64 encoding error for `-bin` suffixed headers will result in a disconnection by the gRPC server, but is typically allowed by HTTP2 proxies. We recommend upgrading beyond the commit in https://github.com/grpc/grpc/pull/32309 https://www.google.com/url
NVD-CWE-Other
CVSSv3:
Base Score: MEDIUM (5.3) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L References:
Vulnerable Software & Versions:
grpc-netty-shaded-1.40.1.jar: io_grpc_netty_shaded_netty_tcnative_windows_x86_64.dllFile Path: /var/simplicite/.m2/repository/io/grpc/grpc-netty-shaded/1.40.1/grpc-netty-shaded-1.40.1.jar/META-INF/native/io_grpc_netty_shaded_netty_tcnative_windows_x86_64.dllMD5: df40caf232172f5ce179cefa36743933SHA1: 76188b994e5e178da647e2406cb36f47dc6ccf1fSHA256: 22237bcda94eda9244f3bd8d6d3b80e8af0e1ccc952d8541a2cf53c2a8313951Referenced In Project/Scope: Simplicite Platform:compile
Evidence Type Source Name Value Confidence Vendor file name io_grpc_netty_shaded_netty_tcnative_windows_x86_64 High Product file name io_grpc_netty_shaded_netty_tcnative_windows_x86_64 High
grpc-protobuf-1.40.1.jarDescription:
gRPC: Protobuf License:
Apache 2.0: https://opensource.org/licenses/Apache-2.0 File Path: /var/simplicite/.m2/repository/io/grpc/grpc-protobuf/1.40.1/grpc-protobuf-1.40.1.jar
MD5: ad86e87c3dac1394641124c08cea2666
SHA1: a8b5db3ba7a573104d851cf0cdf51b824514ac85
SHA256: 8c00437701483c73977144fac6313403475b448cb5e913ac54efc3f3cb1d44f8
Referenced In Project/Scope: Simplicite Platform:compile
grpc-protobuf-1.40.1.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.google.cloud/google-cloud-pubsub@1.114.4
Evidence Type Source Name Value Confidence Vendor file name grpc-protobuf High Vendor jar package name grpc Highest Vendor jar package name io Highest Vendor jar package name protobuf Highest Vendor Manifest source-compatibility 1.7 Low Vendor Manifest target-compatibility 1.7 Low Vendor pom artifactid grpc-protobuf Highest Vendor pom artifactid grpc-protobuf Low Vendor pom developer email grpc-io@googlegroups.com Low Vendor pom developer id grpc.io Medium Vendor pom developer name gRPC Contributors Medium Vendor pom developer org gRPC Authors Medium Vendor pom developer org URL https://www.google.com Medium Vendor pom groupid io.grpc Highest Vendor pom name io.grpc:grpc-protobuf High Vendor pom url grpc/grpc-java Highest Product file name grpc-protobuf High Product jar package name grpc Highest Product jar package name io Highest Product jar package name protobuf Highest Product Manifest Implementation-Title grpc-protobuf High Product Manifest source-compatibility 1.7 Low Product Manifest target-compatibility 1.7 Low Product pom artifactid grpc-protobuf Highest Product pom developer email grpc-io@googlegroups.com Low Product pom developer id grpc.io Low Product pom developer name gRPC Contributors Low Product pom developer org gRPC Authors Low Product pom developer org URL https://www.google.com Low Product pom groupid io.grpc Highest Product pom name io.grpc:grpc-protobuf High Product pom url grpc/grpc-java High Version file version 1.40.1 High Version Manifest Implementation-Version 1.40.1 High Version pom version 1.40.1 Highest
Related Dependencies grpc-protobuf-lite-1.40.1.jarFile Path: /var/simplicite/.m2/repository/io/grpc/grpc-protobuf-lite/1.40.1/grpc-protobuf-lite-1.40.1.jar MD5: b66409559c67dcb4a639cf6564c2349a SHA1: 6459fb050c82b8683906cff6809ca12268c43d32 SHA256: c17fe8f4f6a3ff60f2dc1c5119815c5bcbcc3967e60ab1e538272459e4fd69a7 pkg:maven/io.grpc/grpc-protobuf-lite@1.40.1 CVE-2023-33953 suppress
gRPC contains a vulnerability that allows hpack table accounting errors could lead to unwanted disconnects between clients and servers in exceptional cases/ Three vectors were found that allow the following DOS attacks:
- Unbounded memory buffering in the HPACK parser
- Unbounded CPU consumption in the HPACK parser
The unbounded CPU consumption is down to a copy that occurred per-input-block in the parser, and because that could be unbounded due to the memory copy bug we end up with an O(n^2) parsing loop, with n selected by the client.
The unbounded memory buffering bugs:
- The header size limit check was behind the string reading code, so we needed to first buffer up to a 4 gigabyte string before rejecting it as longer than 8 or 16kb.
- HPACK varints have an encoding quirk whereby an infinite number of 0’s can be added at the start of an integer. gRPC’s hpack parser needed to read all of them before concluding a parse.
- gRPC’s metadata overflow check was performed per frame, so that the following sequence of frames could cause infinite buffering: HEADERS: containing a: 1 CONTINUATION: containing a: 2 CONTINUATION: containing a: 3 etc… CWE-834 Excessive Iteration, CWE-770 Allocation of Resources Without Limits or Throttling
CVSSv3:
Base Score: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H References:
Vulnerable Software & Versions: (show all )
CVE-2023-44487 suppress
CISA Known Exploited Vulnerability: Product: IETF HTTP/2 Name: HTTP/2 Rapid Reset Attack Vulnerability Date Added: 2023-10-10 Description: HTTP/2 contains a rapid reset vulnerability that allows for a distributed denial-of-service attack (DDoS). Required Action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable. Due Date: 2023-10-31 Notes: https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack/
The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023. CWE-400 Uncontrolled Resource Consumption
CVSSv3:
Base Score: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H References:
Vulnerable Software & Versions: (show all )
CVE-2023-4785 suppress
Lack of error handling in the TCP server in Google's gRPC starting version 1.23 on posix-compatible platforms (ex. Linux) allows an attacker to cause a denial of service by initiating a significant number of connections with the server. Note that gRPC C++ Python, and Ruby are affected, but gRPC Java, and Go are NOT affected. NVD-CWE-noinfo
CVSSv3:
Base Score: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H References:
Vulnerable Software & Versions: (show all )
CVE-2023-32732 suppress
gRPC contains a vulnerability whereby a client can cause a termination of connection between a HTTP2 proxy and a gRPC server: a base64 encoding error for `-bin` suffixed headers will result in a disconnection by the gRPC server, but is typically allowed by HTTP2 proxies. We recommend upgrading beyond the commit in https://github.com/grpc/grpc/pull/32309 https://www.google.com/url
NVD-CWE-Other
CVSSv3:
Base Score: MEDIUM (5.3) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L References:
Vulnerable Software & Versions:
gson-2.8.6.jarDescription:
Gson JSON library File Path: /var/simplicite/.m2/repository/com/google/code/gson/gson/2.8.6/gson-2.8.6.jarMD5: 310f5841387183aca7900fead98d4858SHA1: 9180733b7df8542621dc12e21e87557e8c99b8cbSHA256: c8fb4839054d280b3033f800d1f5a97de2f028eb8ba2eb458ad287e536f3f25fReferenced In Project/Scope: Simplicite Platform:compilegson-2.8.6.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.google.protobuf/protobuf-java-util@3.17.3
Evidence Type Source Name Value Confidence Vendor file name gson High Vendor jar package name google Highest Vendor jar package name gson Highest Vendor Manifest bundle-contactaddress https://github.com/google/gson Low Vendor Manifest bundle-requiredexecutionenvironment J2SE-1.5, JavaSE-1.6, JavaSE-1.7, JavaSE-1.8 Low Vendor Manifest bundle-symbolicname com.google.gson Medium Vendor pom artifactid gson Highest Vendor pom artifactid gson Low Vendor pom groupid com.google.code.gson Highest Vendor pom name Gson High Vendor pom parent-artifactid gson-parent Low Product file name gson High Product jar package name google Highest Product jar package name gson Highest Product Manifest bundle-contactaddress https://github.com/google/gson Low Product Manifest Bundle-Name Gson Medium Product Manifest bundle-requiredexecutionenvironment J2SE-1.5, JavaSE-1.6, JavaSE-1.7, JavaSE-1.8 Low Product Manifest bundle-symbolicname com.google.gson Medium Product pom artifactid gson Highest Product pom groupid com.google.code.gson Highest Product pom name Gson High Product pom parent-artifactid gson-parent Medium Version file version 2.8.6 High Version Manifest Bundle-Version 2.8.6 High Version pom version 2.8.6 Highest
CVE-2022-25647 suppress
The package com.google.code.gson:gson before 2.8.9 are vulnerable to Deserialization of Untrusted Data via the writeReplace() method in internal classes, which may lead to DoS attacks. CWE-502 Deserialization of Untrusted Data
CVSSv2:
Base Score: MEDIUM (5.0) Vector: /AV:N/AC:L/Au:N/C:N/I:N/A:P CVSSv3:
Base Score: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H References:
Vulnerable Software & Versions: (show all )
guava-30.1.1-jre.jarDescription:
Guava is a suite of core and expanded libraries that include
utility classes, Google's collections, I/O classes, and
much more.
License:
http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /var/simplicite/.m2/repository/com/google/guava/guava/30.1.1-jre/guava-30.1.1-jre.jar
MD5: 05374f163d0a4141db672fff9df95b12
SHA1: 87e0fd1df874ea3cbe577702fe6f17068b790fd8
SHA256: 44ce229ce26d880bf3afc362bbfcec34d7e6903d195bbb1db9f3b6e0d9834f06
Referenced In Project/Scope: Simplicite Platform:compile
guava-30.1.1-jre.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.simplicite/simplicite@5.2.54
Evidence Type Source Name Value Confidence Vendor file name guava High Vendor jar package name common Highest Vendor jar package name google Highest Vendor Manifest automatic-module-name com.google.common Medium Vendor Manifest bundle-docurl https://github.com/google/guava/ Low Vendor Manifest bundle-symbolicname com.google.guava Medium Vendor pom artifactid guava Highest Vendor pom artifactid guava Low Vendor pom groupid com.google.guava Highest Vendor pom name Guava: Google Core Libraries for Java High Vendor pom parent-artifactid guava-parent Low Product file name guava High Product jar package name common Highest Product jar package name google Highest Product Manifest automatic-module-name com.google.common Medium Product Manifest bundle-docurl https://github.com/google/guava/ Low Product Manifest Bundle-Name Guava: Google Core Libraries for Java Medium Product Manifest bundle-symbolicname com.google.guava Medium Product pom artifactid guava Highest Product pom groupid com.google.guava Highest Product pom name Guava: Google Core Libraries for Java High Product pom parent-artifactid guava-parent Medium Version pom version 30.1.1-jre Highest
CVE-2023-2976 suppress
Use of Java's default temporary directory for file creation in `FileBackedOutputStream` in Google Guava versions 1.0 to 31.1 on Unix systems and Android Ice Cream Sandwich allows other users and apps on the machine with access to the default Java temporary directory to be able to access the files created by the class.
Even though the security vulnerability is fixed in version 32.0.0, we recommend using version 32.0.1 as version 32.0.0 breaks some functionality under Windows.
CWE-552 Files or Directories Accessible to External Parties
CVSSv3:
Base Score: HIGH (7.1) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N References:
Vulnerable Software & Versions:
CVE-2020-8908 suppress
A temp directory creation vulnerability exists in all versions of Guava, allowing an attacker with access to the machine to potentially access data in a temporary directory created by the Guava API com.google.common.io.Files.createTempDir(). By default, on unix-like systems, the created directory is world-readable (readable by an attacker with access to the system). The method in question has been marked @Deprecated in versions 30.0 and later and should not be used. For Android developers, we recommend choosing a temporary directory API provided by Android, such as context.getCacheDir(). For other Java developers, we recommend migrating to the Java 7 API java.nio.file.Files.createTempDirectory() which explicitly configures permissions of 700, or configuring the Java runtime's java.io.tmpdir system property to point to a location whose permissions are appropriately configured.
CWE-732 Incorrect Permission Assignment for Critical Resource
CVSSv2:
Base Score: LOW (2.1) Vector: /AV:L/AC:L/Au:N/C:P/I:N/A:N CVSSv3:
Base Score: LOW (3.3) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N References:
Vulnerable Software & Versions: (show all )
guice-4.2.3.jar (shaded: cglib:cglib:3.3.0)File Path: /var/simplicite/.m2/repository/com/google/inject/guice/4.2.3/guice-4.2.3.jar/META-INF/maven/cglib/cglib/pom.xmlMD5: a7ecad92e5ab821614c934f58b17de64SHA1: e6b82e37edf3d2709f59e92f6752a929f72076c5SHA256: 4bce8fb88b4f0ef6bef2ab889c5276c4b5abbd3bdb7c7e5146f6f31c372ac253Referenced In Project/Scope: Simplicite Platform:compile
Evidence Type Source Name Value Confidence Vendor pom artifactid cglib Low Vendor pom groupid cglib Highest Vendor pom parent-artifactid cglib-parent Low Product pom artifactid cglib Highest Product pom groupid cglib Highest Product pom parent-artifactid cglib-parent Medium Version pom version 3.3.0 Highest
guice-4.2.3.jarDescription:
Guice is a lightweight dependency injection framework for Java 6 and above License:
http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /var/simplicite/.m2/repository/com/google/inject/guice/4.2.3/guice-4.2.3.jar
MD5: 4209f9e543a157db0f194688760409c9
SHA1: 2ea992d6d7bdcac7a43111a95d182a4c42eb5ff7
SHA256: a21e50ffbb67e7adc5b46cf7b9e1a480f1e0f04fd4201ddb1c65da91290601af
Referenced In Project/Scope: Simplicite Platform:compile
guice-4.2.3.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.apache.jclouds/jclouds-core@2.4.0
Evidence Type Source Name Value Confidence Vendor file name guice High Vendor jar package name google Highest Vendor jar package name guice Highest Vendor jar package name inject Highest Vendor Manifest automatic-module-name com.google.guice Medium Vendor Manifest bundle-copyright Copyright (C) 2006 Google Inc. Low Vendor Manifest bundle-docurl https://github.com/google/guice Low Vendor Manifest bundle-requiredexecutionenvironment JavaSE-1.6 Low Vendor Manifest bundle-symbolicname com.google.inject Medium Vendor Manifest eclipse-extensibleapi true Low Vendor pom artifactid guice Highest Vendor pom artifactid guice Low Vendor pom groupid com.google.inject Highest Vendor pom name Google Guice - Core Library High Vendor pom parent-artifactid guice-parent Low Product file name guice High Product jar package name dependency Highest Product jar package name google Highest Product jar package name guice Highest Product jar package name inject Highest Product Manifest automatic-module-name com.google.guice Medium Product Manifest bundle-copyright Copyright (C) 2006 Google Inc. Low Product Manifest bundle-docurl https://github.com/google/guice Low Product Manifest Bundle-Name guice Medium Product Manifest bundle-requiredexecutionenvironment JavaSE-1.6 Low Product Manifest bundle-symbolicname com.google.inject Medium Product Manifest eclipse-extensibleapi true Low Product pom artifactid guice Highest Product pom groupid com.google.inject Highest Product pom name Google Guice - Core Library High Product pom parent-artifactid guice-parent Medium Version file version 4.2.3 High Version Manifest Bundle-Version 4.2.3 High Version pom version 4.2.3 Highest
guice-assistedinject-4.2.3.jarDescription:
Guice is a lightweight dependency injection framework for Java 6 and above License:
http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /var/simplicite/.m2/repository/com/google/inject/extensions/guice-assistedinject/4.2.3/guice-assistedinject-4.2.3.jar
MD5: acb899a13864c3e0994f3342b7fdc604
SHA1: acbfddc556ee9496293ed1df250cc378f331d854
SHA256: f27810a4b60663fa2d06b8423eda402fa9f8553bfbfde81bf0f0f1f2876b1385
Referenced In Project/Scope: Simplicite Platform:compile
guice-assistedinject-4.2.3.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.apache.jclouds/jclouds-core@2.4.0
Evidence Type Source Name Value Confidence Vendor file name guice-assistedinject High Vendor jar package name assistedinject Highest Vendor jar package name google Highest Vendor jar package name inject Highest Vendor Manifest automatic-module-name com.google.guice.extensions.assistedinject Medium Vendor Manifest bundle-copyright Copyright (C) 2006 Google Inc. Low Vendor Manifest bundle-docurl https://github.com/google/guice Low Vendor Manifest bundle-requiredexecutionenvironment JavaSE-1.6 Low Vendor Manifest bundle-symbolicname com.google.inject.assistedinject Medium Vendor pom artifactid guice-assistedinject Highest Vendor pom artifactid guice-assistedinject Low Vendor pom groupid com.google.inject.extensions Highest Vendor pom name Google Guice - Extensions - AssistedInject High Vendor pom parent-artifactid extensions-parent Low Product file name guice-assistedinject High Product jar package name assistedinject Highest Product jar package name google Highest Product jar package name inject Highest Product Manifest automatic-module-name com.google.guice.extensions.assistedinject Medium Product Manifest bundle-copyright Copyright (C) 2006 Google Inc. Low Product Manifest bundle-docurl https://github.com/google/guice Low Product Manifest Bundle-Name guice-assistedinject Medium Product Manifest bundle-requiredexecutionenvironment JavaSE-1.6 Low Product Manifest bundle-symbolicname com.google.inject.assistedinject Medium Product pom artifactid guice-assistedinject Highest Product pom groupid com.google.inject.extensions Highest Product pom name Google Guice - Extensions - AssistedInject High Product pom parent-artifactid extensions-parent Medium Version file version 4.2.3 High Version Manifest Bundle-Version 4.2.3 High Version pom version 4.2.3 Highest
h2-2.1.214.jarDescription:
H2 Database Engine License:
MPL 2.0: https://www.mozilla.org/en-US/MPL/2.0/
EPL 1.0: https://opensource.org/licenses/eclipse-1.0.php File Path: /var/simplicite/.m2/repository/com/h2database/h2/2.1.214/h2-2.1.214.jar
MD5: 93628fb706e682dd989f697394039025
SHA1: d5c2005c9e3279201e12d4776c948578b16bf8b2
SHA256: d623cdc0f61d218cf549a8d09f1c391ff91096116b22e2475475fce4fbe72bd0
Referenced In Project/Scope: Simplicite Platform:runtime
h2-2.1.214.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.simplicite/simplicite@5.2.54
Evidence Type Source Name Value Confidence Vendor file name h2 High Vendor jar package name database Highest Vendor jar package name engine Highest Vendor jar package name h2 Highest Vendor Manifest automatic-module-name com.h2database Medium Vendor Manifest bundle-category jdbc Low Vendor Manifest bundle-symbolicname com.h2database Medium Vendor Manifest implementation-url https://h2database.com Low Vendor Manifest multi-release true Low Vendor Manifest provide-capability osgi.service;objectClass:List=org.osgi.service.jdbc.DataSourceFactory Low Vendor pom artifactid h2 Highest Vendor pom artifactid h2 Low Vendor pom developer email thomas.tom.mueller at gmail dot com Low Vendor pom developer id thomas.tom.mueller Medium Vendor pom developer name Thomas Mueller Medium Vendor pom groupid com.h2database Highest Vendor pom name H2 Database Engine High Vendor pom url https://h2database.com Highest Product file name h2 High Product jar package name database Highest Product jar package name engine Highest Product jar package name h2 Highest Product jar package name jdbc Highest Product jar package name org Highest Product jar package name service Highest Product Manifest automatic-module-name com.h2database Medium Product Manifest bundle-category jdbc Low Product Manifest Bundle-Name H2 Database Engine Medium Product Manifest bundle-symbolicname com.h2database Medium Product Manifest Implementation-Title H2 Database Engine High Product Manifest implementation-url https://h2database.com Low Product Manifest multi-release true Low Product Manifest provide-capability osgi.service;objectClass:List=org.osgi.service.jdbc.DataSourceFactory Low Product pom artifactid h2 Highest Product pom developer email thomas.tom.mueller at gmail dot com Low Product pom developer id thomas.tom.mueller Low Product pom developer name Thomas Mueller Low Product pom groupid com.h2database Highest Product pom name H2 Database Engine High Product pom url https://h2database.com Medium Version file version 2.1.214 High Version Manifest Bundle-Version 2.1.214 High Version Manifest Implementation-Version 2.1.214 High Version pom version 2.1.214 Highest
CVE-2022-45868 suppress
The web-based admin console in H2 Database Engine through 2.1.214 can be started via the CLI with the argument -webAdminPassword, which allows the user to specify the password in cleartext for the web admin console. Consequently, a local user (or an attacker that has obtained local access through some means) would be able to discover the password by listing processes and their arguments. NOTE: the vendor states "This is not a vulnerability of H2 Console ... Passwords should never be passed on the command line and every qualified DBA or system administrator is expected to know that." CWE-312 Cleartext Storage of Sensitive Information
CVSSv3:
Base Score: HIGH (7.8) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H References:
Vulnerable Software & Versions:
CVE-2018-14335 (OSSINDEX) suppress
h2database - Improper Link Resolution Before File Access
The software attempts to access a file based on the filename, but it does not properly prevent that filename from identifying a link or shortcut that resolves to an unintended resource. CWE-59 Improper Link Resolution Before File Access ('Link Following')
CVSSv2:
Base Score: MEDIUM (6.0) Vector: /AV:L/AC:L/Au:/C:H/I:N/A:N References:
Vulnerable Software & Versions (OSSINDEX):
cpe:2.3:a:com.h2database:h2:2.1.214:*:*:*:*:*:*:* h2-2.1.214.jar: data.zip: table.jsFile Path: /var/simplicite/.m2/repository/com/h2database/h2/2.1.214/h2-2.1.214.jar/org/h2/util/data.zip/org/h2/server/web/res/table.jsMD5: 1c37e9e03787c821410ce684efa8feb7SHA1: 3377bc4afb4fa0aeaa4fff9098ebb4446fa5be99SHA256: 07e1b3fc6feb8a8713b6659fc047cd9177d85b22f4bb0fa857be1c81786db701Referenced In Project/Scope: Simplicite Platform:runtime
Evidence Type Source Name Value Confidence
h2-2.1.214.jar: data.zip: tree.jsFile Path: /var/simplicite/.m2/repository/com/h2database/h2/2.1.214/h2-2.1.214.jar/org/h2/util/data.zip/org/h2/server/web/res/tree.jsMD5: 4303428a5a49c1ae6c87a5dde9b4c9c3SHA1: 9bca06117ddee5657dbe89eea197372128fe56e9SHA256: 1d5c4ba3b1a5dfcfe250fba716b55a9a7d0ffe624fc480713ff782c4d671836fReferenced In Project/Scope: Simplicite Platform:runtime
Evidence Type Source Name Value Confidence
hadoop-hdfs-client-3.3.1.jarDescription:
Apache Hadoop HDFS Client File Path: /var/simplicite/.m2/repository/org/apache/hadoop/hadoop-hdfs-client/3.3.1/hadoop-hdfs-client-3.3.1.jarMD5: df16b76d5b2b4c33561e94ae47827637SHA1: 5ad71520a3632a9b5b2c65f9f53d1c9d80544ee0SHA256: 23e86d658b016394c263f80b8e318f232167a8862a07a3d50e5369175f3e8a58Referenced In Project/Scope: Simplicite Platform:compilehadoop-hdfs-client-3.3.1.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.apache.commons/commons-vfs2@2.9.0
Evidence Type Source Name Value Confidence Vendor file name hadoop-hdfs-client High Vendor jar package name apache Highest Vendor jar package name apache Low Vendor jar package name client Highest Vendor jar package name hadoop Highest Vendor jar package name hadoop Low Vendor jar package name hdfs Highest Vendor jar package name hdfs Low Vendor pom artifactid hadoop-hdfs-client Highest Vendor pom artifactid hadoop-hdfs-client Low Vendor pom groupid org.apache.hadoop Highest Vendor pom name Apache Hadoop HDFS Client High Vendor pom parent-artifactid hadoop-project-dist Low Product file name hadoop-hdfs-client High Product jar package name apache Highest Product jar package name client Highest Product jar package name hadoop Highest Product jar package name hadoop Low Product jar package name hdfs Highest Product jar package name hdfs Low Product jar package name protocol Low Product pom artifactid hadoop-hdfs-client Highest Product pom groupid org.apache.hadoop Highest Product pom name Apache Hadoop HDFS Client High Product pom parent-artifactid hadoop-project-dist Medium Version file version 3.3.1 High Version pom version 3.3.1 Highest
CVE-2021-37404 suppress
There is a potential heap buffer overflow in Apache Hadoop libhdfs native code. Opening a file path provided by user without validation may result in a denial of service or arbitrary code execution. Users should upgrade to Apache Hadoop 2.10.2, 3.2.3, 3.3.2 or higher. CWE-787 Out-of-bounds Write
CVSSv2:
Base Score: HIGH (7.5) Vector: /AV:N/AC:L/Au:N/C:P/I:P/A:P CVSSv3:
Base Score: CRITICAL (9.8) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H References:
Vulnerable Software & Versions: (show all )
CVE-2022-25168 suppress
Apache Hadoop's FileUtil.unTar(File, File) API does not escape the input file name before being passed to the shell. An attacker can inject arbitrary commands. This is only used in Hadoop 3.3 InMemoryAliasMap.completeBootstrapTransfer, which is only ever run by a local user. It has been used in Hadoop 2.x for yarn localization, which does enable remote code execution. It is used in Apache Spark, from the SQL command ADD ARCHIVE. As the ADD ARCHIVE command adds new binaries to the classpath, being able to execute shell scripts does not confer new permissions to the caller. SPARK-38305. "Check existence of file before untarring/zipping", which is included in 3.3.0, 3.1.4, 3.2.2, prevents shell commands being executed, regardless of which version of the hadoop libraries are in use. Users should upgrade to Apache Hadoop 2.10.2, 3.2.4, 3.3.3 or upper (including HADOOP-18136). CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVSSv3:
Base Score: CRITICAL (9.8) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H References:
Vulnerable Software & Versions: (show all )
CVE-2022-26612 suppress
In Apache Hadoop, The unTar function uses unTarUsingJava function on Windows and the built-in tar utility on Unix and other OSes. As a result, a TAR entry may create a symlink under the expected extraction directory which points to an external directory. A subsequent TAR entry may extract an arbitrary file into the external directory using the symlink name. This however would be caught by the same targetDirPath check on Unix because of the getCanonicalPath call. However on Windows, getCanonicalPath doesn't resolve symbolic links, which bypasses the check. unpackEntries during TAR extraction follows symbolic links which allows writing outside expected base directory on Windows. This was addressed in Apache Hadoop 3.2.3 CWE-59 Improper Link Resolution Before File Access ('Link Following')
CVSSv2:
Base Score: HIGH (7.5) Vector: /AV:N/AC:L/Au:N/C:P/I:P/A:P CVSSv3:
Base Score: CRITICAL (9.8) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H References:
Vulnerable Software & Versions: (show all )
CVE-2021-25642 suppress
ZKConfigurationStore which is optionally used by CapacityScheduler of Apache Hadoop YARN deserializes data obtained from ZooKeeper without validation. An attacker having access to ZooKeeper can run arbitrary commands as YARN user by exploiting this. Users should upgrade to Apache Hadoop 2.10.2, 3.2.4, 3.3.4 or later (containing YARN-11126) if ZKConfigurationStore is used. CWE-502 Deserialization of Untrusted Data
CVSSv3:
Base Score: HIGH (8.8) Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H References:
Vulnerable Software & Versions: (show all )
CVE-2021-33036 suppress
In Apache Hadoop 2.2.0 to 2.10.1, 3.0.0-alpha1 to 3.1.4, 3.2.0 to 3.2.2, and 3.3.0 to 3.3.1, a user who can escalate to yarn user can possibly run arbitrary commands as root user. Users should upgrade to Apache Hadoop 2.10.2, 3.2.3, 3.3.2 or higher. CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVSSv2:
Base Score: HIGH (9.0) Vector: /AV:N/AC:L/Au:S/C:C/I:C/A:C CVSSv3:
Base Score: HIGH (8.8) Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H References:
Vulnerable Software & Versions: (show all )
CVE-2023-26031 suppress
Relative library resolution in linux container-executor binary in Apache Hadoop 3.3.1-3.3.4 on Linux allows local user to gain root privileges. If the YARN cluster is accepting work from remote (authenticated) users, this MAY permit remote users to gain root privileges.
Hadoop 3.3.0 updated the " YARN Secure Containers https://hadoop.apache.org/docs/stable/hadoop-yarn/hadoop-yarn-site/SecureContainer.html " to add a feature for executing user-submitted applications in isolated linux containers.
The native binary HADOOP_HOME/bin/container-executor is used to launch these containers; it must be owned by root and have the suid bit set in order for the YARN processes to run the containers as the specific users submitting the jobs.
The patch " YARN-10495 https://issues.apache.org/jira/browse/YARN-10495 . make the rpath of container-executor configurable" modified the library loading path for loading .so files from "$ORIGIN/" to ""$ORIGIN/:../lib/native/". This is the a path through which libcrypto.so is located. Thus it is is possible for a user with reduced privileges to install a malicious libcrypto library into a path to which they have write access, invoke the container-executor command, and have their modified library executed as root.
If the YARN cluster is accepting work from remote (authenticated) users, and these users' submitted job are executed in the physical host, rather than a container, then the CVE permits remote users to gain root privileges.
The fix for the vulnerability is to revert the change, which is done in YARN-11441 https://issues.apache.org/jira/browse/YARN-11441 , "Revert YARN-10495". This patch is in hadoop-3.3.5.
To determine whether a version of container-executor is vulnerable, use the readelf command. If the RUNPATH or RPATH value contains the relative path "./lib/native/" then it is at risk
$ readelf -d container-executor|grep 'RUNPATH\|RPATH'
0x000000000000001d (RUNPATH) Library runpath: [$ORIGIN/:../lib/native/]
If it does not, then it is safe:
$ readelf -d container-executor|grep 'RUNPATH\|RPATH'
0x000000000000001d (RUNPATH) Library runpath: [$ORIGIN/]
For an at-risk version of container-executor to enable privilege escalation, the owner must be root and the suid bit must be set
$ ls -laF /opt/hadoop/bin/container-executor
---Sr-s---. 1 root hadoop 802968 May 9 20:21 /opt/hadoop/bin/container-executor
A safe installation lacks the suid bit; ideally is also not owned by root.
$ ls -laF /opt/hadoop/bin/container-executor
-rwxr-xr-x. 1 yarn hadoop 802968 May 9 20:21 /opt/hadoop/bin/container-executor
This configuration does not support Yarn Secure Containers, but all other hadoop services, including YARN job execution outside secure containers continue to work.
CWE-426 Untrusted Search Path
CVSSv3:
Base Score: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H References:
Vulnerable Software & Versions:
hamcrest-core-1.3.jarDescription:
This is the core API of hamcrest matcher framework to be used by third-party framework providers. This includes the a foundation set of matcher implementations for common operations.
File Path: /var/simplicite/.m2/repository/org/hamcrest/hamcrest-core/1.3/hamcrest-core-1.3.jarMD5: 6393363b47ddcbba82321110c3e07519SHA1: 42a25dc3219429f0e5d060061f71acb49bf010a0SHA256: 66fdef91e9739348df7a096aa384a5685f4e875584cce89386a7a47251c4d8e9Referenced In Project/Scope: Simplicite Platform:compilehamcrest-core-1.3.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/junit/junit@4.13.2
Evidence Type Source Name Value Confidence Vendor file name hamcrest-core High Vendor jar package name core Highest Vendor jar package name hamcrest Highest Vendor jar package name matcher Highest Vendor Manifest built-date 2012-07-09 19:49:34 Low Vendor Manifest Implementation-Vendor hamcrest.org High Vendor pom artifactid hamcrest-core Highest Vendor pom artifactid hamcrest-core Low Vendor pom groupid org.hamcrest Highest Vendor pom name Hamcrest Core High Vendor pom parent-artifactid hamcrest-parent Low Product file name hamcrest-core High Product jar package name core Highest Product jar package name hamcrest Highest Product jar package name matcher Highest Product Manifest built-date 2012-07-09 19:49:34 Low Product Manifest Implementation-Title hamcrest-core High Product pom artifactid hamcrest-core Highest Product pom groupid org.hamcrest Highest Product pom name Hamcrest Core High Product pom parent-artifactid hamcrest-parent Medium Version file version 1.3 High Version Manifest Implementation-Version 1.3 High Version pom version 1.3 Highest
handlebars:4.7.7Description:
Handlebars provides the power necessary to let you build semantic templates effectively with no frustration License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?npm-audit-html:1.5.0/handlebars:^4.7.6
Referenced In Projects/Scopes: simplicite-js:5.2.54/npm-audit-html:1.5.0 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author Yehuda Katz Highest Vendor package.json description Handlebars provides the power necessary to let you build semantic templates effectively with no frustration Highest Vendor package.json homepage http://www.handlebarsjs.com/ Highest Vendor package.json name handlebars Highest Vendor package.json name handlebars_project Highest Product package.json name handlebars Highest Version package.json version 4.7.7 Highest
Related Dependencies handlebars:4.7.7File Path: /var/simplicite/simplicite-5.2/package-lock.json?/handlebars:4.7.7 pkg:npm/handlebars@4.7.7 hard-rejection:2.1.0Description:
Make unhandled promise rejections fail hard right away instead of the default silent fail License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?meow:9.0.0/hard-rejection:^2.1.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/meow:9.0.0 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author.email sindresorhus@gmail.com Highest Vendor package.json author.name Sindre Sorhus Highest Vendor package.json author.url sindresorhus.com Highest Vendor package.json description Make unhandled promise rejections fail hard right away instead of the default silent fail Highest Vendor package.json name hard-rejection Highest Vendor package.json name hard-rejection_project Highest Product package.json name hard-rejection Highest Version package.json version 2.1.0 Highest
Related Dependencies hard-rejection:2.1.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?/hard-rejection:2.1.0 pkg:npm/hard-rejection@2.1.0 has-bigints:1.0.2Description:
Determine if the JS environment has BigInt support. License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?unbox-primitive:1.0.2/has-bigints:^1.0.2
Referenced In Projects/Scopes: simplicite-js:5.2.54/unbox-primitive:1.0.2 simplicite-js:5.2.54 simplicite-js:5.2.54/is-bigint:1.0.4 Evidence Type Source Name Value Confidence Vendor package.json author Jordan Harband <ljharb@gmail.com> Highest Vendor package.json bugs.url https://github.com/ljharb/has-bigints/issues Highest Vendor package.json description Determine if the JS environment has BigInt support. Highest Vendor package.json homepage https://github.com/ljharb/has-bigints#readme Highest Vendor package.json name has-bigints Highest Vendor package.json name has-bigints_project Highest Product package.json name has-bigints Highest Version package.json version 1.0.2 Highest
Related Dependencies has-bigints:1.0.2File Path: /var/simplicite/simplicite-5.2/package-lock.json?/has-bigints:1.0.2 pkg:npm/has-bigints@1.0.2 has-bigints:1.0.2File Path: /var/simplicite/simplicite-5.2/package-lock.json?is-bigint:1.0.4/has-bigints:^1.0.1 pkg:npm/has-bigints@1.0.2 has-flag:3.0.0Description:
Check if argv has a specific flag License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?supports-color:5.5.0/has-flag:^3.0.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/supports-color:5.5.0 simplicite-js:5.2.54/supports-hyperlinks:2.3.0 simplicite-js:5.2.54 simplicite-js:5.2.54/supports-color:7.2.0 Evidence Type Source Name Value Confidence Vendor package.json author.email sindresorhus@gmail.com Highest Vendor package.json author.name Sindre Sorhus Highest Vendor package.json author.url sindresorhus.com Highest Vendor package.json description Check if argv has a specific flag Highest Vendor package.json name has-flag Highest Vendor package.json name has-flag_project Highest Product package.json name has-flag Highest Version package.json version 3.0.0 Highest
Related Dependencies has-flag:3.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?/has-flag:3.0.0 pkg:npm/has-flag@3.0.0 has-flag:3.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?supports-color:7.2.0/has-flag:^4.0.0 pkg:npm/has-flag@3.0.0 has-flag:4.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?/has-flag:4.0.0 pkg:npm/has-flag@4.0.0 has-flag:4.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?supports-hyperlinks:2.3.0/has-flag:^4.0.0 pkg:npm/has-flag@4.0.0 has-property-descriptors:1.0.0Description:
Does the environment have full property descriptor support? Handles IE 8's broken defineProperty/gOPD. License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/has-property-descriptors:1.0.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/es-abstract:1.21.2 simplicite-js:5.2.54/define-properties:1.2.0 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author Jordan Harband <ljharb@gmail.com> Highest Vendor package.json bugs.url https://github.com/inspect-js/has-property-descriptors/issues Highest Vendor package.json description Does the environment have full property descriptor support? Handles IE 8's broken defineProperty/gOPD. Highest Vendor package.json homepage https://github.com/inspect-js/has-property-descriptors#readme Highest Vendor package.json name has-property-descriptors Highest Vendor package.json name has-property-descriptors_project Highest Product package.json name has-property-descriptors Highest Version package.json version 1.0.0 Highest
Related Dependencies has-property-descriptors:1.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?define-properties:1.2.0/has-property-descriptors:^1.0.0 pkg:npm/has-property-descriptors@1.0.0 has-property-descriptors:1.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?es-abstract:1.21.2/has-property-descriptors:^1.0.0 pkg:npm/has-property-descriptors@1.0.0 has-proto:1.0.1Description:
Does this environment have the ability to get the [[Prototype]] of an object on creation with `__proto__`? License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/has-proto:1.0.1
Referenced In Projects/Scopes: simplicite-js:5.2.54/es-abstract:1.21.2 simplicite-js:5.2.54/get-intrinsic:1.2.1 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author Jordan Harband <ljharb@gmail.com> Highest Vendor package.json bugs.url https://github.com/inspect-js/has-proto/issues Highest Vendor package.json description Does this environment have the ability to get the [[Prototype]] of an object on creation with `__proto__`? Highest Vendor package.json homepage https://github.com/inspect-js/has-proto#readme Highest Vendor package.json name has-proto Highest Vendor package.json name has-proto_project Highest Product package.json name has-proto Highest Version package.json version 1.0.1 Highest
Related Dependencies has-proto:1.0.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?es-abstract:1.21.2/has-proto:^1.0.1 pkg:npm/has-proto@1.0.1 has-proto:1.0.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?get-intrinsic:1.2.1/has-proto:^1.0.1 pkg:npm/has-proto@1.0.1 has-symbols:1.0.3Description:
Determine if the JS environment has Symbol support. Supports spec, or shams. License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?unbox-primitive:1.0.2/has-symbols:^1.0.3
Referenced In Projects/Scopes: simplicite-js:5.2.54/unbox-primitive:1.0.2 simplicite-js:5.2.54/es-abstract:1.21.2 simplicite-js:5.2.54/has-tostringtag:1.0.0 simplicite-js:5.2.54/is-symbol:1.0.4 simplicite-js:5.2.54/safe-array-concat:1.0.0 simplicite-js:5.2.54/get-intrinsic:1.2.1 simplicite-js:5.2.54 simplicite-js:5.2.54/object.assign:4.1.4 Evidence Type Source Name Value Confidence Vendor package.json author.email ljharb@gmail.com Highest Vendor package.json author.name Jordan Harband Highest Vendor package.json author.url http://ljharb.codes Highest Vendor package.json bugs.url https://github.com/ljharb/has-symbols/issues Highest Vendor package.json description Determine if the JS environment has Symbol support. Supports spec, or shams. Highest Vendor package.json homepage https://github.com/ljharb/has-symbols#readme Highest Vendor package.json name has-symbols Highest Vendor package.json name has-symbols_project Highest Product package.json name has-symbols Highest Version package.json version 1.0.3 Highest
Related Dependencies has-symbols:1.0.3File Path: /var/simplicite/simplicite-5.2/package-lock.json?/has-symbols:1.0.3 pkg:npm/has-symbols@1.0.3 has-symbols:1.0.3File Path: /var/simplicite/simplicite-5.2/package-lock.json?es-abstract:1.21.2/has-symbols:^1.0.3 pkg:npm/has-symbols@1.0.3 has-symbols:1.0.3File Path: /var/simplicite/simplicite-5.2/package-lock.json?get-intrinsic:1.2.1/has-symbols:^1.0.3 pkg:npm/has-symbols@1.0.3 has-symbols:1.0.3File Path: /var/simplicite/simplicite-5.2/package-lock.json?has-tostringtag:1.0.0/has-symbols:^1.0.2 pkg:npm/has-symbols@1.0.3 has-symbols:1.0.3File Path: /var/simplicite/simplicite-5.2/package-lock.json?is-symbol:1.0.4/has-symbols:^1.0.2 pkg:npm/has-symbols@1.0.3 has-symbols:1.0.3File Path: /var/simplicite/simplicite-5.2/package-lock.json?object.assign:4.1.4/has-symbols:^1.0.3 pkg:npm/has-symbols@1.0.3 has-symbols:1.0.3File Path: /var/simplicite/simplicite-5.2/package-lock.json?safe-array-concat:1.0.0/has-symbols:^1.0.3 pkg:npm/has-symbols@1.0.3 has-tostringtag:1.0.0Description:
Determine if the JS environment has `Symbol.toStringTag` support. Supports spec, or shams. License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?which-typed-array:1.1.9/has-tostringtag:^1.0.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/is-string:1.0.7 simplicite-js:5.2.54/is-typed-array:1.1.10 simplicite-js:5.2.54/which-typed-array:1.1.9 simplicite-js:5.2.54/is-boolean-object:1.1.2 simplicite-js:5.2.54/is-number-object:1.0.7 simplicite-js:5.2.54 simplicite-js:5.2.54/es-set-tostringtag:2.0.1 simplicite-js:5.2.54/is-regex:1.1.4 simplicite-js:5.2.54/is-date-object:1.0.5 Evidence Type Source Name Value Confidence Vendor package.json author.email ljharb@gmail.com Highest Vendor package.json author.name Jordan Harband Highest Vendor package.json author.url http://ljharb.codes Highest Vendor package.json bugs.url https://github.com/inspect-js/has-tostringtag/issues Highest Vendor package.json description Determine if the JS environment has `Symbol.toStringTag` support. Supports spec, or shams. Highest Vendor package.json homepage https://github.com/inspect-js/has-tostringtag#readme Highest Vendor package.json name has-tostringtag Highest Vendor package.json name has-tostringtag_project Highest Product package.json name has-tostringtag Highest Version package.json version 1.0.0 Highest
Related Dependencies has-tostringtag:1.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?/has-tostringtag:1.0.0 pkg:npm/has-tostringtag@1.0.0 has-tostringtag:1.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?es-set-tostringtag:2.0.1/has-tostringtag:^1.0.0 pkg:npm/has-tostringtag@1.0.0 has-tostringtag:1.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?is-boolean-object:1.1.2/has-tostringtag:^1.0.0 pkg:npm/has-tostringtag@1.0.0 has-tostringtag:1.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?is-date-object:1.0.5/has-tostringtag:^1.0.0 pkg:npm/has-tostringtag@1.0.0 has-tostringtag:1.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?is-number-object:1.0.7/has-tostringtag:^1.0.0 pkg:npm/has-tostringtag@1.0.0 has-tostringtag:1.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?is-regex:1.1.4/has-tostringtag:^1.0.0 pkg:npm/has-tostringtag@1.0.0 has-tostringtag:1.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?is-string:1.0.7/has-tostringtag:^1.0.0 pkg:npm/has-tostringtag@1.0.0 has-tostringtag:1.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?is-typed-array:1.1.10/has-tostringtag:^1.0.0 pkg:npm/has-tostringtag@1.0.0 has-unicode:2.0.1Description:
Try to guess if your terminal supports unicode License:
ISC File Path: /var/simplicite/simplicite-5.2/package-lock.json?/has-unicode:2.0.1
Referenced In Projects/Scopes: simplicite-js:5.2.54/gauge:4.0.4 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author Rebecca Turner <me@re-becca.org> Highest Vendor package.json bugs.url https://github.com/iarna/has-unicode/issues Highest Vendor package.json description Try to guess if your terminal supports unicode Highest Vendor package.json homepage https://github.com/iarna/has-unicode Highest Vendor package.json name has-unicode Highest Vendor package.json name has-unicode_project Highest Product package.json name has-unicode Highest Version package.json version 2.0.1 Highest
Related Dependencies has-unicode:2.0.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?gauge:4.0.4/has-unicode:^2.0.1 pkg:npm/has-unicode@2.0.1 has-yarn:2.1.0Description:
Check if a project is using Yarn License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?update-notifier:4.1.3/has-yarn:^2.1.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/update-notifier:6.0.2 simplicite-js:5.2.54/update-notifier:4.1.3 simplicite-js:5.2.54/update-notifier:5.1.0 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author.email sindresorhus@gmail.com Highest Vendor package.json author.name Sindre Sorhus Highest Vendor package.json author.url sindresorhus.com Highest Vendor package.json description Check if a project is using Yarn Highest Vendor package.json name has-yarn Highest Vendor package.json name has-yarn_project Highest Product package.json name has-yarn Highest Version package.json version 2.1.0 Highest
Related Dependencies has-yarn:2.1.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?/has-yarn:2.1.0 pkg:npm/has-yarn@2.1.0 has-yarn:2.1.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?update-notifier:5.1.0/has-yarn:^2.1.0 pkg:npm/has-yarn@2.1.0 has-yarn:2.1.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?update-notifier:6.0.2/has-yarn:^3.0.0 pkg:npm/has-yarn@2.1.0 has-yarn:3.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?/has-yarn:3.0.0 pkg:npm/has-yarn@3.0.0 has:1.0.3Description:
Object.prototype.hasOwnProperty.call shortcut License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?is-core-module:2.12.1/has:^1.0.3
Referenced In Projects/Scopes: simplicite-js:5.2.54/es-abstract:1.21.2 simplicite-js:5.2.54/internal-slot:1.0.5 simplicite-js:5.2.54/is-core-module:2.12.1 simplicite-js:5.2.54/get-intrinsic:1.2.1 simplicite-js:5.2.54 simplicite-js:5.2.54/es-set-tostringtag:2.0.1 Evidence Type Source Name Value Confidence Vendor package.json author.email tpadilha84@gmail.com Highest Vendor package.json author.name Thiago de Arruda Highest Vendor package.json bugs.url https://github.com/tarruda/has/issues Highest Vendor package.json description Object.prototype.hasOwnProperty.call shortcut Highest Vendor package.json homepage https://github.com/tarruda/has Highest Vendor package.json name has Highest Vendor package.json name has_project Highest Product package.json name has Highest Version package.json version 1.0.3 Highest
Related Dependencies has:1.0.3File Path: /var/simplicite/simplicite-5.2/package-lock.json?/has:1.0.3 pkg:npm/has@1.0.3 has:1.0.3File Path: /var/simplicite/simplicite-5.2/package-lock.json?es-abstract:1.21.2/has:^1.0.3 pkg:npm/has@1.0.3 has:1.0.3File Path: /var/simplicite/simplicite-5.2/package-lock.json?es-set-tostringtag:2.0.1/has:^1.0.3 pkg:npm/has@1.0.3 has:1.0.3File Path: /var/simplicite/simplicite-5.2/package-lock.json?get-intrinsic:1.2.1/has:^1.0.3 pkg:npm/has@1.0.3 has:1.0.3File Path: /var/simplicite/simplicite-5.2/package-lock.json?internal-slot:1.0.5/has:^1.0.3 pkg:npm/has@1.0.3 highlight-es:1.0.3Description:
Highlight ECMAScript syntax for the console or any other medium. License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/highlight-es:1.0.3
Referenced In Projects/Scopes: simplicite-js:5.2.54/callsite-record:4.1.5 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author Ivan Nikulin (ifaaan@gmail.com) Highest Vendor package.json bugs.url https://github.com/inikulin/highlight-es/issues Highest Vendor package.json description Highlight ECMAScript syntax for the console or any other medium. Highest Vendor package.json homepage https://github.com/inikulin/highlight-es#readme Highest Vendor package.json name highlight-es Highest Vendor package.json name highlight-es_project Highest Product package.json name highlight-es Highest Version package.json version 1.0.3 Highest
Related Dependencies highlight-es:1.0.3File Path: /var/simplicite/simplicite-5.2/package-lock.json?callsite-record:4.1.5/highlight-es:^1.0.0 pkg:npm/highlight-es@1.0.3 highlight.js:10.7.3Description:
Syntax highlighting with language autodetection. License:
BSD-3-Clause File Path: /var/simplicite/simplicite-5.2/package-lock.json?/highlight.js:10.7.3
Referenced In Projects/Scopes: simplicite-js:5.2.54/npm-audit-html:1.5.0 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author.email maniac@softwaremaniacs.org Highest Vendor package.json author.name Ivan Sagalaev Highest Vendor package.json bugs.url https://github.com/highlightjs/highlight.js/issues Highest Vendor package.json description Syntax highlighting with language autodetection. Highest Vendor package.json homepage https://highlightjs.org/ Highest Vendor package.json name highlight.js Highest Vendor package.json name highlight.js_project Highest Product package.json name highlight.js Highest Version package.json version 10.7.3 Highest
Related Dependencies highlight.js:10.7.3File Path: /var/simplicite/simplicite-5.2/package-lock.json?npm-audit-html:1.5.0/highlight.js:^10.3.1 pkg:npm/highlight.js@10.7.3 highlight.js:11.5.1Description:
Syntax highlighting with language autodetection. License:
BSD-3-Clause File Path: /var/simplicite/simplicite-5.2/package-lock.json?/highlight.js:11.5.1
Referenced In Project/Scope: simplicite-js:5.2.54
Evidence Type Source Name Value Confidence Vendor package.json author.email maniac@softwaremaniacs.org Highest Vendor package.json author.name Ivan Sagalaev Highest Vendor package.json bugs.url https://github.com/highlightjs/highlight.js/issues Highest Vendor package.json description Syntax highlighting with language autodetection. Highest Vendor package.json homepage https://highlightjs.org/ Highest Vendor package.json name highlight.js Highest Vendor package.json name highlight.js_project Highest Product package.json name highlight.js Highest Version package.json version 11.5.1 Highest
hk2-api-2.6.1.jarDescription:
${project.name} License:
http://www.eclipse.org/legal/epl-2.0, https://www.gnu.org/software/classpath/license.html File Path: /var/simplicite/.m2/repository/org/glassfish/hk2/hk2-api/2.6.1/hk2-api-2.6.1.jar
MD5: 23e8c18dae0c7b776bed756763d5153f
SHA1: 114bd7afb4a1bd9993527f52a08a252b5d2acac5
SHA256: c2cb80a01e58440ae57d5ee59af4d4d94e5180e04aff112b0cb611c07d61e773
Referenced In Project/Scope: Simplicite Platform:provided
hk2-api-2.6.1.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.docusign/docusign-esign-java@3.14.0
Evidence Type Source Name Value Confidence Vendor file name hk2-api High Vendor jar package name api Highest Vendor jar package name glassfish Highest Vendor jar package name hk2 Highest Vendor Manifest bundle-docurl http://www.oracle.com Low Vendor Manifest bundle-symbolicname org.glassfish.hk2.api Medium Vendor pom artifactid hk2-api Highest Vendor pom artifactid hk2-api Low Vendor pom groupid org.glassfish.hk2 Highest Vendor pom name HK2 API module High Vendor pom parent-artifactid hk2-parent Low Product file name hk2-api High Product jar package name api Highest Product jar package name glassfish Highest Product jar package name hk2 Highest Product Manifest bundle-docurl http://www.oracle.com Low Product Manifest Bundle-Name HK2 API module Medium Product Manifest bundle-symbolicname org.glassfish.hk2.api Medium Product pom artifactid hk2-api Highest Product pom groupid org.glassfish.hk2 Highest Product pom name HK2 API module High Product pom parent-artifactid hk2-parent Medium Version file version 2.6.1 High Version Manifest Bundle-Version 2.6.1 High Version pom version 2.6.1 Highest
hk2-locator-2.6.1.jarDescription:
${project.name} License:
http://www.eclipse.org/legal/epl-2.0, https://www.gnu.org/software/classpath/license.html File Path: /var/simplicite/.m2/repository/org/glassfish/hk2/hk2-locator/2.6.1/hk2-locator-2.6.1.jar
MD5: dfd358720393d83b01747928db6e3912
SHA1: 9dedf9d2022e38ec0743ed44c1ac94ad6149acdd
SHA256: febc668deb9f2000c76bd4918d8086c0a4c74d07bd0c60486b72c6bd38b62874
Referenced In Project/Scope: Simplicite Platform:provided
hk2-locator-2.6.1.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.docusign/docusign-esign-java@3.14.0
Evidence Type Source Name Value Confidence Vendor file name hk2-locator High Vendor jar package name hk2 Highest Vendor Manifest bundle-docurl http://www.oracle.com Low Vendor Manifest bundle-symbolicname org.glassfish.hk2.locator Medium Vendor pom artifactid hk2-locator Highest Vendor pom artifactid hk2-locator Low Vendor pom groupid org.glassfish.hk2 Highest Vendor pom name ServiceLocator Default Implementation High Vendor pom parent-artifactid hk2-parent Low Product file name hk2-locator High Product jar package name hk2 Highest Product Manifest bundle-docurl http://www.oracle.com Low Product Manifest Bundle-Name ServiceLocator Default Implementation Medium Product Manifest bundle-symbolicname org.glassfish.hk2.locator Medium Product pom artifactid hk2-locator Highest Product pom groupid org.glassfish.hk2 Highest Product pom name ServiceLocator Default Implementation High Product pom parent-artifactid hk2-parent Medium Version file version 2.6.1 High Version Manifest Bundle-Version 2.6.1 High Version pom version 2.6.1 Highest
hk2-utils-2.6.1.jarDescription:
${project.name} License:
http://www.eclipse.org/legal/epl-2.0, https://www.gnu.org/software/classpath/license.html File Path: /var/simplicite/.m2/repository/org/glassfish/hk2/hk2-utils/2.6.1/hk2-utils-2.6.1.jar
MD5: 75ccb55538a77bf878996497ffeb86f3
SHA1: 396513aa96c1d5a10aa4f75c4dcbf259a698d62d
SHA256: 30727f79086452fdefdab08451d982c2082aa239d9f75cdeb1ba271e3c887036
Referenced In Project/Scope: Simplicite Platform:provided
hk2-utils-2.6.1.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.docusign/docusign-esign-java@3.14.0
Evidence Type Source Name Value Confidence Vendor file name hk2-utils High Vendor jar package name glassfish Highest Vendor jar package name hk2 Highest Vendor jar package name utilities Highest Vendor Manifest bundle-docurl http://www.oracle.com Low Vendor Manifest bundle-symbolicname org.glassfish.hk2.utils Medium Vendor Manifest service foo Low Vendor pom artifactid hk2-utils Highest Vendor pom artifactid hk2-utils Low Vendor pom groupid org.glassfish.hk2 Highest Vendor pom name HK2 Implementation Utilities High Vendor pom parent-artifactid hk2-parent Low Product file name hk2-utils High Product jar package name glassfish Highest Product jar package name hk2 Highest Product jar package name utilities Highest Product Manifest bundle-docurl http://www.oracle.com Low Product Manifest Bundle-Name HK2 Implementation Utilities Medium Product Manifest bundle-symbolicname org.glassfish.hk2.utils Medium Product Manifest service foo Low Product pom artifactid hk2-utils Highest Product pom groupid org.glassfish.hk2 Highest Product pom name HK2 Implementation Utilities High Product pom parent-artifactid hk2-parent Medium Version file version 2.6.1 High Version Manifest Bundle-Version 2.6.1 High Version pom version 2.6.1 Highest
homedir-polyfill:1.0.3Description:
Node.js os.homedir polyfill for older versions of node.js. License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?v8flags:3.2.0/homedir-polyfill:^1.0.1
Referenced In Projects/Scopes: simplicite-js:5.2.54 simplicite-js:5.2.54/v8flags:3.2.0 Evidence Type Source Name Value Confidence Vendor package.json author Brian Woodward (https://github.com/doowb) Highest Vendor package.json bugs.url https://github.com/doowb/homedir-polyfill/issues Highest Vendor package.json description Node.js os.homedir polyfill for older versions of node.js. Highest Vendor package.json homepage https://github.com/doowb/homedir-polyfill Highest Vendor package.json name homedir-polyfill Highest Vendor package.json name homedir-polyfill_project Highest Product package.json name homedir-polyfill Highest Version package.json version 1.0.3 Highest
Related Dependencies homedir-polyfill:1.0.3File Path: /var/simplicite/simplicite-5.2/package-lock.json?/homedir-polyfill:1.0.3 pkg:npm/homedir-polyfill@1.0.3 hosted-git-info:4.1.0Description:
Provides metadata and conversions from repository urls for GitHub, Bitbucket and GitLab License:
ISC File Path: /var/simplicite/simplicite-5.2/package-lock.json?normalize-package-data:3.0.3/hosted-git-info:^4.0.1
Referenced In Projects/Scopes: simplicite-js:5.2.54/normalize-package-data:3.0.3 simplicite-js:5.2.54/normalize-package-data:2.5.0 simplicite-js:5.2.54/npm-package-arg:10.1.0 simplicite-js:5.2.54 simplicite-js:5.2.54/normalize-package-data:5.0.0 Evidence Type Source Name Value Confidence Vendor package.json author Rebecca Turner <me@re-becca.org> (http://re-becca.org) Highest Vendor package.json bugs.url https://github.com/npm/hosted-git-info/issues Highest Vendor package.json description Provides metadata and conversions from repository urls for GitHub, Bitbucket and GitLab Highest Vendor package.json homepage https://github.com/npm/hosted-git-info Highest Vendor package.json name hosted-git-info Highest Vendor package.json name hosted-git-info_project Highest Product package.json name hosted-git-info Highest Version package.json version 4.1.0 Highest
Related Dependencies hosted-git-info:2.8.9File Path: /var/simplicite/simplicite-5.2/package-lock.json?/hosted-git-info:2.8.9 pkg:npm/hosted-git-info@2.8.9 hosted-git-info:4.1.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?/hosted-git-info:4.1.0 pkg:npm/hosted-git-info@4.1.0 hosted-git-info:4.1.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?normalize-package-data:2.5.0/hosted-git-info:^2.1.4 pkg:npm/hosted-git-info@4.1.0 hosted-git-info:4.1.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?normalize-package-data:5.0.0/hosted-git-info:^6.0.0 pkg:npm/hosted-git-info@4.1.0 hosted-git-info:6.1.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?/hosted-git-info:6.1.1 pkg:npm/hosted-git-info@6.1.1 hosted-git-info:6.1.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?npm-package-arg:10.1.0/hosted-git-info:^6.0.0 pkg:npm/hosted-git-info@6.1.1 hosted-git-info:5.2.1Description:
Provides metadata and conversions from repository urls for GitHub, Bitbucket and GitLab License:
ISC File Path: /var/simplicite/simplicite-5.2/package-lock.json?/hosted-git-info:5.2.1
Referenced In Projects/Scopes: simplicite-js:5.2.54/npm-check-updates:16.14.14 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author GitHub Inc. Highest Vendor package.json bugs.url https://github.com/npm/hosted-git-info/issues Highest Vendor package.json description Provides metadata and conversions from repository urls for GitHub, Bitbucket and GitLab Highest Vendor package.json homepage https://github.com/npm/hosted-git-info Highest Vendor package.json name hosted-git-info Highest Vendor package.json name hosted-git-info_project Highest Product package.json name hosted-git-info Highest Version package.json version 5.2.1 Highest
Related Dependencies hosted-git-info:5.2.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?npm-check-updates:16.14.14/hosted-git-info:^5.1.0 pkg:npm/hosted-git-info@5.2.1 hsqldb-2.6.1.jarDescription:
HSQLDB - Lightweight 100% Java SQL Database Engine License:
HSQLDB License, a BSD open source license: http://hsqldb.org/web/hsqlLicense.html File Path: /var/simplicite/.m2/repository/org/hsqldb/hsqldb/2.6.1/hsqldb-2.6.1.jar
MD5: 9dd059b3f1558202870d7cf585275ef7
SHA1: e626f8231592da1862fac632a6230752cf69b8e9
SHA256: e3f9e9d472d985b95ee5c10ed40d03496c3a26b950590ae0a49ce608626dcbe8
Referenced In Project/Scope: Simplicite Platform:runtime
hsqldb-2.6.1.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.simplicite/simplicite@5.2.54
Evidence Type Source Name Value Confidence Vendor file name hsqldb High Vendor jar package name database Highest Vendor jar package name hsqldb Highest Vendor jar package name java Highest Vendor Manifest build-vendor blaine Medium Vendor Manifest bundle-symbolicname org.hsqldb.hsqldb Medium Vendor Manifest Implementation-Vendor The HSQL Development Group High Vendor Manifest originally-created-by 11.0.12+7 (Oracle Corporation) Low Vendor Manifest specification-vendor The HSQL Development Group Low Vendor pom artifactid hsqldb Highest Vendor pom artifactid hsqldb Low Vendor pom developer email blaine.simpson@admc.com Low Vendor pom developer id unsaved Medium Vendor pom developer name Blaine Simpson Medium Vendor pom groupid org.hsqldb Highest Vendor pom name HyperSQL Database High Vendor pom organization name The HSQL Development Group High Vendor pom organization url http://hsqldb.org Medium Vendor pom url http://hsqldb.org Highest Product file name hsqldb High Product jar package name database Highest Product jar package name hsqldb Highest Product jar package name java Highest Product Manifest Bundle-Name HSQLDB Medium Product Manifest bundle-symbolicname org.hsqldb.hsqldb Medium Product Manifest Implementation-Title Standard runtime High Product Manifest originally-created-by 11.0.12+7 (Oracle Corporation) Low Product Manifest specification-title HSQLDB Medium Product pom artifactid hsqldb Highest Product pom developer email blaine.simpson@admc.com Low Product pom developer id unsaved Low Product pom developer name Blaine Simpson Low Product pom groupid org.hsqldb Highest Product pom name HyperSQL Database High Product pom organization name The HSQL Development Group Low Product pom organization url http://hsqldb.org Low Product pom url http://hsqldb.org Medium Version file version 2.6.1 High Version Manifest Bundle-Version 2.6.1 High Version Manifest Implementation-Version 2.6.1 High Version pom version 2.6.1 Highest
CVE-2022-41853 suppress
Those using java.sql.Statement or java.sql.PreparedStatement in hsqldb (HyperSQL DataBase) to process untrusted input may be vulnerable to a remote code execution attack. By default it is allowed to call any static method of any Java class in the classpath resulting in code execution. The issue can be prevented by updating to 2.7.1 or by setting the system property "hsqldb.method_class_names" to classes which are allowed to be called. For example, System.setProperty("hsqldb.method_class_names", "abc") or Java argument -Dhsqldb.method_class_names="abc" can be used. From version 2.7.1 all classes by default are not accessible except those in java.lang.Math and need to be manually enabled. NVD-CWE-noinfo
CVSSv3:
Base Score: CRITICAL (9.8) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H References:
Vulnerable Software & Versions:
html-tags:3.3.1Description:
List of standard HTML tags License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?stylelint:14.16.1/html-tags:^3.2.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/stylelint:14.16.1 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author.email sindresorhus@gmail.com Highest Vendor package.json author.name Sindre Sorhus Highest Vendor package.json author.url https://sindresorhus.com Highest Vendor package.json description List of standard HTML tags Highest Vendor package.json name html-tags Highest Vendor package.json name html-tags_project Highest Product package.json name html-tags Highest Version package.json version 3.3.1 Highest
Related Dependencies html-tags:3.3.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?/html-tags:3.3.1 pkg:npm/html-tags@3.3.1 htmlparser2:3.8.3Description:
Fast & forgiving HTML/XML/RSS parser License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/htmlparser2:3.8.3
Referenced In Projects/Scopes: simplicite-js:5.2.54/jshint:2.13.1 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author Felix Boehm <me@feedic.com> Highest Vendor package.json bugs.mail me@feedic.com Highest Vendor package.json bugs.url http://github.com/fb55/htmlparser2/issues Highest Vendor package.json description Fast & forgiving HTML/XML/RSS parser Highest Vendor package.json name htmlparser2 Highest Vendor package.json name htmlparser2_project Highest Product package.json name htmlparser2 Highest Version package.json version 3.8.3 Highest
Related Dependencies htmlparser2:3.8.3File Path: /var/simplicite/simplicite-5.2/package-lock.json?jshint:2.13.1/htmlparser2:3.8.x pkg:npm/htmlparser2@3.8.3 http-cache-semantics:4.1.1Description:
Parses Cache-Control and other headers. Helps building correct HTTP caches and proxies License:
BSD-2-Clause File Path: /var/simplicite/simplicite-5.2/package-lock.json?cacheable-request:6.1.0/http-cache-semantics:^4.0.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/cacheable-request:6.1.0 simplicite-js:5.2.54/make-fetch-happen:11.1.1 simplicite-js:5.2.54/cacheable-request:10.2.12 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author Kornel Lesiński <kornel@geekhood.net> (https://kornel.ski/) Highest Vendor package.json description Parses Cache-Control and other headers. Helps building correct HTTP caches and proxies Highest Vendor package.json name http-cache-semantics Highest Vendor package.json name http-cache-semantics_project Highest Product package.json name http-cache-semantics Highest Version package.json version 4.1.1 Highest
Related Dependencies http-cache-semantics:4.1.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?/http-cache-semantics:4.1.1 pkg:npm/http-cache-semantics@4.1.1 http-cache-semantics:4.1.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?cacheable-request:10.2.12/http-cache-semantics:^4.1.1 pkg:npm/http-cache-semantics@4.1.1 http-cache-semantics:4.1.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?make-fetch-happen:11.1.1/http-cache-semantics:^4.1.1 pkg:npm/http-cache-semantics@4.1.1 http-proxy-agent:5.0.0Description:
An HTTP(s) proxy `http.Agent` implementation for HTTP License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?make-fetch-happen:11.1.1/http-proxy-agent:^5.0.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/make-fetch-happen:11.1.1 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author Nathan Rajlich <nathan@tootallnate.net> (http://n8.io/) Highest Vendor package.json bugs.url https://github.com/TooTallNate/node-http-proxy-agent/issues Highest Vendor package.json description An HTTP(s) proxy `http.Agent` implementation for HTTP Highest Vendor package.json name http-proxy-agent Highest Vendor package.json name http-proxy-agent_project Highest Product package.json name http-proxy-agent Highest Version package.json version 5.0.0 Highest
Related Dependencies http-proxy-agent:5.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?/http-proxy-agent:5.0.0 pkg:npm/http-proxy-agent@5.0.0 http2-wrapper:2.2.0Description:
HTTP2 client, just with the familiar `https` API License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?got:13.0.0/http2-wrapper:^2.1.10
Referenced In Projects/Scopes: simplicite-js:5.2.54/got:12.6.1 simplicite-js:5.2.54 simplicite-js:5.2.54/got:13.0.0 Evidence Type Source Name Value Confidence Vendor package.json author Szymon Marczak Highest Vendor package.json bugs.url https://github.com/szmarczak/http2-wrapper/issues Highest Vendor package.json description HTTP2 client, just with the familiar `https` API Highest Vendor package.json homepage https://github.com/szmarczak/http2-wrapper#readme Highest Vendor package.json name http2-wrapper Highest Vendor package.json name http2-wrapper_project Highest Product package.json name http2-wrapper Highest Version package.json version 2.2.0 Highest
Related Dependencies http2-wrapper:2.2.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?/http2-wrapper:2.2.0 pkg:npm/http2-wrapper@2.2.0 http2-wrapper:2.2.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?got:12.6.1/http2-wrapper:^2.1.10 pkg:npm/http2-wrapper@2.2.0 httpasyncclient-4.1.4.jarDescription:
Apache HttpComponents AsyncClient
File Path: /var/simplicite/.m2/repository/org/apache/httpcomponents/httpasyncclient/4.1.4/httpasyncclient-4.1.4.jarMD5: f29a16f1c28f5b3dd511cbd16d7fa422SHA1: f3a3240681faae3fa46b573a4c7e50cec9db0d86SHA256: 50e981a8e567a16ebdad104605b156540a863459fa127b8ba647f310dfc83ef8Referenced In Project/Scope: Simplicite Platform:compilehttpasyncclient-4.1.4.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.simplicite/simplicite@5.2.54
Evidence Type Source Name Value Confidence Vendor file name httpasyncclient High Vendor jar package name apache Highest Vendor Manifest automatic-module-name org.apache.httpcomponents.httpasyncclient Medium Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor Manifest Implementation-Vendor-Id org.apache.httpcomponents Medium Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor pom artifactid httpasyncclient Highest Vendor pom artifactid httpasyncclient Low Vendor pom groupid org.apache.httpcomponents Highest Vendor pom name Apache HttpAsyncClient High Vendor pom parent-artifactid httpcomponents-asyncclient Low Vendor pom url http://hc.apache.org/httpcomponents-asyncclient Highest Product file name httpasyncclient High Product jar package name apache Highest Product Manifest automatic-module-name org.apache.httpcomponents.httpasyncclient Medium Product Manifest Implementation-Title Apache HttpAsyncClient High Product Manifest specification-title Apache HttpAsyncClient Medium Product pom artifactid httpasyncclient Highest Product pom groupid org.apache.httpcomponents Highest Product pom name Apache HttpAsyncClient High Product pom parent-artifactid httpcomponents-asyncclient Medium Product pom url http://hc.apache.org/httpcomponents-asyncclient Medium Version file version 4.1.4 High Version Manifest Implementation-Version 4.1.4 High Version pom version 4.1.4 Highest
httpclient-4.5.13.jarDescription:
Apache HttpComponents Client
File Path: /var/simplicite/.m2/repository/org/apache/httpcomponents/httpclient/4.5.13/httpclient-4.5.13.jarMD5: 40d6b9075fbd28fa10292a45a0db9457SHA1: e5f6cae5ca7ecaac1ec2827a9e2d65ae2869cadaSHA256: 6fe9026a566c6a5001608cf3fc32196641f6c1e5e1986d1037ccdbd5f31ef743Referenced In Project/Scope: Simplicite Platform:compilehttpclient-4.5.13.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.simplicite/simplicite@5.2.54
Evidence Type Source Name Value Confidence Vendor file name httpclient High Vendor jar package name apache Highest Vendor jar package name client Highest Vendor jar package name httpclient Highest Vendor Manifest automatic-module-name org.apache.httpcomponents.httpclient Medium Vendor Manifest implementation-url http://hc.apache.org/httpcomponents-client Low Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor Manifest Implementation-Vendor-Id org.apache.httpcomponents Medium Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor pom artifactid httpclient Highest Vendor pom artifactid httpclient Low Vendor pom groupid org.apache.httpcomponents Highest Vendor pom name Apache HttpClient High Vendor pom parent-artifactid httpcomponents-client Low Vendor pom url http://hc.apache.org/httpcomponents-client Highest Product file name httpclient High Product jar package name apache Highest Product jar package name client Highest Product jar package name http Highest Product jar package name httpclient Highest Product Manifest automatic-module-name org.apache.httpcomponents.httpclient Medium Product Manifest Implementation-Title Apache HttpClient High Product Manifest implementation-url http://hc.apache.org/httpcomponents-client Low Product Manifest specification-title Apache HttpClient Medium Product pom artifactid httpclient Highest Product pom groupid org.apache.httpcomponents Highest Product pom name Apache HttpClient High Product pom parent-artifactid httpcomponents-client Medium Product pom url http://hc.apache.org/httpcomponents-client Medium Version file version 4.5.13 High Version Manifest Implementation-Version 4.5.13 High Version pom version 4.5.13 Highest
httpcore-4.4.14.jarDescription:
Apache HttpComponents Core (blocking I/O)
File Path: /var/simplicite/.m2/repository/org/apache/httpcomponents/httpcore/4.4.14/httpcore-4.4.14.jarMD5: 2b3991eda121042765a5ee299556c200SHA1: 9dd1a631c082d92ecd4bd8fd4cf55026c720a8c1SHA256: f956209e450cb1d0c51776dfbd23e53e9dd8db9a1298ed62b70bf0944ba63b28Referenced In Project/Scope: Simplicite Platform:compilehttpcore-4.4.14.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.simplicite/simplicite@5.2.54
Evidence Type Source Name Value Confidence Vendor file name httpcore High Vendor jar package name apache Highest Vendor Manifest automatic-module-name org.apache.httpcomponents.httpcore Medium Vendor Manifest implementation-build ${scmBranch}@r${buildNumber}; 2020-11-26 19:07:01+0000 Low Vendor Manifest implementation-url http://hc.apache.org/httpcomponents-core-ga Low Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor Manifest Implementation-Vendor-Id org.apache Medium Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor Manifest url http://hc.apache.org/httpcomponents-core-ga Low Vendor pom artifactid httpcore Highest Vendor pom artifactid httpcore Low Vendor pom groupid org.apache.httpcomponents Highest Vendor pom name Apache HttpCore High Vendor pom parent-artifactid httpcomponents-core Low Vendor pom url http://hc.apache.org/httpcomponents-core-ga Highest Product file name httpcore High Product jar package name apache Highest Product jar package name http Highest Product Manifest automatic-module-name org.apache.httpcomponents.httpcore Medium Product Manifest implementation-build ${scmBranch}@r${buildNumber}; 2020-11-26 19:07:01+0000 Low Product Manifest Implementation-Title HttpComponents Apache HttpCore High Product Manifest implementation-url http://hc.apache.org/httpcomponents-core-ga Low Product Manifest specification-title HttpComponents Apache HttpCore Medium Product Manifest url http://hc.apache.org/httpcomponents-core-ga Low Product pom artifactid httpcore Highest Product pom groupid org.apache.httpcomponents Highest Product pom name Apache HttpCore High Product pom parent-artifactid httpcomponents-core Medium Product pom url http://hc.apache.org/httpcomponents-core-ga Medium Version file version 4.4.14 High Version Manifest Implementation-Version 4.4.14 High Version pom version 4.4.14 Highest
httpcore-nio-4.4.14.jarDescription:
Apache HttpComponents Core (non-blocking I/O)
File Path: /var/simplicite/.m2/repository/org/apache/httpcomponents/httpcore-nio/4.4.14/httpcore-nio-4.4.14.jarMD5: fc67803925f395dbb90e61992bbf0291SHA1: 175aeb59b09cf2ebbec622fe1704904a092ee291SHA256: 88c695f7342ba76dafd4035fa9bebbf82837c573de0d81324ba7921b4e14f5c8Referenced In Project/Scope: Simplicite Platform:compilehttpcore-nio-4.4.14.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.simplicite/simplicite@5.2.54
Evidence Type Source Name Value Confidence Vendor file name httpcore-nio High Vendor jar package name apache Highest Vendor jar package name nio Highest Vendor Manifest automatic-module-name org.apache.httpcomponents.httpcore.nio Medium Vendor Manifest implementation-url http://hc.apache.org/httpcomponents-core-ga Low Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor Manifest Implementation-Vendor-Id org.apache.httpcomponents Medium Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor pom artifactid httpcore-nio Highest Vendor pom artifactid httpcore-nio Low Vendor pom groupid org.apache.httpcomponents Highest Vendor pom name Apache HttpCore NIO High Vendor pom parent-artifactid httpcomponents-core Low Vendor pom url http://hc.apache.org/httpcomponents-core-ga Highest Product file name httpcore-nio High Product jar package name apache Highest Product jar package name http Highest Product jar package name nio Highest Product Manifest automatic-module-name org.apache.httpcomponents.httpcore.nio Medium Product Manifest Implementation-Title Apache HttpCore NIO High Product Manifest implementation-url http://hc.apache.org/httpcomponents-core-ga Low Product Manifest specification-title Apache HttpCore NIO Medium Product pom artifactid httpcore-nio Highest Product pom groupid org.apache.httpcomponents Highest Product pom name Apache HttpCore NIO High Product pom parent-artifactid httpcomponents-core Medium Product pom url http://hc.apache.org/httpcomponents-core-ga Medium Version file version 4.4.14 High Version Manifest Implementation-Version 4.4.14 High Version pom version 4.4.14 Highest
httpmime-4.5.13.jarDescription:
Apache HttpComponents HttpClient - MIME coded entities
File Path: /var/simplicite/.m2/repository/org/apache/httpcomponents/httpmime/4.5.13/httpmime-4.5.13.jarMD5: 3f0c1ef2c9dc47b62b780192f54b0c18SHA1: efc110bad4a0d45cda7858e6beee1d8a8313da5aSHA256: 06e754d99245b98dcc2860dcb43d20e737d650da2bf2077a105f68accbd5c5ccReferenced In Project/Scope: Simplicite Platform:compilehttpmime-4.5.13.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.simplicite/simplicite@5.2.54
Evidence Type Source Name Value Confidence Vendor file name httpmime High Vendor jar package name apache Highest Vendor jar package name mime Highest Vendor Manifest automatic-module-name org.apache.httpcomponents.httpmime Medium Vendor Manifest implementation-url http://hc.apache.org/httpcomponents-client Low Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor Manifest Implementation-Vendor-Id org.apache.httpcomponents Medium Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor pom artifactid httpmime Highest Vendor pom artifactid httpmime Low Vendor pom groupid org.apache.httpcomponents Highest Vendor pom name Apache HttpClient Mime High Vendor pom parent-artifactid httpcomponents-client Low Vendor pom url http://hc.apache.org/httpcomponents-client Highest Product file name httpmime High Product jar package name apache Highest Product jar package name http Highest Product jar package name mime Highest Product Manifest automatic-module-name org.apache.httpcomponents.httpmime Medium Product Manifest Implementation-Title Apache HttpClient Mime High Product Manifest implementation-url http://hc.apache.org/httpcomponents-client Low Product Manifest specification-title Apache HttpClient Mime Medium Product pom artifactid httpmime Highest Product pom groupid org.apache.httpcomponents Highest Product pom name Apache HttpClient Mime High Product pom parent-artifactid httpcomponents-client Medium Product pom url http://hc.apache.org/httpcomponents-client Medium Version file version 4.5.13 High Version Manifest Implementation-Version 4.5.13 High Version pom version 4.5.13 Highest
https-proxy-agent:5.0.1Description:
An HTTP(s) proxy `http.Agent` implementation for HTTPS License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?make-fetch-happen:11.1.1/https-proxy-agent:^5.0.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/make-fetch-happen:11.1.1 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author Nathan Rajlich <nathan@tootallnate.net> (http://n8.io/) Highest Vendor package.json bugs.url https://github.com/TooTallNate/node-https-proxy-agent/issues Highest Vendor package.json description An HTTP(s) proxy `http.Agent` implementation for HTTPS Highest Vendor package.json name https-proxy-agent Highest Vendor package.json name https-proxy-agent_project Highest Product package.json name https-proxy-agent Highest Version package.json version 5.0.1 Highest
Related Dependencies https-proxy-agent:5.0.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?/https-proxy-agent:5.0.1 pkg:npm/https-proxy-agent@5.0.1 httpservices-4.5.5.jarFile Path: /var/simplicite/.m2/repository/edu/ucar/httpservices/4.5.5/httpservices-4.5.5.jarMD5: c5207827b8b7e6045b2af7e1e8c5b1d4SHA1: ee5f217be599e5e03f7f0e55e03f9e721a154f62SHA256: 8334da7adc9ed7a7b941a780f4d22054f8a11d03973be83ae8399400d55300e4Referenced In Project/Scope: Simplicite Platform:compilehttpservices-4.5.5.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.apache.tika/tika-parsers@1.27
Evidence Type Source Name Value Confidence Vendor file name httpservices High Vendor jar package name httpservices Highest Vendor jar package name ucar Highest Vendor Manifest built-on 20150306.1537 Low Vendor Manifest Implementation-Vendor UCAR/Unidata High Vendor Manifest Implementation-Vendor-Id edu.ucar Medium Vendor pom artifactid httpservices Highest Vendor pom artifactid httpservices Low Vendor pom groupid edu.ucar Highest Vendor pom name HttpClient Wrappers High Vendor pom parent-artifactid thredds-parent Low Vendor pom url http://www.unidata.ucar.edu/software/netcdf-java/documentation.htm Highest Product file name httpservices High Product jar package name httpservices Highest Product jar package name ucar Highest Product Manifest built-on 20150306.1537 Low Product Manifest Implementation-Title HttpClient Wrappers High Product pom artifactid httpservices Highest Product pom groupid edu.ucar Highest Product pom name HttpClient Wrappers High Product pom parent-artifactid thredds-parent Medium Product pom url http://www.unidata.ucar.edu/software/netcdf-java/documentation.htm Medium Version file version 4.5.5 High Version Manifest Implementation-Version 4.5.5 High Version pom version 4.5.5 Highest
human-signals:2.1.0Description:
Human-friendly process signals License:
Apache-2.0 File Path: /var/simplicite/simplicite-5.2/package-lock.json?/human-signals:2.1.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/execa:5.1.1 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author ehmicky <ehmicky@gmail.com> (https://github.com/ehmicky) Highest Vendor package.json bugs.url https://github.com/ehmicky/human-signals/issues Highest Vendor package.json description Human-friendly process signals Highest Vendor package.json homepage https://git.io/JeluP Highest Vendor package.json name human-signals Highest Vendor package.json name human-signals_project Highest Product package.json name human-signals Highest Version package.json version 2.1.0 Highest
Related Dependencies human-signals:2.1.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?execa:5.1.1/human-signals:^2.1.0 pkg:npm/human-signals@2.1.0 humanize-ms:1.2.1Description:
transform humanize time to ms License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/humanize-ms:1.2.1
Referenced In Projects/Scopes: simplicite-js:5.2.54/agentkeepalive:4.3.0 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author.email dead_horse@qq.com Highest Vendor package.json author.name dead-horse Highest Vendor package.json author.url http://deadhorse.me Highest Vendor package.json description transform humanize time to ms Highest Vendor package.json name humanize-ms Highest Vendor package.json name humanize-ms_project Highest Product package.json name humanize-ms Highest Version package.json version 1.2.1 Highest
Related Dependencies humanize-ms:1.2.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?agentkeepalive:4.3.0/humanize-ms:^1.2.1 pkg:npm/humanize-ms@1.2.1 iconv-lite:0.4.24Description:
Convert character encodings in pure javascript. License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/iconv-lite:0.4.24
Referenced In Projects/Scopes: simplicite-js:5.2.54 simplicite-js:5.2.54/external-editor:3.1.0 Evidence Type Source Name Value Confidence Vendor package.json author Alexander Shtuchkin <ashtuchkin@gmail.com> Highest Vendor package.json bugs https://github.com/ashtuchkin/iconv-lite/issues Highest Vendor package.json description Convert character encodings in pure javascript. Highest Vendor package.json homepage https://github.com/ashtuchkin/iconv-lite Highest Vendor package.json name iconv-lite Highest Vendor package.json name iconv-lite_project Highest Product package.json name iconv-lite Highest Version package.json version 0.4.24 Highest
Related Dependencies iconv-lite:0.4.24File Path: /var/simplicite/simplicite-5.2/package-lock.json?external-editor:3.1.0/iconv-lite:^0.4.24 pkg:npm/iconv-lite@0.4.24 iconv-lite:0.6.3Description:
Convert character encodings in pure javascript. License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/iconv-lite:0.6.3
Referenced In Projects/Scopes: simplicite-js:5.2.54 simplicite-js:5.2.54/encoding:0.1.13 Evidence Type Source Name Value Confidence Vendor package.json author Alexander Shtuchkin <ashtuchkin@gmail.com> Highest Vendor package.json bugs https://github.com/ashtuchkin/iconv-lite/issues Highest Vendor package.json description Convert character encodings in pure javascript. Highest Vendor package.json homepage https://github.com/ashtuchkin/iconv-lite Highest Vendor package.json name iconv-lite Highest Vendor package.json name iconv-lite_project Highest Product package.json name iconv-lite Highest Version package.json version 0.6.3 Highest
Related Dependencies iconv-lite:0.6.3File Path: /var/simplicite/simplicite-5.2/package-lock.json?encoding:0.1.13/iconv-lite:^0.6.2 pkg:npm/iconv-lite@0.6.3 icu4j-69.1.jarDescription:
International Component for Unicode for Java (ICU4J) is a mature, widely used Java library
providing Unicode and Globalization support
License:
Unicode/ICU License: https://raw.githubusercontent.com/unicode-org/icu/master/icu4c/LICENSE File Path: /var/simplicite/.m2/repository/com/ibm/icu/icu4j/69.1/icu4j-69.1.jar
MD5: 1be8018240774c697a812df60e23aed4
SHA1: ff666ac55986650893aacb9e2e0003538e9799c0
SHA256: 98286f3d538bc7bde87d70bf2cac3acc9ed7b7fe941db5e94a8c3fa13516f963
Referenced In Project/Scope: Simplicite Platform:compile
icu4j-69.1.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.simplicite/simplicite@5.2.54
Evidence Type Source Name Value Confidence Vendor file name icu4j High Vendor file (hint) name icu-project High Vendor file (hint) name unicode High Vendor jar package name ibm Highest Vendor jar package name icu Highest Vendor Manifest automatic-module-name com.ibm.icu Medium Vendor Manifest bundle-copyright © 2016 and later: Unicode, Inc. and others. License & terms of use: http://www.unicode.org/copyright.html Low Vendor Manifest bundle-requiredexecutionenvironment JavaSE-1.7 Low Vendor Manifest bundle-symbolicname com.ibm.icu Medium Vendor Manifest Implementation-Vendor Unicode, Inc. High Vendor Manifest Implementation-Vendor-Id org.unicode Medium Vendor pom artifactid icu4j Highest Vendor pom artifactid icu4j Low Vendor pom developer id deborah Medium Vendor pom developer id dougfelt Medium Vendor pom developer id JCEmmons Medium Vendor pom developer id macchiati Medium Vendor pom developer id markusicu Medium Vendor pom developer id pedberg Medium Vendor pom developer id srl295 Medium Vendor pom developer id yumaoka Medium Vendor pom developer name Deborah Goldsmith Medium Vendor pom developer name Doug Felt Medium Vendor pom developer name John Emmons Medium Vendor pom developer name Mark Davis Medium Vendor pom developer name Markus Scherer Medium Vendor pom developer name Peter Edberg Medium Vendor pom developer name Steven Loomis Medium Vendor pom developer name Yoshito Umaoka Medium Vendor pom developer org Apple Medium Vendor pom developer org Google Medium Vendor pom developer org IBM Corporation Medium Vendor pom groupid com.ibm.icu Highest Vendor pom name ICU4J High Vendor pom url http://icu-project.org/ Highest Vendor pom (hint) artifactid icu-project Highest Vendor pom (hint) artifactid icu-project Low Vendor pom (hint) artifactid unicode Highest Vendor pom (hint) artifactid unicode Low Vendor pom (hint) name icu-project High Vendor pom (hint) name unicode High Product file name icu4j High Product hint analyzer product international_components_for_unicode Highest Product jar package name ibm Highest Product jar package name icu Highest Product Manifest automatic-module-name com.ibm.icu Medium Product Manifest bundle-copyright © 2016 and later: Unicode, Inc. and others. License & terms of use: http://www.unicode.org/copyright.html Low Product Manifest Bundle-Name ICU4J Medium Product Manifest bundle-requiredexecutionenvironment JavaSE-1.7 Low Product Manifest bundle-symbolicname com.ibm.icu Medium Product Manifest Implementation-Title International Components for Unicode for Java High Product Manifest specification-title International Components for Unicode for Java Medium Product pom artifactid icu4j Highest Product pom developer id deborah Low Product pom developer id dougfelt Low Product pom developer id JCEmmons Low Product pom developer id macchiati Low Product pom developer id markusicu Low Product pom developer id pedberg Low Product pom developer id srl295 Low Product pom developer id yumaoka Low Product pom developer name Deborah Goldsmith Low Product pom developer name Doug Felt Low Product pom developer name John Emmons Low Product pom developer name Mark Davis Low Product pom developer name Markus Scherer Low Product pom developer name Peter Edberg Low Product pom developer name Steven Loomis Low Product pom developer name Yoshito Umaoka Low Product pom developer org Apple Low Product pom developer org Google Low Product pom developer org IBM Corporation Low Product pom groupid com.ibm.icu Highest Product pom name ICU4J High Product pom url http://icu-project.org/ Medium Version file version 69.1 High Version Manifest Bundle-Version 69.1 High Version Manifest Implementation-Version 69.1 High Version pom version 69.1 Highest
pkg:maven/com.ibm.icu/icu4j@69.1 (Confidence :High)cpe:2.3:a:icu-project:international_components_for_unicode:69.1:*:*:*:*:*:*:* (Confidence :Low) suppress cpe:2.3:a:unicode:international_components_for_unicode:69.1:*:*:*:*:*:*:* (Confidence :Low) suppress ieee754:1.2.1Description:
Read/write IEEE754 floating point numbers from/to a Buffer or array-like object License:
BSD-3-Clause File Path: /var/simplicite/simplicite-5.2/package-lock.json?buffer:6.0.3/ieee754:^1.2.1
Referenced In Projects/Scopes: simplicite-js:5.2.54/buffer:6.0.3 simplicite-js:5.2.54 simplicite-js:5.2.54/buffer:5.7.1 Evidence Type Source Name Value Confidence Vendor package.json author.email feross@feross.org Highest Vendor package.json author.name Feross Aboukhadijeh Highest Vendor package.json author.url https://feross.org Highest Vendor package.json description Read/write IEEE754 floating point numbers from/to a Buffer or array-like object Highest Vendor package.json name ieee754 Highest Vendor package.json name ieee754_project Highest Product package.json name ieee754 Highest Version package.json version 1.2.1 Highest
Related Dependencies ieee754:1.2.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?/ieee754:1.2.1 pkg:npm/ieee754@1.2.1 ieee754:1.2.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?buffer:5.7.1/ieee754:^1.1.13 pkg:npm/ieee754@1.2.1 ignore-walk:6.0.3Description:
Nested/recursive `.gitignore`/`.npmignore` parsing and filtering. License:
ISC File Path: /var/simplicite/simplicite-5.2/package-lock.json?npm-packlist:7.0.4/ignore-walk:^6.0.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/npm-packlist:7.0.4 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author GitHub Inc. Highest Vendor package.json description Nested/recursive `.gitignore`/`.npmignore` parsing and filtering. Highest Vendor package.json name ignore-walk Highest Vendor package.json name ignore-walk_project Highest Product package.json name ignore-walk Highest Version package.json version 6.0.3 Highest
Related Dependencies ignore-walk:6.0.3File Path: /var/simplicite/simplicite-5.2/package-lock.json?/ignore-walk:6.0.3 pkg:npm/ignore-walk@6.0.3 ignore:5.2.4Description:
Ignore is a manager and filter for .gitignore rules, the one used by eslint, gitbook and many others. License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?stylelint:14.16.1/ignore:^5.2.1
Referenced In Projects/Scopes: simplicite-js:5.2.54/eslint:8.56.0 simplicite-js:5.2.54/stylelint:14.16.1 simplicite-js:5.2.54/@eslint/eslintrc:2.1.4 simplicite-js:5.2.54 simplicite-js:5.2.54/globby:11.1.0 simplicite-js:5.2.54/depcheck:1.4.3 Evidence Type Source Name Value Confidence Vendor package.json author kael Highest Vendor package.json bugs.url https://github.com/kaelzhang/node-ignore/issues Highest Vendor package.json description Ignore is a manager and filter for .gitignore rules, the one used by eslint, gitbook and many others. Highest Vendor package.json name ignore Highest Vendor package.json name ignore_project Highest Product package.json name ignore Highest Version package.json version 5.2.4 Highest
Related Dependencies ignore:5.2.4File Path: /var/simplicite/simplicite-5.2/package-lock.json?/ignore:5.2.4 pkg:npm/ignore@5.2.4 ignore:5.2.4File Path: /var/simplicite/simplicite-5.2/package-lock.json?@eslint/eslintrc:2.1.4/ignore:^5.2.0 pkg:npm/ignore@5.2.4 ignore:5.2.4File Path: /var/simplicite/simplicite-5.2/package-lock.json?depcheck:1.4.3/ignore:^5.1.8 pkg:npm/ignore@5.2.4 ignore:5.2.4File Path: /var/simplicite/simplicite-5.2/package-lock.json?eslint:8.56.0/ignore:^5.2.0 pkg:npm/ignore@5.2.4 ignore:5.2.4File Path: /var/simplicite/simplicite-5.2/package-lock.json?globby:11.1.0/ignore:^5.2.0 pkg:npm/ignore@5.2.4 immediate:3.0.6Description:
A cross browser microtask library License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?lie:3.3.0/immediate:~3.0.5
Referenced In Projects/Scopes: simplicite-js:5.2.54/lie:3.3.0 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json bugs https://github.com/calvinmetcalf/immediate/issues Highest Vendor package.json description A cross browser microtask library Highest Vendor package.json name immediate Highest Vendor package.json name immediate_project Highest Product package.json name immediate Highest Version package.json version 3.0.6 Highest
Related Dependencies immediate:3.0.6File Path: /var/simplicite/simplicite-5.2/package-lock.json?/immediate:3.0.6 pkg:npm/immediate@3.0.6 immutable:4.3.0Description:
Immutable Data Collections License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?sass:1.63.6/immutable:^4.0.0
Referenced In Projects/Scopes: simplicite-js:5.2.54 simplicite-js:5.2.54/sass:1.63.6 Evidence Type Source Name Value Confidence Vendor package.json author.name Lee Byron Highest Vendor package.json author.url https://github.com/leebyron Highest Vendor package.json bugs.url https://github.com/immutable-js/immutable-js/issues Highest Vendor package.json description Immutable Data Collections Highest Vendor package.json homepage https://immutable-js.com Highest Vendor package.json name immutable Highest Vendor package.json name immutable_project Highest Product package.json name immutable Highest Version package.json version 4.3.0 Highest
Related Dependencies immutable:4.3.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?/immutable:4.3.0 pkg:npm/immutable@4.3.0 import-fresh:3.3.0Description:
Import a module while bypassing the cache License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/import-fresh:3.3.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/@eslint/eslintrc:2.1.4 simplicite-js:5.2.54/cosmiconfig:7.1.0 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author.email sindresorhus@gmail.com Highest Vendor package.json author.name Sindre Sorhus Highest Vendor package.json author.url https://sindresorhus.com Highest Vendor package.json description Import a module while bypassing the cache Highest Vendor package.json name import-fresh Highest Vendor package.json name import-fresh_project Highest Product package.json name import-fresh Highest Version package.json version 3.3.0 Highest
Related Dependencies import-fresh:3.3.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?@eslint/eslintrc:2.1.4/import-fresh:^3.2.1 pkg:npm/import-fresh@3.3.0 import-fresh:3.3.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?cosmiconfig:7.1.0/import-fresh:^3.2.1 pkg:npm/import-fresh@3.3.0 import-lazy:2.1.0Description:
Import modules lazily License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/import-lazy:2.1.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/update-notifier:4.1.3 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author.email sindresorhus@gmail.com Highest Vendor package.json author.name Sindre Sorhus Highest Vendor package.json author.url sindresorhus.com Highest Vendor package.json description Import modules lazily Highest Vendor package.json name import-lazy Highest Vendor package.json name import-lazy_project Highest Product package.json name import-lazy Highest Version package.json version 2.1.0 Highest
Related Dependencies import-lazy:2.1.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?update-notifier:4.1.3/import-lazy:^2.1.0 pkg:npm/import-lazy@2.1.0 import-lazy:4.0.0Description:
Import a module lazily License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?stylelint:14.16.1/import-lazy:^4.0.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/update-notifier:6.0.2 simplicite-js:5.2.54/stylelint:14.16.1 simplicite-js:5.2.54/update-notifier:5.1.0 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author.email sindresorhus@gmail.com Highest Vendor package.json author.name Sindre Sorhus Highest Vendor package.json author.url sindresorhus.com Highest Vendor package.json description Import a module lazily Highest Vendor package.json name import-lazy Highest Vendor package.json name import-lazy_project Highest Product package.json name import-lazy Highest Version package.json version 4.0.0 Highest
Related Dependencies import-lazy:2.1.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?/import-lazy:2.1.0 pkg:npm/import-lazy@2.1.0 import-lazy:4.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?/import-lazy:4.0.0 pkg:npm/import-lazy@4.0.0 import-lazy:4.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?update-notifier:5.1.0/import-lazy:^2.1.0 pkg:npm/import-lazy@4.0.0 import-lazy:4.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?update-notifier:6.0.2/import-lazy:^4.0.0 pkg:npm/import-lazy@4.0.0 imurmurhash:0.1.4Description:
An incremental implementation of MurmurHash3 License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?write-file-atomic:4.0.2/imurmurhash:^0.1.4
Referenced In Projects/Scopes: simplicite-js:5.2.54/unique-slug:4.0.0 simplicite-js:5.2.54/eslint:8.56.0 simplicite-js:5.2.54/stylelint:14.16.1 simplicite-js:5.2.54/write-file-atomic:4.0.2 simplicite-js:5.2.54 simplicite-js:5.2.54/write-file-atomic:3.0.3 Evidence Type Source Name Value Confidence Vendor package.json author.email jensyt@gmail.com Highest Vendor package.json author.name Jens Taylor Highest Vendor package.json author.url https://github.com/homebrewing Highest Vendor package.json bugs.url https://github.com/jensyt/imurmurhash-js/issues Highest Vendor package.json description An incremental implementation of MurmurHash3 Highest Vendor package.json homepage https://github.com/jensyt/imurmurhash-js Highest Vendor package.json name imurmurhash Highest Vendor package.json name imurmurhash_project Highest Product package.json name imurmurhash Highest Version package.json version 0.1.4 Highest
Related Dependencies imurmurhash:0.1.4File Path: /var/simplicite/simplicite-5.2/package-lock.json?/imurmurhash:0.1.4 pkg:npm/imurmurhash@0.1.4 imurmurhash:0.1.4File Path: /var/simplicite/simplicite-5.2/package-lock.json?eslint:8.56.0/imurmurhash:^0.1.4 pkg:npm/imurmurhash@0.1.4 imurmurhash:0.1.4File Path: /var/simplicite/simplicite-5.2/package-lock.json?stylelint:14.16.1/imurmurhash:^0.1.4 pkg:npm/imurmurhash@0.1.4 imurmurhash:0.1.4File Path: /var/simplicite/simplicite-5.2/package-lock.json?unique-slug:4.0.0/imurmurhash:^0.1.4 pkg:npm/imurmurhash@0.1.4 imurmurhash:0.1.4File Path: /var/simplicite/simplicite-5.2/package-lock.json?write-file-atomic:3.0.3/imurmurhash:^0.1.4 pkg:npm/imurmurhash@0.1.4 indent-string:4.0.0Description:
Indent each line in a string License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?redent:3.0.0/indent-string:^4.0.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/redent:3.0.0 simplicite-js:5.2.54/aggregate-error:3.1.0 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author.email sindresorhus@gmail.com Highest Vendor package.json author.name Sindre Sorhus Highest Vendor package.json author.url sindresorhus.com Highest Vendor package.json description Indent each line in a string Highest Vendor package.json name indent-string Highest Vendor package.json name indent-string_project Highest Product package.json name indent-string Highest Version package.json version 4.0.0 Highest
Related Dependencies indent-string:4.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?/indent-string:4.0.0 pkg:npm/indent-string@4.0.0 indent-string:4.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?aggregate-error:3.1.0/indent-string:^4.0.0 pkg:npm/indent-string@4.0.0 inflight:1.0.6Description:
Add callbacks to requests in flight to avoid async duplication License:
ISC File Path: /var/simplicite/simplicite-5.2/package-lock.json?/inflight:1.0.6
Referenced In Projects/Scopes: simplicite-js:5.2.54/glob:7.2.3 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author Isaac Z. Schlueter <i@izs.me> (http://blog.izs.me/) Highest Vendor package.json bugs.url https://github.com/isaacs/inflight/issues Highest Vendor package.json description Add callbacks to requests in flight to avoid async duplication Highest Vendor package.json homepage https://github.com/isaacs/inflight Highest Vendor package.json name inflight Highest Vendor package.json name inflight_project Highest Product package.json name inflight Highest Version package.json version 1.0.6 Highest
Related Dependencies inflight:1.0.6File Path: /var/simplicite/simplicite-5.2/package-lock.json?glob:7.2.3/inflight:^1.0.4 pkg:npm/inflight@1.0.6 inherits:2.0.4Description:
Browser-friendly inheritance fully compatible with standard node.js inherits() License:
ISC File Path: /var/simplicite/simplicite-5.2/package-lock.json?readable-stream:1.1.14/inherits:~2.0.1
Referenced In Projects/Scopes: simplicite-js:5.2.54/bl:4.1.0 simplicite-js:5.2.54/glob:7.2.3 simplicite-js:5.2.54/readable-stream:2.3.8 simplicite-js:5.2.54/readable-stream:3.6.2 simplicite-js:5.2.54/readable-stream:1.1.14 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json description Browser-friendly inheritance fully compatible with standard node.js inherits() Highest Vendor package.json name inherits Highest Vendor package.json name inherits_project Highest Product package.json name inherits Highest Version package.json version 2.0.4 Highest
Related Dependencies inherits:2.0.4File Path: /var/simplicite/simplicite-5.2/package-lock.json?/inherits:2.0.4 pkg:npm/inherits@2.0.4 inherits:2.0.4File Path: /var/simplicite/simplicite-5.2/package-lock.json?bl:4.1.0/inherits:^2.0.4 pkg:npm/inherits@2.0.4 inherits:2.0.4File Path: /var/simplicite/simplicite-5.2/package-lock.json?glob:7.2.3/inherits:2 pkg:npm/inherits@2.0.4 inherits:2.0.4File Path: /var/simplicite/simplicite-5.2/package-lock.json?readable-stream:2.3.8/inherits:~2.0.3 pkg:npm/inherits@2.0.4 inherits:2.0.4File Path: /var/simplicite/simplicite-5.2/package-lock.json?readable-stream:3.6.2/inherits:^2.0.3 pkg:npm/inherits@2.0.4 ini:1.3.8Description:
An ini encoder/decoder for node License:
ISC File Path: /var/simplicite/simplicite-5.2/package-lock.json?/ini:1.3.8
Referenced In Projects/Scopes: simplicite-js:5.2.54/config-chain:1.1.13 simplicite-js:5.2.54/rc:1.2.8 simplicite-js:5.2.54/global-dirs:2.1.0 simplicite-js:5.2.54/global-dirs:3.0.1 simplicite-js:5.2.54 simplicite-js:5.2.54/global-prefix:3.0.0 Evidence Type Source Name Value Confidence Vendor package.json author Isaac Z. Schlueter <i@izs.me> (http://blog.izs.me/) Highest Vendor package.json description An ini encoder/decoder for node Highest Vendor package.json name ini Highest Vendor package.json name ini_project Highest Product package.json name ini Highest Version package.json version 1.3.8 Highest
Related Dependencies ini:1.3.7File Path: /var/simplicite/simplicite-5.2/package-lock.json?/ini:1.3.7 pkg:npm/ini@1.3.7 ini:1.3.7File Path: /var/simplicite/simplicite-5.2/package-lock.json?global-dirs:2.1.0/ini:1.3.7 pkg:npm/ini@1.3.7 ini:1.3.8File Path: /var/simplicite/simplicite-5.2/package-lock.json?config-chain:1.1.13/ini:^1.3.4 pkg:npm/ini@1.3.8 ini:1.3.8File Path: /var/simplicite/simplicite-5.2/package-lock.json?global-dirs:3.0.1/ini:2.0.0 pkg:npm/ini@1.3.8 ini:1.3.8File Path: /var/simplicite/simplicite-5.2/package-lock.json?global-prefix:3.0.0/ini:^1.3.5 pkg:npm/ini@1.3.8 ini:1.3.8File Path: /var/simplicite/simplicite-5.2/package-lock.json?rc:1.2.8/ini:~1.3.0 pkg:npm/ini@1.3.8 ini:2.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?/ini:2.0.0 pkg:npm/ini@2.0.0 ini:2.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?global-dirs:3.0.1/ini:2.0.0 pkg:npm/ini@2.0.0 ini:2.0.0Description:
An ini encoder/decoder for node License:
ISC File Path: /var/simplicite/simplicite-5.2/package-lock.json?/ini:2.0.0
Referenced In Project/Scope: simplicite-js:5.2.54
Evidence Type Source Name Value Confidence Vendor package.json author Isaac Z. Schlueter <i@izs.me> (http://blog.izs.me/) Highest Vendor package.json description An ini encoder/decoder for node Highest Vendor package.json name ini Highest Vendor package.json name ini_project Highest Product package.json name ini Highest Version package.json version 2.0.0 Highest
ini:4.1.1Description:
An ini encoder/decoder for node License:
ISC File Path: /var/simplicite/simplicite-5.2/package-lock.json?/ini:4.1.1
Referenced In Projects/Scopes: simplicite-js:5.2.54/npm-check-updates:16.14.14 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author GitHub Inc. Highest Vendor package.json description An ini encoder/decoder for node Highest Vendor package.json name ini Highest Vendor package.json name ini_project Highest Product package.json name ini Highest Version package.json version 4.1.1 Highest
Related Dependencies ini:4.1.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?npm-check-updates:16.14.14/ini:^4.1.1 pkg:npm/ini@4.1.1 inquirer:7.3.3Description:
A collection of common interactive command line user interfaces. License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?npm-check:6.0.1/inquirer:^7.3.3
Referenced In Projects/Scopes: simplicite-js:5.2.54/npm-check:6.0.1 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author Simon Boudrias <admin@simonboudrias.com> Highest Vendor package.json description A collection of common interactive command line user interfaces. Highest Vendor package.json name inquirer Highest Vendor package.json name inquirer_project Highest Product package.json name inquirer Highest Version package.json version 7.3.3 Highest
Related Dependencies inquirer:7.3.3File Path: /var/simplicite/simplicite-5.2/package-lock.json?/inquirer:7.3.3 pkg:npm/inquirer@7.3.3 internal-slot:1.0.5Description:
ES spec-like internal slots License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/internal-slot:1.0.5
Referenced In Projects/Scopes: simplicite-js:5.2.54/es-abstract:1.21.2 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author Jordan Harband <ljharb@gmail.com> Highest Vendor package.json bugs.url https://github.com/ljharb/internal-slot/issues Highest Vendor package.json description ES spec-like internal slots Highest Vendor package.json homepage https://github.com/ljharb/internal-slot#readme Highest Vendor package.json name internal-slot Highest Vendor package.json name internal-slot_project Highest Product package.json name internal-slot Highest Version package.json version 1.0.5 Highest
Related Dependencies internal-slot:1.0.5File Path: /var/simplicite/simplicite-5.2/package-lock.json?es-abstract:1.21.2/internal-slot:^1.0.5 pkg:npm/internal-slot@1.0.5 invariant:2.2.4Description:
invariant License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?scss-parser:1.0.6/invariant:2.2.4
Referenced In Projects/Scopes: simplicite-js:5.2.54/scss-parser:1.0.6 simplicite-js:5.2.54 simplicite-js:5.2.54/query-ast:1.0.5 Evidence Type Source Name Value Confidence Vendor package.json author Andres Suarez <zertosh@gmail.com> Highest Vendor package.json description invariant Highest Vendor package.json name invariant Highest Vendor package.json name invariant_project Highest Product package.json name invariant Highest Version package.json version 2.2.4 Highest
Related Dependencies invariant:2.2.4File Path: /var/simplicite/simplicite-5.2/package-lock.json?/invariant:2.2.4 pkg:npm/invariant@2.2.4 invariant:2.2.4File Path: /var/simplicite/simplicite-5.2/package-lock.json?query-ast:1.0.5/invariant:2.2.4 pkg:npm/invariant@2.2.4 ip:2.0.0License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?socks:2.7.1/ip:^2.0.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/socks:2.7.1 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author Fedor Indutny <fedor@indutny.com> Highest Vendor package.json homepage https://github.com/indutny/node-ip Highest Vendor package.json name ip Highest Vendor package.json name ip_project Highest Product package.json name ip Highest Version package.json version 2.0.0 Highest
Related Dependencies ip:2.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?/ip:2.0.0 pkg:npm/ip@2.0.0 CVE-2023-42282 suppress
The ip package before 1.1.9 for Node.js might allow SSRF because some IP addresses (such as 0x7f.1) are improperly categorized as globally routable via isPublic. CWE-918 Server-Side Request Forgery (SSRF)
CVSSv3:
Base Score: CRITICAL (9.8) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H References:
Vulnerable Software & Versions: (show all )
is-array-buffer:3.0.2Description:
Is this value a JS ArrayBuffer? License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/is-array-buffer:3.0.2
Referenced In Projects/Scopes: simplicite-js:5.2.54/array-buffer-byte-length:1.0.0 simplicite-js:5.2.54/es-abstract:1.21.2 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author Jordan Harband <ljharb@gmail.com> Highest Vendor package.json bugs.url https://github.com/inspect-js/is-array-buffer/issues Highest Vendor package.json description Is this value a JS ArrayBuffer? Highest Vendor package.json homepage https://github.com/inspect-js/is-array-buffer#readme Highest Vendor package.json name is-array-buffer Highest Vendor package.json name is-array-buffer_project Highest Product package.json name is-array-buffer Highest Version package.json version 3.0.2 Highest
Related Dependencies is-array-buffer:3.0.2File Path: /var/simplicite/simplicite-5.2/package-lock.json?array-buffer-byte-length:1.0.0/is-array-buffer:^3.0.1 pkg:npm/is-array-buffer@3.0.2 is-array-buffer:3.0.2File Path: /var/simplicite/simplicite-5.2/package-lock.json?es-abstract:1.21.2/is-array-buffer:^3.0.2 pkg:npm/is-array-buffer@3.0.2 is-arrayish:0.2.1Description:
Determines if an object can be used as an array License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/is-arrayish:0.2.1
Referenced In Projects/Scopes: simplicite-js:5.2.54/error-ex:1.3.2 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author Qix (http://github.com/qix-) Highest Vendor package.json description Determines if an object can be used as an array Highest Vendor package.json name is-arrayish Highest Vendor package.json name is-arrayish_project Highest Product package.json name is-arrayish Highest Version package.json version 0.2.1 Highest
Related Dependencies is-arrayish:0.2.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?error-ex:1.3.2/is-arrayish:^0.2.1 pkg:npm/is-arrayish@0.2.1 is-bigint:1.0.4Description:
Is this value an ES BigInt? License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?which-boxed-primitive:1.0.2/is-bigint:^1.0.1
Referenced In Projects/Scopes: simplicite-js:5.2.54 simplicite-js:5.2.54/which-boxed-primitive:1.0.2 Evidence Type Source Name Value Confidence Vendor package.json author Jordan Harband <ljharb@gmail.com> Highest Vendor package.json bugs.url https://github.com/inspect-js/is-bigint/issues Highest Vendor package.json description Is this value an ES BigInt? Highest Vendor package.json homepage https://github.com/inspect-js/is-bigint#readme Highest Vendor package.json name is-bigint Highest Vendor package.json name is-bigint_project Highest Product package.json name is-bigint Highest Version package.json version 1.0.4 Highest
Related Dependencies is-bigint:1.0.4File Path: /var/simplicite/simplicite-5.2/package-lock.json?/is-bigint:1.0.4 pkg:npm/is-bigint@1.0.4 is-binary-path:2.1.0Description:
Check if a file path is a binary file License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/is-binary-path:2.1.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/chokidar:3.5.3 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author.email sindresorhus@gmail.com Highest Vendor package.json author.name Sindre Sorhus Highest Vendor package.json author.url sindresorhus.com Highest Vendor package.json description Check if a file path is a binary file Highest Vendor package.json name is-binary-path Highest Vendor package.json name is-binary-path_project Highest Product package.json name is-binary-path Highest Version package.json version 2.1.0 Highest
Related Dependencies is-binary-path:2.1.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?chokidar:3.5.3/is-binary-path:~2.1.0 pkg:npm/is-binary-path@2.1.0 is-boolean-object:1.1.2Description:
Is this value a JS Boolean? This module works cross-realm/iframe, and despite ES6 @@toStringTag. License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?which-boxed-primitive:1.0.2/is-boolean-object:^1.1.0
Referenced In Projects/Scopes: simplicite-js:5.2.54 simplicite-js:5.2.54/which-boxed-primitive:1.0.2 Evidence Type Source Name Value Confidence Vendor package.json author Jordan Harband <ljharb@gmail.com> Highest Vendor package.json description Is this value a JS Boolean? This module works cross-realm/iframe, and despite ES6 @@toStringTag. Highest Vendor package.json name is-boolean-object Highest Vendor package.json name is-boolean-object_project Highest Product package.json name is-boolean-object Highest Version package.json version 1.1.2 Highest
Related Dependencies is-boolean-object:1.1.2File Path: /var/simplicite/simplicite-5.2/package-lock.json?/is-boolean-object:1.1.2 pkg:npm/is-boolean-object@1.1.2 is-builtin-module:3.2.1Description:
Check if a string matches the name of a Node.js builtin module License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/is-builtin-module:3.2.1
Referenced In Projects/Scopes: simplicite-js:5.2.54/eslint-plugin-jsdoc:48.0.4 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author.email sindresorhus@gmail.com Highest Vendor package.json author.name Sindre Sorhus Highest Vendor package.json author.url https://sindresorhus.com Highest Vendor package.json description Check if a string matches the name of a Node.js builtin module Highest Vendor package.json name is-builtin-module Highest Vendor package.json name is-builtin-module_project Highest Product package.json name is-builtin-module Highest Version package.json version 3.2.1 Highest
Related Dependencies is-builtin-module:3.2.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?eslint-plugin-jsdoc:48.0.4/is-builtin-module:^3.2.1 pkg:npm/is-builtin-module@3.2.1 is-callable:1.2.7Description:
Is this JS value callable? Works with Functions and GeneratorFunctions, despite ES6 @@toStringTag. License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/is-callable:1.2.7
Referenced In Projects/Scopes: simplicite-js:5.2.54/es-abstract:1.21.2 simplicite-js:5.2.54/for-each:0.3.3 simplicite-js:5.2.54/es-to-primitive:1.2.1 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author.email ljharb@gmail.com Highest Vendor package.json author.name Jordan Harband Highest Vendor package.json author.url http://ljharb.codes Highest Vendor package.json description Is this JS value callable? Works with Functions and GeneratorFunctions, despite ES6 @@toStringTag. Highest Vendor package.json name is-callable Highest Vendor package.json name is-callable_project Highest Product package.json name is-callable Highest Version package.json version 1.2.7 Highest
Related Dependencies is-callable:1.2.7File Path: /var/simplicite/simplicite-5.2/package-lock.json?es-abstract:1.21.2/is-callable:^1.2.7 pkg:npm/is-callable@1.2.7 is-callable:1.2.7File Path: /var/simplicite/simplicite-5.2/package-lock.json?es-to-primitive:1.2.1/is-callable:^1.1.4 pkg:npm/is-callable@1.2.7 is-callable:1.2.7File Path: /var/simplicite/simplicite-5.2/package-lock.json?for-each:0.3.3/is-callable:^1.1.3 pkg:npm/is-callable@1.2.7 is-ci:2.0.0Description:
Detect if the current environment is a CI server License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?update-notifier:4.1.3/is-ci:^2.0.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/npm-check:6.0.1 simplicite-js:5.2.54/update-notifier:6.0.2 simplicite-js:5.2.54/update-notifier:4.1.3 simplicite-js:5.2.54/update-notifier:5.1.0 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author Thomas Watson Steen <w@tson.dk> (https://twitter.com/wa7son) Highest Vendor package.json bugs.url https://github.com/watson/is-ci/issues Highest Vendor package.json description Detect if the current environment is a CI server Highest Vendor package.json homepage https://github.com/watson/is-ci Highest Vendor package.json name is-ci Highest Vendor package.json name is-ci_project Highest Product package.json name is-ci Highest Version package.json version 2.0.0 Highest
Related Dependencies is-ci:2.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?/is-ci:2.0.0 pkg:npm/is-ci@2.0.0 is-ci:2.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?npm-check:6.0.1/is-ci:^2.0.0 pkg:npm/is-ci@2.0.0 is-ci:2.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?update-notifier:5.1.0/is-ci:^2.0.0 pkg:npm/is-ci@2.0.0 is-ci:2.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?update-notifier:6.0.2/is-ci:^3.0.1 pkg:npm/is-ci@2.0.0 is-ci:3.0.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?/is-ci:3.0.1 pkg:npm/is-ci@3.0.1 is-core-module:2.12.1Description:
Is this specifier a node.js core module? License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?resolve:1.22.2/is-core-module:^2.11.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/normalize-package-data:3.0.3 simplicite-js:5.2.54/normalize-package-data:5.0.0 simplicite-js:5.2.54 simplicite-js:5.2.54/resolve:1.22.2 simplicite-js:5.2.54/depcheck:1.4.3 Evidence Type Source Name Value Confidence Vendor package.json author Jordan Harband <ljharb@gmail.com> Highest Vendor package.json bugs.url https://github.com/inspect-js/is-core-module/issues Highest Vendor package.json description Is this specifier a node.js core module? Highest Vendor package.json homepage https://github.com/inspect-js/is-core-module Highest Vendor package.json name is-core-module Highest Vendor package.json name is-core-module_project Highest Product package.json name is-core-module Highest Version package.json version 2.12.1 Highest
Related Dependencies is-core-module:2.12.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?/is-core-module:2.12.1 pkg:npm/is-core-module@2.12.1 is-core-module:2.12.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?depcheck:1.4.3/is-core-module:^2.4.0 pkg:npm/is-core-module@2.12.1 is-core-module:2.12.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?normalize-package-data:3.0.3/is-core-module:^2.5.0 pkg:npm/is-core-module@2.12.1 is-core-module:2.12.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?normalize-package-data:5.0.0/is-core-module:^2.8.1 pkg:npm/is-core-module@2.12.1 is-date-object:1.0.5Description:
Is this value a JS Date object? This module works cross-realm/iframe, and despite ES6 @@toStringTag. License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/is-date-object:1.0.5
Referenced In Projects/Scopes: simplicite-js:5.2.54/es-to-primitive:1.2.1 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author Jordan Harband Highest Vendor package.json description Is this value a JS Date object? This module works cross-realm/iframe, and despite ES6 @@toStringTag. Highest Vendor package.json name is-date-object Highest Vendor package.json name is-date-object_project Highest Product package.json name is-date-object Highest Version package.json version 1.0.5 Highest
Related Dependencies is-date-object:1.0.5File Path: /var/simplicite/simplicite-5.2/package-lock.json?es-to-primitive:1.2.1/is-date-object:^1.0.1 pkg:npm/is-date-object@1.0.5 is-docker:2.2.1Description:
Check if the process is running inside a Docker container License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?open:7.4.2/is-docker:^2.0.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/is-wsl:2.2.0 simplicite-js:5.2.54/open:7.4.2 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author.email sindresorhus@gmail.com Highest Vendor package.json author.name Sindre Sorhus Highest Vendor package.json author.url https://sindresorhus.com Highest Vendor package.json description Check if the process is running inside a Docker container Highest Vendor package.json name is-docker Highest Vendor package.json name is-docker_project Highest Product package.json name is-docker Highest Version package.json version 2.2.1 Highest
Related Dependencies is-docker:2.2.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?/is-docker:2.2.1 pkg:npm/is-docker@2.2.1 is-docker:2.2.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?is-wsl:2.2.0/is-docker:^2.0.0 pkg:npm/is-docker@2.2.1 is-es2016-keyword:1.0.0Description:
Determine if string is an ES2016 keyword. License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/is-es2016-keyword:1.0.0
Referenced In Projects/Scopes: simplicite-js:5.2.54 simplicite-js:5.2.54/highlight-es:1.0.3 Evidence Type Source Name Value Confidence Vendor package.json author Ivan Nikulin (ifaaan@gmail.com) Highest Vendor package.json bugs.url https://github.com/inikulin/is-es2016-keyword/issues Highest Vendor package.json description Determine if string is an ES2016 keyword. Highest Vendor package.json homepage https://github.com/inikulin/is-es2016-keyword#readme Highest Vendor package.json name is-es2016-keyword Highest Vendor package.json name is-es2016-keyword_project Highest Product package.json name is-es2016-keyword Highest Version package.json version 1.0.0 Highest
Related Dependencies is-es2016-keyword:1.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?highlight-es:1.0.3/is-es2016-keyword:^1.0.0 pkg:npm/is-es2016-keyword@1.0.0 is-extglob:2.1.1Description:
Returns true if a string has an extglob. License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?is-glob:4.0.3/is-extglob:^2.1.1
Referenced In Projects/Scopes: simplicite-js:5.2.54/is-glob:4.0.3 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author Jon Schlinkert (https://github.com/jonschlinkert) Highest Vendor package.json bugs.url https://github.com/jonschlinkert/is-extglob/issues Highest Vendor package.json description Returns true if a string has an extglob. Highest Vendor package.json homepage https://github.com/jonschlinkert/is-extglob Highest Vendor package.json name is-extglob Highest Vendor package.json name is-extglob_project Highest Product package.json name is-extglob Highest Version package.json version 2.1.1 Highest
Related Dependencies is-extglob:2.1.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?/is-extglob:2.1.1 pkg:npm/is-extglob@2.1.1 is-fullwidth-code-point:3.0.0Description:
Check if the character represented by a given Unicode code point is fullwidth License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?string-width-cjs:4.2.3/is-fullwidth-code-point:^3.0.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/slice-ansi:4.0.0 simplicite-js:5.2.54/string-width:4.2.3 simplicite-js:5.2.54/string-width-cjs:4.2.3 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author.email sindresorhus@gmail.com Highest Vendor package.json author.name Sindre Sorhus Highest Vendor package.json author.url sindresorhus.com Highest Vendor package.json description Check if the character represented by a given Unicode code point is fullwidth Highest Vendor package.json name is-fullwidth-code-point Highest Vendor package.json name is-fullwidth-code-point_project Highest Product package.json name is-fullwidth-code-point Highest Version package.json version 3.0.0 Highest
Related Dependencies is-fullwidth-code-point:3.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?/is-fullwidth-code-point:3.0.0 pkg:npm/is-fullwidth-code-point@3.0.0 is-fullwidth-code-point:3.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?slice-ansi:4.0.0/is-fullwidth-code-point:^3.0.0 pkg:npm/is-fullwidth-code-point@3.0.0 is-fullwidth-code-point:3.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?string-width:4.2.3/is-fullwidth-code-point:^3.0.0 pkg:npm/is-fullwidth-code-point@3.0.0 is-glob:4.0.3Description:
Returns `true` if the given string looks like a glob pattern or an extglob pattern. This makes it easy to create code that only uses external modules like node-glob when necessary, resulting in much faster code execution and initialization time, and a better user experience. License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/is-glob:4.0.3
Referenced In Projects/Scopes: simplicite-js:5.2.54/eslint:8.56.0 simplicite-js:5.2.54/chokidar:3.5.3 simplicite-js:5.2.54/glob-parent:5.1.2 simplicite-js:5.2.54/glob-parent:6.0.2 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author Jon Schlinkert (https://github.com/jonschlinkert) Highest Vendor package.json bugs.url https://github.com/micromatch/is-glob/issues Highest Vendor package.json description Returns `true` if the given string looks like a glob pattern or an extglob pattern. This makes it easy to create code that only uses external modules like node-glob when necessary, resulting in much faster code execution and initialization time, and a better user experience. Highest Vendor package.json homepage https://github.com/micromatch/is-glob Highest Vendor package.json name is-glob Highest Vendor package.json name is-glob_project Highest Product package.json name is-glob Highest Version package.json version 4.0.3 Highest
Related Dependencies is-glob:4.0.3File Path: /var/simplicite/simplicite-5.2/package-lock.json?chokidar:3.5.3/is-glob:~4.0.1 pkg:npm/is-glob@4.0.3 is-glob:4.0.3File Path: /var/simplicite/simplicite-5.2/package-lock.json?eslint:8.56.0/is-glob:^4.0.0 pkg:npm/is-glob@4.0.3 is-glob:4.0.3File Path: /var/simplicite/simplicite-5.2/package-lock.json?glob-parent:5.1.2/is-glob:^4.0.1 pkg:npm/is-glob@4.0.3 is-glob:4.0.3File Path: /var/simplicite/simplicite-5.2/package-lock.json?glob-parent:6.0.2/is-glob:^4.0.3 pkg:npm/is-glob@4.0.3 is-installed-globally:0.3.2Description:
Check if your package was installed globally License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?update-notifier:4.1.3/is-installed-globally:^0.3.1
Referenced In Projects/Scopes: simplicite-js:5.2.54/update-notifier:6.0.2 simplicite-js:5.2.54/update-notifier:4.1.3 simplicite-js:5.2.54/update-notifier:5.1.0 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author.email sindresorhus@gmail.com Highest Vendor package.json author.name Sindre Sorhus Highest Vendor package.json author.url sindresorhus.com Highest Vendor package.json description Check if your package was installed globally Highest Vendor package.json name is-installed-globally Highest Vendor package.json name is-installed-globally_project Highest Product package.json name is-installed-globally Highest Version package.json version 0.3.2 Highest
Related Dependencies is-installed-globally:0.3.2File Path: /var/simplicite/simplicite-5.2/package-lock.json?/is-installed-globally:0.3.2 pkg:npm/is-installed-globally@0.3.2 is-installed-globally:0.3.2File Path: /var/simplicite/simplicite-5.2/package-lock.json?update-notifier:5.1.0/is-installed-globally:^0.4.0 pkg:npm/is-installed-globally@0.3.2 is-installed-globally:0.3.2File Path: /var/simplicite/simplicite-5.2/package-lock.json?update-notifier:6.0.2/is-installed-globally:^0.4.0 pkg:npm/is-installed-globally@0.3.2 is-installed-globally:0.4.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?/is-installed-globally:0.4.0 pkg:npm/is-installed-globally@0.4.0 is-interactive:1.0.0Description:
Check if stdout or stderr is interactive License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?ora:5.4.1/is-interactive:^1.0.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/ora:5.4.1 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author.email sindresorhus@gmail.com Highest Vendor package.json author.name Sindre Sorhus Highest Vendor package.json author.url sindresorhus.com Highest Vendor package.json description Check if stdout or stderr is interactive Highest Vendor package.json name is-interactive Highest Vendor package.json name is-interactive_project Highest Product package.json name is-interactive Highest Version package.json version 1.0.0 Highest
Related Dependencies is-interactive:1.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?/is-interactive:1.0.0 pkg:npm/is-interactive@1.0.0 is-lambda:1.0.1Description:
Detect if your code is running on an AWS Lambda server License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?make-fetch-happen:11.1.1/is-lambda:^1.0.1
Referenced In Projects/Scopes: simplicite-js:5.2.54/make-fetch-happen:11.1.1 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author Thomas Watson Steen <w@tson.dk> (https://twitter.com/wa7son) Highest Vendor package.json bugs.url https://github.com/watson/is-lambda/issues Highest Vendor package.json description Detect if your code is running on an AWS Lambda server Highest Vendor package.json homepage https://github.com/watson/is-lambda Highest Vendor package.json name is-lambda Highest Vendor package.json name is-lambda_project Highest Product package.json name is-lambda Highest Version package.json version 1.0.1 Highest
Related Dependencies is-lambda:1.0.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?/is-lambda:1.0.1 pkg:npm/is-lambda@1.0.1 is-negative-zero:2.0.2Description:
Is this value negative zero? === will lie to you License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/is-negative-zero:2.0.2
Referenced In Projects/Scopes: simplicite-js:5.2.54/es-abstract:1.21.2 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author Jordan Harband <ljharb@gmail.com> Highest Vendor package.json bugs.url https://github.com/inspect-js/is-negative-zero/issues Highest Vendor package.json description Is this value negative zero? === will lie to you Highest Vendor package.json homepage https://github.com/inspect-js/is-negative-zero Highest Vendor package.json name is-negative-zero Highest Vendor package.json name is-negative-zero_project Highest Product package.json name is-negative-zero Highest Version package.json version 2.0.2 Highest
Related Dependencies is-negative-zero:2.0.2File Path: /var/simplicite/simplicite-5.2/package-lock.json?es-abstract:1.21.2/is-negative-zero:^2.0.2 pkg:npm/is-negative-zero@2.0.2 is-npm:4.0.0Description:
Check if your code is running as an npm script License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?update-notifier:4.1.3/is-npm:^4.0.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/update-notifier:6.0.2 simplicite-js:5.2.54/update-notifier:4.1.3 simplicite-js:5.2.54/update-notifier:5.1.0 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author.email sindresorhus@gmail.com Highest Vendor package.json author.name Sindre Sorhus Highest Vendor package.json author.url sindresorhus.com Highest Vendor package.json description Check if your code is running as an npm script Highest Vendor package.json name is-npm Highest Vendor package.json name is-npm_project Highest Product package.json name is-npm Highest Version package.json version 4.0.0 Highest
Related Dependencies is-npm:4.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?/is-npm:4.0.0 pkg:npm/is-npm@4.0.0 is-npm:4.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?update-notifier:5.1.0/is-npm:^5.0.0 pkg:npm/is-npm@4.0.0 is-npm:4.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?update-notifier:6.0.2/is-npm:^6.0.0 pkg:npm/is-npm@4.0.0 is-npm:5.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?/is-npm:5.0.0 pkg:npm/is-npm@5.0.0 is-npm:6.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?/is-npm:6.0.0 pkg:npm/is-npm@6.0.0 is-number-object:1.0.7Description:
Is this value a JS Number object? This module works cross-realm/iframe, and despite ES6 @@toStringTag. License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?which-boxed-primitive:1.0.2/is-number-object:^1.0.4
Referenced In Projects/Scopes: simplicite-js:5.2.54 simplicite-js:5.2.54/which-boxed-primitive:1.0.2 Evidence Type Source Name Value Confidence Vendor package.json author Jordan Harband <ljharb@gmail.com> Highest Vendor package.json bugs.url https://github.com/inspect-js/is-number-object/issues Highest Vendor package.json description Is this value a JS Number object? This module works cross-realm/iframe, and despite ES6 @@toStringTag. Highest Vendor package.json homepage https://github.com/inspect-js/is-number-object#readme Highest Vendor package.json name is-number-object Highest Vendor package.json name is-number-object_project Highest Product package.json name is-number-object Highest Version package.json version 1.0.7 Highest
Related Dependencies is-number-object:1.0.7File Path: /var/simplicite/simplicite-5.2/package-lock.json?/is-number-object:1.0.7 pkg:npm/is-number-object@1.0.7 is-number:7.0.0Description:
Returns true if a number or string value is a finite number. Useful for regex matches, parsing, user input, etc. License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?to-regex-range:5.0.1/is-number:^7.0.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/to-regex-range:5.0.1 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author Jon Schlinkert (https://github.com/jonschlinkert) Highest Vendor package.json bugs.url https://github.com/jonschlinkert/is-number/issues Highest Vendor package.json description Returns true if a number or string value is a finite number. Useful for regex matches, parsing, user input, etc. Highest Vendor package.json homepage https://github.com/jonschlinkert/is-number Highest Vendor package.json name is-number Highest Vendor package.json name is-number_project Highest Product package.json name is-number Highest Version package.json version 7.0.0 Highest
Related Dependencies is-number:7.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?/is-number:7.0.0 pkg:npm/is-number@7.0.0 is-obj:2.0.0Description:
Check if a value is an object License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?dot-prop:6.0.1/is-obj:^2.0.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/dot-prop:6.0.1 simplicite-js:5.2.54 simplicite-js:5.2.54/dot-prop:5.3.0 Evidence Type Source Name Value Confidence Vendor package.json author.email sindresorhus@gmail.com Highest Vendor package.json author.name Sindre Sorhus Highest Vendor package.json author.url sindresorhus.com Highest Vendor package.json description Check if a value is an object Highest Vendor package.json name is-obj Highest Vendor package.json name is-obj_project Highest Product package.json name is-obj Highest Version package.json version 2.0.0 Highest
Related Dependencies is-obj:2.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?/is-obj:2.0.0 pkg:npm/is-obj@2.0.0 is-obj:2.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?dot-prop:5.3.0/is-obj:^2.0.0 pkg:npm/is-obj@2.0.0 is-path-inside:3.0.3Description:
Check if a path is inside another path License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?is-installed-globally:0.4.0/is-path-inside:^3.0.2
Referenced In Projects/Scopes: simplicite-js:5.2.54/is-installed-globally:0.4.0 simplicite-js:5.2.54/eslint:8.56.0 simplicite-js:5.2.54/is-installed-globally:0.3.2 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author.email sindresorhus@gmail.com Highest Vendor package.json author.name Sindre Sorhus Highest Vendor package.json author.url sindresorhus.com Highest Vendor package.json description Check if a path is inside another path Highest Vendor package.json name is-path-inside Highest Vendor package.json name is-path-inside_project Highest Product package.json name is-path-inside Highest Version package.json version 3.0.3 Highest
Related Dependencies is-path-inside:3.0.3File Path: /var/simplicite/simplicite-5.2/package-lock.json?/is-path-inside:3.0.3 pkg:npm/is-path-inside@3.0.3 is-path-inside:3.0.3File Path: /var/simplicite/simplicite-5.2/package-lock.json?eslint:8.56.0/is-path-inside:^3.0.3 pkg:npm/is-path-inside@3.0.3 is-path-inside:3.0.3File Path: /var/simplicite/simplicite-5.2/package-lock.json?is-installed-globally:0.3.2/is-path-inside:^3.0.1 pkg:npm/is-path-inside@3.0.3 is-plain-obj:1.1.0Description:
Check if a value is a plain object License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?minimist-options:4.1.0/is-plain-obj:^1.1.0
Referenced In Projects/Scopes: simplicite-js:5.2.54 simplicite-js:5.2.54/minimist-options:4.1.0 Evidence Type Source Name Value Confidence Vendor package.json author.email sindresorhus@gmail.com Highest Vendor package.json author.name Sindre Sorhus Highest Vendor package.json author.url sindresorhus.com Highest Vendor package.json description Check if a value is a plain object Highest Vendor package.json name is-plain-obj Highest Vendor package.json name is-plain-obj_project Highest Product package.json name is-plain-obj Highest Version package.json version 1.1.0 Highest
Related Dependencies is-plain-obj:1.1.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?/is-plain-obj:1.1.0 pkg:npm/is-plain-obj@1.1.0 is-plain-object:2.0.4Description:
Returns true if an object was created by the `Object` constructor. License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/is-plain-object:2.0.4
Referenced In Projects/Scopes: simplicite-js:5.2.54 simplicite-js:5.2.54/clone-deep:4.0.1 Evidence Type Source Name Value Confidence Vendor package.json author Jon Schlinkert (https://github.com/jonschlinkert) Highest Vendor package.json bugs.url https://github.com/jonschlinkert/is-plain-object/issues Highest Vendor package.json description Returns true if an object was created by the `Object` constructor. Highest Vendor package.json homepage https://github.com/jonschlinkert/is-plain-object Highest Vendor package.json name is-plain-object Highest Vendor package.json name is-plain-object_project Highest Product package.json name is-plain-object Highest Version package.json version 2.0.4 Highest
Related Dependencies is-plain-object:2.0.4File Path: /var/simplicite/simplicite-5.2/package-lock.json?clone-deep:4.0.1/is-plain-object:^2.0.4 pkg:npm/is-plain-object@2.0.4 is-plain-object:5.0.0Description:
Returns true if an object was created by the `Object` constructor, or Object.create(null). License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/is-plain-object:5.0.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/stylelint:14.16.1 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author Jon Schlinkert (https://github.com/jonschlinkert) Highest Vendor package.json bugs.url https://github.com/jonschlinkert/is-plain-object/issues Highest Vendor package.json description Returns true if an object was created by the `Object` constructor, or Object.create(null). Highest Vendor package.json homepage https://github.com/jonschlinkert/is-plain-object Highest Vendor package.json name is-plain-object Highest Vendor package.json name is-plain-object_project Highest Product package.json name is-plain-object Highest Version package.json version 5.0.0 Highest
Related Dependencies is-plain-object:5.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?stylelint:14.16.1/is-plain-object:^5.0.0 pkg:npm/is-plain-object@5.0.0 is-regex:1.1.4Description:
Is this value a JS regex? Works cross-realm/iframe, and despite ES6 @@toStringTag License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?safe-regex-test:1.0.0/is-regex:^1.1.4
Referenced In Projects/Scopes: simplicite-js:5.2.54/es-abstract:1.21.2 simplicite-js:5.2.54 simplicite-js:5.2.54/safe-regex-test:1.0.0 Evidence Type Source Name Value Confidence Vendor package.json author Jordan Harband <ljharb@gmail.com> Highest Vendor package.json bugs.url https://github.com/inspect-js/is-regex/issues Highest Vendor package.json description Is this value a JS regex? Works cross-realm/iframe, and despite ES6 @@toStringTag Highest Vendor package.json homepage https://github.com/inspect-js/is-regex Highest Vendor package.json name is-regex Highest Vendor package.json name is-regex_project Highest Product package.json name is-regex Highest Version package.json version 1.1.4 Highest
Related Dependencies is-regex:1.1.4File Path: /var/simplicite/simplicite-5.2/package-lock.json?/is-regex:1.1.4 pkg:npm/is-regex@1.1.4 is-regex:1.1.4File Path: /var/simplicite/simplicite-5.2/package-lock.json?es-abstract:1.21.2/is-regex:^1.1.4 pkg:npm/is-regex@1.1.4 is-shared-array-buffer:1.0.2Description:
Is this value a JS SharedArrayBuffer? License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/is-shared-array-buffer:1.0.2
Referenced In Projects/Scopes: simplicite-js:5.2.54/es-abstract:1.21.2 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author.email ljharb@gmail.com Highest Vendor package.json author.name Jordan Harband Highest Vendor package.json author.url http://ljharb.codes Highest Vendor package.json bugs.url https://github.com/inspect-js/is-shared-array-buffer/issues Highest Vendor package.json description Is this value a JS SharedArrayBuffer? Highest Vendor package.json homepage https://github.com/inspect-js/is-shared-array-buffer#readme Highest Vendor package.json name is-shared-array-buffer Highest Vendor package.json name is-shared-array-buffer_project Highest Product package.json name is-shared-array-buffer Highest Version package.json version 1.0.2 Highest
Related Dependencies is-shared-array-buffer:1.0.2File Path: /var/simplicite/simplicite-5.2/package-lock.json?es-abstract:1.21.2/is-shared-array-buffer:^1.0.2 pkg:npm/is-shared-array-buffer@1.0.2 is-stream:2.0.1Description:
Check if something is a Node.js stream License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/is-stream:2.0.1
Referenced In Projects/Scopes: simplicite-js:5.2.54/execa:5.1.1 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author.email sindresorhus@gmail.com Highest Vendor package.json author.name Sindre Sorhus Highest Vendor package.json author.url https://sindresorhus.com Highest Vendor package.json description Check if something is a Node.js stream Highest Vendor package.json name is-stream Highest Vendor package.json name is-stream_project Highest Product package.json name is-stream Highest Version package.json version 2.0.1 Highest
Related Dependencies is-stream:2.0.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?execa:5.1.1/is-stream:^2.0.0 pkg:npm/is-stream@2.0.1 is-string:1.0.7Description:
Is this value a JS String object or primitive? This module works cross-realm/iframe, and despite ES6 @@toStringTag. License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?which-boxed-primitive:1.0.2/is-string:^1.0.5
Referenced In Projects/Scopes: simplicite-js:5.2.54/es-abstract:1.21.2 simplicite-js:5.2.54/array.prototype.reduce:1.0.5 simplicite-js:5.2.54 simplicite-js:5.2.54/which-boxed-primitive:1.0.2 Evidence Type Source Name Value Confidence Vendor package.json author Jordan Harband <ljharb@gmail.com> Highest Vendor package.json description Is this value a JS String object or primitive? This module works cross-realm/iframe, and despite ES6 @@toStringTag. Highest Vendor package.json name is-string Highest Vendor package.json name is-string_project Highest Product package.json name is-string Highest Version package.json version 1.0.7 Highest
Related Dependencies is-string:1.0.7File Path: /var/simplicite/simplicite-5.2/package-lock.json?/is-string:1.0.7 pkg:npm/is-string@1.0.7 is-string:1.0.7File Path: /var/simplicite/simplicite-5.2/package-lock.json?array.prototype.reduce:1.0.5/is-string:^1.0.7 pkg:npm/is-string@1.0.7 is-string:1.0.7File Path: /var/simplicite/simplicite-5.2/package-lock.json?es-abstract:1.21.2/is-string:^1.0.7 pkg:npm/is-string@1.0.7 is-symbol:1.0.4Description:
Determine if a value is an ES6 Symbol or not. License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?which-boxed-primitive:1.0.2/is-symbol:^1.0.3
Referenced In Projects/Scopes: simplicite-js:5.2.54/es-to-primitive:1.2.1 simplicite-js:5.2.54 simplicite-js:5.2.54/which-boxed-primitive:1.0.2 Evidence Type Source Name Value Confidence Vendor package.json author Jordan Harband <ljharb@gmail.com> Highest Vendor package.json bugs.url https://github.com/inspect-js/is-symbol/issues Highest Vendor package.json description Determine if a value is an ES6 Symbol or not. Highest Vendor package.json name is-symbol Highest Vendor package.json name is-symbol_project Highest Product package.json name is-symbol Highest Version package.json version 1.0.4 Highest
Related Dependencies is-symbol:1.0.4File Path: /var/simplicite/simplicite-5.2/package-lock.json?/is-symbol:1.0.4 pkg:npm/is-symbol@1.0.4 is-symbol:1.0.4File Path: /var/simplicite/simplicite-5.2/package-lock.json?es-to-primitive:1.2.1/is-symbol:^1.0.2 pkg:npm/is-symbol@1.0.4 is-typed-array:1.1.10Description:
Is this value a JS Typed Array? This module works cross-realm/iframe, does not depend on `instanceof` or mutable properties, and despite ES6 Symbol.toStringTag. License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?which-typed-array:1.1.9/is-typed-array:^1.1.10
Referenced In Projects/Scopes: simplicite-js:5.2.54/es-abstract:1.21.2 simplicite-js:5.2.54/is-array-buffer:3.0.2 simplicite-js:5.2.54/typed-array-length:1.0.4 simplicite-js:5.2.54/which-typed-array:1.1.9 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author.email ljharb@gmail.com Highest Vendor package.json author.name Jordan Harband Highest Vendor package.json author.url http://ljharb.codes Highest Vendor package.json description Is this value a JS Typed Array? This module works cross-realm/iframe, does not depend on `instanceof` or mutable properties, and despite ES6 Symbol.toStringTag. Highest Vendor package.json name is-typed-array Highest Vendor package.json name is-typed-array_project Highest Product package.json name is-typed-array Highest Version package.json version 1.1.10 Highest
Related Dependencies is-typed-array:1.1.10File Path: /var/simplicite/simplicite-5.2/package-lock.json?/is-typed-array:1.1.10 pkg:npm/is-typed-array@1.1.10 is-typed-array:1.1.10File Path: /var/simplicite/simplicite-5.2/package-lock.json?es-abstract:1.21.2/is-typed-array:^1.1.10 pkg:npm/is-typed-array@1.1.10 is-typed-array:1.1.10File Path: /var/simplicite/simplicite-5.2/package-lock.json?is-array-buffer:3.0.2/is-typed-array:^1.1.10 pkg:npm/is-typed-array@1.1.10 is-typed-array:1.1.10File Path: /var/simplicite/simplicite-5.2/package-lock.json?typed-array-length:1.0.4/is-typed-array:^1.1.9 pkg:npm/is-typed-array@1.1.10 is-typedarray:1.0.0Description:
Detect whether or not an object is a Typed Array License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?typedarray-to-buffer:3.1.5/is-typedarray:^1.0.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/typedarray-to-buffer:3.1.5 simplicite-js:5.2.54 simplicite-js:5.2.54/write-file-atomic:3.0.3 Evidence Type Source Name Value Confidence Vendor package.json author Hugh Kennedy <hughskennedy@gmail.com> (http://hughsk.io/) Highest Vendor package.json bugs.url https://github.com/hughsk/is-typedarray/issues Highest Vendor package.json description Detect whether or not an object is a Typed Array Highest Vendor package.json homepage https://github.com/hughsk/is-typedarray Highest Vendor package.json name is-typedarray Highest Vendor package.json name is-typedarray_project Highest Product package.json name is-typedarray Highest Version package.json version 1.0.0 Highest
Related Dependencies is-typedarray:1.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?/is-typedarray:1.0.0 pkg:npm/is-typedarray@1.0.0 is-typedarray:1.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?write-file-atomic:3.0.3/is-typedarray:^1.0.0 pkg:npm/is-typedarray@1.0.0 is-unicode-supported:0.1.0Description:
Detect whether the terminal supports Unicode License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?ora:5.4.1/is-unicode-supported:^0.1.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/log-symbols:4.1.0 simplicite-js:5.2.54/ora:5.4.1 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author.email sindresorhus@gmail.com Highest Vendor package.json author.name Sindre Sorhus Highest Vendor package.json author.url https://sindresorhus.com Highest Vendor package.json description Detect whether the terminal supports Unicode Highest Vendor package.json name is-unicode-supported Highest Vendor package.json name is-unicode-supported_project Highest Product package.json name is-unicode-supported Highest Version package.json version 0.1.0 Highest
Related Dependencies is-unicode-supported:0.1.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?/is-unicode-supported:0.1.0 pkg:npm/is-unicode-supported@0.1.0 is-unicode-supported:0.1.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?log-symbols:4.1.0/is-unicode-supported:^0.1.0 pkg:npm/is-unicode-supported@0.1.0 is-weakref:1.0.2Description:
Is this value a JS WeakRef? This module works cross-realm/iframe, and despite ES6 @@toStringTag. License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/is-weakref:1.0.2
Referenced In Projects/Scopes: simplicite-js:5.2.54/es-abstract:1.21.2 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author Jordan Harband <ljharb@gmail.com> Highest Vendor package.json bugs.url https://github.com/inspect-js/is-weakref/issues Highest Vendor package.json description Is this value a JS WeakRef? This module works cross-realm/iframe, and despite ES6 @@toStringTag. Highest Vendor package.json homepage https://github.com/inspect-js/is-weakref#readme Highest Vendor package.json name is-weakref Highest Vendor package.json name is-weakref_project Highest Product package.json name is-weakref Highest Version package.json version 1.0.2 Highest
Related Dependencies is-weakref:1.0.2File Path: /var/simplicite/simplicite-5.2/package-lock.json?es-abstract:1.21.2/is-weakref:^1.0.2 pkg:npm/is-weakref@1.0.2 is-wsl:2.2.0Description:
Check if the process is running inside Windows Subsystem for Linux (Bash on Windows) License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?open:7.4.2/is-wsl:^2.1.1
Referenced In Projects/Scopes: simplicite-js:5.2.54/open:7.4.2 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author.email sindresorhus@gmail.com Highest Vendor package.json author.name Sindre Sorhus Highest Vendor package.json author.url sindresorhus.com Highest Vendor package.json description Check if the process is running inside Windows Subsystem for Linux (Bash on Windows) Highest Vendor package.json name is-wsl Highest Vendor package.json name is-wsl_project Highest Product package.json name is-wsl Highest Version package.json version 2.2.0 Highest
Related Dependencies is-wsl:2.2.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?/is-wsl:2.2.0 pkg:npm/is-wsl@2.2.0 is-yarn-global:0.3.0Description:
Check if installed by yarn globally without any `fs` calls License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?update-notifier:4.1.3/is-yarn-global:^0.3.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/update-notifier:6.0.2 simplicite-js:5.2.54/update-notifier:4.1.3 simplicite-js:5.2.54/update-notifier:5.1.0 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author LitoMore (litomore@gmail.com) Highest Vendor package.json description Check if installed by yarn globally without any `fs` calls Highest Vendor package.json name is-yarn-global Highest Vendor package.json name is-yarn-global_project Highest Product package.json name is-yarn-global Highest Version package.json version 0.3.0 Highest
Related Dependencies is-yarn-global:0.3.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?/is-yarn-global:0.3.0 pkg:npm/is-yarn-global@0.3.0 is-yarn-global:0.3.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?update-notifier:5.1.0/is-yarn-global:^0.3.0 pkg:npm/is-yarn-global@0.3.0 is-yarn-global:0.3.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?update-notifier:6.0.2/is-yarn-global:^0.4.0 pkg:npm/is-yarn-global@0.3.0 is-yarn-global:0.4.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?/is-yarn-global:0.4.1 pkg:npm/is-yarn-global@0.4.1 isarray:0.0.1Description:
Array#isArray for older browsers License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?readable-stream:1.1.14/isarray:0.0.1
Referenced In Projects/Scopes: simplicite-js:5.2.54/readable-stream:2.3.8 simplicite-js:5.2.54/readable-stream:1.1.14 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author.email mail@juliangruber.com Highest Vendor package.json author.name Julian Gruber Highest Vendor package.json author.url http://juliangruber.com Highest Vendor package.json description Array#isArray for older browsers Highest Vendor package.json homepage https://github.com/juliangruber/isarray Highest Vendor package.json name isarray Highest Vendor package.json name isarray_project Highest Product package.json name isarray Highest Version package.json version 0.0.1 Highest
Related Dependencies isarray:0.0.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?/isarray:0.0.1 pkg:npm/isarray@0.0.1 isarray:0.0.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?readable-stream:2.3.8/isarray:~1.0.0 pkg:npm/isarray@0.0.1 isarray:1.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?/isarray:1.0.0 pkg:npm/isarray@1.0.0 isarray:2.0.5Description:
Array#isArray for older browsers License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/isarray:2.0.5
Referenced In Projects/Scopes: simplicite-js:5.2.54/safe-array-concat:1.0.0 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author.email mail@juliangruber.com Highest Vendor package.json author.name Julian Gruber Highest Vendor package.json author.url http://juliangruber.com Highest Vendor package.json description Array#isArray for older browsers Highest Vendor package.json homepage https://github.com/juliangruber/isarray Highest Vendor package.json name isarray Highest Vendor package.json name isarray_project Highest Product package.json name isarray Highest Version package.json version 2.0.5 Highest
Related Dependencies isarray:2.0.5File Path: /var/simplicite/simplicite-5.2/package-lock.json?safe-array-concat:1.0.0/isarray:^2.0.5 pkg:npm/isarray@2.0.5 isexe:2.0.0Description:
Minimal module to check if a file is executable. License:
ISC File Path: /var/simplicite/simplicite-5.2/package-lock.json?which:2.0.2/isexe:^2.0.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/which:1.3.1 simplicite-js:5.2.54/which:2.0.2 simplicite-js:5.2.54 simplicite-js:5.2.54/which:3.0.1 Evidence Type Source Name Value Confidence Vendor package.json author Isaac Z. Schlueter <i@izs.me> (http://blog.izs.me/) Highest Vendor package.json bugs.url https://github.com/isaacs/isexe/issues Highest Vendor package.json description Minimal module to check if a file is executable. Highest Vendor package.json homepage https://github.com/isaacs/isexe#readme Highest Vendor package.json name isexe Highest Vendor package.json name isexe_project Highest Product package.json name isexe Highest Version package.json version 2.0.0 Highest
Related Dependencies isexe:2.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?/isexe:2.0.0 pkg:npm/isexe@2.0.0 isexe:2.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?which:1.3.1/isexe:^2.0.0 pkg:npm/isexe@2.0.0 isexe:2.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?which:3.0.1/isexe:^2.0.0 pkg:npm/isexe@2.0.0 isobject:3.0.1Description:
Returns true if the value is an object and not an array or null. License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/isobject:3.0.1
Referenced In Projects/Scopes: simplicite-js:5.2.54/is-plain-object:2.0.4 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author Jon Schlinkert (https://github.com/jonschlinkert) Highest Vendor package.json bugs.url https://github.com/jonschlinkert/isobject/issues Highest Vendor package.json description Returns true if the value is an object and not an array or null. Highest Vendor package.json homepage https://github.com/jonschlinkert/isobject Highest Vendor package.json name isobject Highest Vendor package.json name isobject_project Highest Product package.json name isobject Highest Version package.json version 3.0.1 Highest
Related Dependencies isobject:3.0.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?is-plain-object:2.0.4/isobject:^3.0.1 pkg:npm/isobject@3.0.1 isoparser-1.9.41.7.jarDescription:
A generic parser and writer for all ISO 14496 based files (MP4, Quicktime, DCF, PDCF, ...)
License:
Apache Software License - Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /var/simplicite/.m2/repository/org/tallison/isoparser/1.9.41.7/isoparser-1.9.41.7.jar
MD5: 7e48578f8678f0374593a3d659b4584e
SHA1: 97c87c0ab2c435e16380e6377bbe0c819f7eb9a1
SHA256: 81adb55004ec1f126640254428e64b9bcb2dca33515b8280be974fb04edd0b53
Referenced In Project/Scope: Simplicite Platform:compile
isoparser-1.9.41.7.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.apache.tika/tika-parsers@1.27
Evidence Type Source Name Value Confidence Vendor file name isoparser High Vendor jar package name boxes Low Vendor jar package name mp4parser Low Vendor pom artifactid isoparser Highest Vendor pom artifactid isoparser Low Vendor pom developer email Sebastian.Annies@googlemail.com Low Vendor pom developer id sannies Medium Vendor pom groupid org.tallison Highest Vendor pom name ISO Parser High Vendor pom url tballison/mp4parser Highest Product file name isoparser High Product jar package name boxes Low Product pom artifactid isoparser Highest Product pom developer email Sebastian.Annies@googlemail.com Low Product pom developer id sannies Low Product pom groupid org.tallison Highest Product pom name ISO Parser High Product pom url tballison/mp4parser High Version file version 1.9.41.7 High Version pom version 1.9.41.7 Highest
istack-commons-runtime-3.0.12.jarDescription:
istack common utility code License:
http://www.eclipse.org/org/documents/edl-v10.php File Path: /var/simplicite/.m2/repository/com/sun/istack/istack-commons-runtime/3.0.12/istack-commons-runtime-3.0.12.jar
MD5: 1952bd76321f8580cfaa57e332a68287
SHA1: cbbe1a62b0cc6c85972e99d52aaee350153dc530
SHA256: 27d85fc134c9271d5c79d3300fc4669668f017e72409727c428f54f2417f04cd
Referenced In Project/Scope: Simplicite Platform:compile
istack-commons-runtime-3.0.12.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.glassfish.jaxb/jaxb-runtime@2.3.4
Evidence Type Source Name Value Confidence Vendor file name istack-commons-runtime High Vendor jar package name com Highest Vendor jar package name istack Highest Vendor jar package name sun Highest Vendor jar (hint) package name oracle Highest Vendor Manifest bundle-docurl https://www.eclipse.org Low Vendor Manifest bundle-symbolicname com.sun.istack.commons-runtime Medium Vendor Manifest implementation-build-id 3.0.12 - 7ed1368 Low Vendor Manifest Implementation-Vendor Eclipse Foundation High Vendor Manifest Implementation-Vendor-Id com.sun.istack Medium Vendor Manifest multi-release true Low Vendor pom artifactid istack-commons-runtime Highest Vendor pom artifactid istack-commons-runtime Low Vendor pom groupid com.sun.istack Highest Vendor pom name istack common utility code runtime High Vendor pom parent-artifactid istack-commons Low Product file name istack-commons-runtime High Product jar package name com Highest Product jar package name istack Highest Product jar package name sun Highest Product Manifest bundle-docurl https://www.eclipse.org Low Product Manifest Bundle-Name istack common utility code runtime Medium Product Manifest bundle-symbolicname com.sun.istack.commons-runtime Medium Product Manifest implementation-build-id 3.0.12 - 7ed1368 Low Product Manifest multi-release true Low Product pom artifactid istack-commons-runtime Highest Product pom groupid com.sun.istack Highest Product pom name istack common utility code runtime High Product pom parent-artifactid istack-commons Medium Version file version 3.0.12 High Version Manifest Bundle-Version 3.0.12 High Version Manifest implementation-build-id 3.0.12 Low Version pom version 3.0.12 Highest
istack-commons-tools-3.0.12.jarDescription:
istack common utility code License:
http://www.eclipse.org/org/documents/edl-v10.php File Path: /var/simplicite/.m2/repository/com/sun/istack/istack-commons-tools/3.0.12/istack-commons-tools-3.0.12.jar
MD5: 466851283328c997fc3c9008ba71b869
SHA1: 7213eee4e9f65972968f03c9dd4df266ce42530b
SHA256: 88369766d2f7bf7904595d295d759ef553de47f2b9fc7d0c82a42f602ed70af0
Referenced In Project/Scope: Simplicite Platform:compile
istack-commons-tools-3.0.12.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.glassfish.jaxb/jaxb-xjc@2.3.4
Evidence Type Source Name Value Confidence Vendor file name istack-commons-tools High Vendor jar package name com Highest Vendor jar package name istack Highest Vendor jar package name sun Highest Vendor jar package name tools Highest Vendor jar (hint) package name oracle Highest Vendor Manifest bundle-docurl https://www.eclipse.org Low Vendor Manifest bundle-symbolicname com.sun.istack.commons-tools Medium Vendor Manifest implementation-build-id 3.0.12 - 7ed1368 Low Vendor Manifest Implementation-Vendor Eclipse Foundation High Vendor Manifest Implementation-Vendor-Id com.sun.istack Medium Vendor Manifest multi-release true Low Vendor pom artifactid istack-commons-tools Highest Vendor pom artifactid istack-commons-tools Low Vendor pom groupid com.sun.istack Highest Vendor pom name istack common utility code tools High Vendor pom parent-artifactid istack-commons Low Product file name istack-commons-tools High Product jar package name com Highest Product jar package name istack Highest Product jar package name sun Highest Product jar package name tools Highest Product Manifest bundle-docurl https://www.eclipse.org Low Product Manifest Bundle-Name istack common utility code tools Medium Product Manifest bundle-symbolicname com.sun.istack.commons-tools Medium Product Manifest implementation-build-id 3.0.12 - 7ed1368 Low Product Manifest multi-release true Low Product pom artifactid istack-commons-tools Highest Product pom groupid com.sun.istack Highest Product pom name istack common utility code tools High Product pom parent-artifactid istack-commons Medium Version file version 3.0.12 High Version Manifest Bundle-Version 3.0.12 High Version Manifest implementation-build-id 3.0.12 Low Version pom version 3.0.12 Highest
itext-2.1.7.jarDescription:
iText, a free Java-PDF library License:
Mozilla Public License: http://www.mozilla.org/MPL/MPL-1.1.html File Path: /var/simplicite/.m2/repository/com/lowagie/itext/2.1.7/itext-2.1.7.jar
MD5: 7587a618197a065eac4a453d173d4ed6
SHA1: 892bfb3e97074a61123b3b2d7caa2db112750864
SHA256: 7d82c6b097a31cdf5a6d49a327bf582fdec7304da69308f9f6abf54aa9fd9055
Referenced In Project/Scope: Simplicite Platform:compile
itext-2.1.7.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.simplicite/simplicite@5.2.54
Evidence Type Source Name Value Confidence Vendor file name itext High Vendor jar package name lowagie Highest Vendor jar package name lowagie Low Vendor jar package name pdf Highest Vendor jar package name pdf Low Vendor jar package name text Low Vendor pom artifactid itext Highest Vendor pom artifactid itext Low Vendor pom developer email bruno@lowagie.com Low Vendor pom developer email hallm@users.sourceforge.net Low Vendor pom developer email psoares33@users.sourceforge.net Low Vendor pom developer email xlv@users.sourceforge.net Low Vendor pom developer id blowagie Medium Vendor pom developer id hallm Medium Vendor pom developer id psoares33 Medium Vendor pom developer id xlv Medium Vendor pom developer name Bruno Lowagie Medium Vendor pom developer name Mark Hall Medium Vendor pom developer name Paulo Soares Medium Vendor pom developer name Xavier Le Vourch Medium Vendor pom groupid com.lowagie Highest Vendor pom name iText, a Free Java-PDF library High Vendor pom url http://www.lowagie.com/iText/ Highest Product file name itext High Product jar package name lowagie Highest Product jar package name pdf Highest Product jar package name pdf Low Product jar package name text Low Product pom artifactid itext Highest Product pom developer email bruno@lowagie.com Low Product pom developer email hallm@users.sourceforge.net Low Product pom developer email psoares33@users.sourceforge.net Low Product pom developer email xlv@users.sourceforge.net Low Product pom developer id blowagie Low Product pom developer id hallm Low Product pom developer id psoares33 Low Product pom developer id xlv Low Product pom developer name Bruno Lowagie Low Product pom developer name Mark Hall Low Product pom developer name Paulo Soares Low Product pom developer name Xavier Le Vourch Low Product pom groupid com.lowagie Highest Product pom name iText, a Free Java-PDF library High Product pom url http://www.lowagie.com/iText/ Medium Version file version 2.1.7 High Version pom version 2.1.7 Highest
CVE-2017-9096 (OSSINDEX) suppress
The XML parsers in iText before 5.5.12 and 7.x before 7.0.3 do not disable external entities, which might allow remote attackers to conduct XML external entity (XXE) attacks via a crafted PDF. CWE-611 Improper Restriction of XML External Entity Reference
CVSSv3:
Base Score: HIGH (8.8) Vector: CVSS:/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H References:
Vulnerable Software & Versions (OSSINDEX):
cpe:2.3:a:com.lowagie:itext:2.1.7:*:*:*:*:*:*:* itext-rtf-2.1.7.jarDescription:
iText, a free Java-PDF library (rtf package) License:
Mozilla Public License: http://www.mozilla.org/MPL/MPL-1.1.html File Path: /var/simplicite/.m2/repository/com/lowagie/itext-rtf/2.1.7/itext-rtf-2.1.7.jar
MD5: f95d38da50192bc9e3876e3a987f02c1
SHA1: ed1cbe69ff69c6e6fa7645f51c8d25894a177e7b
SHA256: 49d3b9df20ccc6565c91b8b18c638ecb018fd528b6eb64991d6d8ba73975c135
Referenced In Project/Scope: Simplicite Platform:compile
itext-rtf-2.1.7.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.simplicite/simplicite@5.2.54
Evidence Type Source Name Value Confidence Vendor file name itext-rtf High Vendor jar package name lowagie Highest Vendor jar package name lowagie Low Vendor jar package name rtf Highest Vendor jar package name rtf Low Vendor jar package name text Low Vendor pom artifactid itext-rtf Highest Vendor pom artifactid itext-rtf Low Vendor pom developer email bruno@lowagie.com Low Vendor pom developer email hallm@users.sourceforge.net Low Vendor pom developer email psoares33@users.sourceforge.net Low Vendor pom developer email xlv@users.sourceforge.net Low Vendor pom developer id blowagie Medium Vendor pom developer id hallm Medium Vendor pom developer id psoares33 Medium Vendor pom developer id xlv Medium Vendor pom developer name Bruno Lowagie Medium Vendor pom developer name Mark Hall Medium Vendor pom developer name Paulo Soares Medium Vendor pom developer name Xavier Le Vourch Medium Vendor pom groupid com.lowagie Highest Vendor pom name iText, a Free Java-PDF library (rtf package) High Vendor pom url http://www.lowagie.com/iText/ Highest Product file name itext-rtf High Product jar package name lowagie Highest Product jar package name rtf Highest Product jar package name rtf Low Product jar package name text Low Product pom artifactid itext-rtf Highest Product pom developer email bruno@lowagie.com Low Product pom developer email hallm@users.sourceforge.net Low Product pom developer email psoares33@users.sourceforge.net Low Product pom developer email xlv@users.sourceforge.net Low Product pom developer id blowagie Low Product pom developer id hallm Low Product pom developer id psoares33 Low Product pom developer id xlv Low Product pom developer name Bruno Lowagie Low Product pom developer name Mark Hall Low Product pom developer name Paulo Soares Low Product pom developer name Xavier Le Vourch Low Product pom groupid com.lowagie Highest Product pom name iText, a Free Java-PDF library (rtf package) High Product pom url http://www.lowagie.com/iText/ Medium Version file version 2.1.7 High Version pom version 2.1.7 Highest
j2objc-annotations-1.3.jarDescription:
A set of annotations that provide additional information to the J2ObjC
translator to modify the result of translation.
License:
The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /var/simplicite/.m2/repository/com/google/j2objc/j2objc-annotations/1.3/j2objc-annotations-1.3.jar
MD5: 5fa4ec4ec0c5aa70af8a7d4922df1931
SHA1: ba035118bc8bac37d7eff77700720999acd9986d
SHA256: 21af30c92267bd6122c0e0b4d20cccb6641a37eaf956c6540ec471d584e64a7b
Referenced In Project/Scope: Simplicite Platform:compile
j2objc-annotations-1.3.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.google.guava/guava@30.1.1-jre
Evidence Type Source Name Value Confidence Vendor file name j2objc-annotations High Vendor jar package name annotations Highest Vendor jar package name annotations Low Vendor jar package name google Highest Vendor jar package name google Low Vendor jar package name j2objc Highest Vendor jar package name j2objc Low Vendor pom artifactid j2objc-annotations Highest Vendor pom artifactid j2objc-annotations Low Vendor pom groupid com.google.j2objc Highest Vendor pom name J2ObjC Annotations High Vendor pom url google/j2objc/ Highest Product file name j2objc-annotations High Product jar package name annotations Highest Product jar package name annotations Low Product jar package name google Highest Product jar package name j2objc Highest Product jar package name j2objc Low Product pom artifactid j2objc-annotations Highest Product pom groupid com.google.j2objc Highest Product pom name J2ObjC Annotations High Product pom url google/j2objc/ High Version file version 1.3 High Version pom version 1.3 Highest
jackcess-4.0.1.jarDescription:
A pure Java library for reading from and writing to MS Access databases. License:
http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /var/simplicite/.m2/repository/com/healthmarketscience/jackcess/jackcess/4.0.1/jackcess-4.0.1.jar
MD5: e80402af89e45e11bc79f97e70b35039
SHA1: e9953ac607c1d85647d6bc364579a871ef069441
SHA256: 8d2eecb226c6f2ece3d44a96d688e2c03656af557b585804a90713fb67fbd95e
Referenced In Project/Scope: Simplicite Platform:compile
jackcess-4.0.1.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.apache.tika/tika-parsers@1.27
Evidence Type Source Name Value Confidence Vendor file name jackcess High Vendor jar package name healthmarketscience Highest Vendor jar package name jackcess Highest Vendor Manifest automatic-module-name com.healthmarketscience.jackcess Medium Vendor Manifest bundle-docurl https://openhms.sourceforge.io/ Low Vendor Manifest bundle-symbolicname com.healthmarketscience.jackcess Medium Vendor pom artifactid jackcess Highest Vendor pom artifactid jackcess Low Vendor pom developer email jahlborn@users.sf.net Low Vendor pom developer email javajedi@users.sf.net Low Vendor pom developer id jahlborn Medium Vendor pom developer id javajedi Medium Vendor pom developer name James Ahlborn Medium Vendor pom developer name Tim McCune Medium Vendor pom groupid com.healthmarketscience.jackcess Highest Vendor pom name Jackcess High Vendor pom parent-artifactid openhms-parent Low Vendor pom parent-groupid com.healthmarketscience Medium Vendor pom url https://jackcess.sourceforge.io Highest Product file name jackcess High Product jar package name healthmarketscience Highest Product jar package name jackcess Highest Product Manifest automatic-module-name com.healthmarketscience.jackcess Medium Product Manifest bundle-docurl https://openhms.sourceforge.io/ Low Product Manifest Bundle-Name Jackcess Medium Product Manifest bundle-symbolicname com.healthmarketscience.jackcess Medium Product pom artifactid jackcess Highest Product pom developer email jahlborn@users.sf.net Low Product pom developer email javajedi@users.sf.net Low Product pom developer id jahlborn Low Product pom developer id javajedi Low Product pom developer name James Ahlborn Low Product pom developer name Tim McCune Low Product pom groupid com.healthmarketscience.jackcess Highest Product pom name Jackcess High Product pom parent-artifactid openhms-parent Medium Product pom parent-groupid com.healthmarketscience Medium Product pom url https://jackcess.sourceforge.io Medium Version file version 4.0.1 High Version Manifest Bundle-Version 4.0.1 High Version pom parent-version 4.0.1 Low Version pom version 4.0.1 Highest
jackcess-encrypt-4.0.1.jarDescription:
An add-on to the Jackcess library for handling encryption in MS Access files. License:
http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /var/simplicite/.m2/repository/com/healthmarketscience/jackcess/jackcess-encrypt/4.0.1/jackcess-encrypt-4.0.1.jar
MD5: d11b6d2ef809bbbc4f19daf3b99c5693
SHA1: 2fbb076c291767197b5b8202bfebdcd4b4a7199e
SHA256: f3ff03991dbb2b655c06632cc16de2752b4e50201fe101a2acbad63a18b8ff2f
Referenced In Project/Scope: Simplicite Platform:compile
jackcess-encrypt-4.0.1.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.apache.tika/tika-parsers@1.27
Evidence Type Source Name Value Confidence Vendor file name jackcess-encrypt High Vendor jar package name crypt Highest Vendor jar package name healthmarketscience Highest Vendor jar package name jackcess Highest Vendor Manifest automatic-module-name com.healthmarketscience.jackcess.crypt Medium Vendor Manifest bundle-docurl https://openhms.sourceforge.io/ Low Vendor Manifest bundle-symbolicname com.healthmarketscience.jackcess.encrypt Medium Vendor pom artifactid jackcess-encrypt Highest Vendor pom artifactid jackcess-encrypt Low Vendor pom developer email jahlborn@users.sf.net Low Vendor pom developer id jahlborn Medium Vendor pom developer name James Ahlborn Medium Vendor pom groupid com.healthmarketscience.jackcess Highest Vendor pom name Jackcess Encrypt High Vendor pom parent-artifactid openhms-parent Low Vendor pom parent-groupid com.healthmarketscience Medium Vendor pom url http://jackcessencrypt.sf.net Highest Product file name jackcess-encrypt High Product jar package name crypt Highest Product jar package name healthmarketscience Highest Product jar package name jackcess Highest Product Manifest automatic-module-name com.healthmarketscience.jackcess.crypt Medium Product Manifest bundle-docurl https://openhms.sourceforge.io/ Low Product Manifest Bundle-Name Jackcess Encrypt Medium Product Manifest bundle-symbolicname com.healthmarketscience.jackcess.encrypt Medium Product pom artifactid jackcess-encrypt Highest Product pom developer email jahlborn@users.sf.net Low Product pom developer id jahlborn Low Product pom developer name James Ahlborn Low Product pom groupid com.healthmarketscience.jackcess Highest Product pom name Jackcess Encrypt High Product pom parent-artifactid openhms-parent Medium Product pom parent-groupid com.healthmarketscience Medium Product pom url http://jackcessencrypt.sf.net Medium Version file version 4.0.1 High Version Manifest Bundle-Version 4.0.1 High Version pom parent-version 4.0.1 Low Version pom version 4.0.1 Highest
jackson-core-2.12.4.jarDescription:
Core Jackson processing abstractions (aka Streaming API), implementation for JSON License:
The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /var/simplicite/.m2/repository/com/fasterxml/jackson/core/jackson-core/2.12.4/jackson-core-2.12.4.jar
MD5: 58ffcb451f0bf6beb78e306cfe5d46f3
SHA1: 006a1bd259b6c4e3f9219ec8ec0be55ed11eed0c
SHA256: 3506ce47ec2604ae2d80d79505f7cb374f718060639415c07d144adadd2d68a3
Referenced In Project/Scope: Simplicite Platform:compile
jackson-core-2.12.4.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.simplicite/simplicite@5.2.54
Evidence Type Source Name Value Confidence Vendor file name jackson-core High Vendor jar package name base Highest Vendor jar package name core Highest Vendor jar package name fasterxml Highest Vendor jar package name jackson Highest Vendor jar package name json Highest Vendor Manifest build-jdk-spec 1.8 Low Vendor Manifest bundle-docurl https://github.com/FasterXML/jackson-core Low Vendor Manifest bundle-symbolicname com.fasterxml.jackson.core.jackson-core Medium Vendor Manifest implementation-build-date 2021-07-06 19:51:10+0000 Low Vendor Manifest Implementation-Vendor FasterXML High Vendor Manifest Implementation-Vendor-Id com.fasterxml.jackson.core Medium Vendor Manifest specification-vendor FasterXML Low Vendor pom artifactid jackson-core Highest Vendor pom artifactid jackson-core Low Vendor pom groupid com.fasterxml.jackson.core Highest Vendor pom name Jackson-core High Vendor pom parent-artifactid jackson-base Low Vendor pom parent-groupid com.fasterxml.jackson Medium Vendor pom url FasterXML/jackson-core Highest Product file name jackson-core High Product hint analyzer product java8 Highest Product hint analyzer product modules Highest Product jar package name base Highest Product jar package name core Highest Product jar package name fasterxml Highest Product jar package name jackson Highest Product jar package name json Highest Product Manifest build-jdk-spec 1.8 Low Product Manifest bundle-docurl https://github.com/FasterXML/jackson-core Low Product Manifest Bundle-Name Jackson-core Medium Product Manifest bundle-symbolicname com.fasterxml.jackson.core.jackson-core Medium Product Manifest implementation-build-date 2021-07-06 19:51:10+0000 Low Product Manifest Implementation-Title Jackson-core High Product Manifest specification-title Jackson-core Medium Product pom artifactid jackson-core Highest Product pom groupid com.fasterxml.jackson.core Highest Product pom name Jackson-core High Product pom parent-artifactid jackson-base Medium Product pom parent-groupid com.fasterxml.jackson Medium Product pom url FasterXML/jackson-core High Version file version 2.12.4 High Version Manifest Bundle-Version 2.12.4 High Version Manifest Implementation-Version 2.12.4 High Version pom version 2.12.4 Highest
Related Dependencies jackson-annotations-2.12.4.jarFile Path: /var/simplicite/.m2/repository/com/fasterxml/jackson/core/jackson-annotations/2.12.4/jackson-annotations-2.12.4.jar MD5: 16c7a1094270a27013fd58df7f6800f7 SHA1: 752cf9a2562ac2c012e48057e3a4c17dad66c66e SHA256: f6aa3706a875689b66cdac3334f65dfdb795ccfad4117bf072893b196ed1ec8e pkg:maven/com.fasterxml.jackson.core/jackson-annotations@2.12.4 jackson-datatype-jsr310-2.12.4.jarFile Path: /var/simplicite/.m2/repository/com/fasterxml/jackson/datatype/jackson-datatype-jsr310/2.12.4/jackson-datatype-jsr310-2.12.4.jar MD5: 0ab0ba0ba9299d74c36a7c60c26f6b99 SHA1: b1174c05d4ded121a7eaeed3f148709f9585b981 SHA256: af5a384d020e43f91f56d083f170d67aaf5aead71fa8fa1ad80a425b13ba13e4 pkg:maven/com.fasterxml.jackson.datatype/jackson-datatype-jsr310@2.12.4 jackson-core-asl-1.9.13.jarDescription:
Jackson is a high-performance JSON processor (parser, generator)
License:
The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /var/simplicite/.m2/repository/org/codehaus/jackson/jackson-core-asl/1.9.13/jackson-core-asl-1.9.13.jar
MD5: 319c49a4304e3fa9fe3cd8dcfc009d37
SHA1: 3c304d70f42f832e0a86d45bd437f692129299a4
SHA256: 440a9cb5ca95b215f953d3a20a6b1a10da1f09b529a9ddea5f8a4905ddab4f5a
Referenced In Project/Scope: Simplicite Platform:compile
jackson-core-asl-1.9.13.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.google.http-client/google-http-client-jackson@1.29.2
Evidence Type Source Name Value Confidence Vendor file name jackson-core-asl High Vendor jar package name codehaus Highest Vendor jar package name jackson Highest Vendor Manifest bundle-requiredexecutionenvironment J2SE-1.5, JavaSE-1.6 Low Vendor Manifest bundle-symbolicname jackson-core-asl Medium Vendor Manifest Implementation-Vendor http://fasterxml.com High Vendor Manifest specification-vendor http://www.ietf.org/rfc/rfc4627.txt Low Vendor pom artifactid jackson-core-asl Highest Vendor pom artifactid jackson-core-asl Low Vendor pom developer email tatu@fasterxml.com Low Vendor pom developer id cowtowncoder Medium Vendor pom developer name Tatu Saloranta Medium Vendor pom groupid org.codehaus.jackson Highest Vendor pom name Jackson High Vendor pom organization name FasterXML High Vendor pom organization url http://fasterxml.com Medium Vendor pom url http://jackson.codehaus.org Highest Product file name jackson-core-asl High Product jar package name codehaus Highest Product jar package name jackson Highest Product Manifest Bundle-Name Jackson JSON processor Medium Product Manifest bundle-requiredexecutionenvironment J2SE-1.5, JavaSE-1.6 Low Product Manifest bundle-symbolicname jackson-core-asl Medium Product Manifest Implementation-Title Jackson JSON processor High Product Manifest specification-title JSON - JavaScript Object Notation Medium Product pom artifactid jackson-core-asl Highest Product pom developer email tatu@fasterxml.com Low Product pom developer id cowtowncoder Low Product pom developer name Tatu Saloranta Low Product pom groupid org.codehaus.jackson Highest Product pom name Jackson High Product pom organization name FasterXML Low Product pom organization url http://fasterxml.com Low Product pom url http://jackson.codehaus.org Medium Version file version 1.9.13 High Version Manifest Bundle-Version 1.9.13 High Version Manifest Implementation-Version 1.9.13 High Version pom version 1.9.13 Highest
jackson-databind-2.12.4.jarDescription:
General data-binding functionality for Jackson: works on core streaming API License:
The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /var/simplicite/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.12.4/jackson-databind-2.12.4.jar
MD5: 7bf7ed4119602e8a7b23356dc0fba920
SHA1: 069206e02e6a696034f06a59d3ddbfbba5a4cd81
SHA256: e99a7b4b89074bc689aabcd9eb1f2c1318b68cc5c34979daf3e34edc558c7a01
Referenced In Project/Scope: Simplicite Platform:compile
jackson-databind-2.12.4.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.simplicite/simplicite@5.2.54
Evidence Type Source Name Value Confidence Vendor file name jackson-databind High Vendor jar package name databind Highest Vendor jar package name fasterxml Highest Vendor jar package name jackson Highest Vendor Manifest build-jdk-spec 1.8 Low Vendor Manifest bundle-docurl http://github.com/FasterXML/jackson Low Vendor Manifest bundle-symbolicname com.fasterxml.jackson.core.jackson-databind Medium Vendor Manifest implementation-build-date 2021-07-06 20:01:53+0000 Low Vendor Manifest Implementation-Vendor FasterXML High Vendor Manifest Implementation-Vendor-Id com.fasterxml.jackson.core Medium Vendor Manifest specification-vendor FasterXML Low Vendor pom artifactid jackson-databind Highest Vendor pom artifactid jackson-databind Low Vendor pom groupid com.fasterxml.jackson.core Highest Vendor pom name jackson-databind High Vendor pom parent-artifactid jackson-base Low Vendor pom parent-groupid com.fasterxml.jackson Medium Vendor pom url http://github.com/FasterXML/jackson Highest Product file name jackson-databind High Product hint analyzer product java8 Highest Product hint analyzer product modules Highest Product jar package name databind Highest Product jar package name fasterxml Highest Product jar package name jackson Highest Product Manifest build-jdk-spec 1.8 Low Product Manifest bundle-docurl http://github.com/FasterXML/jackson Low Product Manifest Bundle-Name jackson-databind Medium Product Manifest bundle-symbolicname com.fasterxml.jackson.core.jackson-databind Medium Product Manifest implementation-build-date 2021-07-06 20:01:53+0000 Low Product Manifest Implementation-Title jackson-databind High Product Manifest specification-title jackson-databind Medium Product pom artifactid jackson-databind Highest Product pom groupid com.fasterxml.jackson.core Highest Product pom name jackson-databind High Product pom parent-artifactid jackson-base Medium Product pom parent-groupid com.fasterxml.jackson Medium Product pom url http://github.com/FasterXML/jackson Medium Version file version 2.12.4 High Version Manifest Bundle-Version 2.12.4 High Version Manifest Implementation-Version 2.12.4 High Version pom version 2.12.4 Highest
CVE-2020-36518 suppress
jackson-databind before 2.13.0 allows a Java StackOverflow exception and denial of service via a large depth of nested objects. CWE-787 Out-of-bounds Write
CVSSv2:
Base Score: MEDIUM (5.0) Vector: /AV:N/AC:L/Au:N/C:N/I:N/A:P CVSSv3:
Base Score: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H References:
Vulnerable Software & Versions: (show all )
CVE-2021-46877 suppress
jackson-databind 2.10.x through 2.12.x before 2.12.6 and 2.13.x before 2.13.1 allows attackers to cause a denial of service (2 GB transient heap usage per read) in uncommon situations involving JsonNode JDK serialization. CWE-770 Allocation of Resources Without Limits or Throttling
CVSSv3:
Base Score: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H References:
Vulnerable Software & Versions: (show all )
CVE-2022-42003 suppress
In FasterXML jackson-databind before versions 2.13.4.1 and 2.12.17.1, resource exhaustion can occur because of a lack of a check in primitive value deserializers to avoid deep wrapper array nesting, when the UNWRAP_SINGLE_VALUE_ARRAYS feature is enabled. CWE-502 Deserialization of Untrusted Data
CVSSv3:
Base Score: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H References:
Vulnerable Software & Versions: (show all )
CVE-2022-42004 suppress
In FasterXML jackson-databind before 2.13.4, resource exhaustion can occur because of a lack of a check in BeanDeserializer._deserializeFromArray to prevent use of deeply nested arrays. An application is vulnerable only with certain customized choices for deserialization. CWE-502 Deserialization of Untrusted Data
CVSSv3:
Base Score: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H References:
Vulnerable Software & Versions: (show all )
CVE-2023-35116 suppress
jackson-databind through 2.15.2 allows attackers to cause a denial of service or other unspecified impact via a crafted object that uses cyclic dependencies. NOTE: the vendor's perspective is that this is not a valid vulnerability report, because the steps of constructing a cyclic data structure and trying to serialize it cannot be achieved by an external attacker. CWE-770 Allocation of Resources Without Limits or Throttling
CVSSv3:
Base Score: MEDIUM (4.7) Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H References:
Vulnerable Software & Versions:
jackson-dataformat-csv-2.12.4.jarDescription:
Support for reading and writing CSV-encoded data via Jackson
abstractions.
License:
http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /var/simplicite/.m2/repository/com/fasterxml/jackson/dataformat/jackson-dataformat-csv/2.12.4/jackson-dataformat-csv-2.12.4.jar
MD5: 9ffd8d59e1aaa71413c539f2447fbee0
SHA1: 3c224197f67564b62148245a0ff6f36c8e6c878c
SHA256: e1205a19931b8e170d3eff96a2bca3b44d800b4e43538bc2d81dcdc1d4646ffd
Referenced In Project/Scope: Simplicite Platform:compile
jackson-dataformat-csv-2.12.4.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.simplicite/simplicite@5.2.54
Evidence Type Source Name Value Confidence Vendor file name jackson-dataformat-csv High Vendor jar package name csv Highest Vendor jar package name dataformat Highest Vendor jar package name fasterxml Highest Vendor jar package name jackson Highest Vendor Manifest build-jdk-spec 1.8 Low Vendor Manifest bundle-docurl https://github.com/FasterXML/jackson-dataformats-text Low Vendor Manifest bundle-symbolicname com.fasterxml.jackson.dataformat.jackson-dataformat-csv Medium Vendor Manifest implementation-build-date 2021-07-06 20:58:03+0000 Low Vendor Manifest Implementation-Vendor FasterXML High Vendor Manifest Implementation-Vendor-Id com.fasterxml.jackson.dataformat Medium Vendor Manifest specification-vendor FasterXML Low Vendor pom artifactid jackson-dataformat-csv Highest Vendor pom artifactid jackson-dataformat-csv Low Vendor pom groupid com.fasterxml.jackson.dataformat Highest Vendor pom name Jackson-dataformat-CSV High Vendor pom parent-artifactid jackson-dataformats-text Low Vendor pom url FasterXML/jackson-dataformats-text Highest Product file name jackson-dataformat-csv High Product jar package name csv Highest Product jar package name dataformat Highest Product jar package name fasterxml Highest Product jar package name jackson Highest Product Manifest build-jdk-spec 1.8 Low Product Manifest bundle-docurl https://github.com/FasterXML/jackson-dataformats-text Low Product Manifest Bundle-Name Jackson-dataformat-CSV Medium Product Manifest bundle-symbolicname com.fasterxml.jackson.dataformat.jackson-dataformat-csv Medium Product Manifest implementation-build-date 2021-07-06 20:58:03+0000 Low Product Manifest Implementation-Title Jackson-dataformat-CSV High Product Manifest specification-title Jackson-dataformat-CSV Medium Product pom artifactid jackson-dataformat-csv Highest Product pom groupid com.fasterxml.jackson.dataformat Highest Product pom name Jackson-dataformat-CSV High Product pom parent-artifactid jackson-dataformats-text Medium Product pom url FasterXML/jackson-dataformats-text High Version file version 2.12.4 High Version Manifest Bundle-Version 2.12.4 High Version Manifest Implementation-Version 2.12.4 High Version pom version 2.12.4 Highest
Related Dependencies jackson-dataformat-xml-2.12.4.jarFile Path: /var/simplicite/.m2/repository/com/fasterxml/jackson/dataformat/jackson-dataformat-xml/2.12.4/jackson-dataformat-xml-2.12.4.jar MD5: d2b673a50c00821e79b44b870d5f1e00 SHA1: 015c743856696c0239f2c51d8d19d9f97f034713 SHA256: 4f9e98e3aaab049cfd67c410881031ccea2c2c289e8656499bc55187c80e5503 pkg:maven/com.fasterxml.jackson.dataformat/jackson-dataformat-xml@2.12.4 jackson-dataformat-yaml-2.12.4.jarFile Path: /var/simplicite/.m2/repository/com/fasterxml/jackson/dataformat/jackson-dataformat-yaml/2.12.4/jackson-dataformat-yaml-2.12.4.jar MD5: a7b91326d1e64d1e0feb8f7515e19fde SHA1: 2a3cecd4c46a51ebf3bf92ccf229a07f7ef09d86 SHA256: f8242d513c8f942c723dd6d453aa3bebef669fa6383ca1082033efaf915b4dd4 pkg:maven/com.fasterxml.jackson.dataformat/jackson-dataformat-yaml@2.12.4 jackson-datatype-guava-2.12.4.jarDescription:
Add-on datatype-support module for Jackson (https://github.com/FasterXML/jackson) that handles
Guava (http://code.google.com/p/guava-libraries/) types (currently mostly just collection ones)
License:
http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /var/simplicite/.m2/repository/com/fasterxml/jackson/datatype/jackson-datatype-guava/2.12.4/jackson-datatype-guava-2.12.4.jar
MD5: f3d25b735082c72426f760163260fdf7
SHA1: 40ef5fb094f8c0c2ff1c21ce496bfce94d159a52
SHA256: 6b6b3ebadc433463e4c202222ddabb3991d166eb8d0f81d008f061f11506b0f5
Referenced In Project/Scope: Simplicite Platform:compile
jackson-datatype-guava-2.12.4.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.simplicite/simplicite@5.2.54
Evidence Type Source Name Value Confidence Vendor file name jackson-datatype-guava High Vendor jar package name datatype Highest Vendor jar package name fasterxml Highest Vendor jar package name guava Highest Vendor jar package name jackson Highest Vendor Manifest build-jdk-spec 1.8 Low Vendor Manifest bundle-docurl https://github.com/FasterXML/jackson-datatypes-collections Low Vendor Manifest bundle-symbolicname com.fasterxml.jackson.datatype.jackson-datatype-guava Medium Vendor Manifest implementation-build-date 2021-07-06 21:09:33+0000 Low Vendor Manifest Implementation-Vendor FasterXML High Vendor Manifest Implementation-Vendor-Id com.fasterxml.jackson.datatype Medium Vendor Manifest specification-vendor FasterXML Low Vendor pom artifactid jackson-datatype-guava Highest Vendor pom artifactid jackson-datatype-guava Low Vendor pom groupid com.fasterxml.jackson.datatype Highest Vendor pom name Jackson datatype: Guava High Vendor pom parent-artifactid jackson-datatypes-collections Low Vendor pom url FasterXML/jackson-datatypes-collections Highest Product file name jackson-datatype-guava High Product jar package name datatype Highest Product jar package name fasterxml Highest Product jar package name guava Highest Product jar package name jackson Highest Product Manifest build-jdk-spec 1.8 Low Product Manifest bundle-docurl https://github.com/FasterXML/jackson-datatypes-collections Low Product Manifest Bundle-Name Jackson datatype: Guava Medium Product Manifest bundle-symbolicname com.fasterxml.jackson.datatype.jackson-datatype-guava Medium Product Manifest implementation-build-date 2021-07-06 21:09:33+0000 Low Product Manifest Implementation-Title Jackson datatype: Guava High Product Manifest specification-title Jackson datatype: Guava Medium Product pom artifactid jackson-datatype-guava Highest Product pom groupid com.fasterxml.jackson.datatype Highest Product pom name Jackson datatype: Guava High Product pom parent-artifactid jackson-datatypes-collections Medium Product pom url FasterXML/jackson-datatypes-collections High Version file version 2.12.4 High Version Manifest Bundle-Version 2.12.4 High Version Manifest Implementation-Version 2.12.4 High Version pom version 2.12.4 Highest
jackson-datatype-joda-2.12.4.jarDescription:
Add-on module for Jackson (http://github.com/FasterXML/jackson) to support Joda (https://www.joda.org/joda-time/) data types.
License:
http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /var/simplicite/.m2/repository/com/fasterxml/jackson/datatype/jackson-datatype-joda/2.12.4/jackson-datatype-joda-2.12.4.jar
MD5: e26dff4f5c5d1b2900884909a5dfa2bf
SHA1: dcd7bb5f1158914903fae6c61bf0f9a44df480e1
SHA256: 0de93d725472df2027c3e869301a3035892e607d94423c589c96964305d51051
Referenced In Project/Scope: Simplicite Platform:compile
jackson-datatype-joda-2.12.4.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.simplicite/simplicite@5.2.54
Evidence Type Source Name Value Confidence Vendor file name jackson-datatype-joda High Vendor jar package name datatype Highest Vendor jar package name fasterxml Highest Vendor jar package name jackson Highest Vendor jar package name joda Highest Vendor Manifest build-jdk-spec 1.8 Low Vendor Manifest bundle-docurl https://github.com/FasterXML/jackson-datatype-joda Low Vendor Manifest bundle-symbolicname com.fasterxml.jackson.datatype.jackson-datatype-joda Medium Vendor Manifest implementation-build-date 2021-07-06 21:04:41+0000 Low Vendor Manifest Implementation-Vendor FasterXML High Vendor Manifest Implementation-Vendor-Id com.fasterxml.jackson.datatype Medium Vendor Manifest specification-vendor FasterXML Low Vendor pom artifactid jackson-datatype-joda Highest Vendor pom artifactid jackson-datatype-joda Low Vendor pom groupid com.fasterxml.jackson.datatype Highest Vendor pom name Jackson datatype: Joda High Vendor pom parent-artifactid jackson-base Low Vendor pom parent-groupid com.fasterxml.jackson Medium Vendor pom url FasterXML/jackson-datatype-joda Highest Product file name jackson-datatype-joda High Product jar package name datatype Highest Product jar package name fasterxml Highest Product jar package name jackson Highest Product jar package name joda Highest Product Manifest build-jdk-spec 1.8 Low Product Manifest bundle-docurl https://github.com/FasterXML/jackson-datatype-joda Low Product Manifest Bundle-Name Jackson datatype: Joda Medium Product Manifest bundle-symbolicname com.fasterxml.jackson.datatype.jackson-datatype-joda Medium Product Manifest implementation-build-date 2021-07-06 21:04:41+0000 Low Product Manifest Implementation-Title Jackson datatype: Joda High Product Manifest specification-title Jackson datatype: Joda Medium Product pom artifactid jackson-datatype-joda Highest Product pom groupid com.fasterxml.jackson.datatype Highest Product pom name Jackson datatype: Joda High Product pom parent-artifactid jackson-base Medium Product pom parent-groupid com.fasterxml.jackson Medium Product pom url FasterXML/jackson-datatype-joda High Version file version 2.12.4 High Version Manifest Bundle-Version 2.12.4 High Version Manifest Implementation-Version 2.12.4 High Version pom version 2.12.4 Highest
jackson-jaxrs-base-2.12.4.jarDescription:
Pile of code that is shared by all Jackson-based JAX-RS
providers.
License:
http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /var/simplicite/.m2/repository/com/fasterxml/jackson/jaxrs/jackson-jaxrs-base/2.12.4/jackson-jaxrs-base-2.12.4.jar
MD5: 0a61dd890055bbdd1659010a553b37aa
SHA1: f5ee76196227cbd92452fabfa85d8c76f1f65467
SHA256: 4dad3e5798b8c4d063363a8c30cedb1cc36bcd6fdbe5a91c75d6e37b88e813d5
Referenced In Project/Scope: Simplicite Platform:compile
jackson-jaxrs-base-2.12.4.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.simplicite/simplicite@5.2.54
Evidence Type Source Name Value Confidence Vendor file name jackson-jaxrs-base High Vendor jar package name base Highest Vendor jar package name fasterxml Highest Vendor jar package name jackson Highest Vendor jar package name jaxrs Highest Vendor Manifest build-jdk-spec 1.8 Low Vendor Manifest bundle-docurl http://github.com/FasterXML/jackson-jaxrs-providers/jackson-jaxrs-base Low Vendor Manifest bundle-symbolicname com.fasterxml.jackson.jaxrs.jackson-jaxrs-base Medium Vendor Manifest implementation-build-date 2021-07-06 21:19:48+0000 Low Vendor Manifest Implementation-Vendor FasterXML High Vendor Manifest Implementation-Vendor-Id com.fasterxml.jackson.jaxrs Medium Vendor Manifest multi-release true Low Vendor Manifest specification-vendor FasterXML Low Vendor pom artifactid jackson-jaxrs-base Highest Vendor pom artifactid jackson-jaxrs-base Low Vendor pom groupid com.fasterxml.jackson.jaxrs Highest Vendor pom name Jackson-JAXRS-base High Vendor pom parent-artifactid jackson-jaxrs-providers Low Product file name jackson-jaxrs-base High Product jar package name base Highest Product jar package name fasterxml Highest Product jar package name jackson Highest Product jar package name jaxrs Highest Product Manifest build-jdk-spec 1.8 Low Product Manifest bundle-docurl http://github.com/FasterXML/jackson-jaxrs-providers/jackson-jaxrs-base Low Product Manifest Bundle-Name Jackson-JAXRS-base Medium Product Manifest bundle-symbolicname com.fasterxml.jackson.jaxrs.jackson-jaxrs-base Medium Product Manifest implementation-build-date 2021-07-06 21:19:48+0000 Low Product Manifest Implementation-Title Jackson-JAXRS-base High Product Manifest multi-release true Low Product Manifest specification-title Jackson-JAXRS-base Medium Product pom artifactid jackson-jaxrs-base Highest Product pom groupid com.fasterxml.jackson.jaxrs Highest Product pom name Jackson-JAXRS-base High Product pom parent-artifactid jackson-jaxrs-providers Medium Version file version 2.12.4 High Version Manifest Bundle-Version 2.12.4 High Version Manifest Implementation-Version 2.12.4 High Version pom version 2.12.4 Highest
jackson-jaxrs-json-provider-2.12.4.jarDescription:
Functionality to handle JSON input/output for JAX-RS implementations (like Jersey and RESTeasy) using standard Jackson data binding.
License:
http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /var/simplicite/.m2/repository/com/fasterxml/jackson/jaxrs/jackson-jaxrs-json-provider/2.12.4/jackson-jaxrs-json-provider-2.12.4.jar
MD5: 7238aeaf1cd9b480dd6b6050902d3578
SHA1: f29fbd66937fcc8dc6485c64697b1283a37cbda7
SHA256: 0dc4ddb9033d3f3e7bfebdb95a11d6ee9b8a85605fd8e8491994eae67a65025c
Referenced In Project/Scope: Simplicite Platform:compile
jackson-jaxrs-json-provider-2.12.4.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.simplicite/simplicite@5.2.54
Evidence Type Source Name Value Confidence Vendor file name jackson-jaxrs-json-provider High Vendor jar package name fasterxml Highest Vendor jar package name jackson Highest Vendor jar package name jaxrs Highest Vendor jar package name json Highest Vendor Manifest build-jdk-spec 1.8 Low Vendor Manifest bundle-docurl http://github.com/FasterXML/jackson-jaxrs-providers/jackson-jaxrs-json-provider Low Vendor Manifest bundle-symbolicname com.fasterxml.jackson.jaxrs.jackson-jaxrs-json-provider Medium Vendor Manifest implementation-build-date 2021-07-06 21:19:48+0000 Low Vendor Manifest Implementation-Vendor FasterXML High Vendor Manifest Implementation-Vendor-Id com.fasterxml.jackson.jaxrs Medium Vendor Manifest multi-release true Low Vendor Manifest specification-vendor FasterXML Low Vendor pom artifactid jackson-jaxrs-json-provider Highest Vendor pom artifactid jackson-jaxrs-json-provider Low Vendor pom groupid com.fasterxml.jackson.jaxrs Highest Vendor pom name Jackson-JAXRS-JSON High Vendor pom parent-artifactid jackson-jaxrs-providers Low Product file name jackson-jaxrs-json-provider High Product jar package name fasterxml Highest Product jar package name jackson Highest Product jar package name jaxrs Highest Product jar package name json Highest Product Manifest build-jdk-spec 1.8 Low Product Manifest bundle-docurl http://github.com/FasterXML/jackson-jaxrs-providers/jackson-jaxrs-json-provider Low Product Manifest Bundle-Name Jackson-JAXRS-JSON Medium Product Manifest bundle-symbolicname com.fasterxml.jackson.jaxrs.jackson-jaxrs-json-provider Medium Product Manifest implementation-build-date 2021-07-06 21:19:48+0000 Low Product Manifest Implementation-Title Jackson-JAXRS-JSON High Product Manifest multi-release true Low Product Manifest specification-title Jackson-JAXRS-JSON Medium Product pom artifactid jackson-jaxrs-json-provider Highest Product pom groupid com.fasterxml.jackson.jaxrs Highest Product pom name Jackson-JAXRS-JSON High Product pom parent-artifactid jackson-jaxrs-providers Medium Version file version 2.12.4 High Version Manifest Bundle-Version 2.12.4 High Version Manifest Implementation-Version 2.12.4 High Version pom version 2.12.4 Highest
jackson-jaxrs-xml-provider-2.12.4.jarDescription:
Functionality to handle XML input/output for JAX-RS implementations (like Jersey and RESTeasy) using standard Jackson data binding.
License:
http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /var/simplicite/.m2/repository/com/fasterxml/jackson/jaxrs/jackson-jaxrs-xml-provider/2.12.4/jackson-jaxrs-xml-provider-2.12.4.jar
MD5: 8c2d3701d13137577dbbeedd16f54f91
SHA1: 33756ed83d16003cfc13431ecf576ccb1cc9185b
SHA256: a7f0a5305126cd4f36dc8ed7f4f2418ba1150f23c192f2d1950f8e50448e08ce
Referenced In Project/Scope: Simplicite Platform:compile
jackson-jaxrs-xml-provider-2.12.4.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.simplicite/simplicite@5.2.54
Evidence Type Source Name Value Confidence Vendor file name jackson-jaxrs-xml-provider High Vendor jar package name fasterxml Highest Vendor jar package name jackson Highest Vendor jar package name jaxrs Highest Vendor jar package name xml Highest Vendor Manifest build-jdk-spec 1.8 Low Vendor Manifest bundle-docurl http://github.com/FasterXML/jackson-jaxrs-providers/jackson-jaxrs-xml-provider Low Vendor Manifest bundle-symbolicname com.fasterxml.jackson.jaxrs.jackson-jaxrs-xml-provider Medium Vendor Manifest implementation-build-date 2021-07-06 21:19:48+0000 Low Vendor Manifest Implementation-Vendor FasterXML High Vendor Manifest Implementation-Vendor-Id com.fasterxml.jackson.jaxrs Medium Vendor Manifest multi-release true Low Vendor Manifest specification-vendor FasterXML Low Vendor pom artifactid jackson-jaxrs-xml-provider Highest Vendor pom artifactid jackson-jaxrs-xml-provider Low Vendor pom groupid com.fasterxml.jackson.jaxrs Highest Vendor pom name Jackson-JAXRS-XML High Vendor pom parent-artifactid jackson-jaxrs-providers Low Product file name jackson-jaxrs-xml-provider High Product jar package name fasterxml Highest Product jar package name jackson Highest Product jar package name jaxrs Highest Product jar package name xml Highest Product Manifest build-jdk-spec 1.8 Low Product Manifest bundle-docurl http://github.com/FasterXML/jackson-jaxrs-providers/jackson-jaxrs-xml-provider Low Product Manifest Bundle-Name Jackson-JAXRS-XML Medium Product Manifest bundle-symbolicname com.fasterxml.jackson.jaxrs.jackson-jaxrs-xml-provider Medium Product Manifest implementation-build-date 2021-07-06 21:19:48+0000 Low Product Manifest Implementation-Title Jackson-JAXRS-XML High Product Manifest multi-release true Low Product Manifest specification-title Jackson-JAXRS-XML Medium Product pom artifactid jackson-jaxrs-xml-provider Highest Product pom groupid com.fasterxml.jackson.jaxrs Highest Product pom name Jackson-JAXRS-XML High Product pom parent-artifactid jackson-jaxrs-providers Medium Version file version 2.12.4 High Version Manifest Bundle-Version 2.12.4 High Version Manifest Implementation-Version 2.12.4 High Version pom version 2.12.4 Highest
jackson-module-jaxb-annotations-2.12.4.jarDescription:
Support for using JAXB annotations as an alternative to "native" Jackson annotations, for configuring
data-binding.
License:
http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /var/simplicite/.m2/repository/com/fasterxml/jackson/module/jackson-module-jaxb-annotations/2.12.4/jackson-module-jaxb-annotations-2.12.4.jar
MD5: 29ff9647ec16c8e897b29c380b7e87d7
SHA1: 5e43703aae1a9843dfd7df0a0ad6cbfedcaff67f
SHA256: 7a6063c76ba26f14f18b808ad50955f87fa20d2a5225a1d8dc5add63ce234f75
Referenced In Project/Scope: Simplicite Platform:compile
jackson-module-jaxb-annotations-2.12.4.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.simplicite/simplicite@5.2.54
Evidence Type Source Name Value Confidence Vendor file name jackson-module-jaxb-annotations High Vendor jar package name fasterxml Highest Vendor jar package name jackson Highest Vendor jar package name jaxb Highest Vendor jar package name module Highest Vendor Manifest build-jdk-spec 1.8 Low Vendor Manifest bundle-docurl https://github.com/FasterXML/jackson-modules-base Low Vendor Manifest bundle-symbolicname com.fasterxml.jackson.module.jackson-module-jaxb-annotations Medium Vendor Manifest implementation-build-date 2021-07-06 20:47:51+0000 Low Vendor Manifest Implementation-Vendor FasterXML High Vendor Manifest Implementation-Vendor-Id com.fasterxml.jackson.module Medium Vendor Manifest multi-release true Low Vendor Manifest specification-vendor FasterXML Low Vendor pom artifactid jackson-module-jaxb-annotations Highest Vendor pom artifactid jackson-module-jaxb-annotations Low Vendor pom groupid com.fasterxml.jackson.module Highest Vendor pom name Jackson module: JAXB Annotations High Vendor pom parent-artifactid jackson-modules-base Low Vendor pom url FasterXML/jackson-modules-base Highest Product file name jackson-module-jaxb-annotations High Product jar package name fasterxml Highest Product jar package name jackson Highest Product jar package name jaxb Highest Product jar package name module Highest Product Manifest build-jdk-spec 1.8 Low Product Manifest bundle-docurl https://github.com/FasterXML/jackson-modules-base Low Product Manifest Bundle-Name Jackson module: JAXB Annotations Medium Product Manifest bundle-symbolicname com.fasterxml.jackson.module.jackson-module-jaxb-annotations Medium Product Manifest implementation-build-date 2021-07-06 20:47:51+0000 Low Product Manifest Implementation-Title Jackson module: JAXB Annotations High Product Manifest multi-release true Low Product Manifest specification-title Jackson module: JAXB Annotations Medium Product pom artifactid jackson-module-jaxb-annotations Highest Product pom groupid com.fasterxml.jackson.module Highest Product pom name Jackson module: JAXB Annotations High Product pom parent-artifactid jackson-modules-base Medium Product pom url FasterXML/jackson-modules-base High Version file version 2.12.4 High Version Manifest Bundle-Version 2.12.4 High Version Manifest Implementation-Version 2.12.4 High Version pom version 2.12.4 Highest
jackspeak:2.3.6Description:
A very strict and proper argument parser. License:
BlueOak-1.0.0 File Path: /var/simplicite/simplicite-5.2/package-lock.json?glob:10.3.3/jackspeak:^2.0.3
Referenced In Projects/Scopes: simplicite-js:5.2.54/glob:10.3.10 simplicite-js:5.2.54 simplicite-js:5.2.54/glob:10.3.3 Evidence Type Source Name Value Confidence Vendor package.json author Isaac Z. Schlueter <i@izs.me> Highest Vendor package.json description A very strict and proper argument parser. Highest Vendor package.json name jackspeak Highest Vendor package.json name jackspeak_project Highest Product package.json name jackspeak Highest Version package.json version 2.3.6 Highest
Related Dependencies jackspeak:2.3.6File Path: /var/simplicite/simplicite-5.2/package-lock.json?/jackspeak:2.3.6 pkg:npm/jackspeak@2.3.6 jackspeak:2.3.6File Path: /var/simplicite/simplicite-5.2/package-lock.json?glob:10.3.10/jackspeak:^2.3.5 pkg:npm/jackspeak@2.3.6 jai-imageio-core-1.4.0.jarDescription:
Java Advanced Imaging Image I/O Tools API core, but without the classes
involved with javax.media.jai dependencies, JPEG2000 or
codecLibJIIO, meaning that this library can be distributed under the
modified BSD license and should be GPL compatible.
License:
BSD 3-clause License w/nuclear disclaimer: LICENSE.txt File Path: /var/simplicite/.m2/repository/com/github/jai-imageio/jai-imageio-core/1.4.0/jai-imageio-core-1.4.0.jar
MD5: 6978d733bfb55c0a82639f724fe5f3bb
SHA1: fb6d79b929556362a241b2f65a04e538062f0077
SHA256: 8ad3c68e9efffb10ac87ff8bc589adf64b04a729c5194c079efd0643607fd72a
Referenced In Project/Scope: Simplicite Platform:compile
jai-imageio-core-1.4.0.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.apache.tika/tika-parsers@1.27
Evidence Type Source Name Value Confidence Vendor file name jai-imageio-core High Vendor jar package name github Highest Vendor Manifest bundle-docurl https://github.com/jai-imageio/ Low Vendor Manifest bundle-symbolicname jai-imageio-core Medium Vendor Manifest extension-name com.github.jai-imageio-jai-imageio-core Medium Vendor Manifest Implementation-Vendor https://github.com/jai-imageio/ jai-imageio GitHub group High Vendor Manifest specification-vendor Sun Microsystems, Inc. Low Vendor Manifest url https://github.com/jai-imageio/jai-imageio-core Low Vendor pom artifactid jai-imageio-core Highest Vendor pom artifactid jai-imageio-core Low Vendor pom developer email stian@s11.no Low Vendor pom developer name Stian Soiland-Reyes Medium Vendor pom developer org s11 Medium Vendor pom developer org URL http://s11.no/ Medium Vendor pom groupid com.github.jai-imageio Highest Vendor pom name Java Advanced Imaging Image I/O Tools API core (standalone) High Vendor pom organization name jai-imageio GitHub group High Vendor pom organization url jai-imageio/ Medium Vendor pom url jai-imageio/jai-imageio-core Highest Product file name jai-imageio-core High Product jar package name github Highest Product Manifest bundle-docurl https://github.com/jai-imageio/ Low Product Manifest Bundle-Name Java Advanced Imaging Image I/O Tools API core (standalone) Medium Product Manifest bundle-symbolicname jai-imageio-core Medium Product Manifest extension-name com.github.jai-imageio-jai-imageio-core Medium Product Manifest Implementation-Title Java Advanced Imaging Image I/O Tools API core (standalone) High Product Manifest specification-title Java Advanced Imaging Medium Product Manifest url https://github.com/jai-imageio/jai-imageio-core Low Product pom artifactid jai-imageio-core Highest Product pom developer email stian@s11.no Low Product pom developer name Stian Soiland-Reyes Low Product pom developer org s11 Low Product pom developer org URL http://s11.no/ Low Product pom groupid com.github.jai-imageio Highest Product pom name Java Advanced Imaging Image I/O Tools API core (standalone) High Product pom organization name jai-imageio GitHub group Low Product pom url jai-imageio/ High Product pom url jai-imageio/jai-imageio-core High Version file version 1.4.0 High Version Manifest Bundle-Version 1.4.0 High Version Manifest Implementation-Version 1.4.0 High Version pom version 1.4.0 Highest
jakarta.activation-2.0.1.jarDescription:
Jakarta Activation License:
http://www.eclipse.org/org/documents/edl-v10.php File Path: /var/simplicite/.m2/repository/com/sun/activation/jakarta.activation/2.0.1/jakarta.activation-2.0.1.jar
MD5: 39228ac67f033514a0ccb3360ac461f3
SHA1: 828b80e886a52bb09fe41ff410b10b342f533ce1
SHA256: b9e24b7dd6e07495562ea96531be3130c96dba4d78e1dfd88adbbdebf4332871
Referenced In Project/Scope: Simplicite Platform:compile
jakarta.activation-2.0.1.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.simplicite/simplicite@5.2.54
Evidence Type Source Name Value Confidence Vendor file name jakarta.activation High Vendor jar package name activation Highest Vendor jar package name jakarta Highest Vendor jar package name sun Highest Vendor jar (hint) package name oracle Highest Vendor Manifest build-jdk-spec 11 Low Vendor Manifest bundle-docurl https://www.eclipse.org Low Vendor Manifest bundle-symbolicname com.sun.activation.jakarta.activation Medium Vendor Manifest extension-name jakarta.activation Medium Vendor Manifest Implementation-Vendor Eclipse Foundation High Vendor Manifest Implementation-Vendor-Id com.sun Medium Vendor Manifest specification-vendor Eclipse Foundation Low Vendor pom artifactid jakarta.activation Highest Vendor pom artifactid jakarta.activation Low Vendor pom groupid com.sun.activation Highest Vendor pom name Jakarta Activation High Vendor pom parent-artifactid all Low Product file name jakarta.activation High Product jar package name activation Highest Product jar package name jakarta Highest Product jar package name sun Highest Product Manifest build-jdk-spec 11 Low Product Manifest bundle-docurl https://www.eclipse.org Low Product Manifest Bundle-Name Jakarta Activation Medium Product Manifest bundle-symbolicname com.sun.activation.jakarta.activation Medium Product Manifest extension-name jakarta.activation Medium Product Manifest Implementation-Title jakarta.activation High Product Manifest specification-title Jakarta Activation Specification Medium Product pom artifactid jakarta.activation Highest Product pom groupid com.sun.activation Highest Product pom name Jakarta Activation High Product pom parent-artifactid all Medium Version file version 2.0.1 High Version Manifest Bundle-Version 2.0.1 High Version Manifest Implementation-Version 2.0.1 High Version pom version 2.0.1 Highest
jakarta.annotation-api-1.3.5.jarDescription:
Jakarta Annotations API License:
EPL 2.0: http://www.eclipse.org/legal/epl-2.0
GPL2 w/ CPE: https://www.gnu.org/software/classpath/license.html File Path: /var/simplicite/.m2/repository/jakarta/annotation/jakarta.annotation-api/1.3.5/jakarta.annotation-api-1.3.5.jar
MD5: 8b165cf58df5f8c2a222f637c0a07c97
SHA1: 59eb84ee0d616332ff44aba065f3888cf002cd2d
SHA256: 85fb03fc054cdf4efca8efd9b6712bbb418e1ab98241c4539c8585bbc23e1b8a
Referenced In Project/Scope: Simplicite Platform:provided
jakarta.annotation-api-1.3.5.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.docusign/docusign-esign-java@3.14.0
Evidence Type Source Name Value Confidence Vendor file name jakarta.annotation-api High Vendor jar package name annotation Highest Vendor Manifest automatic-module-name java.annotation Medium Vendor Manifest bundle-docurl https://www.eclipse.org Low Vendor Manifest bundle-symbolicname jakarta.annotation-api Medium Vendor Manifest extension-name jakarta.annotation Medium Vendor Manifest Implementation-Vendor Eclipse Foundation High Vendor Manifest Implementation-Vendor-Id org.glassfish Medium Vendor Manifest specification-vendor Eclipse Foundation Low Vendor pom artifactid jakarta.annotation-api Highest Vendor pom artifactid jakarta.annotation-api Low Vendor pom developer name Linda De Michiel Medium Vendor pom developer org Oracle Corp. Medium Vendor pom groupid jakarta.annotation Highest Vendor pom name Jakarta Annotations API High Vendor pom parent-artifactid ca-parent Low Vendor pom url https://projects.eclipse.org/projects/ee4j.ca Highest Product file name jakarta.annotation-api High Product jar package name annotation Highest Product Manifest automatic-module-name java.annotation Medium Product Manifest bundle-docurl https://www.eclipse.org Low Product Manifest Bundle-Name Jakarta Annotations API Medium Product Manifest bundle-symbolicname jakarta.annotation-api Medium Product Manifest extension-name jakarta.annotation Medium Product pom artifactid jakarta.annotation-api Highest Product pom developer name Linda De Michiel Low Product pom developer org Oracle Corp. Low Product pom groupid jakarta.annotation Highest Product pom name Jakarta Annotations API High Product pom parent-artifactid ca-parent Medium Product pom url https://projects.eclipse.org/projects/ee4j.ca Medium Version file version 1.3.5 High Version Manifest Bundle-Version 1.3.5 High Version Manifest Implementation-Version 1.3.5 High Version pom version 1.3.5 Highest
jakarta.inject-2.6.1.jarDescription:
Injection API (JSR 330) version repackaged as OSGi bundle License:
http://www.eclipse.org/legal/epl-2.0, https://www.gnu.org/software/classpath/license.html File Path: /var/simplicite/.m2/repository/org/glassfish/hk2/external/jakarta.inject/2.6.1/jakarta.inject-2.6.1.jar
MD5: 4d7c80a1e3cd54531af03bef4537f7af
SHA1: 8096ebf722902e75fbd4f532a751e514f02e1eb7
SHA256: 5e88c123b3e41bca788b2683118867d9b6dec714247ea91c588aed46a36ee24f
Referenced In Project/Scope: Simplicite Platform:provided
jakarta.inject-2.6.1.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.docusign/docusign-esign-java@3.14.0
Evidence Type Source Name Value Confidence Vendor file name jakarta.inject High Vendor jar package name inject Highest Vendor jar package name javax Highest Vendor Manifest bundle-docurl http://www.oracle.com Low Vendor Manifest bundle-symbolicname org.glassfish.hk2.external.jakarta.inject Medium Vendor pom artifactid jakarta.inject Highest Vendor pom artifactid jakarta.inject Low Vendor pom groupid org.glassfish.hk2.external Highest Vendor pom name javax.inject: as OSGi bundle High Vendor pom name javax.inject:${javax-inject.version} as OSGi bundle High Vendor pom parent-artifactid external Low Vendor pom parent-groupid org.glassfish.hk2 Medium Product file name jakarta.inject High Product jar package name inject Highest Product jar package name javax Highest Product Manifest bundle-docurl http://www.oracle.com Low Product Manifest Bundle-Name javax.inject:1 as OSGi bundle Medium Product Manifest bundle-symbolicname org.glassfish.hk2.external.jakarta.inject Medium Product pom artifactid jakarta.inject Highest Product pom groupid org.glassfish.hk2.external Highest Product pom name javax.inject: as OSGi bundle High Product pom name javax.inject:${javax-inject.version} as OSGi bundle High Product pom parent-artifactid external Medium Product pom parent-groupid org.glassfish.hk2 Medium Version file version 2.6.1 High Version Manifest Bundle-Version 2.6.1 High Version pom version 2.6.1 Highest
jakarta.mail-2.0.1.jarDescription:
Jakarta Mail API License:
http://www.eclipse.org/legal/epl-2.0, https://www.gnu.org/software/classpath/license.html, http://www.eclipse.org/org/documents/edl-v10.php File Path: /var/simplicite/.m2/repository/com/sun/mail/jakarta.mail/2.0.1/jakarta.mail-2.0.1.jar
MD5: 8885560796641719f1cc0c9ea17b8bee
SHA1: 96d3645f02a92bcc5e7ae1ff037151e44179f230
SHA256: 8988bdbde922ee173db7179e23393dd2258f3b64f708f41082e03f0e0494cc23
Referenced In Project/Scope: Simplicite Platform:compile
jakarta.mail-2.0.1.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.simplicite/simplicite@5.2.54
Evidence Type Source Name Value Confidence Vendor file name jakarta.mail High Vendor jar package name jakarta Highest Vendor jar package name mail Highest Vendor jar package name provider Highest Vendor jar package name sun Highest Vendor jar (hint) package name oracle Highest Vendor Manifest build-jdk-spec 11 Low Vendor Manifest bundle-docurl http://www.oracle.com Low Vendor Manifest bundle-symbolicname com.sun.mail.jakarta.mail Medium Vendor Manifest extension-name jakarta.mail Medium Vendor Manifest Implementation-Vendor Oracle High Vendor Manifest Implementation-Vendor-Id com.sun Medium Vendor Manifest probe-provider-xml-file-names META-INF/gfprobe-provider.xml Medium Vendor Manifest specification-vendor Oracle Low Vendor Manifest (hint) Implementation-Vendor sun High Vendor Manifest (hint) specification-vendor sun Low Vendor pom artifactid jakarta.mail Highest Vendor pom artifactid jakarta.mail Low Vendor pom groupid com.sun.mail Highest Vendor pom name Jakarta Mail API High Vendor pom parent-artifactid all Low Product file name jakarta.mail High Product jar package name jakarta Highest Product jar package name mail Highest Product jar package name provider Highest Product jar package name sun Highest Product Manifest build-jdk-spec 11 Low Product Manifest bundle-docurl http://www.oracle.com Low Product Manifest Bundle-Name Jakarta Mail API Medium Product Manifest bundle-symbolicname com.sun.mail.jakarta.mail Medium Product Manifest extension-name jakarta.mail Medium Product Manifest Implementation-Title jakarta.mail High Product Manifest probe-provider-xml-file-names META-INF/gfprobe-provider.xml Medium Product Manifest specification-title Jakarta Mail API Design Specification Medium Product pom artifactid jakarta.mail Highest Product pom groupid com.sun.mail Highest Product pom name Jakarta Mail API High Product pom parent-artifactid all Medium Version file version 2.0.1 High Version Manifest Bundle-Version 2.0.1 High Version Manifest Implementation-Version 2.0.1 High Version pom version 2.0.1 Highest
jakarta.ws.rs-api-2.1.6.jarDescription:
Jakarta RESTful Web Services API License:
EPL 2.0: http://www.eclipse.org/legal/epl-2.0
GPL2 w/ CPE: https://www.gnu.org/software/classpath/license.html File Path: /var/simplicite/.m2/repository/jakarta/ws/rs/jakarta.ws.rs-api/2.1.6/jakarta.ws.rs-api-2.1.6.jar
MD5: c3892382aeb5c54085b22b1890511d29
SHA1: 1dcb770bce80a490dff49729b99c7a60e9ecb122
SHA256: 4cea299c846c8a6e6470cbfc2f7c391bc29b9caa2f9264ac1064ba91691f4adf
Referenced In Project/Scope: Simplicite Platform:provided
jakarta.ws.rs-api-2.1.6.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.docusign/docusign-esign-java@3.14.0
Evidence Type Source Name Value Confidence Vendor file name jakarta.ws.rs-api High Vendor hint analyzer vendor web services Medium Vendor jar package name javax Highest Vendor jar package name rs Highest Vendor jar package name ws Highest Vendor Manifest automatic-module-name java.ws.rs Medium Vendor Manifest bundle-docurl https://www.eclipse.org/org/foundation/ Low Vendor Manifest bundle-symbolicname jakarta.ws.rs-api Medium Vendor Manifest extension-name javax.ws.rs Medium Vendor Manifest specification-vendor Oracle Corporation Low Vendor pom artifactid jakarta.ws.rs-api Highest Vendor pom artifactid jakarta.ws.rs-api Low Vendor pom developer email jaxrs-dev@eclipse.org Low Vendor pom developer id developers Medium Vendor pom developer name API Developers Medium Vendor pom groupid jakarta.ws.rs Highest Vendor pom name jakarta.ws.rs-api High Vendor pom organization name Eclipse Foundation High Vendor pom organization url https://www.eclipse.org/org/foundation/ Medium Vendor pom url eclipse-ee4j/jaxrs-api Highest Product file name jakarta.ws.rs-api High Product hint analyzer product web services Medium Product jar package name javax Highest Product jar package name rs Highest Product jar package name ws Highest Product Manifest automatic-module-name java.ws.rs Medium Product Manifest bundle-docurl https://www.eclipse.org/org/foundation/ Low Product Manifest Bundle-Name jakarta.ws.rs-api Medium Product Manifest bundle-symbolicname jakarta.ws.rs-api Medium Product Manifest extension-name javax.ws.rs Medium Product pom artifactid jakarta.ws.rs-api Highest Product pom developer email jaxrs-dev@eclipse.org Low Product pom developer id developers Low Product pom developer name API Developers Low Product pom groupid jakarta.ws.rs Highest Product pom name jakarta.ws.rs-api High Product pom organization name Eclipse Foundation Low Product pom organization url https://www.eclipse.org/org/foundation/ Low Product pom url eclipse-ee4j/jaxrs-api High Version file version 2.1.6 High Version Manifest Bundle-Version 2.1.6 High Version Manifest Implementation-Version 2.1.6 High Version pom version 2.1.6 Highest
jakarta.xml.bind-api-2.3.3.jarDescription:
Jakarta XML Binding API 2.3 Design Specification License:
http://www.eclipse.org/org/documents/edl-v10.php File Path: /var/simplicite/.m2/repository/jakarta/xml/bind/jakarta.xml.bind-api/2.3.3/jakarta.xml.bind-api-2.3.3.jar
MD5: 61286918ca0192e9f87d1358aef718dd
SHA1: 48e3b9cfc10752fba3521d6511f4165bea951801
SHA256: c04539f472e9a6dd0c7685ea82d677282269ab8e7baca2e14500e381e0c6cec5
Referenced In Project/Scope: Simplicite Platform:compile
jakarta.xml.bind-api-2.3.3.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.glassfish.jaxb/jaxb-runtime@2.3.4
Evidence Type Source Name Value Confidence Vendor file name jakarta.xml.bind-api High Vendor jar package name bind Highest Vendor jar package name xml Highest Vendor Manifest build-jdk-spec 11 Low Vendor Manifest bundle-docurl https://www.eclipse.org Low Vendor Manifest bundle-symbolicname jakarta.xml.bind-api Medium Vendor Manifest extension-name jakarta.xml.bind Medium Vendor Manifest implementation-build-id 2.3.3-RELEASE-fd06b2b Low Vendor Manifest multi-release true Low Vendor Manifest specification-vendor Eclipse Foundation Low Vendor pom artifactid jakarta.xml.bind-api Highest Vendor pom artifactid jakarta.xml.bind-api Low Vendor pom groupid jakarta.xml.bind Highest Vendor pom name Jakarta XML Binding API High Vendor pom parent-artifactid jakarta.xml.bind-api-parent Low Product file name jakarta.xml.bind-api High Product jar package name bind Highest Product jar package name xml Highest Product Manifest build-jdk-spec 11 Low Product Manifest bundle-docurl https://www.eclipse.org Low Product Manifest Bundle-Name Jakarta XML Binding API Medium Product Manifest bundle-symbolicname jakarta.xml.bind-api Medium Product Manifest extension-name jakarta.xml.bind Medium Product Manifest implementation-build-id 2.3.3-RELEASE-fd06b2b Low Product Manifest multi-release true Low Product pom artifactid jakarta.xml.bind-api Highest Product pom groupid jakarta.xml.bind Highest Product pom name Jakarta XML Binding API High Product pom parent-artifactid jakarta.xml.bind-api-parent Medium Version file version 2.3.3 High Version Manifest Bundle-Version 2.3.3 High Version Manifest Implementation-Version 2.3.3 High Version pom version 2.3.3 Highest
java-jwt-3.18.2.jarDescription:
Java implementation of JSON Web Token (JWT) License:
The MIT License (MIT): https://raw.githubusercontent.com/auth0/java-jwt/master/LICENSE File Path: /var/simplicite/.m2/repository/com/auth0/java-jwt/3.18.2/java-jwt-3.18.2.jar
MD5: 574622007c3a0184dd88fc84894142e0
SHA1: 089c1da37cd738d9c3c7176fbf1e291ff2a8b988
SHA256: b5cd12b6db70a39f8c3d688e6fac930bd32d9a7f5d0e584e8a554a3e42cbfbf1
Referenced In Project/Scope: Simplicite Platform:compile
java-jwt-3.18.2.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.simplicite/simplicite@5.2.54
Evidence Type Source Name Value Confidence Vendor file name java-jwt High Vendor jar package name auth0 Highest Vendor jar package name jwt Highest Vendor Manifest multi-release true Low Vendor pom artifactid java-jwt Highest Vendor pom artifactid java-jwt Low Vendor pom developer email hernan@auth0.com Low Vendor pom developer email luciano.balmaceda@auth0.com Low Vendor pom developer email oss@auth0.com Low Vendor pom developer id auth0 Medium Vendor pom developer id hzalaz Medium Vendor pom developer id lbalmaceda Medium Vendor pom developer name Auth0 Medium Vendor pom developer name Hernan Zalazar Medium Vendor pom developer name Luciano Balmaceda Medium Vendor pom groupid com.auth0 Highest Vendor pom name java jwt High Vendor pom url auth0/java-jwt Highest Product file name java-jwt High Product jar package name auth0 Highest Product jar package name jwt Highest Product Manifest Implementation-Title java-jwt High Product Manifest multi-release true Low Product pom artifactid java-jwt Highest Product pom developer email hernan@auth0.com Low Product pom developer email luciano.balmaceda@auth0.com Low Product pom developer email oss@auth0.com Low Product pom developer id auth0 Low Product pom developer id hzalaz Low Product pom developer id lbalmaceda Low Product pom developer name Auth0 Low Product pom developer name Hernan Zalazar Low Product pom developer name Luciano Balmaceda Low Product pom groupid com.auth0 Highest Product pom name java jwt High Product pom url auth0/java-jwt High Version file version 3.18.2 High Version Manifest Implementation-Version 3.18.2 High Version pom version 3.18.2 Highest
java-libpst-0.9.3.jarDescription:
A library to read PST files with java, without need for external libraries. License:
The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /var/simplicite/.m2/repository/com/pff/java-libpst/0.9.3/java-libpst-0.9.3.jar
MD5: 26a2227892a5859875c3bf2bdf88bc9e
SHA1: 928a6698850cd89577d28201ff1ac443bb339d2b
SHA256: 039cd61635ded94dba67f909d3b1763e13f9c23d02f9750eb6259af10e1dabdb
Referenced In Project/Scope: Simplicite Platform:compile
java-libpst-0.9.3.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.apache.tika/tika-parsers@1.27
Evidence Type Source Name Value Confidence Vendor file name java-libpst High Vendor jar package name pff Highest Vendor jar package name pff Low Vendor pom artifactid java-libpst Highest Vendor pom artifactid java-libpst Low Vendor pom developer email @rjohnsondev Low Vendor pom developer name Richard Johnson Medium Vendor pom groupid com.pff Highest Vendor pom name java-libpst High Vendor pom url rjohnsondev/java-libpst Highest Product file name java-libpst High Product jar package name pff Highest Product pom artifactid java-libpst Highest Product pom developer email @rjohnsondev Low Product pom developer name Richard Johnson Low Product pom groupid com.pff Highest Product pom name java-libpst High Product pom url rjohnsondev/java-libpst High Version file version 0.9.3 High Version pom version 0.9.3 Highest
java-saml-2.7.0.jarFile Path: /var/simplicite/.m2/repository/com/onelogin/java-saml/2.7.0/java-saml-2.7.0.jarMD5: 9cc7410f00de4806a7654e40c91c9e29SHA1: cf109ade576a9823f8c1237aa88b31a9b16c64f9SHA256: e1da178c2f34f5ddba62a9f84dd2da6e994c27a88717af3a33761029f75904a8Referenced In Project/Scope: Simplicite Platform:compilejava-saml-2.7.0.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.simplicite/simplicite@5.2.54
Evidence Type Source Name Value Confidence Vendor file name java-saml High Vendor jar package name onelogin Highest Vendor jar package name onelogin Low Vendor jar package name saml2 Low Vendor pom artifactid java-saml Highest Vendor pom artifactid java-saml Low Vendor pom groupid com.onelogin Highest Vendor pom name OneLogin java-saml Toolkit High Vendor pom parent-artifactid java-saml-toolkit Low Product file name java-saml High Product jar package name onelogin Highest Product jar package name saml2 Low Product pom artifactid java-saml Highest Product pom groupid com.onelogin Highest Product pom name OneLogin java-saml Toolkit High Product pom parent-artifactid java-saml-toolkit Medium Version file version 2.7.0 High Version pom version 2.7.0 Highest
java-saml-core-2.7.0.jarFile Path: /var/simplicite/.m2/repository/com/onelogin/java-saml-core/2.7.0/java-saml-core-2.7.0.jarMD5: 666fb08176b089416b8c7090897c1b37SHA1: 942ab18d2e21dcba64eed4628c112860bef263a0SHA256: efc4c25ffcf6a548a755e55b5324bd1f90fa7e3d01a70d458f97dc8eba380c81Referenced In Project/Scope: Simplicite Platform:compilejava-saml-core-2.7.0.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.onelogin/java-saml@2.7.0
Evidence Type Source Name Value Confidence Vendor file name java-saml-core High Vendor jar package name onelogin Highest Vendor Manifest build-jdk-spec 1.8 Low Vendor pom artifactid java-saml-core Highest Vendor pom artifactid java-saml-core Low Vendor pom groupid com.onelogin Highest Vendor pom name OneLogin java-saml Toolkit Core High Vendor pom parent-artifactid java-saml-toolkit Low Product file name java-saml-core High Product jar package name onelogin Highest Product Manifest build-jdk-spec 1.8 Low Product pom artifactid java-saml-core Highest Product pom groupid com.onelogin Highest Product pom name OneLogin java-saml Toolkit Core High Product pom parent-artifactid java-saml-toolkit Medium Version file version 2.7.0 High Version pom version 2.7.0 Highest
javase-3.0.1.jarDescription:
Java SE-specific extensions to core ZXing library File Path: /var/simplicite/.m2/repository/com/google/zxing/javase/3.0.1/javase-3.0.1.jarMD5: 04258960339322ce4fb90718899ff4c9SHA1: 06fa0ae253f5bb2943fb64100c936d6a142832c2SHA256: 83c1e61db240c81b9b9628ea8dd63944cacf2b4f3578b4f3f4d3104506e4d0a4Referenced In Project/Scope: Simplicite Platform:compilejavase-3.0.1.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.simplicite/simplicite@5.2.54
Evidence Type Source Name Value Confidence Vendor file name javase High Vendor jar package name client Low Vendor jar package name google Highest Vendor jar package name google Low Vendor jar package name zxing Highest Vendor jar package name zxing Low Vendor pom artifactid javase Highest Vendor pom artifactid javase Low Vendor pom groupid com.google.zxing Highest Vendor pom name ZXing Java SE extensions High Vendor pom parent-artifactid zxing-parent Low Product file name javase High Product jar package name client Low Product jar package name google Highest Product jar package name j2se Low Product jar package name zxing Highest Product jar package name zxing Low Product pom artifactid javase Highest Product pom groupid com.google.zxing Highest Product pom name ZXing Java SE extensions High Product pom parent-artifactid zxing-parent Medium Version file version 3.0.1 High Version pom version 3.0.1 Highest
javassist-3.22.0-CR2.jarDescription:
Javassist (JAVA programming ASSISTant) makes Java bytecode manipulation
simple. It is a class library for editing bytecodes in Java.
License:
MPL 1.1: http://www.mozilla.org/MPL/MPL-1.1.html
LGPL 2.1: http://www.gnu.org/licenses/lgpl-2.1.html
Apache License 2.0: http://www.apache.org/licenses/ File Path: /var/simplicite/.m2/repository/org/javassist/javassist/3.22.0-CR2/javassist-3.22.0-CR2.jar
MD5: 2c48278c202227d8f3b8382965d41c0f
SHA1: 44eaf0990dea92f4bca4b9931b2239c0e8756ee7
SHA256: 230267ffd7bfe404c1b87faf215dd012f607ba3151bd7099562c305c09de6a7a
Referenced In Project/Scope: Simplicite Platform:provided
javassist-3.22.0-CR2.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.docusign/docusign-esign-java@3.14.0
Evidence Type Source Name Value Confidence Vendor file name javassist High Vendor jar package name bytecode Highest Vendor jar package name javassist Highest Vendor Manifest bundle-symbolicname javassist Medium Vendor Manifest specification-vendor Shigeru Chiba, www.javassist.org Low Vendor pom artifactid javassist Highest Vendor pom artifactid javassist Low Vendor pom developer email adinn@redhat.com Low Vendor pom developer email chiba@javassist.org Low Vendor pom developer email kabir.khan@jboss.com Low Vendor pom developer email smarlow@redhat.com Low Vendor pom developer id adinn Medium Vendor pom developer id chiba Medium Vendor pom developer id kabir.khan@jboss.com Medium Vendor pom developer id scottmarlow Medium Vendor pom developer name Andrew Dinn Medium Vendor pom developer name Kabir Khan Medium Vendor pom developer name Scott Marlow Medium Vendor pom developer name Shigeru Chiba Medium Vendor pom developer org JBoss Medium Vendor pom developer org The Javassist Project Medium Vendor pom developer org URL http://www.javassist.org/ Medium Vendor pom developer org URL http://www.jboss.org/ Medium Vendor pom groupid org.javassist Highest Vendor pom name Javassist High Vendor pom organization name Shigeru Chiba, www.javassist.org High Vendor pom url http://www.javassist.org/ Highest Product file name javassist High Product jar package name bytecode Highest Product jar package name javassist Highest Product Manifest Bundle-Name Javassist Medium Product Manifest bundle-symbolicname javassist Medium Product Manifest specification-title Javassist Medium Product pom artifactid javassist Highest Product pom developer email adinn@redhat.com Low Product pom developer email chiba@javassist.org Low Product pom developer email kabir.khan@jboss.com Low Product pom developer email smarlow@redhat.com Low Product pom developer id adinn Low Product pom developer id chiba Low Product pom developer id kabir.khan@jboss.com Low Product pom developer id scottmarlow Low Product pom developer name Andrew Dinn Low Product pom developer name Kabir Khan Low Product pom developer name Scott Marlow Low Product pom developer name Shigeru Chiba Low Product pom developer org JBoss Low Product pom developer org The Javassist Project Low Product pom developer org URL http://www.javassist.org/ Low Product pom developer org URL http://www.jboss.org/ Low Product pom groupid org.javassist Highest Product pom name Javassist High Product pom organization name Shigeru Chiba, www.javassist.org Low Product pom url http://www.javassist.org/ Medium Version Manifest specification-version 3.22.0-CR2 High Version pom version 3.22.0-CR2 Highest
javax.activation-api-1.2.0.jarDescription:
JavaBeans Activation Framework API jar License:
https://github.com/javaee/activation/blob/master/LICENSE.txt File Path: /var/simplicite/.m2/repository/javax/activation/javax.activation-api/1.2.0/javax.activation-api-1.2.0.jar
MD5: 5e50e56bcf4a3ef3bc758f69f7643c3b
SHA1: 85262acf3ca9816f9537ca47d5adeabaead7cb16
SHA256: 43fdef0b5b6ceb31b0424b208b930c74ab58fac2ceeb7b3f6fd3aeb8b5ca4393
Referenced In Project/Scope: Simplicite Platform:compile
javax.activation-api-1.2.0.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.simplicite/simplicite@5.2.54
Evidence Type Source Name Value Confidence Vendor file name javax.activation-api High Vendor jar package name activation Highest Vendor jar package name javax Highest Vendor Manifest automatic-module-name java.activation Medium Vendor Manifest bundle-docurl http://www.oracle.com Low Vendor Manifest bundle-symbolicname javax.activation-api Medium Vendor Manifest extension-name javax.activation Medium Vendor Manifest Implementation-Vendor Oracle High Vendor Manifest Implementation-Vendor-Id com.sun Medium Vendor Manifest originally-created-by 1.8.0_141 (Oracle Corporation) Low Vendor Manifest specification-vendor Oracle Low Vendor Manifest (hint) Implementation-Vendor sun High Vendor Manifest (hint) specification-vendor sun Low Vendor pom artifactid javax.activation-api Highest Vendor pom artifactid javax.activation-api Low Vendor pom groupid javax.activation Highest Vendor pom name JavaBeans Activation Framework API jar High Vendor pom parent-artifactid all Low Vendor pom parent-groupid com.sun.activation Medium Product file name javax.activation-api High Product jar package name activation Highest Product jar package name javax Highest Product Manifest automatic-module-name java.activation Medium Product Manifest bundle-docurl http://www.oracle.com Low Product Manifest Bundle-Name JavaBeans Activation Framework API jar Medium Product Manifest bundle-symbolicname javax.activation-api Medium Product Manifest extension-name javax.activation Medium Product Manifest Implementation-Title javax.activation.javax.activation-api High Product Manifest originally-created-by 1.8.0_141 (Oracle Corporation) Low Product Manifest specification-title javax.activation.javax.activation-api Medium Product pom artifactid javax.activation-api Highest Product pom groupid javax.activation Highest Product pom name JavaBeans Activation Framework API jar High Product pom parent-artifactid all Medium Product pom parent-groupid com.sun.activation Medium Version file version 1.2.0 High Version Manifest Bundle-Version 1.2.0 High Version Manifest Implementation-Version 1.2.0 High Version pom version 1.2.0 Highest
javax.annotation-api-1.3.2.jarDescription:
Common Annotations for the JavaTM Platform API License:
CDDL + GPLv2 with classpath exception: https://github.com/javaee/javax.annotation/blob/master/LICENSE File Path: /var/simplicite/.m2/repository/javax/annotation/javax.annotation-api/1.3.2/javax.annotation-api-1.3.2.jar
MD5: 2ab1973eefffaa2aeec47d50b9e40b9d
SHA1: 934c04d3cfef185a8008e7bf34331b79730a9d43
SHA256: e04ba5195bcd555dc95650f7cc614d151e4bcd52d29a10b8aa2197f3ab89ab9b
Referenced In Project/Scope: Simplicite Platform:provided
javax.annotation-api-1.3.2.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.simplicite/simplicite@5.2.54
Evidence Type Source Name Value Confidence Vendor file name javax.annotation-api High Vendor jar package name annotation Highest Vendor jar package name javax Highest Vendor Manifest automatic-module-name java.annotation Medium Vendor Manifest bundle-docurl https://javaee.github.io/glassfish Low Vendor Manifest bundle-symbolicname javax.annotation-api Medium Vendor Manifest extension-name javax.annotation Medium Vendor Manifest Implementation-Vendor GlassFish Community High Vendor Manifest Implementation-Vendor-Id org.glassfish Medium Vendor Manifest specification-vendor Oracle Corporation Low Vendor pom artifactid javax.annotation-api Highest Vendor pom artifactid javax.annotation-api Low Vendor pom developer id ldemichiel Medium Vendor pom developer name Linda De Michiel Medium Vendor pom developer org Oracle Corp. Medium Vendor pom groupid javax.annotation Highest Vendor pom name API High Vendor pom name ${extension.name} API High Vendor pom organization name GlassFish Community High Vendor pom organization url https://javaee.github.io/glassfish Medium Vendor pom parent-artifactid jvnet-parent Low Vendor pom parent-groupid net.java Medium Vendor pom url http://jcp.org/en/jsr/detail?id=250 Highest Product file name javax.annotation-api High Product jar package name annotation Highest Product jar package name javax Highest Product Manifest automatic-module-name java.annotation Medium Product Manifest bundle-docurl https://javaee.github.io/glassfish Low Product Manifest Bundle-Name javax.annotation API Medium Product Manifest bundle-symbolicname javax.annotation-api Medium Product Manifest extension-name javax.annotation Medium Product pom artifactid javax.annotation-api Highest Product pom developer id ldemichiel Low Product pom developer name Linda De Michiel Low Product pom developer org Oracle Corp. Low Product pom groupid javax.annotation Highest Product pom name API High Product pom name ${extension.name} API High Product pom organization name GlassFish Community Low Product pom organization url https://javaee.github.io/glassfish Low Product pom parent-artifactid jvnet-parent Medium Product pom parent-groupid net.java Medium Product pom url http://jcp.org/en/jsr/detail?id=250 Medium Version file version 1.3.2 High Version Manifest Bundle-Version 1.3.2 High Version Manifest Implementation-Version 1.3.2 High Version pom parent-version 1.3.2 Low Version pom version 1.3.2 Highest
javax.ejb-api-3.2.2.jarDescription:
Project GlassFish Enterprise JavaBean API License:
CDDL + GPLv2 with classpath exception: https://oss.oracle.com/licenses/CDDL+GPL-1.1 File Path: /var/simplicite/.m2/repository/javax/ejb/javax.ejb-api/3.2.2/javax.ejb-api-3.2.2.jar
MD5: f7a1ffa8ec359720a01dd09f79f042c3
SHA1: 8921a3e3cb30fe5966531ad53902eef19303123b
SHA256: 13ff874c58c32b649077dab6ab23bc93938610adc99e90d63933f6f074805b72
Referenced In Project/Scope: Simplicite Platform:provided
javax.ejb-api-3.2.2.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.simplicite/simplicite@5.2.54
Evidence Type Source Name Value Confidence Vendor file name javax.ejb-api High Vendor jar package name ejb Highest Vendor jar package name javax Highest Vendor Manifest bundle-docurl http://www.oracle.com Low Vendor Manifest bundle-symbolicname javax.ejb-api Medium Vendor Manifest extension-name javax.ejb Medium Vendor Manifest Implementation-Vendor Oracle Corporation High Vendor Manifest Implementation-Vendor-Id org.glassfish Medium Vendor Manifest specification-vendor Oracle Corporation Low Vendor pom artifactid javax.ejb-api Highest Vendor pom artifactid javax.ejb-api Low Vendor pom developer id mvatkina Medium Vendor pom developer name Marina Vatkina Medium Vendor pom developer org Oracle, Inc. Medium Vendor pom groupid javax.ejb Highest Vendor pom name API High Vendor pom name ${extension.name} API High Vendor pom organization name Oracle Corporation High Vendor pom organization url http://www.oracle.com Medium Vendor pom parent-artifactid jvnet-parent Low Vendor pom parent-groupid net.java Medium Vendor pom url javaee/javax.ejb Highest Product file name javax.ejb-api High Product jar package name ejb Highest Product jar package name javax Highest Product Manifest bundle-docurl http://www.oracle.com Low Product Manifest Bundle-Name javax.ejb API Medium Product Manifest bundle-symbolicname javax.ejb-api Medium Product Manifest extension-name javax.ejb Medium Product pom artifactid javax.ejb-api Highest Product pom developer id mvatkina Low Product pom developer name Marina Vatkina Low Product pom developer org Oracle, Inc. Low Product pom groupid javax.ejb Highest Product pom name API High Product pom name ${extension.name} API High Product pom organization name Oracle Corporation Low Product pom organization url http://www.oracle.com Low Product pom parent-artifactid jvnet-parent Medium Product pom parent-groupid net.java Medium Product pom url javaee/javax.ejb High Version file version 3.2.2 High Version Manifest Bundle-Version 3.2.2 High Version Manifest Implementation-Version 3.2.2 High Version pom parent-version 3.2.2 Low Version pom version 3.2.2 Highest
javax.inject-1.jarDescription:
The javax.inject API License:
The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /var/simplicite/.m2/repository/javax/inject/javax.inject/1/javax.inject-1.jar
MD5: 289075e48b909e9e74e6c915b3631d2e
SHA1: 6975da39a7040257bd51d21a231b76c915872d38
SHA256: 91c77044a50c481636c32d916fd89c9118a72195390452c81065080f957de7ff
Referenced In Project/Scope: Simplicite Platform:compile
javax.inject-1.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.apache.jclouds/jclouds-core@2.4.0
Evidence Type Source Name Value Confidence Vendor file name javax.inject-1 High Vendor jar package name inject Highest Vendor jar package name inject Low Vendor jar package name javax Highest Vendor jar package name javax Low Vendor pom artifactid javax.inject Highest Vendor pom artifactid javax.inject Low Vendor pom groupid javax.inject Highest Vendor pom name javax.inject High Vendor pom url http://code.google.com/p/atinject/ Highest Product file name javax.inject-1 High Product jar package name inject Highest Product jar package name inject Low Product jar package name javax Highest Product pom artifactid javax.inject Highest Product pom groupid javax.inject Highest Product pom name javax.inject High Product pom url http://code.google.com/p/atinject/ Medium Version file version 1 Medium Version pom version 1 Highest
javax.jms-api-2.0.1.jarDescription:
Java(TM) Message Service Specification License:
CDDL + GPLv2 with classpath exception: https://glassfish.java.net/nonav/public/CDDL+GPL_1_1.html File Path: /var/simplicite/.m2/repository/javax/jms/javax.jms-api/2.0.1/javax.jms-api-2.0.1.jar
MD5: d69d2e02910e97b2478c0105e9b2caab
SHA1: 5faaa3864ff6025ce69809b60d65bda3e358610c
SHA256: aa4a16fac46d949b17b32091036e4d1e3c812ef3b4bd184ec838efffb53ba4f8
Referenced In Project/Scope: Simplicite Platform:compile
javax.jms-api-2.0.1.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.simplicite/simplicite@5.2.54
Evidence Type Source Name Value Confidence Vendor file name javax.jms-api High Vendor jar package name javax Highest Vendor jar package name jms Highest Vendor Manifest bundle-symbolicname javax.jms-api Medium Vendor Manifest extension-name javax.jms Medium Vendor Manifest Implementation-Vendor-Id org.glassfish.mq Medium Vendor Manifest specification-vendor Oracle Corporation Low Vendor pom artifactid javax.jms-api Highest Vendor pom artifactid javax.jms-api Low Vendor pom developer org Oracle Corporation Medium Vendor pom groupid javax.jms Highest Vendor pom name JMS API High Vendor pom parent-artifactid jvnet-parent Low Vendor pom parent-groupid net.java Medium Vendor pom url http://java.net/projects/jms-spec/pages/Home Highest Product file name javax.jms-api High Product jar package name javax Highest Product jar package name jms Highest Product jar package name message Highest Product Manifest Bundle-Name JMS API Medium Product Manifest bundle-symbolicname javax.jms-api Medium Product Manifest extension-name javax.jms Medium Product pom artifactid javax.jms-api Highest Product pom developer org Oracle Corporation Low Product pom groupid javax.jms Highest Product pom name JMS API High Product pom parent-artifactid jvnet-parent Medium Product pom parent-groupid net.java Medium Product pom url http://java.net/projects/jms-spec/pages/Home Medium Version file version 2.0.1 High Version Manifest Bundle-Version 2.0.1 High Version Manifest Implementation-Version 2.0.1 High Version pom parent-version 2.0.1 Low Version pom version 2.0.1 Highest
javax.mail-api-1.6.2.jarDescription:
JavaMail API jar License:
https://javaee.github.io/javamail/LICENSE File Path: /var/simplicite/.m2/repository/javax/mail/javax.mail-api/1.6.2/javax.mail-api-1.6.2.jar
MD5: c1df29c4b85433bd2f378b06c323c2d3
SHA1: 17a8151bab44f9c94f34c10db70d95ba3c830eda
SHA256: 17489addfc8d7b43afc7775072a56bbaadf32cfb1e9d39fb4b7ece890d6698f1
Referenced In Project/Scope: Simplicite Platform:compile
javax.mail-api-1.6.2.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.simplicite/simplicite@5.2.54
Evidence Type Source Name Value Confidence Vendor file name javax.mail-api High Vendor jar package name javax Highest Vendor jar package name mail Highest Vendor Manifest bundle-docurl http://www.oracle.com Low Vendor Manifest bundle-symbolicname javax.mail-api Medium Vendor Manifest extension-name javax.mail Medium Vendor Manifest Implementation-Vendor Oracle High Vendor Manifest Implementation-Vendor-Id com.sun Medium Vendor Manifest originally-created-by Apache Maven Bundle Plugin Low Vendor Manifest probe-provider-xml-file-names Medium Vendor Manifest specification-vendor Oracle Low Vendor Manifest (hint) Implementation-Vendor sun High Vendor Manifest (hint) specification-vendor sun Low Vendor pom artifactid javax.mail-api Highest Vendor pom artifactid javax.mail-api Low Vendor pom groupid javax.mail Highest Vendor pom name JavaMail API jar High Vendor pom parent-artifactid all Low Vendor pom parent-groupid com.sun.mail Medium Product file name javax.mail-api High Product jar package name javax Highest Product jar package name mail Highest Product Manifest bundle-docurl http://www.oracle.com Low Product Manifest Bundle-Name JavaMail API jar Medium Product Manifest bundle-symbolicname javax.mail-api Medium Product Manifest extension-name javax.mail Medium Product Manifest Implementation-Title javax.mail.javax.mail-api High Product Manifest originally-created-by Apache Maven Bundle Plugin Low Product Manifest probe-provider-xml-file-names Medium Product Manifest specification-title javax.mail.javax.mail-api Medium Product pom artifactid javax.mail-api Highest Product pom groupid javax.mail Highest Product pom name JavaMail API jar High Product pom parent-artifactid all Medium Product pom parent-groupid com.sun.mail Medium Version file version 1.6.2 High Version Manifest Bundle-Version 1.6.2 High Version Manifest Implementation-Version 1.6.2 High Version pom version 1.6.2 Highest
javax.servlet-api-4.0.1.jarDescription:
Java(TM) Servlet 4.0 API Design Specification License:
CDDL + GPLv2 with classpath exception: https://oss.oracle.com/licenses/CDDL+GPL-1.1 File Path: /var/simplicite/.m2/repository/javax/servlet/javax.servlet-api/4.0.1/javax.servlet-api-4.0.1.jar
MD5: b80414033bf3397de334b95e892a2f44
SHA1: a27082684a2ff0bf397666c3943496c44541d1ca
SHA256: 83a03dd877d3674576f0da7b90755c8524af099ccf0607fc61aa971535ad7c60
Referenced In Project/Scope: Simplicite Platform:provided
javax.servlet-api-4.0.1.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.simplicite/simplicite@5.2.54
Evidence Type Source Name Value Confidence Vendor file name javax.servlet-api High Vendor jar package name javax Highest Vendor jar package name servlet Highest Vendor Manifest bundle-docurl https://javaee.github.io Low Vendor Manifest bundle-symbolicname javax.servlet-api Medium Vendor Manifest extension-name javax.servlet Medium Vendor Manifest Implementation-Vendor GlassFish Community High Vendor Manifest Implementation-Vendor-Id org.glassfish Medium Vendor Manifest specification-vendor Oracle Corporation Low Vendor pom artifactid javax.servlet-api Highest Vendor pom artifactid javax.servlet-api Low Vendor pom developer id edburns Medium Vendor pom developer id shingwaichan Medium Vendor pom developer name Ed Burns Medium Vendor pom developer name Shing Wai Chan Medium Vendor pom developer org Oracle Medium Vendor pom groupid javax.servlet Highest Vendor pom name Java Servlet API High Vendor pom organization name GlassFish Community High Vendor pom organization url https://javaee.github.io Medium Vendor pom parent-artifactid jvnet-parent Low Vendor pom parent-groupid net.java Medium Vendor pom url https://javaee.github.io/servlet-spec/ Highest Vendor pom (hint) developer org sun Medium Product file name javax.servlet-api High Product jar package name javax Highest Product jar package name servlet Highest Product Manifest bundle-docurl https://javaee.github.io Low Product Manifest Bundle-Name Java Servlet API Medium Product Manifest bundle-symbolicname javax.servlet-api Medium Product Manifest extension-name javax.servlet Medium Product pom artifactid javax.servlet-api Highest Product pom developer id edburns Low Product pom developer id shingwaichan Low Product pom developer name Ed Burns Low Product pom developer name Shing Wai Chan Low Product pom developer org Oracle Low Product pom groupid javax.servlet Highest Product pom name Java Servlet API High Product pom organization name GlassFish Community Low Product pom organization url https://javaee.github.io Low Product pom parent-artifactid jvnet-parent Medium Product pom parent-groupid net.java Medium Product pom url https://javaee.github.io/servlet-spec/ Medium Version file version 4.0.1 High Version Manifest Implementation-Version 4.0.1 High Version pom parent-version 4.0.1 Low Version pom version 4.0.1 Highest
javax.servlet.jsp-api-2.3.3.jarDescription:
Java.net - The Source for Java Technology Collaboration License:
CDDL + GPLv2 with classpath exception: ://oss.oracle.com/licenses/CDDL+GPL-1.1 File Path: /var/simplicite/.m2/repository/javax/servlet/jsp/javax.servlet.jsp-api/2.3.3/javax.servlet.jsp-api-2.3.3.jar
MD5: f6676a5961328c41c5e722da5e48d047
SHA1: 81191ab80e342912dc9cea735c30ff4eddc64de3
SHA256: 409a534d275ef0958a2c1692472da30e3706bfe6933d56c039376f53f13689b7
Referenced In Project/Scope: Simplicite Platform:provided
javax.servlet.jsp-api-2.3.3.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.simplicite/simplicite@5.2.54
Evidence Type Source Name Value Confidence Vendor file name javax.servlet.jsp-api High Vendor jar package name javax Highest Vendor jar package name jsp Highest Vendor jar package name servlet Highest Vendor Manifest bundle-docurl http://www.oracle.com Low Vendor Manifest bundle-symbolicname javax.servlet.jsp-api Medium Vendor Manifest extension-name javax.servlet.jsp Medium Vendor Manifest Implementation-Vendor Oracle Corporation High Vendor Manifest specification-vendor Oracle Corporation Low Vendor pom artifactid javax.servlet.jsp-api Highest Vendor pom artifactid javax.servlet.jsp-api Low Vendor pom developer id kchung Medium Vendor pom developer name Kin-man Chung Medium Vendor pom developer org Oracle Corporation Medium Vendor pom groupid javax.servlet.jsp Highest Vendor pom name JavaServer Pages(TM) API High Vendor pom organization name Oracle High Vendor pom organization url http://www.oracle.com Medium Vendor pom parent-artifactid jvnet-parent Low Vendor pom parent-groupid net.java Medium Vendor pom url https://javaee.github.io/javaee-jsp-api Highest Vendor pom (hint) organization name sun High Product file name javax.servlet.jsp-api High Product jar package name javax Highest Product jar package name jsp Highest Product jar package name servlet Highest Product Manifest bundle-docurl http://www.oracle.com Low Product Manifest Bundle-Name JavaServer Pages(TM) API Medium Product Manifest bundle-symbolicname javax.servlet.jsp-api Medium Product Manifest extension-name javax.servlet.jsp Medium Product pom artifactid javax.servlet.jsp-api Highest Product pom developer id kchung Low Product pom developer name Kin-man Chung Low Product pom developer org Oracle Corporation Low Product pom groupid javax.servlet.jsp Highest Product pom name JavaServer Pages(TM) API High Product pom organization name Oracle Low Product pom organization url http://www.oracle.com Low Product pom parent-artifactid jvnet-parent Medium Product pom parent-groupid net.java Medium Product pom url https://javaee.github.io/javaee-jsp-api Medium Version file version 2.3.3 High Version Manifest Bundle-Version 2.3.3 High Version Manifest Implementation-Version 2.3.3 High Version pom parent-version 2.3.3 Low Version pom version 2.3.3 Highest
javax.transaction-api-1.3.jarDescription:
Project GlassFish Java Transaction API License:
CDDL + GPLv2 with classpath exception: https://github.com/javaee/javax.transaction/blob/master/LICENSE File Path: /var/simplicite/.m2/repository/javax/transaction/javax.transaction-api/1.3/javax.transaction-api-1.3.jar
MD5: 6e9cb1684621821248b6823143ae26c0
SHA1: e006adf5cf3cca2181d16bd640ecb80148ec0fce
SHA256: 603df5e4fc1eeae8f5e5d363a8be6c1fa47d0df1df8739a05cbcb9fafd6df2da
Referenced In Project/Scope: Simplicite Platform:provided
javax.transaction-api-1.3.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.simplicite/simplicite@5.2.54
Evidence Type Source Name Value Confidence Vendor file name javax.transaction-api High Vendor jar package name javax Highest Vendor jar package name transaction Highest Vendor Manifest automatic-module-name java.transaction Medium Vendor Manifest bundle-docurl https://glassfish.java.net Low Vendor Manifest bundle-symbolicname javax.transaction-api Medium Vendor Manifest extension-name javax.transaction Medium Vendor Manifest Implementation-Vendor GlassFish Community High Vendor Manifest Implementation-Vendor-Id org.glassfish Medium Vendor Manifest specification-vendor Oracle Corporation Low Vendor pom artifactid javax.transaction-api Highest Vendor pom artifactid javax.transaction-api Low Vendor pom developer id stephen_felts Medium Vendor pom developer name Stephen Felts Medium Vendor pom developer org Oracle, Inc. Medium Vendor pom groupid javax.transaction Highest Vendor pom name API High Vendor pom name ${extension.name} API High Vendor pom organization name GlassFish Community High Vendor pom organization url https://glassfish.java.net Medium Vendor pom parent-artifactid jvnet-parent Low Vendor pom parent-groupid net.java Medium Vendor pom url http://jta-spec.java.net Highest Product file name javax.transaction-api High Product jar package name javax Highest Product jar package name transaction Highest Product Manifest automatic-module-name java.transaction Medium Product Manifest bundle-docurl https://glassfish.java.net Low Product Manifest Bundle-Name javax.transaction API Medium Product Manifest bundle-symbolicname javax.transaction-api Medium Product Manifest extension-name javax.transaction Medium Product pom artifactid javax.transaction-api Highest Product pom developer id stephen_felts Low Product pom developer name Stephen Felts Low Product pom developer org Oracle, Inc. Low Product pom groupid javax.transaction Highest Product pom name API High Product pom name ${extension.name} API High Product pom organization name GlassFish Community Low Product pom organization url https://glassfish.java.net Low Product pom parent-artifactid jvnet-parent Medium Product pom parent-groupid net.java Medium Product pom url http://jta-spec.java.net Medium Version file version 1.3 High Version Manifest Bundle-Version 1.3 High Version Manifest Implementation-Version 1.3 High Version pom parent-version 1.3 Low Version pom version 1.3 Highest
javax.websocket-api-1.1.jarDescription:
JSR 356: Java API for WebSocket License:
https://glassfish.java.net/public/CDDL+GPL_1_1.html File Path: /var/simplicite/.m2/repository/javax/websocket/javax.websocket-api/1.1/javax.websocket-api-1.1.jar
MD5: be29e11a4a15742aa6fb418fa46345e3
SHA1: eeeb68631711256418dfbb47b11c731b6c8f6235
SHA256: a260973517bf6411d659b588a719aa27e7e4e47dfbd510fceb5bf1023a2c45e4
Referenced In Project/Scope: Simplicite Platform:provided
javax.websocket-api-1.1.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.simplicite/simplicite@5.2.54
Evidence Type Source Name Value Confidence Vendor file name javax.websocket-api High Vendor jar package name javax Highest Vendor jar package name server Highest Vendor jar package name websocket Highest Vendor Manifest bundle-docurl http://www.oracle.com Low Vendor Manifest bundle-symbolicname javax.websocket-api Medium Vendor Manifest extension-name javax.websocket Medium Vendor pom artifactid javax.websocket-api Highest Vendor pom artifactid javax.websocket-api Low Vendor pom groupid javax.websocket Highest Vendor pom name WebSocket server API High Vendor pom parent-artifactid javax.websocket-all Low Vendor pom url http://websocket-spec.java.net Highest Product file name javax.websocket-api High Product jar package name javax Highest Product jar package name server Highest Product jar package name websocket Highest Product Manifest bundle-docurl http://www.oracle.com Low Product Manifest Bundle-Name WebSocket server API Medium Product Manifest bundle-symbolicname javax.websocket-api Medium Product Manifest extension-name javax.websocket Medium Product pom artifactid javax.websocket-api Highest Product pom groupid javax.websocket Highest Product pom name WebSocket server API High Product pom parent-artifactid javax.websocket-all Medium Product pom url http://websocket-spec.java.net Medium Version file version 1.1 High Version Manifest Bundle-Version 1.1 High Version Manifest Implementation-Version 1.1 High Version pom version 1.1 Highest
javax.ws.rs-api-2.0.1.jarDescription:
Java API for RESTful Web Services (JAX-RS) License:
CDDL 1.1: http://glassfish.java.net/public/CDDL+GPL_1_1.html
GPL2 w/ CPE: http://glassfish.java.net/public/CDDL+GPL_1_1.html File Path: /var/simplicite/.m2/repository/javax/ws/rs/javax.ws.rs-api/2.0.1/javax.ws.rs-api-2.0.1.jar
MD5: edcd111cf4d3ba8ac8e1f326efc37a17
SHA1: 104e9c2b5583cfcfeac0402316221648d6d8ea6b
SHA256: 38607d626f2288d8fbc1b1f8a62c369e63806d9a313ac7cbc5f9d6c94f4b466d
Referenced In Project/Scope: Simplicite Platform:compile
javax.ws.rs-api-2.0.1.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.simplicite/simplicite@5.2.54
Evidence Type Source Name Value Confidence Vendor file name javax.ws.rs-api High Vendor hint analyzer vendor web services Medium Vendor jar package name javax Highest Vendor jar package name rs Highest Vendor jar package name ws Highest Vendor Manifest bundle-docurl http://www.oracle.com/ Low Vendor Manifest bundle-symbolicname javax.ws.rs-api Medium Vendor Manifest extension-name javax.ws.rs Medium Vendor Manifest specification-vendor Oracle Corporation Low Vendor pom artifactid javax.ws.rs-api Highest Vendor pom artifactid javax.ws.rs-api Low Vendor pom developer email m_potociar@java.net Low Vendor pom developer email spericas@java.net Low Vendor pom developer id Marek Medium Vendor pom developer id Santiago Medium Vendor pom developer name Marek Potociar Medium Vendor pom developer name Santiago Pericas-Geertsen Medium Vendor pom developer org Oracle Medium Vendor pom developer org URL http://jax-rs-spec.java.net Medium Vendor pom groupid javax.ws.rs Highest Vendor pom name javax.ws.rs-api High Vendor pom organization name Oracle Corporation High Vendor pom organization url http://www.oracle.com/ Medium Vendor pom parent-artifactid jvnet-parent Low Vendor pom parent-groupid net.java Medium Vendor pom url http://jax-rs-spec.java.net Highest Vendor pom (hint) developer org sun Medium Product file name javax.ws.rs-api High Product hint analyzer product web services Medium Product jar package name javax Highest Product jar package name rs Highest Product jar package name ws Highest Product Manifest bundle-docurl http://www.oracle.com/ Low Product Manifest Bundle-Name javax.ws.rs-api Medium Product Manifest bundle-symbolicname javax.ws.rs-api Medium Product Manifest extension-name javax.ws.rs Medium Product pom artifactid javax.ws.rs-api Highest Product pom developer email m_potociar@java.net Low Product pom developer email spericas@java.net Low Product pom developer id Marek Low Product pom developer id Santiago Low Product pom developer name Marek Potociar Low Product pom developer name Santiago Pericas-Geertsen Low Product pom developer org Oracle Low Product pom developer org URL http://jax-rs-spec.java.net Low Product pom groupid javax.ws.rs Highest Product pom name javax.ws.rs-api High Product pom organization name Oracle Corporation Low Product pom organization url http://www.oracle.com/ Low Product pom parent-artifactid jvnet-parent Medium Product pom parent-groupid net.java Medium Product pom url http://jax-rs-spec.java.net Medium Version file version 2.0.1 High Version Manifest Bundle-Version 2.0.1 High Version Manifest Implementation-Version 2.0.1 High Version pom parent-version 2.0.1 Low Version pom version 2.0.1 Highest
jawk-1.02.jarDescription:
POM was created from install:install-file File Path: /var/simplicite/.m2/repository/org/jawk/jawk/1.02/jawk-1.02.jarMD5: cd04ea3460d71a03ca5f4232c9ee5f0cSHA1: 7bdd8bb1a1b9adff9b471cc041cba83ef3a2abe6SHA256: 2773c7f47b2ee8f483d6cb30f799c31f81645d23f49910e58ef4cccb2ffe1c7bReferenced In Project/Scope: Simplicite Platform:compilejawk-1.02.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.simplicite/simplicite@5.2.54
Evidence Type Source Name Value Confidence Vendor file name jawk High Vendor jar package name jawk Highest Vendor jar package name jawk Low Vendor pom artifactid jawk Highest Vendor pom artifactid jawk Low Vendor pom groupid org.jawk Highest Product file name jawk High Product jar package name jawk Highest Product pom artifactid jawk Highest Product pom groupid org.jawk Highest Version file version 1.02 High Version pom version 1.02 Highest
jaxb-api-2.3.1.jarDescription:
JAXB (JSR 222) API License:
https://oss.oracle.com/licenses/CDDL+GPL-1.1, https://oss.oracle.com/licenses/CDDL+GPL-1.1 File Path: /var/simplicite/.m2/repository/javax/xml/bind/jaxb-api/2.3.1/jaxb-api-2.3.1.jar
MD5: bcf270d320f645ad19f5edb60091e87f
SHA1: 8531ad5ac454cc2deb9d4d32c40c4d7451939b5d
SHA256: 88b955a0df57880a26a74708bc34f74dcaf8ebf4e78843a28b50eae945732b06
Referenced In Project/Scope: Simplicite Platform:compile
jaxb-api-2.3.1.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.simplicite/simplicite@5.2.54
Evidence Type Source Name Value Confidence Vendor file name jaxb-api High Vendor jar package name bind Highest Vendor jar package name javax Highest Vendor jar package name jaxb Highest Vendor jar package name xml Highest Vendor Manifest bundle-docurl http://www.oracle.com/ Low Vendor Manifest bundle-symbolicname jaxb-api Medium Vendor Manifest extension-name javax.xml.bind Medium Vendor Manifest implementation-build-id UNKNOWN-7de2ca118a0cfc4a373872915aef59148dff5f93, 2018-09-12T06:28:43-0700 Low Vendor Manifest Implementation-Vendor Oracle Corporation High Vendor Manifest Implementation-Vendor-Id org.glassfish Medium Vendor Manifest multi-release true Low Vendor Manifest specification-vendor Oracle Corporation Low Vendor pom artifactid jaxb-api Highest Vendor pom artifactid jaxb-api Low Vendor pom groupid javax.xml.bind Highest Vendor pom parent-artifactid jaxb-api-parent Low Product file name jaxb-api High Product jar package name bind Highest Product jar package name javax Highest Product jar package name jaxb Highest Product jar package name xml Highest Product Manifest bundle-docurl http://www.oracle.com/ Low Product Manifest Bundle-Name jaxb-api Medium Product Manifest bundle-symbolicname jaxb-api Medium Product Manifest extension-name javax.xml.bind Medium Product Manifest implementation-build-id UNKNOWN-7de2ca118a0cfc4a373872915aef59148dff5f93, 2018-09-12T06:28:43-0700 Low Product Manifest multi-release true Low Product Manifest specification-title jaxb-api Medium Product pom artifactid jaxb-api Highest Product pom groupid javax.xml.bind Highest Product pom parent-artifactid jaxb-api-parent Medium Version file version 2.3.1 High Version Manifest Bundle-Version 2.3.1 High Version pom version 2.3.1 Highest
jaxb-impl-2.3.3.jar (shaded: com.sun.istack:istack-commons-runtime:3.0.11)File Path: /var/simplicite/.m2/repository/com/sun/xml/bind/jaxb-impl/2.3.3/jaxb-impl-2.3.3.jar/META-INF/maven/com.sun.istack/istack-commons-runtime/pom.xmlMD5: 2cf61b2d9ed8b708932ba4d2bdd53025SHA1: 1c4b0f15c5b1aeb7ba30ba0f6a21c10ee112d2b2SHA256: ae1c070432a8cc35b92960758175014e991193af982e0ad083e40885611d7e94Referenced In Project/Scope: Simplicite Platform:compile
Evidence Type Source Name Value Confidence Vendor pom artifactid istack-commons-runtime Low Vendor pom groupid com.sun.istack Highest Vendor pom name istack common utility code runtime High Vendor pom parent-artifactid istack-commons Low Product pom artifactid istack-commons-runtime Highest Product pom groupid com.sun.istack Highest Product pom name istack common utility code runtime High Product pom parent-artifactid istack-commons Medium Version pom version 3.0.11 Highest
jaxb-impl-2.3.3.jar (shaded: org.glassfish.jaxb:jaxb-runtime:2.3.3)Description:
JAXB (JSR 222) Reference Implementation File Path: /var/simplicite/.m2/repository/com/sun/xml/bind/jaxb-impl/2.3.3/jaxb-impl-2.3.3.jar/META-INF/maven/org.glassfish.jaxb/jaxb-runtime/pom.xmlMD5: 7612c04cd616dd6d2a471427a3b87518SHA1: 2efabedb3f95d04c4b1aa6c71beb16d6d1283f95SHA256: 92dfe5a3925a9194f0a348ca7a4d5ae7dc64fca79ceab5bcd04ef947f42f36f4Referenced In Project/Scope: Simplicite Platform:compile
Evidence Type Source Name Value Confidence Vendor pom artifactid jaxb-runtime Low Vendor pom groupid org.glassfish.jaxb Highest Vendor pom name JAXB Runtime High Vendor pom parent-artifactid jaxb-runtime-parent Low Vendor pom parent-groupid com.sun.xml.bind.mvn Medium Product pom artifactid jaxb-runtime Highest Product pom groupid org.glassfish.jaxb Highest Product pom name JAXB Runtime High Product pom parent-artifactid jaxb-runtime-parent Medium Product pom parent-groupid com.sun.xml.bind.mvn Medium Version pom version 2.3.3 Highest
jaxb-impl-2.3.3.jar (shaded: org.glassfish.jaxb:txw2:2.3.3)Description:
TXW is a library that allows you to write XML documents.
File Path: /var/simplicite/.m2/repository/com/sun/xml/bind/jaxb-impl/2.3.3/jaxb-impl-2.3.3.jar/META-INF/maven/org.glassfish.jaxb/txw2/pom.xmlMD5: d500c9f1fa5827030d0ecee5e5b8122bSHA1: 69002631b1dd2c1205c099feaca71689090e3fa1SHA256: 578621ff5ae4feaf6e41c3e0575ba67db3aa57aeb70ed68611795cddfb4b577fReferenced In Project/Scope: Simplicite Platform:compile
Evidence Type Source Name Value Confidence Vendor pom artifactid txw2 Low Vendor pom groupid org.glassfish.jaxb Highest Vendor pom name TXW2 Runtime High Vendor pom parent-artifactid jaxb-txw-parent Low Vendor pom parent-groupid com.sun.xml.bind.mvn Medium Product pom artifactid txw2 Highest Product pom groupid org.glassfish.jaxb Highest Product pom name TXW2 Runtime High Product pom parent-artifactid jaxb-txw-parent Medium Product pom parent-groupid com.sun.xml.bind.mvn Medium Version pom version 2.3.3 Highest
jaxb-impl-2.3.3.jarDescription:
Old JAXB Runtime module. Contains sources required for runtime processing. License:
http://www.eclipse.org/org/documents/edl-v10.php File Path: /var/simplicite/.m2/repository/com/sun/xml/bind/jaxb-impl/2.3.3/jaxb-impl-2.3.3.jar
MD5: 8f59ab4ced2bb2e3a732e924852fac98
SHA1: 3758e8c1664979749e647a9ca8c7ea1cd83c9b1e
SHA256: e5178d0c7948247f75a13c689bf36f4d5d4910a121f712aa3b20ae94377069d8
Referenced In Project/Scope: Simplicite Platform:compile
jaxb-impl-2.3.3.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.apache.jclouds/jclouds-core@2.4.0
Evidence Type Source Name Value Confidence Vendor file name jaxb-impl High Vendor jar package name bind Highest Vendor jar package name com Highest Vendor jar package name sun Highest Vendor jar package name xml Highest Vendor jar (hint) package name oracle Highest Vendor Manifest bundle-docurl https://www.eclipse.org Low Vendor Manifest bundle-symbolicname com.sun.xml.bind.jaxb-impl Medium Vendor Manifest git-revision 60e0433 Low Vendor Manifest Implementation-Vendor Eclipse Foundation High Vendor Manifest Implementation-Vendor-Id org.eclipse Medium Vendor Manifest multi-release true Low Vendor pom artifactid jaxb-impl Highest Vendor pom artifactid jaxb-impl Low Vendor pom groupid com.sun.xml.bind Highest Vendor pom name Old JAXB Runtime High Vendor pom parent-artifactid jaxb-bundles Low Vendor pom parent-groupid com.sun.xml.bind.mvn Medium Product file name jaxb-impl High Product jar package name bind Highest Product jar package name com Highest Product jar package name sun Highest Product jar package name xml Highest Product Manifest bundle-docurl https://www.eclipse.org Low Product Manifest Bundle-Name Old JAXB Runtime Medium Product Manifest bundle-symbolicname com.sun.xml.bind.jaxb-impl Medium Product Manifest git-revision 60e0433 Low Product Manifest Implementation-Title Jakarta XML Binding Implementation High Product Manifest multi-release true Low Product Manifest specification-title Jakarta XML Binding Medium Product pom artifactid jaxb-impl Highest Product pom groupid com.sun.xml.bind Highest Product pom name Old JAXB Runtime High Product pom parent-artifactid jaxb-bundles Medium Product pom parent-groupid com.sun.xml.bind.mvn Medium Version file version 2.3.3 High Version Manifest build-id 2.3.3 Medium Version Manifest Bundle-Version 2.3.3 High Version Manifest Implementation-Version 2.3.3 High Version Manifest major-version 2.3.3 Medium Version pom version 2.3.3 Highest
jaxb-svg11-1.0.2.jarDescription:
JAXB classes modelling SVG 1.1 License:
Apache 2: http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /var/simplicite/.m2/repository/org/plutext/jaxb-svg11/1.0.2/jaxb-svg11-1.0.2.jar
MD5: 91f22bed36295692c384e846dfc460b0
SHA1: 3c0cd54d5691f5b5f8c60ed0c06353ff1db424e1
SHA256: 6799f39d49d9dbfef140e76b33d0884d55372935768a3955900eb022576a760d
Referenced In Project/Scope: Simplicite Platform:compile
jaxb-svg11-1.0.2.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.docx4j/docx4j-core@11.2.9
Evidence Type Source Name Value Confidence Vendor file name jaxb-svg11 High Vendor jar package name jaxb Highest Vendor jar package name jaxb Low Vendor jar package name plutext Highest Vendor jar package name plutext Low Vendor jar package name svg Highest Vendor jar package name svg11 Highest Vendor jar package name svg11 Low Vendor pom artifactid jaxb-svg11 Highest Vendor pom artifactid jaxb-svg11 Low Vendor pom developer email jason@plutext.org Low Vendor pom developer id jharrop Medium Vendor pom developer name Jason Harrop Medium Vendor pom developer org Plutext Medium Vendor pom groupid org.plutext Highest Vendor pom name jaxb-svg11 High Vendor pom url plutext/JAXB-classes-for-SVG Highest Product file name jaxb-svg11 High Product jar package name jaxb Highest Product jar package name jaxb Low Product jar package name plutext Highest Product jar package name svg Highest Product jar package name svg11 Highest Product jar package name svg11 Low Product pom artifactid jaxb-svg11 Highest Product pom developer email jason@plutext.org Low Product pom developer id jharrop Low Product pom developer name Jason Harrop Low Product pom developer org Plutext Low Product pom groupid org.plutext Highest Product pom name jaxb-svg11 High Product pom url plutext/JAXB-classes-for-SVG High Version file version 1.0.2 High Version pom version 1.0.2 Highest
jaxb-xjc-2.3.4.jarDescription:
JAXB Binding Compiler. Contains source code needed for binding customization files into java sources.
In other words: the *tool* to generate java classes for the given xml representation.
File Path: /var/simplicite/.m2/repository/org/glassfish/jaxb/jaxb-xjc/2.3.4/jaxb-xjc-2.3.4.jarMD5: 3dbfc9f439c82f35f5fa2e4e5ba46d1dSHA1: 2ffd30b67f304df5bd440048469e63be4ab45be5SHA256: e03c5df079afb7366e8b7d4bf159898e7f646fbe77cd6e3486a51b1113877713Referenced In Project/Scope: Simplicite Platform:compilejaxb-xjc-2.3.4.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.simplicite/simplicite@5.2.54
Evidence Type Source Name Value Confidence Vendor file name jaxb-xjc High Vendor jar package name com Highest Vendor jar package name sun Highest Vendor jar package name xjc Highest Vendor jar (hint) package name oracle Highest Vendor Manifest git-revision 2a16b4e Low Vendor Manifest Implementation-Vendor Eclipse Foundation High Vendor Manifest Implementation-Vendor-Id org.eclipse Medium Vendor Manifest multi-release true Low Vendor pom artifactid jaxb-xjc Highest Vendor pom artifactid jaxb-xjc Low Vendor pom groupid org.glassfish.jaxb Highest Vendor pom name JAXB XJC High Vendor pom parent-artifactid jaxb-parent Low Vendor pom parent-groupid com.sun.xml.bind.mvn Medium Product file name jaxb-xjc High Product jar package name com Highest Product jar package name sun Highest Product jar package name xjc Highest Product Manifest git-revision 2a16b4e Low Product Manifest Implementation-Title Jakarta XML Binding Implementation High Product Manifest multi-release true Low Product Manifest specification-title Jakarta XML Binding Medium Product pom artifactid jaxb-xjc Highest Product pom groupid org.glassfish.jaxb Highest Product pom name JAXB XJC High Product pom parent-artifactid jaxb-parent Medium Product pom parent-groupid com.sun.xml.bind.mvn Medium Version file version 2.3.4 High Version Manifest build-id 2.3.4 Medium Version Manifest Implementation-Version 2.3.4 High Version Manifest major-version 2.3.4 Medium Version pom version 2.3.4 Highest
Related Dependencies jaxb-runtime-2.3.4.jarFile Path: /var/simplicite/.m2/repository/org/glassfish/jaxb/jaxb-runtime/2.3.4/jaxb-runtime-2.3.4.jar MD5: da74c0c22d36ddbf71e0274ab1341265 SHA1: 5f3828d3a345ff3d8acb83f07ba04eccf59e15bb SHA256: 2881182f9a1b4e76ac1fcbdedfb60f306824ded657980e048cfff21128e067d5 pkg:maven/org.glassfish.jaxb/jaxb-runtime@2.3.4 jbig2-imageio-3.0.3.jarDescription:
Java Image I/O plugin for reading JBIG2-compressed image data.
Formerly known as the levigo JBig2 ImageIO plugin (com.levigo.jbig2:levigo-jbig2-imageio).
File Path: /var/simplicite/.m2/repository/org/apache/pdfbox/jbig2-imageio/3.0.3/jbig2-imageio-3.0.3.jarMD5: 3c19c78788d7669c1caf2ee8ccb84a54SHA1: 1719861ff0b86162c5b391fb4d1084c05ff72b35SHA256: c80110fda57128563d3d0656bff78da8bf35a934cf54edfa10e8b76fc6389929Referenced In Project/Scope: Simplicite Platform:compilejbig2-imageio-3.0.3.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.simplicite/simplicite@5.2.54
Evidence Type Source Name Value Confidence Vendor file name jbig2-imageio High Vendor jar package name apache Highest Vendor jar package name image Highest Vendor jar package name jbig2 Highest Vendor jar package name pdfbox Highest Vendor Manifest automatic-module-name org.apache.pdfbox.jbig2 Medium Vendor Manifest implementation-url https://www.apache.org/jbig2-imageio/ Low Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor Manifest Implementation-Vendor-Id org.apache.pdfbox Medium Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor pom artifactid jbig2-imageio Highest Vendor pom artifactid jbig2-imageio Low Vendor pom developer id adam Medium Vendor pom developer id blitchfield Medium Vendor pom developer id carrier Medium Vendor pom developer id danielwilson Medium Vendor pom developer id gbailleul Medium Vendor pom developer id hennejg Medium Vendor pom developer id holdersn Medium Vendor pom developer id jahewson Medium Vendor pom developer id jeremias Medium Vendor pom developer id jukka Medium Vendor pom developer id kjackson Medium Vendor pom developer id koch Medium Vendor pom developer id koehlecn Medium Vendor pom developer id lehmi Medium Vendor pom developer id leleueri Medium Vendor pom developer id mmayer Medium Vendor pom developer id msayhoun Medium Vendor pom developer id pkoch Medium Vendor pom developer id tallison Medium Vendor pom developer id tboehme Medium Vendor pom developer id tchojecki Medium Vendor pom developer id tilman Medium Vendor pom developer id vfed Medium Vendor pom developer name Adam Nichols Medium Vendor pom developer name Andreas Lehmkühler Medium Vendor pom developer name Ben Litchfield Medium Vendor pom developer name Brian Carrier Medium Vendor pom developer name Carolin Köhler Medium Vendor pom developer name Daniel Wilson Medium Vendor pom developer name Eric Leleu Medium Vendor pom developer name Guillaume Bailleul Medium Vendor pom developer name Jeremias Maerki Medium Vendor pom developer name Johannes Koch Medium Vendor pom developer name John Hewson Medium Vendor pom developer name Jukka Zitting Medium Vendor pom developer name Jörg Henne Medium Vendor pom developer name Kevin Jackson Medium Vendor pom developer name Maruan Sayhoun Medium Vendor pom developer name Matthäus Mayer Medium Vendor pom developer name Phillipp Koch Medium Vendor pom developer name Sebastian Holder Medium Vendor pom developer name Thomas Chojecki Medium Vendor pom developer name Tilman Hausherr Medium Vendor pom developer name Tim Allison Medium Vendor pom developer name Timo Boehme Medium Vendor pom developer name Villu Ruusmann Medium Vendor pom groupid org.apache.pdfbox Highest Vendor pom name PDFBox JBIG2 ImageIO plugin High Vendor pom organization name The Apache Software Foundation High Vendor pom organization url http://pdfbox.apache.org Medium Vendor pom parent-artifactid apache Low Vendor pom parent-groupid org.apache Medium Product file name jbig2-imageio High Product jar package name apache Highest Product jar package name image Highest Product jar package name jbig2 Highest Product jar package name pdfbox Highest Product Manifest automatic-module-name org.apache.pdfbox.jbig2 Medium Product Manifest Implementation-Title PDFBox JBIG2 ImageIO plugin High Product Manifest implementation-url https://www.apache.org/jbig2-imageio/ Low Product Manifest specification-title PDFBox JBIG2 ImageIO plugin Medium Product pom artifactid jbig2-imageio Highest Product pom developer id adam Low Product pom developer id blitchfield Low Product pom developer id carrier Low Product pom developer id danielwilson Low Product pom developer id gbailleul Low Product pom developer id hennejg Low Product pom developer id holdersn Low Product pom developer id jahewson Low Product pom developer id jeremias Low Product pom developer id jukka Low Product pom developer id kjackson Low Product pom developer id koch Low Product pom developer id koehlecn Low Product pom developer id lehmi Low Product pom developer id leleueri Low Product pom developer id mmayer Low Product pom developer id msayhoun Low Product pom developer id pkoch Low Product pom developer id tallison Low Product pom developer id tboehme Low Product pom developer id tchojecki Low Product pom developer id tilman Low Product pom developer id vfed Low Product pom developer name Adam Nichols Low Product pom developer name Andreas Lehmkühler Low Product pom developer name Ben Litchfield Low Product pom developer name Brian Carrier Low Product pom developer name Carolin Köhler Low Product pom developer name Daniel Wilson Low Product pom developer name Eric Leleu Low Product pom developer name Guillaume Bailleul Low Product pom developer name Jeremias Maerki Low Product pom developer name Johannes Koch Low Product pom developer name John Hewson Low Product pom developer name Jukka Zitting Low Product pom developer name Jörg Henne Low Product pom developer name Kevin Jackson Low Product pom developer name Maruan Sayhoun Low Product pom developer name Matthäus Mayer Low Product pom developer name Phillipp Koch Low Product pom developer name Sebastian Holder Low Product pom developer name Thomas Chojecki Low Product pom developer name Tilman Hausherr Low Product pom developer name Tim Allison Low Product pom developer name Timo Boehme Low Product pom developer name Villu Ruusmann Low Product pom groupid org.apache.pdfbox Highest Product pom name PDFBox JBIG2 ImageIO plugin High Product pom organization name The Apache Software Foundation Low Product pom organization url http://pdfbox.apache.org Low Product pom parent-artifactid apache Medium Product pom parent-groupid org.apache Medium Version file version 3.0.3 High Version Manifest Implementation-Version 3.0.3 High Version pom parent-version 3.0.3 Low Version pom version 3.0.3 Highest
jcip-annotations-1.0.jarFile Path: /var/simplicite/.m2/repository/net/jcip/jcip-annotations/1.0/jcip-annotations-1.0.jarMD5: 9d5272954896c5a5d234f66b7372b17aSHA1: afba4942caaeaf46aab0b976afd57cc7c181467eSHA256: be5805392060c71474bf6c9a67a099471274d30b83eef84bfc4e0889a4f1dcc0Referenced In Project/Scope: Simplicite Platform:compilejcip-annotations-1.0.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.apache.tika/tika-parsers@1.27
Evidence Type Source Name Value Confidence Vendor file name jcip-annotations High Vendor jar package name annotations Highest Vendor jar package name annotations Low Vendor jar package name jcip Highest Vendor jar package name jcip Low Vendor jar package name net Highest Vendor jar package name net Low Vendor pom artifactid jcip-annotations Highest Vendor pom artifactid jcip-annotations Low Vendor pom groupid net.jcip Highest Vendor pom name "Java Concurrency in Practice" book annotations High Vendor pom url http://jcip.net/ Highest Product file name jcip-annotations High Product jar package name annotations Highest Product jar package name annotations Low Product jar package name jcip Highest Product jar package name jcip Low Product jar package name net Highest Product pom artifactid jcip-annotations Highest Product pom groupid net.jcip Highest Product pom name "Java Concurrency in Practice" book annotations High Product pom url http://jcip.net/ Medium Version file version 1.0 High Version pom version 1.0 Highest
jcl-over-slf4j-1.7.32.jarDescription:
JCL 1.2 implemented over SLF4J License:
Apache License, Version 2.0: https://www.apache.org/licenses/LICENSE-2.0.txt File Path: /var/simplicite/.m2/repository/org/slf4j/jcl-over-slf4j/1.7.32/jcl-over-slf4j-1.7.32.jar
MD5: 8788169f5d5be6550efc75d3bfffc82c
SHA1: 32c060250bcc5282cdbc1fd7008c12eb4ebad00e
SHA256: 60f3bda5922e3912889cca1311d1b227753610bf60cb4e5e914e8b2eaa0326b4
Referenced In Project/Scope: Simplicite Platform:compile
jcl-over-slf4j-1.7.32.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.simplicite/simplicite@5.2.54
Evidence Type Source Name Value Confidence Vendor file name jcl-over-slf4j High Vendor jar package name apache Highest Vendor jar package name commons Highest Vendor jar package name logging Highest Vendor Manifest automatic-module-name org.apache.commons.logging Medium Vendor Manifest bundle-requiredexecutionenvironment J2SE-1.5 Low Vendor Manifest bundle-symbolicname jcl.over.slf4j Medium Vendor pom artifactid jcl-over-slf4j Highest Vendor pom artifactid jcl-over-slf4j Low Vendor pom groupid org.slf4j Highest Vendor pom name JCL 1.2 implemented over SLF4J High Vendor pom parent-artifactid slf4j-parent Low Vendor pom url http://www.slf4j.org Highest Product file name jcl-over-slf4j High Product jar package name apache Highest Product jar package name commons Highest Product jar package name logging Highest Product Manifest automatic-module-name org.apache.commons.logging Medium Product Manifest Bundle-Name jcl-over-slf4j Medium Product Manifest bundle-requiredexecutionenvironment J2SE-1.5 Low Product Manifest bundle-symbolicname jcl.over.slf4j Medium Product Manifest Implementation-Title jcl-over-slf4j High Product pom artifactid jcl-over-slf4j Highest Product pom groupid org.slf4j Highest Product pom name JCL 1.2 implemented over SLF4J High Product pom parent-artifactid slf4j-parent Medium Product pom url http://www.slf4j.org Medium Version file version 1.7.32 High Version Manifest Bundle-Version 1.7.32 High Version Manifest Implementation-Version 1.7.32 High Version pom version 1.7.32 Highest
jclouds-core-2.4.0.jarDescription:
Core components to access jclouds services File Path: /var/simplicite/.m2/repository/org/apache/jclouds/jclouds-core/2.4.0/jclouds-core-2.4.0.jarMD5: c15a0a4da4197a0cc78c03937e3afa91SHA1: 95bdded2ac8e0391dfc5bce5376f2d68a39c280fSHA256: d8afd892c2a6aa443d1412e7c8bc938e50c1bbbe2e14538af78e3461c9772215Referenced In Project/Scope: Simplicite Platform:compilejclouds-core-2.4.0.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.simplicite/simplicite@5.2.54
Evidence Type Source Name Value Confidence Vendor file name jclouds-core High Vendor jar package name jclouds Highest Vendor Manifest bundle-symbolicname jclouds-core Medium Vendor Manifest implementation-url https://jclouds.apache.org/jclouds-core/ Low Vendor Manifest Implementation-Vendor jclouds High Vendor Manifest Implementation-Vendor-Id org.apache.jclouds Medium Vendor Manifest specification-vendor jclouds Low Vendor pom artifactid jclouds-core Highest Vendor pom artifactid jclouds-core Low Vendor pom groupid org.apache.jclouds Highest Vendor pom name jclouds Components Core High Vendor pom parent-artifactid jclouds-project Low Product file name jclouds-core High Product jar package name jclouds Highest Product Manifest Bundle-Name jclouds Components Core Medium Product Manifest bundle-symbolicname jclouds-core Medium Product Manifest Implementation-Title jclouds Components Core High Product Manifest implementation-url https://jclouds.apache.org/jclouds-core/ Low Product Manifest specification-title jclouds jclouds Components Core Medium Product pom artifactid jclouds-core Highest Product pom groupid org.apache.jclouds Highest Product pom name jclouds Components Core High Product pom parent-artifactid jclouds-project Medium Version file version 2.4.0 High Version Manifest Bundle-Version 2.4.0 High Version Manifest Implementation-Version 2.4.0 High Version pom version 2.4.0 Highest
Related Dependencies jclouds-blobstore-2.4.0.jarFile Path: /var/simplicite/.m2/repository/org/apache/jclouds/jclouds-blobstore/2.4.0/jclouds-blobstore-2.4.0.jar MD5: 86c6aef393cb1ca68d6aba0f9840b993 SHA1: e28ec0d3d87d2b2cd8cc245b449836cc0216597a SHA256: ea2d8bd1d49465f3119f3a8d0320e8d954e1bcc7b8e992f53ec426771f1b57f9 pkg:maven/org.apache.jclouds/jclouds-blobstore@2.4.0 jclouds-slf4j-2.4.0.jarFile Path: /var/simplicite/.m2/repository/org/apache/jclouds/driver/jclouds-slf4j/2.4.0/jclouds-slf4j-2.4.0.jar MD5: 2f42716af4238f7d7d17dcec8a001721 SHA1: 30f635235bc353109950d1fd102f21f37715a34e SHA256: dd87eacb5390308bf55d71676576994906a43c8b95deb8699ea747a67631c2b1 pkg:maven/org.apache.jclouds.driver/jclouds-slf4j@2.4.0 jclouds-core-2.4.0.jar: gson-2.8.5.jarDescription:
Gson JSON library File Path: /var/simplicite/.m2/repository/org/apache/jclouds/jclouds-core/2.4.0/jclouds-core-2.4.0.jar/lib/gson-2.8.5.jarMD5: 089104cb90d8b4e1aa00b1f5faef0742SHA1: f645ed69d595b24d4cf8b3fbb64cc505bede8829SHA256: 233a0149fc365c9f6edbd683cfe266b19bdc773be98eabdaf6b3c924b48e7d81Referenced In Project/Scope: Simplicite Platform:compile
Evidence Type Source Name Value Confidence Vendor file name gson High Vendor jar package name google Highest Vendor jar package name gson Highest Vendor Manifest bundle-contactaddress https://github.com/google/gson Low Vendor Manifest bundle-requiredexecutionenvironment J2SE-1.5, JavaSE-1.6, JavaSE-1.7, JavaSE-1.8 Low Vendor Manifest bundle-symbolicname com.google.gson Medium Vendor pom artifactid gson Low Vendor pom groupid com.google.code.gson Highest Vendor pom name Gson High Vendor pom parent-artifactid gson-parent Low Product file name gson High Product jar package name google Highest Product jar package name gson Highest Product Manifest bundle-contactaddress https://github.com/google/gson Low Product Manifest Bundle-Name Gson Medium Product Manifest bundle-requiredexecutionenvironment J2SE-1.5, JavaSE-1.6, JavaSE-1.7, JavaSE-1.8 Low Product Manifest bundle-symbolicname com.google.gson Medium Product pom artifactid gson Highest Product pom groupid com.google.code.gson Highest Product pom name Gson High Product pom parent-artifactid gson-parent Medium Version file version 2.8.5 High Version Manifest Bundle-Version 2.8.5 High Version pom version 2.8.5 Highest
CVE-2022-25647 suppress
The package com.google.code.gson:gson before 2.8.9 are vulnerable to Deserialization of Untrusted Data via the writeReplace() method in internal classes, which may lead to DoS attacks. CWE-502 Deserialization of Untrusted Data
CVSSv2:
Base Score: MEDIUM (5.0) Vector: /AV:N/AC:L/Au:N/C:N/I:N/A:P CVSSv3:
Base Score: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H References:
Vulnerable Software & Versions: (show all )
jcommander-1.81.jarDescription:
Command line parsing library for Java License:
Apache License, Version 2.0: https://www.apache.org/licenses/LICENSE-2.0.txt File Path: /var/simplicite/.m2/repository/com/beust/jcommander/1.81/jcommander-1.81.jar
MD5: 8fb20390e744cb6902b06005fabc9a9e
SHA1: 9ca9dd27bb28e5990ad01aec5bb2989f50b6ff3e
SHA256: 9d8b42979c99f3daa99102fe9ba1fb25f52226cb48cf58bc18acb93132e41a05
Referenced In Project/Scope: Simplicite Platform:compile
jcommander-1.81.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.apache.tika/tika-parsers@1.27
Evidence Type Source Name Value Confidence Vendor file name jcommander High Vendor jar package name beust Highest Vendor jar package name beust Low Vendor jar package name jcommander Highest Vendor jar package name jcommander Low Vendor pom artifactid jcommander Highest Vendor pom artifactid jcommander Low Vendor pom developer email cedric@beust.com Low Vendor pom developer id cbeust Medium Vendor pom developer name Cedric Beust Medium Vendor pom groupid com.beust Highest Vendor pom name jcommander High Vendor pom url https://jcommander.org Highest Product file name jcommander High Product jar package name beust Highest Product jar package name jcommander Highest Product jar package name jcommander Low Product pom artifactid jcommander Highest Product pom developer email cedric@beust.com Low Product pom developer id cbeust Low Product pom developer name Cedric Beust Low Product pom groupid com.beust Highest Product pom name jcommander High Product pom url https://jcommander.org Medium Version file version 1.81 High Version pom version 1.81 Highest
jdom2-2.0.6.jarDescription:
A complete, Java-based solution for accessing, manipulating,
and outputting XML data
License:
Similar to Apache License but with the acknowledgment clause removed: https://raw.github.com/hunterhacker/jdom/master/LICENSE.txt File Path: /var/simplicite/.m2/repository/org/jdom/jdom2/2.0.6/jdom2-2.0.6.jar
MD5: 86a30c9b1ddc08ca155747890db423b7
SHA1: 6f14738ec2e9dd0011e343717fa624a10f8aab64
SHA256: 1345f11ba606d15603d6740551a8c21947c0215640770ec67271fe78bea97cf5
Referenced In Project/Scope: Simplicite Platform:compile
jdom2-2.0.6.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.apache.tika/tika-parsers@1.27
Evidence Type Source Name Value Confidence Vendor file name jdom2 High Vendor jar package name jdom2 Highest Vendor manifest: org/jdom2/ Implementation-Vendor jdom.org Medium Vendor manifest: org/jdom2/adapters/ Implementation-Vendor jdom.org Medium Vendor manifest: org/jdom2/filter/ Implementation-Vendor jdom.org Medium Vendor manifest: org/jdom2/input/ Implementation-Vendor jdom.org Medium Vendor manifest: org/jdom2/output/ Implementation-Vendor jdom.org Medium Vendor manifest: org/jdom2/transform/ Implementation-Vendor jdom.org Medium Vendor manifest: org/jdom2/xpath/ Implementation-Vendor jdom.org Medium Vendor pom artifactid jdom2 Highest Vendor pom artifactid jdom2 Low Vendor pom developer email jdom@tuis.net Low Vendor pom developer email jhunter@servlets.com Low Vendor pom developer id hunterhacker Medium Vendor pom developer id rolfl Medium Vendor pom developer name Jason Hunter Medium Vendor pom developer name Rolf Lear Medium Vendor pom groupid org.jdom Highest Vendor pom name JDOM High Vendor pom organization name JDOM High Vendor pom organization url http://www.jdom.org Medium Vendor pom url http://www.jdom.org Highest Product file name jdom2 High Product jar package name adapters Highest Product jar package name filter Highest Product jar package name input Highest Product jar package name jdom2 Highest Product jar package name output Highest Product jar package name transform Highest Product jar package name xpath Highest Product manifest: org/jdom2/ Implementation-Title org.jdom2 Medium Product manifest: org/jdom2/ Specification-Title JDOM Classes Medium Product manifest: org/jdom2/adapters/ Implementation-Title org.jdom2.adapters Medium Product manifest: org/jdom2/adapters/ Specification-Title JDOM Adapter Classes Medium Product manifest: org/jdom2/filter/ Implementation-Title org.jdom2.filter Medium Product manifest: org/jdom2/filter/ Specification-Title JDOM Filter Classes Medium Product manifest: org/jdom2/input/ Implementation-Title org.jdom2.input Medium Product manifest: org/jdom2/input/ Specification-Title JDOM Input Classes Medium Product manifest: org/jdom2/output/ Implementation-Title org.jdom2.output Medium Product manifest: org/jdom2/output/ Specification-Title JDOM Output Classes Medium Product manifest: org/jdom2/transform/ Implementation-Title org.jdom2.transform Medium Product manifest: org/jdom2/transform/ Specification-Title JDOM Transformation Classes Medium Product manifest: org/jdom2/xpath/ Implementation-Title org.jdom2.xpath Medium Product manifest: org/jdom2/xpath/ Specification-Title JDOM XPath Classes Medium Product pom artifactid jdom2 Highest Product pom developer email jdom@tuis.net Low Product pom developer email jhunter@servlets.com Low Product pom developer id hunterhacker Low Product pom developer id rolfl Low Product pom developer name Jason Hunter Low Product pom developer name Rolf Lear Low Product pom groupid org.jdom Highest Product pom name JDOM High Product pom organization name JDOM Low Product pom organization url http://www.jdom.org Low Product pom url http://www.jdom.org Medium Version file version 2.0.6 High Version manifest: org/jdom2/ Implementation-Version 2.0.6 Medium Version manifest: org/jdom2/adapters/ Implementation-Version 2.0.6 Medium Version manifest: org/jdom2/filter/ Implementation-Version 2.0.6 Medium Version manifest: org/jdom2/input/ Implementation-Version 2.0.6 Medium Version manifest: org/jdom2/output/ Implementation-Version 2.0.6 Medium Version manifest: org/jdom2/transform/ Implementation-Version 2.0.6 Medium Version manifest: org/jdom2/xpath/ Implementation-Version 2.0.6 Medium Version pom version 2.0.6 Highest
CVE-2021-33813 suppress
An XXE issue in SAXBuilder in JDOM through 2.0.6 allows attackers to cause a denial of service via a crafted HTTP request. CWE-611 Improper Restriction of XML External Entity Reference
CVSSv2:
Base Score: MEDIUM (5.0) Vector: /AV:N/AC:L/Au:N/C:N/I:N/A:P CVSSv3:
Base Score: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H References:
Vulnerable Software & Versions: (show all )
jedis-3.7.0.jarDescription:
Jedis is a blazingly small and sane Redis java client. License:
MIT: http://github.com/redis/jedis/raw/master/LICENSE.txt File Path: /var/simplicite/.m2/repository/redis/clients/jedis/3.7.0/jedis-3.7.0.jar
MD5: 6d0cb033af256883dae5a54832ae299a
SHA1: ef74361bcfec4fdcc63e0141ff744d1774ad809b
SHA256: 2bfa2cc3ef6ae1ca14a1d51a5e5f31ab7aeede7da5f1c6fd198a992b27ba9aab
Referenced In Project/Scope: Simplicite Platform:compile
jedis-3.7.0.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.simplicite/simplicite@5.2.54
Evidence Type Source Name Value Confidence Vendor file name jedis High Vendor jar package name client Highest Vendor jar package name clients Highest Vendor jar package name jedis Highest Vendor jar package name redis Highest Vendor Manifest automatic-module-name redis.clients.jedis Medium Vendor Manifest bundle-symbolicname redis.clients.jedis Medium Vendor pom artifactid jedis Highest Vendor pom artifactid jedis Low Vendor pom groupid redis.clients Highest Vendor pom name Jedis High Vendor pom url redis/jedis Highest Product file name jedis High Product jar package name client Highest Product jar package name clients Highest Product jar package name jedis Highest Product jar package name redis Highest Product Manifest automatic-module-name redis.clients.jedis Medium Product Manifest Bundle-Name Jedis Medium Product Manifest bundle-symbolicname redis.clients.jedis Medium Product pom artifactid jedis Highest Product pom groupid redis.clients Highest Product pom name Jedis High Product pom url redis/jedis High Version file version 3.7.0 High Version Manifest Bundle-Version 3.7.0 High Version pom version 3.7.0 Highest
jempbox-1.8.16.jarDescription:
The Apache JempBox library is an open source Java tool that implements Adobe's XMP(TM)
specification. JempBox is a subproject of Apache PDFBox.
License:
http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /var/simplicite/.m2/repository/org/apache/pdfbox/jempbox/1.8.16/jempbox-1.8.16.jar
MD5: 1cb997cdd8302c7e19131c81ba0b7ee2
SHA1: 1f41de81768ef84ca2d8cda4cb79e9272c8ee966
SHA256: ebef7cca5a5a77768e686972b4a89f0ffce7b46907fd96ac3d4f6ce2fa038055
Referenced In Project/Scope: Simplicite Platform:compile
jempbox-1.8.16.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.apache.tika/tika-parsers@1.27
Evidence Type Source Name Value Confidence Vendor file name jempbox High Vendor jar package name apache Highest Vendor jar package name jempbox Highest Vendor jar package name xmp Highest Vendor Manifest bundle-docurl http://pdfbox.apache.org Low Vendor Manifest bundle-symbolicname org.apache.pdfbox.jempbox Medium Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor Manifest Implementation-Vendor-Id org.apache.pdfbox Medium Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor pom artifactid jempbox Highest Vendor pom artifactid jempbox Low Vendor pom groupid org.apache.pdfbox Highest Vendor pom name Apache JempBox High Vendor pom parent-artifactid pdfbox-parent Low Product file name jempbox High Product jar package name apache Highest Product jar package name jempbox Highest Product jar package name xmp Highest Product Manifest bundle-docurl http://pdfbox.apache.org Low Product Manifest Bundle-Name Apache JempBox Medium Product Manifest bundle-symbolicname org.apache.pdfbox.jempbox Medium Product Manifest Implementation-Title Apache JempBox High Product Manifest specification-title Apache JempBox Medium Product pom artifactid jempbox Highest Product pom groupid org.apache.pdfbox Highest Product pom name Apache JempBox High Product pom parent-artifactid pdfbox-parent Medium Version file version 1.8.16 High Version Manifest Bundle-Version 1.8.16 High Version Manifest Implementation-Version 1.8.16 High Version pom version 1.8.16 Highest
jersey-common-2.29.1.jarDescription:
Jersey core common packages License:
EPL 2.0: http://www.eclipse.org/legal/epl-2.0
The GNU General Public License (GPL), Version 2, With Classpath Exception: https://www.gnu.org/software/classpath/license.html
Apache License, 2.0: http://www.apache.org/licenses/LICENSE-2.0.html
Public Domain: https://creativecommons.org/publicdomain/zero/1.0/ File Path: /var/simplicite/.m2/repository/org/glassfish/jersey/core/jersey-common/2.29.1/jersey-common-2.29.1.jar
MD5: acb846e05010206d0673977940da9bee
SHA1: ea60b9ace56f1ae758c2eebbb48e8387d959102f
SHA256: 923c7b4af55430c80ce33e39731d6f7b1db6746e8aa6d4009eeb154a3e1e0f32
Referenced In Project/Scope: Simplicite Platform:provided
jersey-common-2.29.1.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.docusign/docusign-esign-java@3.14.0
Evidence Type Source Name Value Confidence Vendor file name jersey-common High Vendor jar package name glassfish Highest Vendor jar package name jersey Highest Vendor jar package name org Highest Vendor Manifest bundle-docurl https://www.eclipse.org/org/foundation/ Low Vendor Manifest bundle-symbolicname org.glassfish.jersey.core.jersey-common Medium Vendor Manifest multi-release true Low Vendor pom artifactid jersey-common Highest Vendor pom artifactid jersey-common Low Vendor pom groupid org.glassfish.jersey.core Highest Vendor pom name jersey-core-common High Vendor pom parent-artifactid project Low Vendor pom parent-groupid org.glassfish.jersey Medium Product file name jersey-common High Product jar package name glassfish Highest Product jar package name jersey Highest Product jar package name org Highest Product Manifest bundle-docurl https://www.eclipse.org/org/foundation/ Low Product Manifest Bundle-Name jersey-core-common Medium Product Manifest bundle-symbolicname org.glassfish.jersey.core.jersey-common Medium Product Manifest multi-release true Low Product pom artifactid jersey-common Highest Product pom groupid org.glassfish.jersey.core Highest Product pom name jersey-core-common High Product pom parent-artifactid project Medium Product pom parent-groupid org.glassfish.jersey Medium Version file version 2.29.1 High Version Manifest Bundle-Version 2.29.1 High Version pom version 2.29.1 Highest
CVE-2021-28168 (OSSINDEX) suppress
Eclipse Jersey 2.28 to 2.33 and Eclipse Jersey 3.0.0 to 3.0.1 contains a local information disclosure vulnerability. This is due to the use of the File.createTempFile which creates a file inside of the system temporary directory with the permissions: -rw-r--r--. Thus the contents of this file are viewable by all other users locally on the system. As such, if the contents written is security sensitive, it can be disclosed to other local users. CWE-378 Creation of Temporary File With Insecure Permissions
CVSSv2:
Base Score: MEDIUM (5.5) Vector: /AV:L/AC:L/Au:/C:H/I:N/A:N References:
Vulnerable Software & Versions (OSSINDEX):
cpe:2.3:a:org.glassfish.jersey.core:jersey-common:2.29.1:*:*:*:*:*:*:* jersey-hk2-2.29.1.jarDescription:
HK2 InjectionManager implementation License:
http://www.eclipse.org/legal/epl-2.0, https://www.gnu.org/software/classpath/license.html, http://www.eclipse.org/org/documents/edl-v10.php, https://opensource.org/licenses/BSD-2-Clause, http://www.apache.org/licenses/LICENSE-2.0.html, https://creativecommons.org/publicdomain/zero/1.0/, http://asm.objectweb.org/license.html, jquery.org/license, http://www.opensource.org/licenses/mit-license.php, https://www.w3.org/Consortium/Legal/copyright-documents-19990405 File Path: /var/simplicite/.m2/repository/org/glassfish/jersey/inject/jersey-hk2/2.29.1/jersey-hk2-2.29.1.jar
MD5: 39f12392bc8a0ab2b7801dd73056034a
SHA1: 54b316e9f91ac9de1e6900aeb63457505862a296
SHA256: eb74851a7fa38003877ec90dd413c404c862bd3e313b0ab884c74bf16fc76579
Referenced In Project/Scope: Simplicite Platform:provided
jersey-hk2-2.29.1.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.docusign/docusign-esign-java@3.14.0
Evidence Type Source Name Value Confidence Vendor file name jersey-hk2 High Vendor jar package name glassfish Highest Vendor jar package name hk2 Highest Vendor jar package name inject Highest Vendor jar package name jersey Highest Vendor Manifest bundle-docurl https://www.eclipse.org/org/foundation/ Low Vendor Manifest bundle-symbolicname org.glassfish.jersey.inject.jersey-hk2 Medium Vendor pom artifactid jersey-hk2 Highest Vendor pom artifactid jersey-hk2 Low Vendor pom groupid org.glassfish.jersey.inject Highest Vendor pom name jersey-inject-hk2 High Vendor pom parent-artifactid project Low Product file name jersey-hk2 High Product jar package name glassfish Highest Product jar package name hk2 Highest Product jar package name inject Highest Product jar package name jersey Highest Product Manifest bundle-docurl https://www.eclipse.org/org/foundation/ Low Product Manifest Bundle-Name jersey-inject-hk2 Medium Product Manifest bundle-symbolicname org.glassfish.jersey.inject.jersey-hk2 Medium Product pom artifactid jersey-hk2 Highest Product pom groupid org.glassfish.jersey.inject Highest Product pom name jersey-inject-hk2 High Product pom parent-artifactid project Medium Version file version 2.29.1 High Version Manifest Bundle-Version 2.29.1 High Version pom version 2.29.1 Highest
Related Dependencies jersey-client-2.29.1.jarFile Path: /var/simplicite/.m2/repository/org/glassfish/jersey/core/jersey-client/2.29.1/jersey-client-2.29.1.jar MD5: 007d36d56720d01bb7efa71019f88538 SHA1: 1635f245b7e9eecf8d3d753fba87f3b79aef1b34 SHA256: 6613da4538dd43a246669f15e3b2a71c258c385328268c956b5e959aeb9e0d2a pkg:maven/org.glassfish.jersey.core/jersey-client@2.29.1 jersey-entity-filtering-2.29.1.jarFile Path: /var/simplicite/.m2/repository/org/glassfish/jersey/ext/jersey-entity-filtering/2.29.1/jersey-entity-filtering-2.29.1.jar MD5: 1b212eb332e61efb2f93855e1c1b08eb SHA1: e68a310e03fcd97f245854e7f59b2e9668c5c146 SHA256: 0a132b0799e915ed413abc687499ab7eba9442e884c00c4932f40fc175cb174f pkg:maven/org.glassfish.jersey.ext/jersey-entity-filtering@2.29.1 jersey-media-json-jackson-2.29.1.jarFile Path: /var/simplicite/.m2/repository/org/glassfish/jersey/media/jersey-media-json-jackson/2.29.1/jersey-media-json-jackson-2.29.1.jar MD5: aed01c02a84044290c98206f565b2939 SHA1: e16c6b8d486604ac55a2b5f49b20e75564e7979b SHA256: 8b2f3779e7707a3cd33ad76466df810774491677cf226525ed13289f35d7dacb pkg:maven/org.glassfish.jersey.media/jersey-media-json-jackson@2.29.1 jersey-media-multipart-2.29.1.jarFile Path: /var/simplicite/.m2/repository/org/glassfish/jersey/media/jersey-media-multipart/2.29.1/jersey-media-multipart-2.29.1.jar MD5: 2d55c0d9d35446ec7c63f8b6fd1335c8 SHA1: de81eade6cddbb1438273237b4e52da451df8bca SHA256: a90fb0b6c72f0e624af70d6afd0d1059075e15e2270e9423dd9f19b1f249549d pkg:maven/org.glassfish.jersey.media/jersey-media-multipart@2.29.1 jfreechart-1.5.3.jarDescription:
JFreeChart is a class library, written in Java, for generating charts.
Utilising the Java2D API, it supports a wide range of chart types including
bar charts, pie charts, line charts, XY-plots, time series plots, Sankey charts
and more.
License:
GNU Lesser General Public Licence: http://www.gnu.org/licenses/lgpl.txt File Path: /var/simplicite/.m2/repository/org/jfree/jfreechart/1.5.3/jfreechart-1.5.3.jar
MD5: b4e3884a30da4b8a36ef4e5ba03f23e2
SHA1: 26c6d7143d8a905a54c7e2296cea6ce4c5ecb417
SHA256: 23bd63ece2284d6578ed51f336cd33681c53f817e4595a705690922a3c0f0f44
Referenced In Project/Scope: Simplicite Platform:compile
jfreechart-1.5.3.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.simplicite/simplicite@5.2.54
Evidence Type Source Name Value Confidence Vendor file name jfreechart High Vendor jar package name jfree Highest Vendor jar package name jfreechart Highest Vendor jar package name range Highest Vendor jar package name series Highest Vendor jar package name time Highest Vendor jar package name xy Highest Vendor Manifest automatic-module-name org.jfree.jfreechart Medium Vendor Manifest build-jdk-spec 15 Low Vendor pom artifactid jfreechart Highest Vendor pom artifactid jfreechart Low Vendor pom developer email dave@jfree.org Low Vendor pom developer name David Gilbert Medium Vendor pom developer org Object Refinery Limited Medium Vendor pom developer org URL http://www.object-refinery.com Medium Vendor pom groupid org.jfree Highest Vendor pom name JFreeChart High Vendor pom organization name JFree.org High Vendor pom organization url http://www.jfree.org/ Medium Vendor pom url http://www.jfree.org/jfreechart/ Highest Product file name jfreechart High Product jar package name jfree Highest Product jar package name jfreechart Highest Product jar package name range Highest Product jar package name series Highest Product jar package name time Highest Product jar package name xy Highest Product Manifest automatic-module-name org.jfree.jfreechart Medium Product Manifest build-jdk-spec 15 Low Product pom artifactid jfreechart Highest Product pom developer email dave@jfree.org Low Product pom developer name David Gilbert Low Product pom developer org Object Refinery Limited Low Product pom developer org URL http://www.object-refinery.com Low Product pom groupid org.jfree Highest Product pom name JFreeChart High Product pom organization name JFree.org Low Product pom organization url http://www.jfree.org/ Low Product pom url http://www.jfree.org/jfreechart/ Medium Version file version 1.5.3 High Version pom version 1.5.3 Highest
jhighlight-1.0.3.jarDescription:
JHighlight is an embeddable pure Java syntax highlighting
library that supports Java, HTML, XHTML, XML and LZX
languages and outputs to XHTML.
It also supports RIFE templates tags and highlights them
clearly so that you can easily identify the difference
between your RIFE markup and the actual marked up source.
License:
CDDL, v1.0: http://www.opensource.org/licenses/cddl1.php
LGPL, v2.1 or later: http://www.opensource.org/licenses/lgpl-license.php File Path: /var/simplicite/.m2/repository/org/codelibs/jhighlight/1.0.3/jhighlight-1.0.3.jar
MD5: 318e72a07b2bbe089f0c41df45d2f484
SHA1: 88831dce3d56aa53a1bfcba78518e8939b8d4779
SHA256: 34405394e068b5d8c40ed45928ce077f8b5140bf33851a55b9cb53116ded43e5
Referenced In Project/Scope: Simplicite Platform:compile
jhighlight-1.0.3.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.apache.tika/tika-parsers@1.27
Evidence Type Source Name Value Confidence Vendor file name jhighlight High Vendor jar package name fastutil Low Vendor jar package name jhighlight Highest Vendor jar package name jhighlight Low Vendor jar package name uwyn Low Vendor pom artifactid jhighlight Highest Vendor pom artifactid jhighlight Low Vendor pom groupid org.codelibs Highest Vendor pom name JHighlight High Vendor pom url codelibs/jhighlight Highest Product file name jhighlight High Product jar package name fastutil Low Product jar package name jhighlight Highest Product jar package name jhighlight Low Product pom artifactid jhighlight Highest Product pom groupid org.codelibs Highest Product pom name JHighlight High Product pom url codelibs/jhighlight High Version file version 1.0.3 High Version pom version 1.0.3 Highest
jju:1.4.0Description:
a set of utilities to work with JSON / JSON5 documents License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?json-parse-helpfulerror:1.0.3/jju:^1.1.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/json-parse-helpfulerror:1.0.3 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author.email alex@kocharin.ru Highest Vendor package.json author.name Alex Kocharin Highest Vendor package.json bugs.url https://github.com/rlidwka/jju/issues Highest Vendor package.json description a set of utilities to work with JSON / JSON5 documents Highest Vendor package.json homepage http://rlidwka.github.io/jju/ Highest Vendor package.json name jju Highest Vendor package.json name jju_project Highest Product package.json name jju Highest Version package.json version 1.4.0 Highest
Related Dependencies jju:1.4.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?/jju:1.4.0 pkg:npm/jju@1.4.0 jjwt-api-0.11.2.jarDescription:
JSON Web Token support for the JVM and Android License:
http://www.apache.org/licenses/LICENSE-2.0 File Path: /var/simplicite/.m2/repository/io/jsonwebtoken/jjwt-api/0.11.2/jjwt-api-0.11.2.jar
MD5: 19d7722419b64944d28b7432e596c94c
SHA1: 57c34dce3e88f2972c5c5465b6291acfb5628084
SHA256: fa340e4c0b81f24c4c0f943c4454343efe9e055f648c600f2b3b637763cf6f28
Referenced In Project/Scope: Simplicite Platform:compile
jjwt-api-0.11.2.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.twilio.sdk/twilio@8.19.1
Evidence Type Source Name Value Confidence Vendor file name jjwt-api High Vendor jar package name io Highest Vendor jar package name jsonwebtoken Highest Vendor Manifest bundle-docurl https://github.com/jwtk/jjwt Low Vendor Manifest bundle-symbolicname io.jsonwebtoken.jjwt-api Medium Vendor Manifest implementation-url https://github.com/jwtk/jjwt/jjwt-api Low Vendor Manifest Implementation-Vendor jsonwebtoken.io High Vendor Manifest Implementation-Vendor-Id io.jsonwebtoken Medium Vendor Manifest specification-vendor jsonwebtoken.io Low Vendor pom artifactid jjwt-api Highest Vendor pom artifactid jjwt-api Low Vendor pom groupid io.jsonwebtoken Highest Vendor pom name JJWT :: API High Vendor pom parent-artifactid jjwt-root Low Product file name jjwt-api High Product jar package name io Highest Product jar package name jsonwebtoken Highest Product Manifest bundle-docurl https://github.com/jwtk/jjwt Low Product Manifest Bundle-Name JJWT :: API Medium Product Manifest bundle-symbolicname io.jsonwebtoken.jjwt-api Medium Product Manifest Implementation-Title JJWT :: API High Product Manifest implementation-url https://github.com/jwtk/jjwt/jjwt-api Low Product Manifest specification-title JJWT :: API Medium Product pom artifactid jjwt-api Highest Product pom groupid io.jsonwebtoken Highest Product pom name JJWT :: API High Product pom parent-artifactid jjwt-root Medium Version file version 0.11.2 High Version Manifest Bundle-Version 0.11.2 High Version Manifest Implementation-Version 0.11.2 High Version pom version 0.11.2 Highest
jjwt-impl-0.11.2.jarDescription:
JSON Web Token support for the JVM and Android License:
http://www.apache.org/licenses/LICENSE-2.0 File Path: /var/simplicite/.m2/repository/io/jsonwebtoken/jjwt-impl/0.11.2/jjwt-impl-0.11.2.jar
MD5: c467a0094bd3764d749b249b009de656
SHA1: 8fd8acf9d3cb9a2db05bfa484c2a1408cc3507f9
SHA256: cf5896bdb086df7e7451ffde5f5691fb6ae7ec6bffa4e82071d3c5a426b11995
Referenced In Project/Scope: Simplicite Platform:runtime
jjwt-impl-0.11.2.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.twilio.sdk/twilio@8.19.1
Evidence Type Source Name Value Confidence Vendor file name jjwt-impl High Vendor jar package name impl Highest Vendor jar package name io Highest Vendor jar package name jsonwebtoken Highest Vendor Manifest bundle-docurl https://github.com/jwtk/jjwt Low Vendor Manifest bundle-symbolicname io.jsonwebtoken.jjwt-impl Medium Vendor Manifest fragment-host io.jsonwebtoken.jjwt-api Low Vendor Manifest implementation-url https://github.com/jwtk/jjwt/jjwt-impl Low Vendor Manifest Implementation-Vendor jsonwebtoken.io High Vendor Manifest Implementation-Vendor-Id io.jsonwebtoken Medium Vendor Manifest specification-vendor jsonwebtoken.io Low Vendor pom artifactid jjwt-impl Highest Vendor pom artifactid jjwt-impl Low Vendor pom groupid io.jsonwebtoken Highest Vendor pom name JJWT :: Impl High Vendor pom parent-artifactid jjwt-root Low Product file name jjwt-impl High Product jar package name impl Highest Product jar package name io Highest Product jar package name jsonwebtoken Highest Product Manifest bundle-docurl https://github.com/jwtk/jjwt Low Product Manifest Bundle-Name JJWT :: Impl Medium Product Manifest bundle-symbolicname io.jsonwebtoken.jjwt-impl Medium Product Manifest fragment-host io.jsonwebtoken.jjwt-api Low Product Manifest Implementation-Title JJWT :: Impl High Product Manifest implementation-url https://github.com/jwtk/jjwt/jjwt-impl Low Product Manifest specification-title JJWT :: Impl Medium Product pom artifactid jjwt-impl Highest Product pom groupid io.jsonwebtoken Highest Product pom name JJWT :: Impl High Product pom parent-artifactid jjwt-root Medium Version file version 0.11.2 High Version Manifest Bundle-Version 0.11.2 High Version Manifest Implementation-Version 0.11.2 High Version pom version 0.11.2 Highest
jjwt-jackson-0.11.2.jarDescription:
JSON Web Token support for the JVM and Android License:
http://www.apache.org/licenses/LICENSE-2.0 File Path: /var/simplicite/.m2/repository/io/jsonwebtoken/jjwt-jackson/0.11.2/jjwt-jackson-0.11.2.jar
MD5: 8f35ab366b0ba25447629d0a60264b82
SHA1: bff0b63d4cbace7b38551a70350875e69201ffeb
SHA256: 6c200dcf0df3fa3c6ea31dab95a4154708d2c5d01dd1c4d7974fcfe651bee45d
Referenced In Project/Scope: Simplicite Platform:compile
jjwt-jackson-0.11.2.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.twilio.sdk/twilio@8.19.1
Evidence Type Source Name Value Confidence Vendor file name jjwt-jackson High Vendor jar package name io Highest Vendor jar package name jackson Highest Vendor jar package name jsonwebtoken Highest Vendor Manifest bundle-docurl https://github.com/jwtk/jjwt Low Vendor Manifest bundle-symbolicname io.jsonwebtoken.jjwt-jackson Medium Vendor Manifest fragment-host io.jsonwebtoken.jjwt-api Low Vendor Manifest implementation-url https://github.com/jwtk/jjwt/jjwt-jackson Low Vendor Manifest Implementation-Vendor jsonwebtoken.io High Vendor Manifest Implementation-Vendor-Id io.jsonwebtoken Medium Vendor Manifest specification-vendor jsonwebtoken.io Low Vendor pom artifactid jjwt-jackson Highest Vendor pom artifactid jjwt-jackson Low Vendor pom groupid io.jsonwebtoken Highest Vendor pom name JJWT :: Extensions :: Jackson High Vendor pom parent-artifactid jjwt-root Low Product file name jjwt-jackson High Product jar package name io Highest Product jar package name jackson Highest Product jar package name jsonwebtoken Highest Product Manifest bundle-docurl https://github.com/jwtk/jjwt Low Product Manifest Bundle-Name JJWT :: Extensions :: Jackson Medium Product Manifest bundle-symbolicname io.jsonwebtoken.jjwt-jackson Medium Product Manifest fragment-host io.jsonwebtoken.jjwt-api Low Product Manifest Implementation-Title JJWT :: Extensions :: Jackson High Product Manifest implementation-url https://github.com/jwtk/jjwt/jjwt-jackson Low Product Manifest specification-title JJWT :: Extensions :: Jackson Medium Product pom artifactid jjwt-jackson Highest Product pom groupid io.jsonwebtoken Highest Product pom name JJWT :: Extensions :: Jackson High Product pom parent-artifactid jjwt-root Medium Version file version 0.11.2 High Version Manifest Bundle-Version 0.11.2 High Version Manifest Implementation-Version 0.11.2 High Version pom version 0.11.2 Highest
jlessc-1.10.jarDescription:
A Less CSS compiler written completely in Java (pure Java). License:
MIT License: http://www.opensource.org/licenses/mit-license.php File Path: /var/simplicite/.m2/repository/de/inetsoftware/jlessc/1.10/jlessc-1.10.jar
MD5: bd2d9f6be54058c2e109ebdbce16b3d8
SHA1: be040c43e8d0b032e58706646bdf44e7e4062ec7
SHA256: 7d2012d7ca2f529843dcc9db701e3e59d0cbf590fd48c8a6153d2bfa6968018e
Referenced In Project/Scope: Simplicite Platform:compile
jlessc-1.10.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.simplicite/simplicite@5.2.54
Evidence Type Source Name Value Confidence Vendor file name jlessc High Vendor jar package name less Highest Vendor Manifest automatic-module-name de.inetsoftware.jlessc Medium Vendor Manifest bundle-symbolicname de.inetsoftware.jlessc Medium Vendor Manifest Implementation-Vendor i-net software High Vendor pom artifactid jlessc Highest Vendor pom artifactid jlessc Low Vendor pom developer email vberlin@inetsoftware.de Low Vendor pom developer id vberlin Medium Vendor pom developer name Volker Berlin Medium Vendor pom developer org i-net software Medium Vendor pom developer org URL https://www.inetsoftware.de/ Medium Vendor pom groupid de.inetsoftware Highest Vendor pom name JLessC High Vendor pom url i-net-software/jlessc Highest Product file name jlessc High Product jar package name less Highest Product Manifest automatic-module-name de.inetsoftware.jlessc Medium Product Manifest bundle-symbolicname de.inetsoftware.jlessc Medium Product Manifest Implementation-Title JLessC, a Less CSS compiler High Product pom artifactid jlessc Highest Product pom developer email vberlin@inetsoftware.de Low Product pom developer id vberlin Low Product pom developer name Volker Berlin Low Product pom developer org i-net software Low Product pom developer org URL https://www.inetsoftware.de/ Low Product pom groupid de.inetsoftware Highest Product pom name JLessC High Product pom url i-net-software/jlessc High Version file version 1.10 High Version Manifest Bundle-Version 1.10 High Version Manifest Implementation-Version 1.10 High Version pom version 1.10 Highest
jlessc-ant-1.10.jarDescription:
Simple Apache Ant task for JLessC License:
Apache License, Version 2.0: https://www.apache.org/licenses/LICENSE-2.0.txt File Path: /var/simplicite/.m2/repository/com/simplicite/ant/jlessc-ant/1.10/jlessc-ant-1.10.jar
MD5: face16e0be54ff562cef7ba12707377f
SHA1: 58e69a229c0390095331edf520c4d547700d18a1
SHA256: 094c7c03c77c421e5f6fe750ab11f4162e75487862038dc19b2342e7ebeb56c7
Referenced In Project/Scope: Simplicite Platform:compile
jlessc-ant-1.10.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.simplicite/simplicite@5.2.54
Evidence Type Source Name Value Confidence Vendor file name jlessc-ant High Vendor jar package name ant Highest Vendor jar package name ant Low Vendor jar package name jlessc Highest Vendor jar package name simplicite Highest Vendor jar package name simplicite Low Vendor pom artifactid jlessc-ant Highest Vendor pom artifactid jlessc-ant Low Vendor pom groupid com.simplicite Highest Vendor pom groupid com.simplicite.ant Highest Vendor pom name JLessC Ant task High Vendor pom organization name Simplicite Software High Vendor pom organization url https://www.simplicite.io Medium Vendor pom url simplicitesoftware/jlessc-ant/blob/master/README.md Highest Product file name jlessc-ant High Product jar package name ant Highest Product jar package name ant Low Product jar package name jlessc Highest Product jar package name jlessc Low Product jar package name simplicite Highest Product pom artifactid jlessc-ant Highest Product pom groupid com.simplicite Highest Product pom name JLessC Ant task High Product pom organization name Simplicite Software Low Product pom organization url https://www.simplicite.io Low Product pom url simplicitesoftware/jlessc-ant/blob/master/README.md High Version file version 1.10 High Version pom version 1.10 Highest
jmatio-1.5.jarDescription:
Matlab's MAT-file I/O API in JAVA. Supports Matlab 5 MAT-flie format reading and writing. Written in pure JAVA. License:
BSD: http://www.linfo.org/bsdlicense.html File Path: /var/simplicite/.m2/repository/org/tallison/jmatio/1.5/jmatio-1.5.jar
MD5: 6eccf45b3a4bb3dd0518afcf37b8ed35
SHA1: 517d932cc87a3b564f3f7a07ac347b725b619ab4
SHA256: 70db8cf9a1818072f290fd464f14a8369c9c58993e6640128a6e8a6379d67ac7
Referenced In Project/Scope: Simplicite Platform:compile
jmatio-1.5.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.apache.tika/tika-parsers@1.27
Evidence Type Source Name Value Confidence Vendor file name jmatio High Vendor jar package name jmatio Highest Vendor jar package name jmatio Low Vendor jar package name types Low Vendor pom artifactid jmatio Highest Vendor pom artifactid jmatio Low Vendor pom developer email wgradkowski@gmail.com Low Vendor pom developer id gradusnikov Medium Vendor pom developer name Wojciech Gradkowski Medium Vendor pom developer org URL https://github.com/gradusnikov Medium Vendor pom groupid org.tallison Highest Vendor pom name JMatIO High Vendor pom url tballison/jmatio Highest Product file name jmatio High Product jar package name jmatio Highest Product jar package name types Low Product pom artifactid jmatio Highest Product pom developer email wgradkowski@gmail.com Low Product pom developer id gradusnikov Low Product pom developer name Wojciech Gradkowski Low Product pom developer org URL https://github.com/gradusnikov Low Product pom groupid org.tallison Highest Product pom name JMatIO High Product pom url tballison/jmatio High Version file version 1.5 High Version pom version 1.5 Highest
jmustache-1.15.jarDescription:
A Java implementation of the Mustache templating language. License:
The (New) BSD License: http://www.opensource.org/licenses/bsd-license.php File Path: /var/simplicite/.m2/repository/com/samskivert/jmustache/1.15/jmustache-1.15.jar
MD5: 0b166350b8b372d5caae4f0b692e016f
SHA1: 7b3b15951d13b774c76db2f4e14d977952f8b4d8
SHA256: 1aeb96b9dc17bc29540b8c3342e8e91ee974d5c604165ecd469dd76b041c250c
Referenced In Project/Scope: Simplicite Platform:compile
jmustache-1.15.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.simplicite/simplicite@5.2.54
Evidence Type Source Name Value Confidence Vendor file name jmustache High Vendor jar package name mustache Highest Vendor jar package name samskivert Highest Vendor Manifest bundle-activationpolicy lazy Low Vendor Manifest bundle-symbolicname com.samskivert.jmustache Medium Vendor pom artifactid jmustache Highest Vendor pom artifactid jmustache Low Vendor pom developer email mdb@samskivert.com Low Vendor pom developer id samskivert Medium Vendor pom developer name Michael Bayne Medium Vendor pom groupid com.samskivert Highest Vendor pom name jmustache High Vendor pom url http://github.com/samskivert/jmustache Highest Product file name jmustache High Product jar package name mustache Highest Product jar package name samskivert Highest Product Manifest bundle-activationpolicy lazy Low Product Manifest Bundle-Name jmustache Medium Product Manifest bundle-symbolicname com.samskivert.jmustache Medium Product pom artifactid jmustache Highest Product pom developer email mdb@samskivert.com Low Product pom developer id samskivert Low Product pom developer name Michael Bayne Low Product pom groupid com.samskivert Highest Product pom name jmustache High Product pom url http://github.com/samskivert/jmustache Medium Version file version 1.15 High Version pom version 1.15 Highest
jna-5.8.0.jarDescription:
Java Native Access License:
LGPL, version 2.1: http://www.gnu.org/licenses/licenses.html
Apache License v2.0: http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /var/simplicite/.m2/repository/net/java/dev/jna/jna/5.8.0/jna-5.8.0.jar
MD5: 3e1988240662c4f068e8ff5df505f6a0
SHA1: 3551d8d827e54858214107541d3aff9c615cb615
SHA256: 930273cc1c492f25661ea62413a6da3fd7f6e01bf1c4dcc0817fc8696a7b07ac
Referenced In Project/Scope: Simplicite Platform:compile
jna-5.8.0.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.apache.tika/tika-parsers@1.27
Evidence Type Source Name Value Confidence Vendor file name jna High Vendor jar package name jna Highest Vendor jar package name native Highest Vendor jar package name sun Highest Vendor jar (hint) package name oracle Highest Vendor Manifest automatic-module-name com.sun.jna Medium Vendor Manifest bundle-activationpolicy lazy Low Vendor Manifest bundle-category jni Low Vendor Manifest bundle-nativecode com/sun/jna/win32-x86/jnidispatch.dll; processor=x86;osname=win32, com/sun/jna/win32-x86-64/jnidispatch.dll; processor=x86-64;osname=win32, com/sun/jna/win32-x86/jnidispatch.dll; processor=x86;osname=win, com/sun/jna/win32-x86-64/jnidispatch.dll; processor=x86-64;osname=win, com/sun/jna/win32-aarch64/jnidispatch.dll; processor=aarch64;osname=win, com/sun/jna/w32ce-arm/jnidispatch.dll; processor=arm;osname=wince, com/sun/jna/sunos-x86/libjnidispatch.so; processor=x86;osname=sunos, com/sun/jna/sunos-x86-64/libjnidispatch.so; processor=x86-64;osname=sunos, com/sun/jna/sunos-sparc/libjnidispatch.so; processor=sparc;osname=sunos, com/sun/jna/sunos-sparcv9/libjnidispatch.so; processor=sparcv9;osname=sunos, com/sun/jna/aix-ppc/libjnidispatch.a; processor=ppc;osname=aix, com/sun/jna/aix-ppc64/libjnidispatch.a; processor=ppc64;osname=aix, com/sun/jna/linux-ppc/libjnidispatch.so; processor=ppc;osname=linux, com/sun/jna/linux-ppc64/libjnidispatch.so; processor=ppc64;osname=linux, com/sun/jna/linux-ppc64le/libjnidispatch.so; processor=ppc64le;osname=linux, com/sun/jna/linux-x86/libjnidispatch.so; processor=x86;osname=linux, com/sun/jna/linux-x86-64/libjnidispatch.so; processor=x86-64;osname=linux, com/sun/jna/linux-arm/libjnidispatch.so; processor=arm;osname=linux, com/sun/jna/linux-arm/libjnidispatch.so; processor=arm_le;osname=linux, com/sun/jna/linux-armel/libjnidispatch.so; processor=armel;osname=linux, com/sun/jna/linux-aarch64/libjnidispatch.so; processor=aarch64;osname=linux, com/sun/jna/linux-ia64/libjnidispatch.so; processor=ia64;osname=linux, com/sun/jna/linux-sparcv9/libjnidispatch.so; processor=sparcv9;osname=linux, com/sun/jna/linux-mips64el/libjnidispatch.so; processor=mips64el;osname=linux, com/sun/jna/linux-s390x/libjnidispatch.so; processor=S390x;osname=linux, com/sun/jna/freebsd-x86/libjnidispatch.so; processor=x86;osname=freebsd, com/sun/jna/freebsd-x86-64/libjnidispatch.so; processor=x86-64;osname=freebsd, com/sun/jna/openbsd-x86/libjnidispatch.so; processor=x86;osname=openbsd, com/sun/jna/openbsd-x86-64/libjnidispatch.so; processor=x86-64;osname=openbsd, com/sun/jna/darwin-ppc/libjnidispatch.jnilib; osname=macosx;processor=ppc, com/sun/jna/darwin-ppc64/libjnidispatch.jnilib; osname=macosx;processor=ppc64, com/sun/jna/darwin-x86/libjnidispatch.jnilib; osname=macosx;processor=x86, com/sun/jna/darwin-x86-64/libjnidispatch.jnilib; osname=macosx;processor=x86-64, com/sun/jna/darwin-aarch64/libjnidispatch.jnilib; osname=macosx;processor=aarch64 Low Vendor Manifest bundle-requiredexecutionenvironment JavaSE-1.6 Low Vendor Manifest bundle-symbolicname com.sun.jna Medium Vendor Manifest Implementation-Vendor JNA Development Team High Vendor Manifest specification-vendor JNA Development Team Low Vendor pom artifactid jna Highest Vendor pom artifactid jna Low Vendor pom developer email mblaesing@doppel-helix.eu Low Vendor pom developer id twall Medium Vendor pom developer name Matthias Bläsing Medium Vendor pom developer name Timothy Wall Medium Vendor pom groupid net.java.dev.jna Highest Vendor pom name Java Native Access High Vendor pom url java-native-access/jna Highest Product file name jna High Product jar package name jna Highest Product jar package name library Highest Product jar package name native Highest Product jar package name sun Highest Product jar package name win32 Highest Product Manifest automatic-module-name com.sun.jna Medium Product Manifest bundle-activationpolicy lazy Low Product Manifest bundle-category jni Low Product Manifest Bundle-Name jna Medium Product Manifest bundle-nativecode com/sun/jna/win32-x86/jnidispatch.dll; processor=x86;osname=win32, com/sun/jna/win32-x86-64/jnidispatch.dll; processor=x86-64;osname=win32, com/sun/jna/win32-x86/jnidispatch.dll; processor=x86;osname=win, com/sun/jna/win32-x86-64/jnidispatch.dll; processor=x86-64;osname=win, com/sun/jna/win32-aarch64/jnidispatch.dll; processor=aarch64;osname=win, com/sun/jna/w32ce-arm/jnidispatch.dll; processor=arm;osname=wince, com/sun/jna/sunos-x86/libjnidispatch.so; processor=x86;osname=sunos, com/sun/jna/sunos-x86-64/libjnidispatch.so; processor=x86-64;osname=sunos, com/sun/jna/sunos-sparc/libjnidispatch.so; processor=sparc;osname=sunos, com/sun/jna/sunos-sparcv9/libjnidispatch.so; processor=sparcv9;osname=sunos, com/sun/jna/aix-ppc/libjnidispatch.a; processor=ppc;osname=aix, com/sun/jna/aix-ppc64/libjnidispatch.a; processor=ppc64;osname=aix, com/sun/jna/linux-ppc/libjnidispatch.so; processor=ppc;osname=linux, com/sun/jna/linux-ppc64/libjnidispatch.so; processor=ppc64;osname=linux, com/sun/jna/linux-ppc64le/libjnidispatch.so; processor=ppc64le;osname=linux, com/sun/jna/linux-x86/libjnidispatch.so; processor=x86;osname=linux, com/sun/jna/linux-x86-64/libjnidispatch.so; processor=x86-64;osname=linux, com/sun/jna/linux-arm/libjnidispatch.so; processor=arm;osname=linux, com/sun/jna/linux-arm/libjnidispatch.so; processor=arm_le;osname=linux, com/sun/jna/linux-armel/libjnidispatch.so; processor=armel;osname=linux, com/sun/jna/linux-aarch64/libjnidispatch.so; processor=aarch64;osname=linux, com/sun/jna/linux-ia64/libjnidispatch.so; processor=ia64;osname=linux, com/sun/jna/linux-sparcv9/libjnidispatch.so; processor=sparcv9;osname=linux, com/sun/jna/linux-mips64el/libjnidispatch.so; processor=mips64el;osname=linux, com/sun/jna/linux-s390x/libjnidispatch.so; processor=S390x;osname=linux, com/sun/jna/freebsd-x86/libjnidispatch.so; processor=x86;osname=freebsd, com/sun/jna/freebsd-x86-64/libjnidispatch.so; processor=x86-64;osname=freebsd, com/sun/jna/openbsd-x86/libjnidispatch.so; processor=x86;osname=openbsd, com/sun/jna/openbsd-x86-64/libjnidispatch.so; processor=x86-64;osname=openbsd, com/sun/jna/darwin-ppc/libjnidispatch.jnilib; osname=macosx;processor=ppc, com/sun/jna/darwin-ppc64/libjnidispatch.jnilib; osname=macosx;processor=ppc64, com/sun/jna/darwin-x86/libjnidispatch.jnilib; osname=macosx;processor=x86, com/sun/jna/darwin-x86-64/libjnidispatch.jnilib; osname=macosx;processor=x86-64, com/sun/jna/darwin-aarch64/libjnidispatch.jnilib; osname=macosx;processor=aarch64 Low Product Manifest bundle-requiredexecutionenvironment JavaSE-1.6 Low Product Manifest bundle-symbolicname com.sun.jna Medium Product Manifest Implementation-Title com.sun.jna High Product Manifest specification-title Java Native Access (JNA) Medium Product pom artifactid jna Highest Product pom developer email mblaesing@doppel-helix.eu Low Product pom developer id twall Low Product pom developer name Matthias Bläsing Low Product pom developer name Timothy Wall Low Product pom groupid net.java.dev.jna Highest Product pom name Java Native Access High Product pom url java-native-access/jna High Version file version 5.8.0 High Version Manifest Bundle-Version 5.8.0 High Version pom version 5.8.0 Highest
jna-5.8.0.jar: jnidispatch.dllFile Path: /var/simplicite/.m2/repository/net/java/dev/jna/jna/5.8.0/jna-5.8.0.jar/com/sun/jna/win32-aarch64/jnidispatch.dllMD5: bf93f6b98af1987a7536d69202e0dda9SHA1: d8b5600b6c8254afd68068f130bc6f75c62f0a7aSHA256: 749e807fa10407e43cf2cf98e885e5ef76a95751c143c0c3326ad1366f3e9179Referenced In Project/Scope: Simplicite Platform:compile
Evidence Type Source Name Value Confidence Vendor file name jnidispatch High Product file name jnidispatch High
jna-5.8.0.jar: jnidispatch.dllFile Path: /var/simplicite/.m2/repository/net/java/dev/jna/jna/5.8.0/jna-5.8.0.jar/com/sun/jna/win32-x86-64/jnidispatch.dllMD5: a004906b9067501293107be3a92c3401SHA1: ed9f50de6051aaa1f26e61c64a5c6b0eba407d93SHA256: 76f19b52423774932831dcba0596989ec56213f9b217a0432fbc122f99704a2aReferenced In Project/Scope: Simplicite Platform:compile
Evidence Type Source Name Value Confidence Vendor file name jnidispatch High Product file name jnidispatch High
jna-5.8.0.jar: jnidispatch.dllFile Path: /var/simplicite/.m2/repository/net/java/dev/jna/jna/5.8.0/jna-5.8.0.jar/com/sun/jna/win32-x86/jnidispatch.dllMD5: 7668f8f21cba1d0d7e2cc39379b8a3c3SHA1: 332887373846943f479dac9fabfd42fbe58d723aSHA256: 39bab69f5ead37326cb4c032c621dbddbc5093932871f2010120819a4100abdfReferenced In Project/Scope: Simplicite Platform:compile
Evidence Type Source Name Value Confidence Vendor file name jnidispatch High Product file name jnidispatch High
joda-time-2.10.10.jarDescription:
Date and time library to replace JDK date handling License:
Apache License, Version 2.0: https://www.apache.org/licenses/LICENSE-2.0.txt File Path: /var/simplicite/.m2/repository/joda-time/joda-time/2.10.10/joda-time-2.10.10.jar
MD5: c2a46de8a73ec7b60011429561ae72e3
SHA1: 29e8126e31f41e5c12b9fe3a7eb02e704c47d70b
SHA256: dd8e7c92185a678d1b7b933f31209b6203c8ffa91e9880475a1be0346b9617e3
Referenced In Project/Scope: Simplicite Platform:compile
joda-time-2.10.10.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.simplicite/simplicite@5.2.54
Evidence Type Source Name Value Confidence Vendor file name joda-time High Vendor jar package name joda Highest Vendor jar package name time Highest Vendor Manifest automatic-module-name org.joda.time Medium Vendor Manifest bundle-docurl https://www.joda.org/joda-time/ Low Vendor Manifest bundle-symbolicname joda-time Medium Vendor Manifest extension-name joda-time Medium Vendor Manifest implementation-url https://www.joda.org/joda-time/ Low Vendor Manifest Implementation-Vendor Joda.org High Vendor Manifest Implementation-Vendor-Id org.joda Medium Vendor Manifest specification-vendor Joda.org Low Vendor pom artifactid joda-time Highest Vendor pom artifactid joda-time Low Vendor pom developer id broneill Medium Vendor pom developer id jodastephen Medium Vendor pom developer name Brian S O'Neill Medium Vendor pom developer name Stephen Colebourne Medium Vendor pom groupid joda-time Highest Vendor pom name Joda-Time High Vendor pom organization name Joda.org High Vendor pom organization url https://www.joda.org Medium Vendor pom url https://www.joda.org/joda-time/ Highest Product file name joda-time High Product jar package name joda Highest Product jar package name time Highest Product Manifest automatic-module-name org.joda.time Medium Product Manifest bundle-docurl https://www.joda.org/joda-time/ Low Product Manifest Bundle-Name Joda-Time Medium Product Manifest bundle-symbolicname joda-time Medium Product Manifest extension-name joda-time Medium Product Manifest Implementation-Title org.joda.time High Product Manifest implementation-url https://www.joda.org/joda-time/ Low Product Manifest specification-title Joda-Time Medium Product pom artifactid joda-time Highest Product pom developer id broneill Low Product pom developer id jodastephen Low Product pom developer name Brian S O'Neill Low Product pom developer name Stephen Colebourne Low Product pom groupid joda-time Highest Product pom name Joda-Time High Product pom organization name Joda.org Low Product pom organization url https://www.joda.org Low Product pom url https://www.joda.org/joda-time/ Medium Version file version 2.10.10 High Version Manifest Bundle-Version 2.10.10 High Version Manifest Implementation-Version 2.10.10 High Version pom version 2.10.10 Highest
jose4j-0.7.11.jarDescription:
The jose.4.j library is a robust and easy to use open source implementation of JSON Web Token (JWT) and the JOSE specification suite (JWS, JWE, and JWK).
It is written in Java and relies solely on the JCA APIs for cryptography.
Please see https://bitbucket.org/b_c/jose4j/wiki/Home for more info, examples, etc..
License:
The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /var/simplicite/.m2/repository/org/bitbucket/b_c/jose4j/0.7.11/jose4j-0.7.11.jar
MD5: b0adec9404696821b8eeec8158840a85
SHA1: 2fbe1070816cc5a2e4d010d45cfc3fc921ad36fd
SHA256: 383af3e38fd2f21104c0f9a09b11dececd6fb320766d1c796902375b60492bcd
Referenced In Project/Scope: Simplicite Platform:compile
jose4j-0.7.11.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.simplicite/simplicite@5.2.54
Evidence Type Source Name Value Confidence Vendor file name jose4j High Vendor jar package name jca Highest Vendor jar package name jose4j Highest Vendor jar package name json Highest Vendor jar package name jwe Highest Vendor jar package name jwk Highest Vendor jar package name jws Highest Vendor jar package name jwt Highest Vendor jar package name use Highest Vendor Manifest automatic-module-name org.jose4j Medium Vendor Manifest bundle-symbolicname org.bitbucket.b_c.jose4j Medium Vendor pom artifactid jose4j Highest Vendor pom artifactid jose4j Low Vendor pom developer email brian.d.campbell@gmail.com Low Vendor pom developer name Brian Campbell Medium Vendor pom groupid org.bitbucket.b_c Highest Vendor pom name jose4j High Vendor pom url https://bitbucket.org/b_c/jose4j/ Highest Product file name jose4j High Product jar package name jca Highest Product jar package name jose4j Highest Product jar package name json Highest Product jar package name jwe Highest Product jar package name jwk Highest Product jar package name jws Highest Product jar package name jwt Highest Product jar package name use Highest Product Manifest automatic-module-name org.jose4j Medium Product Manifest Bundle-Name jose4j Medium Product Manifest bundle-symbolicname org.bitbucket.b_c.jose4j Medium Product pom artifactid jose4j Highest Product pom developer email brian.d.campbell@gmail.com Low Product pom developer name Brian Campbell Low Product pom groupid org.bitbucket.b_c Highest Product pom name jose4j High Product pom url https://bitbucket.org/b_c/jose4j/ Medium Version file version 0.7.11 High Version Manifest Bundle-Version 0.7.11 High Version pom version 0.7.11 Highest
CVE-2023-51775 (OSSINDEX) suppress
The jose4j component before 0.9.4 for Java allows attackers to cause a denial of service (CPU consumption) via a large p2c (aka PBES2 Count) value.
Sonatype's research suggests that this CVE's details differ from those defined at NVD. See https://ossindex.sonatype.org/vulnerability/CVE-2023-51775 for details CWE-400 Uncontrolled Resource Consumption
CVSSv2:
Base Score: HIGH (8.6) Vector: /AV:N/AC:L/Au:/C:N/I:N/A:H References:
Vulnerable Software & Versions (OSSINDEX):
cpe:2.3:a:org.bitbucket.b_c:jose4j:0.7.11:*:*:*:*:*:*:* CVE-2023-31582 suppress
jose4j before v0.9.3 allows attackers to set a low iteration count of 1000 or less. CWE-331 Insufficient Entropy
CVSSv3:
Base Score: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N References:
Vulnerable Software & Versions:
jquery:3.6.0Description:
JavaScript library for DOM operations License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/jquery:3.6.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/bootbox:5.5.2 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author.name OpenJS Foundation and other contributors Highest Vendor package.json author.url https://github.com/jquery/jquery/blob/3.6.0/AUTHORS.txt Highest Vendor package.json bugs.url https://github.com/jquery/jquery/issues Highest Vendor package.json description JavaScript library for DOM operations Highest Vendor package.json homepage https://jquery.com Highest Vendor package.json name jquery Highest Vendor package.json name jquery_project Highest Product package.json name jquery Highest Version package.json version 3.6.0 Highest
Related Dependencies jquery:3.6.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?bootbox:5.5.2/jquery:^3.5.1 pkg:npm/jquery@3.6.0 js-beautify:1.14.0Description:
beautifier.io for node License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/js-beautify:1.14.0
Referenced In Project/Scope: simplicite-js:5.2.54
Evidence Type Source Name Value Confidence Vendor package.json author Einar Lielmanis <einar@beautifier.io> Highest Vendor package.json bugs https://github.com/beautify-web/js-beautify/issues Highest Vendor package.json description beautifier.io for node Highest Vendor package.json homepage https://beautifier.io/ Highest Vendor package.json name js-beautify Highest Vendor package.json name js-beautify_project Highest Product package.json name js-beautify Highest Version package.json version 1.14.0 Highest
js-tokens:4.0.0Description:
A regex that tokenizes JavaScript. License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/js-tokens:4.0.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/loose-envify:1.4.0 simplicite-js:5.2.54/@babel/highlight:7.23.4 simplicite-js:5.2.54 simplicite-js:5.2.54/highlight-es:1.0.3 Evidence Type Source Name Value Confidence Vendor package.json author Simon Lydell Highest Vendor package.json description A regex that tokenizes JavaScript. Highest Vendor package.json name js-tokens Highest Vendor package.json name js-tokens_project Highest Product package.json name js-tokens Highest Version package.json version 4.0.0 Highest
Related Dependencies js-tokens:3.0.2File Path: /var/simplicite/simplicite-5.2/package-lock.json?/js-tokens:3.0.2 pkg:npm/js-tokens@3.0.2 js-tokens:3.0.2File Path: /var/simplicite/simplicite-5.2/package-lock.json?highlight-es:1.0.3/js-tokens:^3.0.0 pkg:npm/js-tokens@3.0.2 js-tokens:4.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/highlight:7.23.4/js-tokens:^4.0.0 pkg:npm/js-tokens@4.0.0 js-tokens:4.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?loose-envify:1.4.0/js-tokens:^3.0.0 || ^4.0.0 pkg:npm/js-tokens@4.0.0 js-yaml:3.14.1Description:
YAML 1.2 parser and serializer License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/js-yaml:3.14.1
Referenced In Projects/Scopes: simplicite-js:5.2.54/load-yaml-file:0.2.0 simplicite-js:5.2.54 simplicite-js:5.2.54/depcheck:1.4.3 Evidence Type Source Name Value Confidence Vendor package.json author Vladimir Zapparov <dervus.grim@gmail.com> Highest Vendor package.json description YAML 1.2 parser and serializer Highest Vendor package.json homepage https://github.com/nodeca/js-yaml Highest Vendor package.json name js-yaml Highest Vendor package.json name js-yaml_project Highest Product package.json name js-yaml Highest Version package.json version 3.14.1 Highest
Related Dependencies js-yaml:3.14.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?depcheck:1.4.3/js-yaml:^3.14.0 pkg:npm/js-yaml@3.14.1 js-yaml:3.14.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?load-yaml-file:0.2.0/js-yaml:^3.13.0 pkg:npm/js-yaml@3.14.1 js-yaml:4.1.0Description:
YAML 1.2 parser and serializer License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?rc-config-loader:4.1.3/js-yaml:^4.1.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/rc-config-loader:4.1.3 simplicite-js:5.2.54/eslint:8.56.0 simplicite-js:5.2.54/@eslint/eslintrc:2.1.4 simplicite-js:5.2.54/npm-check-updates:16.14.14 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author Vladimir Zapparov <dervus.grim@gmail.com> Highest Vendor package.json description YAML 1.2 parser and serializer Highest Vendor package.json name js-yaml Highest Vendor package.json name js-yaml_project Highest Product package.json name js-yaml Highest Version package.json version 4.1.0 Highest
Related Dependencies js-yaml:4.1.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?/js-yaml:4.1.0 pkg:npm/js-yaml@4.1.0 js-yaml:4.1.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?@eslint/eslintrc:2.1.4/js-yaml:^4.1.0 pkg:npm/js-yaml@4.1.0 js-yaml:4.1.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?eslint:8.56.0/js-yaml:^4.1.0 pkg:npm/js-yaml@4.1.0 js-yaml:4.1.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?npm-check-updates:16.14.14/js-yaml:^4.1.0 pkg:npm/js-yaml@4.1.0 js2xmlparser:4.0.2Description:
Parses JavaScript objects into XML License:
Apache-2.0 File Path: /var/simplicite/simplicite-5.2/package-lock.json?jsdoc:4.0.2/js2xmlparser:^4.0.2
Referenced In Projects/Scopes: simplicite-js:5.2.54/jsdoc:4.0.2 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author.email michael@kourlas.com Highest Vendor package.json author.name Michael Kourlas Highest Vendor package.json description Parses JavaScript objects into XML Highest Vendor package.json name js2xmlparser Highest Vendor package.json name js2xmlparser_project Highest Product package.json name js2xmlparser Highest Version package.json version 4.0.2 Highest
Related Dependencies js2xmlparser:4.0.2File Path: /var/simplicite/simplicite-5.2/package-lock.json?/js2xmlparser:4.0.2 pkg:npm/js2xmlparser@4.0.2 jsdoc-type-pratt-parser:4.0.0License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/jsdoc-type-pratt-parser:4.0.0
Referenced In Projects/Scopes: simplicite-js:5.2.54 simplicite-js:5.2.54/@es-joy/jsdoccomment:0.41.0 Evidence Type Source Name Value Confidence Vendor package.json author Simon Seyock (https://github.com/simonseyock) Highest Vendor package.json bugs https://github.com/jsdoc-type-pratt-parser/jsdoc-type-pratt-parser/issues Highest Vendor package.json description Highest Vendor package.json homepage https://github.com/jsdoc-type-pratt-parser/jsdoc-type-pratt-parser Highest Vendor package.json name jsdoc-type-pratt-parser Highest Vendor package.json name jsdoc-type-pratt-parser_project Highest Product package.json name jsdoc-type-pratt-parser Highest Version package.json version 4.0.0 Highest
Related Dependencies jsdoc-type-pratt-parser:4.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?@es-joy/jsdoccomment:0.41.0/jsdoc-type-pratt-parser:~4.0.0 pkg:npm/jsdoc-type-pratt-parser@4.0.0 jsdoc:4.0.2Description:
An API documentation generator for JavaScript. License:
Apache-2.0 File Path: /var/simplicite/simplicite-5.2/package-lock.json?/jsdoc:4.0.2
Referenced In Project/Scope: simplicite-js:5.2.54
Evidence Type Source Name Value Confidence Vendor package.json author.email micmath@gmail.com Highest Vendor package.json author.name Michael Mathews Highest Vendor package.json bugs https://github.com/jsdoc/jsdoc/issues Highest Vendor package.json description An API documentation generator for JavaScript. Highest Vendor package.json maintainers.email jeffrey.l.williams@gmail.com Highest Vendor package.json maintainers.name Jeff Williams Highest Vendor package.json name jsdoc Highest Vendor package.json name jsdoc_project Highest Product package.json name jsdoc Highest Version package.json version 4.0.2 Highest
jsesc:0.5.0Description:
A JavaScript library for escaping JavaScript strings while generating the shortest possible valid output. File Path: /var/simplicite/simplicite-5.2/package-lock.json?/jsesc:0.5.0Referenced In Projects/Scopes:
simplicite-js:5.2.54/regjsparser:0.9.1 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author.name Mathias Bynens Highest Vendor package.json author.url http://mathiasbynens.be/ Highest Vendor package.json bugs.url https://github.com/mathiasbynens/jsesc/issues Highest Vendor package.json description A JavaScript library for escaping JavaScript strings while generating the shortest possible valid output. Highest Vendor package.json homepage http://mths.be/jsesc Highest Vendor package.json name jsesc Highest Vendor package.json name jsesc_project Highest Product package.json name jsesc Highest Version package.json version 0.5.0 Highest
Related Dependencies jsesc:0.5.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?regjsparser:0.9.1/jsesc:~0.5.0 pkg:npm/jsesc@0.5.0 jsesc:2.5.2Description:
Given some data, jsesc returns the shortest possible stringified & ASCII-safe representation of that data. License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/jsesc:2.5.2
Referenced In Projects/Scopes: simplicite-js:5.2.54/@babel/generator:7.23.6 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author.name Mathias Bynens Highest Vendor package.json author.url https://mathiasbynens.be/ Highest Vendor package.json bugs https://github.com/mathiasbynens/jsesc/issues Highest Vendor package.json description Given some data, jsesc returns the shortest possible stringified & ASCII-safe representation of that data. Highest Vendor package.json homepage https://mths.be/jsesc Highest Vendor package.json name jsesc Highest Vendor package.json name jsesc_project Highest Product package.json name jsesc Highest Version package.json version 2.5.2 Highest
Related Dependencies jsesc:2.5.2File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/generator:7.23.6/jsesc:^2.5.1 pkg:npm/jsesc@2.5.2 jshint:2.13.1Description:
Static analysis tool for JavaScript License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/jshint:2.13.1
Referenced In Project/Scope: simplicite-js:5.2.54
Evidence Type Source Name Value Confidence Vendor package.json author.email anton@kovalyov.net Highest Vendor package.json author.name Anton Kovalyov Highest Vendor package.json author.url http://anton.kovalyov.net/ Highest Vendor package.json bugs.url https://github.com/jshint/jshint/issues Highest Vendor package.json description Static analysis tool for JavaScript Highest Vendor package.json homepage http://jshint.com/ Highest Vendor package.json name jshint Highest Vendor package.json name jshint_project Highest Product package.json name jshint Highest Version package.json version 2.13.1 Highest
json-20211205.jarDescription:
JSON is a light-weight, language independent, data interchange format.
See http://www.JSON.org/
The files in this package implement JSON encoders/decoders in Java.
It also includes the capability to convert between JSON and XML, HTTP
headers, Cookies, and CDL.
This is a reference implementation. There is a large number of JSON packages
in Java. Perhaps someday the Java community will standardize on one. Until
then, choose carefully.
The license includes this restriction: "The software shall be used for good,
not evil." If your conscience cannot live with that, then choose a different
package.
License:
The JSON License: http://json.org/license.html File Path: /var/simplicite/.m2/repository/org/json/json/20211205/json-20211205.jar
MD5: 2aa4313aaabdcf89e1847d5bf6d3535f
SHA1: 47032dcf2f69880f07dab3dc60b4b0ad97318308
SHA256: 7f38d61fbb7e2afdc31c6be865720ee4fc8a0c3c14fac4f3ec47fd3deb3939c6
Referenced In Project/Scope: Simplicite Platform:compile
json-20211205.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.simplicite/simplicite@5.2.54
Evidence Type Source Name Value Confidence Vendor file name json-20211205 High Vendor jar package name cdl Highest Vendor jar package name http Highest Vendor jar package name json Highest Vendor jar package name xml Highest Vendor Manifest automatic-module-name org.json Medium Vendor Manifest bundle-symbolicname json Medium Vendor pom artifactid json Highest Vendor pom artifactid json Low Vendor pom developer email douglas@crockford.com Low Vendor pom developer name Douglas Crockford Medium Vendor pom groupid org.json Highest Vendor pom name JSON in Java High Vendor pom url douglascrockford/JSON-java Highest Product file name json-20211205 High Product jar package name cdl Highest Product jar package name http Highest Product jar package name json Highest Product jar package name xml Highest Product Manifest automatic-module-name org.json Medium Product Manifest Bundle-Name JSON in Java Medium Product Manifest bundle-symbolicname json Medium Product pom artifactid json Highest Product pom developer email douglas@crockford.com Low Product pom developer name Douglas Crockford Low Product pom groupid org.json Highest Product pom name JSON in Java High Product pom url douglascrockford/JSON-java High Version file version 20211205 Medium Version pom version 20211205 Highest
CVE-2022-45688 suppress
A stack overflow in the XML.toJSONObject component of hutool-json v5.8.10 allows attackers to cause a Denial of Service (DoS) via crafted JSON or XML data. CWE-787 Out-of-bounds Write
CVSSv3:
Base Score: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H References:
Vulnerable Software & Versions: (show all )
CVE-2023-5072 suppress
Denial of Service in JSON-Java versions up to and including 20230618. A bug in the parser means that an input string of modest size can lead to indefinite amounts of memory being used.
CWE-770 Allocation of Resources Without Limits or Throttling
CVSSv3:
Base Score: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H References:
Vulnerable Software & Versions:
json-buffer:3.0.1Description:
JSON parse & stringify that supports binary via bops & base64 License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?keyv:4.5.2/json-buffer:3.0.1
Referenced In Projects/Scopes: simplicite-js:5.2.54/keyv:4.5.2 simplicite-js:5.2.54 simplicite-js:5.2.54/keyv:3.1.0 Evidence Type Source Name Value Confidence Vendor package.json author Dominic Tarr <dominic.tarr@gmail.com> (http://dominictarr.com) Highest Vendor package.json description JSON parse & stringify that supports binary via bops & base64 Highest Vendor package.json homepage https://github.com/dominictarr/json-buffer Highest Vendor package.json name json-buffer Highest Vendor package.json name json-buffer_project Highest Product package.json name json-buffer Highest Version package.json version 3.0.1 Highest
Related Dependencies json-buffer:3.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?/json-buffer:3.0.0 pkg:npm/json-buffer@3.0.0 json-buffer:3.0.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?/json-buffer:3.0.1 pkg:npm/json-buffer@3.0.1 json-buffer:3.0.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?keyv:3.1.0/json-buffer:3.0.0 pkg:npm/json-buffer@3.0.1 json-parse-even-better-errors:2.3.1Description:
JSON.parse with context information on error License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?parse-json:5.2.0/json-parse-even-better-errors:^2.3.0
Referenced In Projects/Scopes: simplicite-js:5.2.54 simplicite-js:5.2.54/parse-json:5.2.0 Evidence Type Source Name Value Confidence Vendor package.json author.email kzm@zkat.tech Highest Vendor package.json author.name Kat Marchán Highest Vendor package.json author.twitter maybekatz Highest Vendor package.json description JSON.parse with context information on error Highest Vendor package.json name json-parse-even-better-errors Highest Vendor package.json name json-parse-even-better-errors_project Highest Product package.json name json-parse-even-better-errors Highest Version package.json version 2.3.1 Highest
Related Dependencies json-parse-even-better-errors:2.3.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?/json-parse-even-better-errors:2.3.1 pkg:npm/json-parse-even-better-errors@2.3.1 json-parse-even-better-errors:3.0.0Description:
JSON.parse with context information on error License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/json-parse-even-better-errors:3.0.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/read-package-json:6.0.4 simplicite-js:5.2.54 simplicite-js:5.2.54/read-package-json-fast:3.0.2 Evidence Type Source Name Value Confidence Vendor package.json author GitHub Inc. Highest Vendor package.json description JSON.parse with context information on error Highest Vendor package.json name json-parse-even-better-errors Highest Vendor package.json name json-parse-even-better-errors_project Highest Product package.json name json-parse-even-better-errors Highest Version package.json version 3.0.0 Highest
Related Dependencies json-parse-even-better-errors:3.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?read-package-json-fast:3.0.2/json-parse-even-better-errors:^3.0.0 pkg:npm/json-parse-even-better-errors@3.0.0 json-parse-even-better-errors:3.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?read-package-json:6.0.4/json-parse-even-better-errors:^3.0.0 pkg:npm/json-parse-even-better-errors@3.0.0 json-parse-helpfulerror:1.0.3Description:
A drop-in replacement for JSON.parse that uses `jju` to give helpful errors License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?npm-check-updates:16.14.14/json-parse-helpfulerror:^1.0.3
Referenced In Projects/Scopes: simplicite-js:5.2.54/npm-check-updates:16.14.14 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author Sam Mikes <smikes@cubane.com> Highest Vendor package.json bugs.url https://github.com/smikes/json-parse-helpfulerror/issues Highest Vendor package.json description A drop-in replacement for JSON.parse that uses `jju` to give helpful errors Highest Vendor package.json homepage https://github.com/smikes/json-parse-helpfulerror Highest Vendor package.json name json-parse-helpfulerror Highest Vendor package.json name json-parse-helpfulerror_project Highest Product package.json name json-parse-helpfulerror Highest Version package.json version 1.0.3 Highest
Related Dependencies json-parse-helpfulerror:1.0.3File Path: /var/simplicite/simplicite-5.2/package-lock.json?/json-parse-helpfulerror:1.0.3 pkg:npm/json-parse-helpfulerror@1.0.3 json-schema-traverse:0.4.1Description:
Traverse JSON Schema passing each schema object to callback License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/json-schema-traverse:0.4.1
Referenced In Projects/Scopes: simplicite-js:5.2.54/ajv:8.12.0 simplicite-js:5.2.54 simplicite-js:5.2.54/ajv:6.12.6 Evidence Type Source Name Value Confidence Vendor package.json author Evgeny Poberezkin Highest Vendor package.json bugs.url https://github.com/epoberezkin/json-schema-traverse/issues Highest Vendor package.json description Traverse JSON Schema passing each schema object to callback Highest Vendor package.json homepage https://github.com/epoberezkin/json-schema-traverse#readme Highest Vendor package.json name json-schema-traverse Highest Vendor package.json name json-schema-traverse_project Highest Product package.json name json-schema-traverse Highest Version package.json version 0.4.1 Highest
Related Dependencies json-schema-traverse:0.4.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?ajv:6.12.6/json-schema-traverse:^0.4.1 pkg:npm/json-schema-traverse@0.4.1 json-schema-traverse:0.4.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?ajv:8.12.0/json-schema-traverse:^1.0.0 pkg:npm/json-schema-traverse@0.4.1 json-schema-traverse:1.0.0Description:
Traverse JSON Schema passing each schema object to callback License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/json-schema-traverse:1.0.0
Referenced In Project/Scope: simplicite-js:5.2.54
Evidence Type Source Name Value Confidence Vendor package.json author Evgeny Poberezkin Highest Vendor package.json bugs.url https://github.com/epoberezkin/json-schema-traverse/issues Highest Vendor package.json description Traverse JSON Schema passing each schema object to callback Highest Vendor package.json homepage https://github.com/epoberezkin/json-schema-traverse#readme Highest Vendor package.json name json-schema-traverse Highest Vendor package.json name json-schema-traverse_project Highest Product package.json name json-schema-traverse Highest Version package.json version 1.0.0 Highest
json-simple-1.1.1.jarDescription:
A simple Java toolkit for JSON License:
The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /var/simplicite/.m2/repository/com/googlecode/json-simple/json-simple/1.1.1/json-simple-1.1.1.jar
MD5: 5cc2c478d73e8454b4c369cee66c5bc7
SHA1: c9ad4a0850ab676c5c64461a05ca524cdfff59f1
SHA256: 4e69696892b88b41c55d49ab2fdcc21eead92bf54acc588c0050596c3b75199c
Referenced In Project/Scope: Simplicite Platform:compile
json-simple-1.1.1.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.simplicite/simplicite@5.2.54
Evidence Type Source Name Value Confidence Vendor file name json-simple High Vendor jar package name json Highest Vendor jar package name simple Highest Vendor Manifest bundle-symbolicname com.googlecode.json-simple Medium Vendor pom artifactid json-simple Highest Vendor pom artifactid json-simple Low Vendor pom developer id Yidong Medium Vendor pom developer name Yidong Fang Medium Vendor pom groupid com.googlecode.json-simple Highest Vendor pom name JSON.simple High Vendor pom url http://code.google.com/p/json-simple/ Highest Product file name json-simple High Product jar package name json Highest Product jar package name simple Highest Product Manifest Bundle-Name JSON.simple Medium Product Manifest bundle-symbolicname com.googlecode.json-simple Medium Product pom artifactid json-simple Highest Product pom developer id Yidong Low Product pom developer name Yidong Fang Low Product pom groupid com.googlecode.json-simple Highest Product pom name JSON.simple High Product pom url http://code.google.com/p/json-simple/ Medium Version file version 1.1.1 High Version Manifest Bundle-Version 1.1.1 High Version pom version 1.1.1 Highest
json-stable-stringify-without-jsonify:1.0.1Description:
deterministic JSON.stringify() with custom sorting to get deterministic hashes from stringified results, with no public domain dependencies License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/json-stable-stringify-without-jsonify:1.0.1
Referenced In Projects/Scopes: simplicite-js:5.2.54/eslint:8.56.0 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author.email mail@substack.net Highest Vendor package.json author.name James Halliday Highest Vendor package.json author.url http://substack.net Highest Vendor package.json description deterministic JSON.stringify() with custom sorting to get deterministic hashes from stringified results, with no public domain dependencies Highest Vendor package.json homepage https://github.com/samn/json-stable-stringify Highest Vendor package.json name json-stable-stringify-without-jsonify Highest Vendor package.json name json-stable-stringify-without-jsonify_project Highest Product package.json name json-stable-stringify-without-jsonify Highest Version package.json version 1.0.1 Highest
Related Dependencies json-stable-stringify-without-jsonify:1.0.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?eslint:8.56.0/json-stable-stringify-without-jsonify:^1.0.1 pkg:npm/json-stable-stringify-without-jsonify@1.0.1 json5:2.2.3Description:
JSON for Humans License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?rc-config-loader:4.1.3/json5:^2.2.2
Referenced In Projects/Scopes: simplicite-js:5.2.54/rc-config-loader:4.1.3 simplicite-js:5.2.54/@babel/core:7.23.9 simplicite-js:5.2.54 simplicite-js:5.2.54/depcheck:1.4.3 Evidence Type Source Name Value Confidence Vendor package.json author Aseem Kishore <aseem.kishore@gmail.com> Highest Vendor package.json bugs.url https://github.com/json5/json5/issues Highest Vendor package.json description JSON for Humans Highest Vendor package.json homepage http://json5.org/ Highest Vendor package.json name json5 Highest Vendor package.json name json5_project Highest Product package.json name json5 Highest Version package.json version 2.2.3 Highest
Related Dependencies json5:2.2.3File Path: /var/simplicite/simplicite-5.2/package-lock.json?/json5:2.2.3 pkg:npm/json5@2.2.3 json5:2.2.3File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/core:7.23.9/json5:^2.2.3 pkg:npm/json5@2.2.3 json5:2.2.3File Path: /var/simplicite/simplicite-5.2/package-lock.json?depcheck:1.4.3/json5:^2.1.3 pkg:npm/json5@2.2.3 jsonfile:4.0.0Description:
Easily read/write JSON files. License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/jsonfile:4.0.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/fs-extra:8.1.0 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author JP Richardson <jprichardson@gmail.com> Highest Vendor package.json description Easily read/write JSON files. Highest Vendor package.json name jsonfile Highest Vendor package.json name jsonfile_project Highest Product package.json name jsonfile Highest Version package.json version 4.0.0 Highest
Related Dependencies jsonfile:4.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?fs-extra:8.1.0/jsonfile:^4.0.0 pkg:npm/jsonfile@4.0.0 jsonlines:0.1.1License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?npm-check-updates:16.14.14/jsonlines:^0.1.1
Referenced In Projects/Scopes: simplicite-js:5.2.54/npm-check-updates:16.14.14 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author Linus Unnebäck <linus@folkdatorn.se> Highest Vendor package.json name jsonlines Highest Vendor package.json name jsonlines_project Highest Product package.json name jsonlines Highest Version package.json version 0.1.1 Highest
Related Dependencies jsonlines:0.1.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?/jsonlines:0.1.1 pkg:npm/jsonlines@0.1.1 jsonparse:1.3.1Description:
This is a pure-js JSON streaming parser for node.js License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?minipass-json-stream:1.0.1/jsonparse:^1.3.1
Referenced In Projects/Scopes: simplicite-js:5.2.54/minipass-json-stream:1.0.1 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author Tim Caswell <tim@creationix.com> Highest Vendor package.json bugs http://github.com/creationix/jsonparse/issues Highest Vendor package.json description This is a pure-js JSON streaming parser for node.js Highest Vendor package.json name jsonparse Highest Vendor package.json name jsonparse_project Highest Product package.json name jsonparse Highest Version package.json version 1.3.1 Highest
Related Dependencies jsonparse:1.3.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?/jsonparse:1.3.1 pkg:npm/jsonparse@1.3.1 jsoup-1.14.3.jarDescription:
jsoup is a Java library for working with real-world HTML. It provides a very convenient API for fetching URLs and extracting and manipulating data, using the best of HTML5 DOM methods and CSS selectors. jsoup implements the WHATWG HTML5 specification, and parses HTML to the same DOM as modern browsers do. License:
The MIT License: https://jsoup.org/license File Path: /var/simplicite/.m2/repository/org/jsoup/jsoup/1.14.3/jsoup-1.14.3.jar
MD5: 079f92557fa3577329d498aee5cc25ee
SHA1: c43a81e18e6d0eb71951aa031d55d5c293c531a6
SHA256: 92af19ec57cc77637db4490f0f5011f0444d353209ce36083bac428f9b81a39c
Referenced In Project/Scope: Simplicite Platform:compile
jsoup-1.14.3.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.simplicite/simplicite@5.2.54
Evidence Type Source Name Value Confidence Vendor file name jsoup High Vendor jar package name jsoup Highest Vendor jar package name parser Highest Vendor Manifest automatic-module-name org.jsoup Medium Vendor Manifest build-jdk-spec 15 Low Vendor Manifest bundle-docurl https://jsoup.org/ Low Vendor Manifest bundle-symbolicname org.jsoup Medium Vendor pom artifactid jsoup Highest Vendor pom artifactid jsoup Low Vendor pom developer email jonathan@hedley.net Low Vendor pom developer id jhy Medium Vendor pom developer name Jonathan Hedley Medium Vendor pom groupid org.jsoup Highest Vendor pom name jsoup Java HTML Parser High Vendor pom organization name Jonathan Hedley High Vendor pom organization url https://jhy.io/ Medium Vendor pom url https://jsoup.org/ Highest Product file name jsoup High Product jar package name jsoup Highest Product jar package name parser Highest Product Manifest automatic-module-name org.jsoup Medium Product Manifest build-jdk-spec 15 Low Product Manifest bundle-docurl https://jsoup.org/ Low Product Manifest Bundle-Name jsoup Java HTML Parser Medium Product Manifest bundle-symbolicname org.jsoup Medium Product pom artifactid jsoup Highest Product pom developer email jonathan@hedley.net Low Product pom developer id jhy Low Product pom developer name Jonathan Hedley Low Product pom groupid org.jsoup Highest Product pom name jsoup Java HTML Parser High Product pom organization name Jonathan Hedley Low Product pom organization url https://jhy.io/ Low Product pom url https://jsoup.org/ Medium Version file version 1.14.3 High Version Manifest Bundle-Version 1.14.3 High Version pom version 1.14.3 Highest
CVE-2022-36033 suppress
jsoup is a Java HTML parser, built for HTML editing, cleaning, scraping, and cross-site scripting (XSS) safety. jsoup may incorrectly sanitize HTML including `javascript:` URL expressions, which could allow XSS attacks when a reader subsequently clicks that link. If the non-default `SafeList.preserveRelativeLinks` option is enabled, HTML including `javascript:` URLs that have been crafted with control characters will not be sanitized. If the site that this HTML is published on does not set a Content Security Policy, an XSS attack is then possible. This issue is patched in jsoup 1.15.3. Users should upgrade to this version. Additionally, as the unsanitized input may have been persisted, old content should be cleaned again using the updated version. To remediate this issue without immediately upgrading: - disable `SafeList.preserveRelativeLinks`, which will rewrite input URLs as absolute URLs - ensure an appropriate [Content Security Policy](https://developer.mozilla.org/en-US/docs/Web/HTTP/CSP) is defined. (This should be used regardless of upgrading, as a defence-in-depth best practice.) CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVSSv3:
Base Score: MEDIUM (6.1) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N References:
Vulnerable Software & Versions: (show all )
jsr305-3.0.2.jarDescription:
JSR305 Annotations for Findbugs License:
The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /var/simplicite/.m2/repository/com/google/code/findbugs/jsr305/3.0.2/jsr305-3.0.2.jar
MD5: dd83accb899363c32b07d7a1b2e4ce40
SHA1: 25ea2e8b0c338a877313bd4672d3fe056ea78f0d
SHA256: 766ad2a0783f2687962c8ad74ceecc38a28b9f72a2d085ee438b7813e928d0c7
Referenced In Project/Scope: Simplicite Platform:compile
jsr305-3.0.2.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.google.guava/guava@30.1.1-jre
Evidence Type Source Name Value Confidence Vendor file name jsr305 High Vendor Manifest bundle-symbolicname org.jsr-305 Medium Vendor pom artifactid jsr305 Highest Vendor pom artifactid jsr305 Low Vendor pom groupid com.google.code.findbugs Highest Vendor pom name FindBugs-jsr305 High Vendor pom url http://findbugs.sourceforge.net/ Highest Product file name jsr305 High Product Manifest Bundle-Name FindBugs-jsr305 Medium Product Manifest bundle-symbolicname org.jsr-305 Medium Product pom artifactid jsr305 Highest Product pom groupid com.google.code.findbugs Highest Product pom name FindBugs-jsr305 High Product pom url http://findbugs.sourceforge.net/ Medium Version file version 3.0.2 High Version Manifest Bundle-Version 3.0.2 High Version pom version 3.0.2 Highest
jszip-utils:0.1.0Description:
A collection of cross-browser utilities to go along with JSZip. License:
(MIT OR GPL-3.0) File Path: /var/simplicite/simplicite-5.2/package-lock.json?/jszip-utils:0.1.0
Referenced In Project/Scope: simplicite-js:5.2.54
Evidence Type Source Name Value Confidence Vendor package.json author Stuart Knightley <stuart@stuartk.com> Highest Vendor package.json description A collection of cross-browser utilities to go along with JSZip. Highest Vendor package.json name jszip-utils Highest Vendor package.json name jszip-utils_project Highest Product package.json name jszip-utils Highest Version package.json version 0.1.0 Highest
jszip:3.7.1Description:
Create, read and edit .zip files with JavaScript http://stuartk.com/jszip License:
(MIT OR GPL-3.0-or-later) File Path: /var/simplicite/simplicite-5.2/package-lock.json?/jszip:3.7.1
Referenced In Project/Scope: simplicite-js:5.2.54
Evidence Type Source Name Value Confidence Vendor package.json author Stuart Knightley <stuart@stuartk.com> Highest Vendor package.json description Create, read and edit .zip files with JavaScript http://stuartk.com/jszip Highest Vendor package.json name jszip Highest Vendor package.json name jszip_project Highest Product package.json name jszip Highest Version package.json version 3.7.1 Highest
CVE-2022-48285 suppress
loadAsync in JSZip before 3.8.0 allows Directory Traversal via a crafted ZIP archive. CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVSSv3:
Base Score: HIGH (7.3) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L References:
Vulnerable Software & Versions:
GHSA-36fh-84j7-cv5h (NPM) suppress
loadAsync in JSZip before 3.8.0 allows Directory Traversal via a crafted ZIP archive. CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVSSv3:
Base Score: HIGH (7.3) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L Unscored:
References:
Vulnerable Software & Versions (NPM):
cpe:2.3:a:*:jszip:\<3.8.0:*:*:*:*:*:*:* jtidy-r938.jarDescription:
JTidy is a Java port of HTML Tidy, a HTML syntax checker and pretty printer. Like its non-Java cousin, JTidy can be
used as a tool for cleaning up malformed and faulty HTML. In addition, JTidy provides a DOM interface to the
document that is being processed, which effectively makes you able to use JTidy as a DOM parser for real-world HTML.
License:
Java HTML Tidy License: http://jtidy.svn.sourceforge.net/viewvc/jtidy/trunk/jtidy/LICENSE.txt?revision=95 File Path: /var/simplicite/.m2/repository/net/sf/jtidy/jtidy/r938/jtidy-r938.jar
MD5: 6a9121561b8f98c0a8fb9b6e57f50e6b
SHA1: ab08d87a225a715a69107732b67f21e1da930349
SHA256: 6fc03e51e73fa884f06e7eae0761e045e56fdeb4e146a4d952e3023cc9e3fb43
Referenced In Project/Scope: Simplicite Platform:compile
jtidy-r938.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.simplicite/simplicite@5.2.54
Evidence Type Source Name Value Confidence Vendor file name jtidy-r938 High Vendor jar package name parser Highest Vendor jar package name tidy Low Vendor jar package name w3c Low Vendor pom artifactid jtidy Highest Vendor pom artifactid jtidy Low Vendor pom developer email atripp AT users.sourceforge.net Low Vendor pom developer email fgiust AT users.sourceforge.net Low Vendor pom developer email garypeskin AT users.sourceforge.net Low Vendor pom developer email lempinen AT users.sourceforge.net Low Vendor pom developer email russgold AT users.sourceforge.net Low Vendor pom developer id atripp Medium Vendor pom developer id fgiust Medium Vendor pom developer id garypeskin Medium Vendor pom developer id lempinen Medium Vendor pom developer id russgold Medium Vendor pom developer name Andy Tripp Medium Vendor pom developer name Fabrizio Giustina Medium Vendor pom developer name Gary L Peskin Medium Vendor pom developer name Russell Gold Medium Vendor pom developer name Sami Lempinen Medium Vendor pom developer org Sourceforge Medium Vendor pom groupid net.sf.jtidy Highest Vendor pom name JTidy High Vendor pom organization name sourceforge High Vendor pom organization url http://sourceforge.net Medium Vendor pom url http://jtidy.sourceforge.net Highest Product file name jtidy-r938 High Product jar package name parser Highest Product jar package name tidy Low Product pom artifactid jtidy Highest Product pom developer email atripp AT users.sourceforge.net Low Product pom developer email fgiust AT users.sourceforge.net Low Product pom developer email garypeskin AT users.sourceforge.net Low Product pom developer email lempinen AT users.sourceforge.net Low Product pom developer email russgold AT users.sourceforge.net Low Product pom developer id atripp Low Product pom developer id fgiust Low Product pom developer id garypeskin Low Product pom developer id lempinen Low Product pom developer id russgold Low Product pom developer name Andy Tripp Low Product pom developer name Fabrizio Giustina Low Product pom developer name Gary L Peskin Low Product pom developer name Russell Gold Low Product pom developer name Sami Lempinen Low Product pom developer org Sourceforge Low Product pom groupid net.sf.jtidy Highest Product pom name JTidy High Product pom organization name sourceforge Low Product pom organization url http://sourceforge.net Low Product pom url http://jtidy.sourceforge.net Medium Version pom version r938 Highest
CVE-2023-34623 suppress
An issue was discovered jtidy thru r938 allows attackers to cause a denial of service or other unspecified impacts via crafted object that uses cyclic dependencies. CWE-787 Out-of-bounds Write
CVSSv3:
Base Score: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H References:
Vulnerable Software & Versions:
jul-to-slf4j-1.7.32.jarDescription:
JUL to SLF4J bridge File Path: /var/simplicite/.m2/repository/org/slf4j/jul-to-slf4j/1.7.32/jul-to-slf4j-1.7.32.jarMD5: cf36bbee73d82b6b96a6414ef9f54df1SHA1: 8a055c04ab44e8e8326901cadf89080721348bdbSHA256: 6dee8d85ad6943aff0600f14897c469e64bae0413ee33a15c448af00432c0642Referenced In Project/Scope: Simplicite Platform:compilejul-to-slf4j-1.7.32.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.simplicite/simplicite@5.2.54
Evidence Type Source Name Value Confidence Vendor file name jul-to-slf4j High Vendor jar package name bridge Highest Vendor jar package name slf4j Highest Vendor Manifest bundle-requiredexecutionenvironment J2SE-1.5 Low Vendor Manifest bundle-symbolicname jul.to.slf4j Medium Vendor pom artifactid jul-to-slf4j Highest Vendor pom artifactid jul-to-slf4j Low Vendor pom groupid org.slf4j Highest Vendor pom name JUL to SLF4J bridge High Vendor pom parent-artifactid slf4j-parent Low Vendor pom url http://www.slf4j.org Highest Product file name jul-to-slf4j High Product jar package name bridge Highest Product jar package name slf4j Highest Product Manifest Bundle-Name jul-to-slf4j Medium Product Manifest bundle-requiredexecutionenvironment J2SE-1.5 Low Product Manifest bundle-symbolicname jul.to.slf4j Medium Product pom artifactid jul-to-slf4j Highest Product pom groupid org.slf4j Highest Product pom name JUL to SLF4J bridge High Product pom parent-artifactid slf4j-parent Medium Product pom url http://www.slf4j.org Medium Version file version 1.7.32 High Version Manifest Bundle-Version 1.7.32 High Version Manifest Implementation-Version 1.7.32 High Version pom version 1.7.32 Highest
junit-4.13.2.jarDescription:
JUnit is a unit testing framework for Java, created by Erich Gamma and Kent Beck. License:
Eclipse Public License 1.0: http://www.eclipse.org/legal/epl-v10.html File Path: /var/simplicite/.m2/repository/junit/junit/4.13.2/junit-4.13.2.jar
MD5: d98a9a02a99a9acd22d7653cbcc1f31f
SHA1: 8ac9e16d933b6fb43bc7f576336b8f4d7eb5ba12
SHA256: 8e495b634469d64fb8acfa3495a065cbacc8a0fff55ce1e31007be4c16dc57d3
Referenced In Project/Scope: Simplicite Platform:compile
junit-4.13.2.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.simplicite/simplicite@5.2.54
Evidence Type Source Name Value Confidence Vendor file name junit High Vendor jar package name framework Highest Vendor jar package name junit Highest Vendor Manifest automatic-module-name junit Medium Vendor Manifest implementation-url http://junit.org Low Vendor Manifest Implementation-Vendor JUnit High Vendor Manifest Implementation-Vendor-Id junit Medium Vendor pom artifactid junit Highest Vendor pom artifactid junit Low Vendor pom developer email david@saff.net Low Vendor pom developer email kcooney@google.com Low Vendor pom developer email mail@marcphilipp.de Low Vendor pom developer email mail@stefan-birkner.de Low Vendor pom developer id dsaff Medium Vendor pom developer id kcooney Medium Vendor pom developer id marcphilipp Medium Vendor pom developer id stefanbirkner Medium Vendor pom developer name David Saff Medium Vendor pom developer name Kevin Cooney Medium Vendor pom developer name Marc Philipp Medium Vendor pom developer name Stefan Birkner Medium Vendor pom groupid junit Highest Vendor pom name JUnit High Vendor pom organization name JUnit High Vendor pom organization url http://www.junit.org Medium Vendor pom url http://junit.org Highest Product file name junit High Product jar package name framework Highest Product jar package name junit Highest Product Manifest automatic-module-name junit Medium Product Manifest Implementation-Title JUnit High Product Manifest implementation-url http://junit.org Low Product pom artifactid junit Highest Product pom developer email david@saff.net Low Product pom developer email kcooney@google.com Low Product pom developer email mail@marcphilipp.de Low Product pom developer email mail@stefan-birkner.de Low Product pom developer id dsaff Low Product pom developer id kcooney Low Product pom developer id marcphilipp Low Product pom developer id stefanbirkner Low Product pom developer name David Saff Low Product pom developer name Kevin Cooney Low Product pom developer name Marc Philipp Low Product pom developer name Stefan Birkner Low Product pom groupid junit Highest Product pom name JUnit High Product pom organization name JUnit Low Product pom organization url http://www.junit.org Low Product pom url http://junit.org Medium Version file version 4.13.2 High Version Manifest Implementation-Version 4.13.2 High Version pom version 4.13.2 Highest
juniversalchardet-1.0.3.jarDescription:
Java port of universalchardet License:
Mozilla Public License 1.1 (MPL 1.1): http://www.mozilla.org/MPL/MPL-1.1.html File Path: /var/simplicite/.m2/repository/com/googlecode/juniversalchardet/juniversalchardet/1.0.3/juniversalchardet-1.0.3.jar
MD5: d9ea0a9a275336c175b343f2e4cd8f27
SHA1: cd49678784c46aa8789c060538e0154013bb421b
SHA256: 757bfe906193b8b651e79dc26cd67d6b55d0770a2cdfb0381591504f779d4a76
Referenced In Project/Scope: Simplicite Platform:compile
juniversalchardet-1.0.3.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.apache.tika/tika-parsers@1.27
Evidence Type Source Name Value Confidence Vendor file name juniversalchardet High Vendor jar package name mozilla Low Vendor jar package name prober Low Vendor jar package name universalchardet Highest Vendor jar package name universalchardet Low Vendor pom artifactid juniversalchardet Highest Vendor pom artifactid juniversalchardet Low Vendor pom developer email takscape@gmail.com Low Vendor pom developer id takscape Medium Vendor pom groupid com.googlecode.juniversalchardet Highest Vendor pom name juniversalchardet High Vendor pom url http://juniversalchardet.googlecode.com/ Highest Product file name juniversalchardet High Product jar package name prober Low Product jar package name universalchardet Highest Product jar package name universalchardet Low Product pom artifactid juniversalchardet Highest Product pom developer email takscape@gmail.com Low Product pom developer id takscape Low Product pom groupid com.googlecode.juniversalchardet Highest Product pom name juniversalchardet High Product pom url http://juniversalchardet.googlecode.com/ Medium Version file version 1.0.3 High Version pom version 1.0.3 Highest
junrar-7.4.0.jarDescription:
property 'description' License:
UnRar License: https://github.com/junrar/junrar/LICENSE.md File Path: /var/simplicite/.m2/repository/com/github/junrar/junrar/7.4.0/junrar-7.4.0.jar
MD5: 6df7df2ffc0e7c360fbbac6535ec4dcb
SHA1: 32b270b684cc6c7028574edd5fce0f491b06854b
SHA256: 7ee9cfc6c86d2953fff11572384dccda8dcdfe999037252739079a8d6d7998da
Referenced In Project/Scope: Simplicite Platform:compile
junrar-7.4.0.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.apache.tika/tika-parsers@1.27
Evidence Type Source Name Value Confidence Vendor file name junrar High Vendor jar package name github Highest Vendor jar package name github Low Vendor jar package name junrar Highest Vendor jar package name junrar Low Vendor pom artifactid junrar Highest Vendor pom artifactid junrar Low Vendor pom developer id gotson Medium Vendor pom developer name Gauthier Roebroeck Medium Vendor pom groupid com.github.junrar Highest Vendor pom name Java Unrar High Vendor pom url junrar/junrar Highest Product file name junrar High Product jar package name github Highest Product jar package name junrar Highest Product jar package name junrar Low Product pom artifactid junrar Highest Product pom developer id gotson Low Product pom developer name Gauthier Roebroeck Low Product pom groupid com.github.junrar Highest Product pom name Java Unrar High Product pom url junrar/junrar High Version file version 7.4.0 High Version pom version 7.4.0 Highest
CVE-2022-23596 suppress
Junrar is an open source java RAR archive library. In affected versions A carefully crafted RAR archive can trigger an infinite loop while extracting said archive. The impact depends solely on how the application uses the library, and whether files can be provided by malignant users. The problem is patched in 7.4.1. There are no known workarounds and users are advised to upgrade as soon as possible. CWE-835 Loop with Unreachable Exit Condition ('Infinite Loop')
CVSSv2:
Base Score: MEDIUM (5.0) Vector: /AV:N/AC:L/Au:N/C:N/I:N/A:P CVSSv3:
Base Score: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H References:
Vulnerable Software & Versions:
kafka-clients-3.3.1.jarLicense:
The Apache License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /var/simplicite/.m2/repository/org/apache/kafka/kafka-clients/3.3.1/kafka-clients-3.3.1.jar
MD5: 989cbfe5c4adcc81966a682bdb306925
SHA1: aea4008ab34761ef8057b13cce6d0ec767397406
SHA256: 39d06474e22c6c8f5bd1d67c69a56e43dfb6a21605454c6e7d705c65aafe118c
Referenced In Project/Scope: Simplicite Platform:compile
kafka-clients-3.3.1.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.simplicite/simplicite@5.2.54
Evidence Type Source Name Value Confidence Vendor file name kafka-clients High Vendor jar package name apache Highest Vendor jar package name apache Low Vendor jar package name clients Highest Vendor jar package name common Low Vendor jar package name kafka Highest Vendor jar package name kafka Low Vendor pom artifactid kafka-clients Highest Vendor pom artifactid kafka-clients Low Vendor pom groupid org.apache.kafka Highest Vendor pom name Apache Kafka High Vendor pom url https://kafka.apache.org Highest Product file name kafka-clients High Product jar package name apache Highest Product jar package name clients Highest Product jar package name common Low Product jar package name kafka Highest Product jar package name kafka Low Product pom artifactid kafka-clients Highest Product pom groupid org.apache.kafka Highest Product pom name Apache Kafka High Product pom url https://kafka.apache.org Medium Version file version 3.3.1 High Version pom version 3.3.1 Highest
CVE-2023-25194 (OSSINDEX) suppress
A possible security vulnerability has been identified in Apache Kafka Connect API.
This requires access to a Kafka Connect worker, and the ability to create/modify connectors on it with an arbitrary Kafka client SASL JAAS config
and a SASL-based security protocol, which has been possible on Kafka Connect clusters since Apache Kafka Connect 2.3.0.
When configuring the connector via the Kafka Connect REST API, an authenticated operator can set the `sasl.jaas.config`
property for any of the connector's Kafka clients to "com.sun.security.auth.module.JndiLoginModule", which can be done via the
`producer.override.sasl.jaas.config`, `consumer.override.sasl.jaas.config`, or `admin.override.sasl.jaas.config` properties.
This will allow the server to connect to the attacker's LDAP server
and deserialize the LDAP response, which the attacker can use to execute java deserialization gadget chains on the Kafka connect server.
Attacker can cause unrestricted deserialization of untrusted data (or) RCE vulnerability when there are gadgets in the classpath.
Since Apache Kafka 3.0.0, users are allowed to specify these properties in connector configurations for Kafka Connect clusters running with out-of-the-box
configurations. Before Apache Kafka 3.0.0, users may not specify these properties unless the Kafka Connect cluster has been reconfigured with a connector
client override policy that permits them.
Since Apache Kafka 3.4.0, we have added a system property ("-Dorg.apache.kafka.disallowed.login.modules") to disable the problematic login modules usage
in SASL JAAS configuration. Also by default "com.sun.security.auth.module.JndiLoginModule" is disabled in Apache Kafka Connect 3.4.0.
We advise the Kafka Connect users to validate connector configurations and only allow trusted JNDI configurations. Also examine connector dependencies for
vulnerable versions and either upgrade their connectors, upgrading that specific dependency, or removing the connectors as options for remediation. Finally,
in addition to leveraging the "org.apache.kafka.disallowed.login.modules" system property, Kafka Connect users can also implement their own connector
client config override policy, which can be used to control which Kafka client properties can be overridden directly in a connector config and which cannot.
Sonatype's research suggests that this CVE's details differ from those defined at NVD. See https://ossindex.sonatype.org/vulnerability/CVE-2023-25194 for details CWE-502 Deserialization of Untrusted Data
CVSSv2:
Base Score: HIGH (8.8) Vector: /AV:N/AC:L/Au:/C:H/I:H/A:H References:
Vulnerable Software & Versions (OSSINDEX):
cpe:2.3:a:org.apache.kafka:kafka-clients:3.3.1:*:*:*:*:*:*:* keyv:3.1.0Description:
Simple key-value storage with support for multiple backends License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/keyv:3.1.0
Referenced In Project/Scope: simplicite-js:5.2.54
Evidence Type Source Name Value Confidence Vendor package.json author Luke Childs <lukechilds123@gmail.com> (http://lukechilds.co.uk) Highest Vendor package.json bugs.url https://github.com/lukechilds/keyv/issues Highest Vendor package.json description Simple key-value storage with support for multiple backends Highest Vendor package.json homepage https://github.com/lukechilds/keyv Highest Vendor package.json name keyv Highest Vendor package.json name keyv_project Highest Product package.json name keyv Highest Version package.json version 3.1.0 Highest
keyv:4.5.2Description:
Simple key-value storage with support for multiple backends License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/keyv:4.5.2
Referenced In Projects/Scopes: simplicite-js:5.2.54/cacheable-request:6.1.0 simplicite-js:5.2.54/cacheable-request:10.2.12 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author Jared Wray <me@jaredwray.com> (http://jaredwray.com) Highest Vendor package.json bugs.url https://github.com/jaredwray/keyv/issues Highest Vendor package.json description Simple key-value storage with support for multiple backends Highest Vendor package.json homepage https://github.com/jaredwray/keyv Highest Vendor package.json name keyv Highest Vendor package.json name keyv_project Highest Product package.json name keyv Highest Version package.json version 4.5.2 Highest
Related Dependencies keyv:4.5.2File Path: /var/simplicite/simplicite-5.2/package-lock.json?cacheable-request:10.2.12/keyv:^4.5.2 pkg:npm/keyv@4.5.2 keyv:4.5.2File Path: /var/simplicite/simplicite-5.2/package-lock.json?cacheable-request:6.1.0/keyv:^3.0.0 pkg:npm/keyv@4.5.2 kind-of:6.0.3Description:
Get the native type of a value. License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?shallow-clone:3.0.1/kind-of:^6.0.2
Referenced In Projects/Scopes: simplicite-js:5.2.54/shallow-clone:3.0.1 simplicite-js:5.2.54 simplicite-js:5.2.54/global-prefix:3.0.0 simplicite-js:5.2.54/minimist-options:4.1.0 simplicite-js:5.2.54/clone-deep:4.0.1 Evidence Type Source Name Value Confidence Vendor package.json author Jon Schlinkert (https://github.com/jonschlinkert) Highest Vendor package.json bugs.url https://github.com/jonschlinkert/kind-of/issues Highest Vendor package.json description Get the native type of a value. Highest Vendor package.json homepage https://github.com/jonschlinkert/kind-of Highest Vendor package.json name kind-of Highest Vendor package.json name kind-of_project Highest Product package.json name kind-of Highest Version package.json version 6.0.3 Highest
Related Dependencies kind-of:6.0.3File Path: /var/simplicite/simplicite-5.2/package-lock.json?/kind-of:6.0.3 pkg:npm/kind-of@6.0.3 kind-of:6.0.3File Path: /var/simplicite/simplicite-5.2/package-lock.json?clone-deep:4.0.1/kind-of:^6.0.2 pkg:npm/kind-of@6.0.3 kind-of:6.0.3File Path: /var/simplicite/simplicite-5.2/package-lock.json?global-prefix:3.0.0/kind-of:^6.0.2 pkg:npm/kind-of@6.0.3 kind-of:6.0.3File Path: /var/simplicite/simplicite-5.2/package-lock.json?minimist-options:4.1.0/kind-of:^6.0.3 pkg:npm/kind-of@6.0.3 klaw:3.0.0Description:
File system walker with Readable stream interface. License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/klaw:3.0.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/jsdoc:4.0.2 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author JP Richardson Highest Vendor package.json bugs.url https://github.com/jprichardson/node-klaw/issues Highest Vendor package.json description File system walker with Readable stream interface. Highest Vendor package.json homepage https://github.com/jprichardson/node-klaw#readme Highest Vendor package.json name klaw Highest Vendor package.json name klaw_project Highest Product package.json name klaw Highest Version package.json version 3.0.0 Highest
Related Dependencies klaw:3.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?jsdoc:4.0.2/klaw:^3.0.0 pkg:npm/klaw@3.0.0 kleur:4.1.5Description:
The fastest Node.js library for formatting terminal text with ANSI colors~! License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?prompts-ncu:3.0.0/kleur:^4.0.1
Referenced In Projects/Scopes: simplicite-js:5.2.54/prompts-ncu:3.0.0 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author.email luke.edwards05@gmail.com Highest Vendor package.json author.name Luke Edwards Highest Vendor package.json author.url https://lukeed.com Highest Vendor package.json description The fastest Node.js library for formatting terminal text with ANSI colors~! Highest Vendor package.json name kleur Highest Vendor package.json name kleur_project Highest Product package.json name kleur Highest Version package.json version 4.1.5 Highest
Related Dependencies kleur:4.1.5File Path: /var/simplicite/simplicite-5.2/package-lock.json?/kleur:4.1.5 pkg:npm/kleur@4.1.5 known-css-properties:0.26.0Description:
List of known CSS properties License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?stylelint:14.16.1/known-css-properties:^0.26.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/stylelint:14.16.1 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author.email vio@beanon.com Highest Vendor package.json author.name Viorel Cojocaru Highest Vendor package.json author.url http://beanon.com Highest Vendor package.json bugs.url https://github.com/known-css/known-css-properties/issues Highest Vendor package.json description List of known CSS properties Highest Vendor package.json homepage https://github.com/known-css/known-css-properties#readme Highest Vendor package.json name known-css-properties Highest Vendor package.json name known-css-properties_project Highest Product package.json name known-css-properties Highest Version package.json version 0.26.0 Highest
Related Dependencies known-css-properties:0.26.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?/known-css-properties:0.26.0 pkg:npm/known-css-properties@0.26.0 latest-version:5.1.0Description:
Get the latest version of an npm package License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?update-notifier:4.1.3/latest-version:^5.0.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/update-notifier:6.0.2 simplicite-js:5.2.54/update-notifier:4.1.3 simplicite-js:5.2.54/update-notifier:5.1.0 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author.email sindresorhus@gmail.com Highest Vendor package.json author.name Sindre Sorhus Highest Vendor package.json author.url sindresorhus.com Highest Vendor package.json description Get the latest version of an npm package Highest Vendor package.json name latest-version Highest Vendor package.json name latest-version_project Highest Product package.json name latest-version Highest Version package.json version 5.1.0 Highest
Related Dependencies latest-version:5.1.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?/latest-version:5.1.0 pkg:npm/latest-version@5.1.0 latest-version:5.1.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?update-notifier:5.1.0/latest-version:^5.1.0 pkg:npm/latest-version@5.1.0 latest-version:5.1.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?update-notifier:6.0.2/latest-version:^7.0.0 pkg:npm/latest-version@5.1.0 latest-version:7.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?/latest-version:7.0.0 pkg:npm/latest-version@7.0.0 leaflet:1.7.1Description:
JavaScript library for mobile-friendly interactive maps License:
BSD-2-Clause File Path: /var/simplicite/simplicite-5.2/package-lock.json?/leaflet:1.7.1
Referenced In Project/Scope: simplicite-js:5.2.54
Evidence Type Source Name Value Confidence Vendor package.json description JavaScript library for mobile-friendly interactive maps Highest Vendor package.json homepage https://leafletjs.com/ Highest Vendor package.json name leaflet Highest Vendor package.json name leaflet_project Highest Product package.json name leaflet Highest Version package.json version 1.7.1 Highest
levn:0.4.1Description:
Light ECMAScript (JavaScript) Value Notation - human written, concise, typed, flexible License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?optionator:0.9.3/levn:^0.4.1
Referenced In Projects/Scopes: simplicite-js:5.2.54/eslint:8.56.0 simplicite-js:5.2.54/optionator:0.9.3 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author George Zahariev <z@georgezahariev.com> Highest Vendor package.json bugs https://github.com/gkz/levn/issues Highest Vendor package.json description Light ECMAScript (JavaScript) Value Notation - human written, concise, typed, flexible Highest Vendor package.json homepage https://github.com/gkz/levn Highest Vendor package.json name levn Highest Vendor package.json name levn_project Highest Product package.json name levn Highest Version package.json version 0.4.1 Highest
Related Dependencies levn:0.4.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?/levn:0.4.1 pkg:npm/levn@0.4.1 levn:0.4.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?eslint:8.56.0/levn:^0.4.1 pkg:npm/levn@0.4.1 libphonenumber-8.12.32.jarDescription:
Google's common Java library for parsing, formatting, storing and validating international phone numbers. Optimized for running on smartphones. License:
http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /var/simplicite/.m2/repository/com/googlecode/libphonenumber/libphonenumber/8.12.32/libphonenumber-8.12.32.jar
MD5: 025cea7bdc6d512192f8234da02396ab
SHA1: 6e06d91dcb36eb8ba01a0fab97fc6d1da699b69a
SHA256: f6dfafdfe54c3d13d9e19a55105a85e4bf783efd3a84046a1de9885c2f921874
Referenced In Project/Scope: Simplicite Platform:compile
libphonenumber-8.12.32.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.simplicite/simplicite@5.2.54
Evidence Type Source Name Value Confidence Vendor file name libphonenumber High Vendor Manifest bundle-docurl http://www.google.com/ Low Vendor Manifest bundle-symbolicname com.googlecode.libphonenumber Medium Vendor pom artifactid libphonenumber Highest Vendor pom artifactid libphonenumber Low Vendor pom groupid com.googlecode.libphonenumber Highest Vendor pom parent-artifactid libphonenumber-parent Low Vendor pom url google/libphonenumber/ Highest Product file name libphonenumber High Product jar package name google Highest Product Manifest bundle-docurl http://www.google.com/ Low Product Manifest Bundle-Name libphonenumber Medium Product Manifest bundle-symbolicname com.googlecode.libphonenumber Medium Product pom artifactid libphonenumber Highest Product pom groupid com.googlecode.libphonenumber Highest Product pom parent-artifactid libphonenumber-parent Medium Product pom url google/libphonenumber/ High Version file version 8.12.32 High Version Manifest Bundle-Version 8.12.32 High Version pom version 8.12.32 Highest
license-report:6.5.0Description:
creates a short report about project's dependencies (license, url etc) License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/license-report:6.5.0
Referenced In Project/Scope: simplicite-js:5.2.54
Evidence Type Source Name Value Confidence Vendor package.json author Yaniv Kessler Highest Vendor package.json bugs.url https://github.com/ironSource/license-report/issues Highest Vendor package.json description creates a short report about project's dependencies (license, url etc) Highest Vendor package.json homepage https://github.com/ironSource/license-report Highest Vendor package.json name license-report Highest Vendor package.json name license-report_project Highest Product package.json name license-report Highest Version package.json version 6.5.0 Highest
lie:3.3.0Description:
A basic but performant promise implementation License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/lie:3.3.0
Referenced In Projects/Scopes: simplicite-js:5.2.54 simplicite-js:5.2.54/jszip:3.7.1 Evidence Type Source Name Value Confidence Vendor package.json bugs.url https://github.com/calvinmetcalf/lie/issues Highest Vendor package.json description A basic but performant promise implementation Highest Vendor package.json name lie Highest Vendor package.json name lie_project Highest Product package.json name lie Highest Version package.json version 3.3.0 Highest
Related Dependencies lie:3.3.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?jszip:3.7.1/lie:~3.3.0 pkg:npm/lie@3.3.0 lines-and-columns:1.2.4Description:
Maps lines and columns to character offsets and back. License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?parse-json:5.2.0/lines-and-columns:^1.1.6
Referenced In Projects/Scopes: simplicite-js:5.2.54 simplicite-js:5.2.54/parse-json:5.2.0 Evidence Type Source Name Value Confidence Vendor package.json author Brian Donovan <brian@donovans.cc> Highest Vendor package.json bugs.url https://github.com/eventualbuddha/lines-and-columns/issues Highest Vendor package.json description Maps lines and columns to character offsets and back. Highest Vendor package.json homepage https://github.com/eventualbuddha/lines-and-columns#readme Highest Vendor package.json name lines-and-columns Highest Vendor package.json name lines-and-columns_project Highest Product package.json name lines-and-columns Highest Version package.json version 1.2.4 Highest
Related Dependencies lines-and-columns:1.2.4File Path: /var/simplicite/simplicite-5.2/package-lock.json?/lines-and-columns:1.2.4 pkg:npm/lines-and-columns@1.2.4 linkify-it:3.0.3Description:
Links recognition library with FULL unicode support License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?markdown-it:12.3.2/linkify-it:^3.0.1
Referenced In Projects/Scopes: simplicite-js:5.2.54 simplicite-js:5.2.54/markdown-it:12.3.2 Evidence Type Source Name Value Confidence Vendor package.json description Links recognition library with FULL unicode support Highest Vendor package.json name linkify-it Highest Vendor package.json name linkify-it_project Highest Product package.json name linkify-it Highest Version package.json version 3.0.3 Highest
Related Dependencies linkify-it:3.0.3File Path: /var/simplicite/simplicite-5.2/package-lock.json?/linkify-it:3.0.3 pkg:npm/linkify-it@3.0.3 listenablefuture-9999.0-empty-to-avoid-conflict-with-guava.jarDescription:
An empty artifact that Guava depends on to signal that it is providing
ListenableFuture -- but is also available in a second "version" that
contains com.google.common.util.concurrent.ListenableFuture class, without
any other Guava classes. The idea is:
- If users want only ListenableFuture, they depend on listenablefuture-1.0.
- If users want all of Guava, they depend on guava, which, as of Guava
27.0, depends on
listenablefuture-9999.0-empty-to-avoid-conflict-with-guava. The 9999.0-...
version number is enough for some build systems (notably, Gradle) to select
that empty artifact over the "real" listenablefuture-1.0 -- avoiding a
conflict with the copy of ListenableFuture in guava itself. If users are
using an older version of Guava or a build system other than Gradle, they
may see class conflicts. If so, they can solve them by manually excluding
the listenablefuture artifact or manually forcing their build systems to
use 9999.0-....
File Path: /var/simplicite/.m2/repository/com/google/guava/listenablefuture/9999.0-empty-to-avoid-conflict-with-guava/listenablefuture-9999.0-empty-to-avoid-conflict-with-guava.jarMD5: d094c22570d65e132c19cea5d352e381SHA1: b421526c5f297295adef1c886e5246c39d4ac629SHA256: b372a037d4230aa57fbeffdef30fd6123f9c0c2db85d0aced00c91b974f33f99Referenced In Project/Scope: Simplicite Platform:compilelistenablefuture-9999.0-empty-to-avoid-conflict-with-guava.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.google.guava/guava@30.1.1-jre
Evidence Type Source Name Value Confidence Vendor file name listenablefuture High Vendor pom artifactid listenablefuture Highest Vendor pom artifactid listenablefuture Low Vendor pom groupid com.google.guava Highest Vendor pom name Guava ListenableFuture only High Vendor pom parent-artifactid guava-parent Low Product file name listenablefuture High Product pom artifactid listenablefuture Highest Product pom groupid com.google.guava Highest Product pom name Guava ListenableFuture only High Product pom parent-artifactid guava-parent Medium Version pom parent-version 9999.0-empty-to-avoid-conflict-with-guava Low Version pom version 9999.0-empty-to-avoid-conflict-with-guava Highest
load-yaml-file:0.2.0License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?which-pm:2.0.0/load-yaml-file:^0.2.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/which-pm:2.0.0 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json name load-yaml-file Highest Vendor package.json name load-yaml-file_project Highest Product package.json name load-yaml-file Highest Version package.json version 0.2.0 Highest
Related Dependencies load-yaml-file:0.2.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?/load-yaml-file:0.2.0 pkg:npm/load-yaml-file@0.2.0 locate-path:3.0.0Description:
Get the first path that exists on disk of multiple paths License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/locate-path:3.0.0
Referenced In Project/Scope: simplicite-js:5.2.54
Evidence Type Source Name Value Confidence Vendor package.json author.email sindresorhus@gmail.com Highest Vendor package.json author.name Sindre Sorhus Highest Vendor package.json author.url sindresorhus.com Highest Vendor package.json description Get the first path that exists on disk of multiple paths Highest Vendor package.json name locate-path Highest Vendor package.json name locate-path_project Highest Product package.json name locate-path Highest Version package.json version 3.0.0 Highest
locate-path:5.0.0Description:
Get the first path that exists on disk of multiple paths License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/locate-path:5.0.0
Referenced In Project/Scope: simplicite-js:5.2.54
Evidence Type Source Name Value Confidence Vendor package.json author.email sindresorhus@gmail.com Highest Vendor package.json author.name Sindre Sorhus Highest Vendor package.json author.url sindresorhus.com Highest Vendor package.json description Get the first path that exists on disk of multiple paths Highest Vendor package.json name locate-path Highest Vendor package.json name locate-path_project Highest Product package.json name locate-path Highest Version package.json version 5.0.0 Highest
locate-path:6.0.0Description:
Get the first path that exists on disk of multiple paths License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/locate-path:6.0.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/find-up:4.1.0 simplicite-js:5.2.54/find-up:3.0.0 simplicite-js:5.2.54/find-up:5.0.0 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author.email sindresorhus@gmail.com Highest Vendor package.json author.name Sindre Sorhus Highest Vendor package.json author.url https://sindresorhus.com Highest Vendor package.json description Get the first path that exists on disk of multiple paths Highest Vendor package.json name locate-path Highest Vendor package.json name locate-path_project Highest Product package.json name locate-path Highest Version package.json version 6.0.0 Highest
Related Dependencies locate-path:5.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?/locate-path:5.0.0 pkg:npm/locate-path@5.0.0 locate-path:6.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?find-up:3.0.0/locate-path:^3.0.0 pkg:npm/locate-path@6.0.0 locate-path:6.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?find-up:4.1.0/locate-path:^5.0.0 pkg:npm/locate-path@6.0.0 locate-path:6.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?find-up:5.0.0/locate-path:^6.0.0 pkg:npm/locate-path@6.0.0 lodash.debounce:4.0.8Description:
The lodash method `_.debounce` exported as a module. License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/lodash.debounce:4.0.8
Referenced In Projects/Scopes: simplicite-js:5.2.54/@babel/helper-define-polyfill-provider:0.5.0 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author John-David Dalton <john.david.dalton@gmail.com> (http://allyoucanleet.com/) Highest Vendor package.json description The lodash method `_.debounce` exported as a module. Highest Vendor package.json homepage https://lodash.com/ Highest Vendor package.json name lodash.debounce Highest Vendor package.json name lodash.debounce_project Highest Product package.json name lodash.debounce Highest Version package.json version 4.0.8 Highest
Related Dependencies lodash.debounce:4.0.8File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/helper-define-polyfill-provider:0.5.0/lodash.debounce:^4.0.8 pkg:npm/lodash.debounce@4.0.8 lodash.merge:4.6.2Description:
The Lodash method `_.merge` exported as a module. License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/lodash.merge:4.6.2
Referenced In Projects/Scopes: simplicite-js:5.2.54/eslint:8.56.0 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author John-David Dalton <john.david.dalton@gmail.com> Highest Vendor package.json description The Lodash method `_.merge` exported as a module. Highest Vendor package.json homepage https://lodash.com/ Highest Vendor package.json name lodash.merge Highest Vendor package.json name lodash.merge_project Highest Product package.json name lodash.merge Highest Version package.json version 4.6.2 Highest
Related Dependencies lodash.merge:4.6.2File Path: /var/simplicite/simplicite-5.2/package-lock.json?eslint:8.56.0/lodash.merge:^4.6.2 pkg:npm/lodash.merge@4.6.2 lodash.truncate:4.4.2Description:
The lodash method `_.truncate` exported as a module. License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?table:6.8.1/lodash.truncate:^4.4.2
Referenced In Projects/Scopes: simplicite-js:5.2.54/table:6.8.1 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author John-David Dalton <john.david.dalton@gmail.com> (http://allyoucanleet.com/) Highest Vendor package.json description The lodash method `_.truncate` exported as a module. Highest Vendor package.json homepage https://lodash.com/ Highest Vendor package.json name lodash.truncate Highest Vendor package.json name lodash.truncate_project Highest Product package.json name lodash.truncate Highest Version package.json version 4.4.2 Highest
Related Dependencies lodash.truncate:4.4.2File Path: /var/simplicite/simplicite-5.2/package-lock.json?/lodash.truncate:4.4.2 pkg:npm/lodash.truncate@4.4.2 lodash:4.17.21Description:
Lodash modular utilities. License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?scss-parser:1.0.6/lodash:4.17.21
Referenced In Projects/Scopes: simplicite-js:5.2.54/npm-check:6.0.1 simplicite-js:5.2.54/node-emoji:1.11.0 simplicite-js:5.2.54/catharsis:0.9.0 simplicite-js:5.2.54/jshint:2.13.1 simplicite-js:5.2.54/callsite-record:4.1.5 simplicite-js:5.2.54/scss-parser:1.0.6 simplicite-js:5.2.54/@jsdoc/salty:0.2.5 simplicite-js:5.2.54/npm-check-updates:16.14.14 simplicite-js:5.2.54 simplicite-js:5.2.54/query-ast:1.0.5 simplicite-js:5.2.54/depcheck:1.4.3 simplicite-js:5.2.54/inquirer:7.3.3 simplicite-js:5.2.54/requizzle:0.2.4 Evidence Type Source Name Value Confidence Vendor package.json author John-David Dalton <john.david.dalton@gmail.com> Highest Vendor package.json description Lodash modular utilities. Highest Vendor package.json homepage https://lodash.com/ Highest Vendor package.json name lodash Highest Vendor package.json name lodash_project Highest Product package.json name lodash Highest Version package.json version 4.17.21 Highest
Related Dependencies lodash:4.17.21File Path: /var/simplicite/simplicite-5.2/package-lock.json?/lodash:4.17.21 pkg:npm/lodash@4.17.21 lodash:4.17.21File Path: /var/simplicite/simplicite-5.2/package-lock.json?@jsdoc/salty:0.2.5/lodash:^4.17.21 pkg:npm/lodash@4.17.21 lodash:4.17.21File Path: /var/simplicite/simplicite-5.2/package-lock.json?callsite-record:4.1.5/lodash:4.6.1 || ^4.16.1 pkg:npm/lodash@4.17.21 lodash:4.17.21File Path: /var/simplicite/simplicite-5.2/package-lock.json?catharsis:0.9.0/lodash:^4.17.15 pkg:npm/lodash@4.17.21 lodash:4.17.21File Path: /var/simplicite/simplicite-5.2/package-lock.json?depcheck:1.4.3/lodash:^4.17.20 pkg:npm/lodash@4.17.21 lodash:4.17.21File Path: /var/simplicite/simplicite-5.2/package-lock.json?inquirer:7.3.3/lodash:^4.17.19 pkg:npm/lodash@4.17.21 lodash:4.17.21File Path: /var/simplicite/simplicite-5.2/package-lock.json?jshint:2.13.1/lodash:~4.17.21 pkg:npm/lodash@4.17.21 lodash:4.17.21File Path: /var/simplicite/simplicite-5.2/package-lock.json?node-emoji:1.11.0/lodash:^4.17.21 pkg:npm/lodash@4.17.21 lodash:4.17.21File Path: /var/simplicite/simplicite-5.2/package-lock.json?npm-check-updates:16.14.14/lodash:^4.17.21 pkg:npm/lodash@4.17.21 lodash:4.17.21File Path: /var/simplicite/simplicite-5.2/package-lock.json?npm-check:6.0.1/lodash:^4.17.20 pkg:npm/lodash@4.17.21 lodash:4.17.21File Path: /var/simplicite/simplicite-5.2/package-lock.json?query-ast:1.0.5/lodash:^4.17.21 pkg:npm/lodash@4.17.21 lodash:4.17.21File Path: /var/simplicite/simplicite-5.2/package-lock.json?requizzle:0.2.4/lodash:^4.17.21 pkg:npm/lodash@4.17.21 log-symbols:4.1.0Description:
Colored symbols for various log levels. Example: `✔︎ Success` License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?ora:5.4.1/log-symbols:^4.1.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/ora:5.4.1 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author.email sindresorhus@gmail.com Highest Vendor package.json author.name Sindre Sorhus Highest Vendor package.json author.url https://sindresorhus.com Highest Vendor package.json description Colored symbols for various log levels. Example: `✔︎ Success` Highest Vendor package.json name log-symbols Highest Vendor package.json name log-symbols_project Highest Product package.json name log-symbols Highest Version package.json version 4.1.0 Highest
Related Dependencies log-symbols:4.1.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?/log-symbols:4.1.0 pkg:npm/log-symbols@4.1.0 log4j-core-2.19.0.jarDescription:
The Apache Log4j Implementation License:
https://www.apache.org/licenses/LICENSE-2.0.txt File Path: /var/simplicite/.m2/repository/org/apache/logging/log4j/log4j-core/2.19.0/log4j-core-2.19.0.jar
MD5: b7f521926226a16531f8e212b1da1ffd
SHA1: 3b6eeb4de4c49c0fe38a4ee27188ff5fee44d0bb
SHA256: b4a1796fab7bfc36df015c1b4052459147997e8d215a7199d71d05f9e747e4f4
Referenced In Project/Scope: Simplicite Platform:compile
log4j-core-2.19.0.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.simplicite/simplicite@5.2.54
Evidence Type Source Name Value Confidence Vendor file name log4j-core High Vendor jar package name apache Highest Vendor jar package name core Highest Vendor jar package name log4j Highest Vendor jar package name logging Highest Vendor jar package name org Highest Vendor Manifest automatic-module-name org.apache.logging.log4j.core Medium Vendor Manifest bundle-docurl https://www.apache.org/ Low Vendor Manifest bundle-symbolicname org.apache.logging.log4j.core Medium Vendor Manifest implementation-url https://logging.apache.org/log4j/2.x/log4j-core/ Low Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor Manifest Implementation-Vendor-Id org.apache.logging.log4j Medium Vendor Manifest log4jreleasekey B3D8E1BA Low Vendor Manifest log4jreleasemanager Ralph Goers Low Vendor Manifest log4jsigningusername rgoers@apache.org Medium Vendor Manifest multi-release true Low Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor pom artifactid log4j-core Highest Vendor pom artifactid log4j-core Low Vendor pom groupid org.apache.logging.log4j Highest Vendor pom name Apache Log4j Core High Vendor pom parent-artifactid log4j Low Product file name log4j-core High Product jar package name apache Highest Product jar package name core Highest Product jar package name log4j Highest Product jar package name logging Highest Product jar package name org Highest Product Manifest automatic-module-name org.apache.logging.log4j.core Medium Product Manifest bundle-docurl https://www.apache.org/ Low Product Manifest Bundle-Name Apache Log4j Core Medium Product Manifest bundle-symbolicname org.apache.logging.log4j.core Medium Product Manifest Implementation-Title Apache Log4j Core High Product Manifest implementation-url https://logging.apache.org/log4j/2.x/log4j-core/ Low Product Manifest log4jreleasekey B3D8E1BA Low Product Manifest log4jreleasemanager Ralph Goers Low Product Manifest log4jsigningusername rgoers@apache.org Medium Product Manifest multi-release true Low Product Manifest specification-title Apache Log4j Core Medium Product pom artifactid log4j-core Highest Product pom groupid org.apache.logging.log4j Highest Product pom name Apache Log4j Core High Product pom parent-artifactid log4j Medium Version file version 2.19.0 High Version Manifest Bundle-Version 2.19.0 High Version Manifest Implementation-Version 2.19.0 High Version Manifest log4jreleaseversion 2.19.0 Medium Version pom version 2.19.0 Highest
Related Dependencies log4j-api-2.19.0.jarFile Path: /var/simplicite/.m2/repository/org/apache/logging/log4j/log4j-api/2.19.0/log4j-api-2.19.0.jar MD5: a7f8fc9751cdaa237a1e18059b4887da SHA1: ea1b37f38c327596b216542bc636cfdc0b8036fa SHA256: 5ccb24ad9f92e768d0bc456d3061a737951262df803e004d2cad096b75a88d60 pkg:maven/org.apache.logging.log4j/log4j-api@2.19.0 log4j-slf4j-impl-2.19.0.jarDescription:
The Apache Log4j SLF4J API binding to Log4j 2 Core License:
https://www.apache.org/licenses/LICENSE-2.0.txt File Path: /var/simplicite/.m2/repository/org/apache/logging/log4j/log4j-slf4j-impl/2.19.0/log4j-slf4j-impl-2.19.0.jar
MD5: fa576fa465880e374c504d21b4481f47
SHA1: 1a0c9615ba9fd5b96db8c1136afbef4394286e93
SHA256: 015d5c229f3cd5c0ebf175c1da08d596d94043362ae9d92637d88848c90537c8
Referenced In Project/Scope: Simplicite Platform:compile
log4j-slf4j-impl-2.19.0.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.simplicite/simplicite@5.2.54
Evidence Type Source Name Value Confidence Vendor file name log4j-slf4j-impl High Vendor jar package name apache Highest Vendor jar package name impl Highest Vendor jar package name logging Highest Vendor jar package name slf4j Highest Vendor Manifest automatic-module-name org.apache.logging.log4j.slf4j Medium Vendor Manifest bundle-docurl https://www.apache.org/ Low Vendor Manifest bundle-symbolicname org.apache.logging.log4j.slf4j-impl Medium Vendor Manifest implementation-url https://logging.apache.org/log4j/2.x/log4j-slf4j-impl/ Low Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor Manifest Implementation-Vendor-Id org.apache.logging.log4j Medium Vendor Manifest log4jreleasekey B3D8E1BA Low Vendor Manifest log4jreleasemanager Ralph Goers Low Vendor Manifest log4jsigningusername rgoers@apache.org Medium Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor pom artifactid log4j-slf4j-impl Highest Vendor pom artifactid log4j-slf4j-impl Low Vendor pom groupid org.apache.logging.log4j Highest Vendor pom name Apache Log4j SLF4J Binding High Vendor pom parent-artifactid log4j Low Product file name log4j-slf4j-impl High Product jar package name apache Highest Product jar package name impl Highest Product jar package name logging Highest Product jar package name slf4j Highest Product Manifest automatic-module-name org.apache.logging.log4j.slf4j Medium Product Manifest bundle-docurl https://www.apache.org/ Low Product Manifest Bundle-Name Apache Log4j SLF4J Binding Medium Product Manifest bundle-symbolicname org.apache.logging.log4j.slf4j-impl Medium Product Manifest Implementation-Title Apache Log4j SLF4J Binding High Product Manifest implementation-url https://logging.apache.org/log4j/2.x/log4j-slf4j-impl/ Low Product Manifest log4jreleasekey B3D8E1BA Low Product Manifest log4jreleasemanager Ralph Goers Low Product Manifest log4jsigningusername rgoers@apache.org Medium Product Manifest specification-title Apache Log4j SLF4J Binding Medium Product pom artifactid log4j-slf4j-impl Highest Product pom groupid org.apache.logging.log4j Highest Product pom name Apache Log4j SLF4J Binding High Product pom parent-artifactid log4j Medium Version file version 2.19.0 High Version Manifest Bundle-Version 2.19.0 High Version Manifest Implementation-Version 2.19.0 High Version Manifest log4jreleaseversion 2.19.0 Medium Version pom version 2.19.0 Highest
loose-envify:1.4.0Description:
Fast (and loose) selective `process.env` replacer using js-tokens instead of an AST License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/loose-envify:1.4.0
Referenced In Projects/Scopes: simplicite-js:5.2.54 simplicite-js:5.2.54/invariant:2.2.4 Evidence Type Source Name Value Confidence Vendor package.json author Andres Suarez <zertosh@gmail.com> Highest Vendor package.json description Fast (and loose) selective `process.env` replacer using js-tokens instead of an AST Highest Vendor package.json homepage https://github.com/zertosh/loose-envify Highest Vendor package.json name loose-envify Highest Vendor package.json name loose-envify_project Highest Product package.json name loose-envify Highest Version package.json version 1.4.0 Highest
Related Dependencies loose-envify:1.4.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?invariant:2.2.4/loose-envify:^1.0.0 pkg:npm/loose-envify@1.4.0 lower-case:2.0.2Description:
Transforms the string to lower case License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?no-case:3.0.4/lower-case:^2.0.2
Referenced In Projects/Scopes: simplicite-js:5.2.54/no-case:3.0.4 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author.email hello@blakeembrey.com Highest Vendor package.json author.name Blake Embrey Highest Vendor package.json author.url http://blakeembrey.me Highest Vendor package.json bugs.url https://github.com/blakeembrey/change-case/issues Highest Vendor package.json description Transforms the string to lower case Highest Vendor package.json homepage https://github.com/blakeembrey/change-case/tree/master/packages/lower-case#readme Highest Vendor package.json name lower-case Highest Vendor package.json name lower-case_project Highest Product package.json name lower-case Highest Version package.json version 2.0.2 Highest
Related Dependencies lower-case:2.0.2File Path: /var/simplicite/simplicite-5.2/package-lock.json?/lower-case:2.0.2 pkg:npm/lower-case@2.0.2 lowercase-keys:2.0.0Description:
Lowercase the keys of an object License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/lowercase-keys:2.0.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/cacheable-request:6.1.0 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author.email sindresorhus@gmail.com Highest Vendor package.json author.name Sindre Sorhus Highest Vendor package.json author.url sindresorhus.com Highest Vendor package.json description Lowercase the keys of an object Highest Vendor package.json name lowercase-keys Highest Vendor package.json name lowercase-keys_project Highest Product package.json name lowercase-keys Highest Version package.json version 2.0.0 Highest
Related Dependencies lowercase-keys:2.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?cacheable-request:6.1.0/lowercase-keys:^2.0.0 pkg:npm/lowercase-keys@2.0.0 lowercase-keys:3.0.0Description:
Lowercase the keys of an object License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?responselike:3.0.0/lowercase-keys:^3.0.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/responselike:1.0.2 simplicite-js:5.2.54/got:12.6.1 simplicite-js:5.2.54/responselike:3.0.0 simplicite-js:5.2.54/got:9.6.0 simplicite-js:5.2.54 simplicite-js:5.2.54/got:13.0.0 Evidence Type Source Name Value Confidence Vendor package.json author.email sindresorhus@gmail.com Highest Vendor package.json author.name Sindre Sorhus Highest Vendor package.json author.url https://sindresorhus.com Highest Vendor package.json description Lowercase the keys of an object Highest Vendor package.json name lowercase-keys Highest Vendor package.json name lowercase-keys_project Highest Product package.json name lowercase-keys Highest Version package.json version 3.0.0 Highest
Related Dependencies lowercase-keys:1.0.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?/lowercase-keys:1.0.1 pkg:npm/lowercase-keys@1.0.1 lowercase-keys:3.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?/lowercase-keys:3.0.0 pkg:npm/lowercase-keys@3.0.0 lowercase-keys:3.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?got:12.6.1/lowercase-keys:^3.0.0 pkg:npm/lowercase-keys@3.0.0 lowercase-keys:3.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?got:13.0.0/lowercase-keys:^3.0.0 pkg:npm/lowercase-keys@3.0.0 lowercase-keys:3.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?got:9.6.0/lowercase-keys:^1.0.1 pkg:npm/lowercase-keys@3.0.0 lowercase-keys:3.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?responselike:1.0.2/lowercase-keys:^1.0.0 pkg:npm/lowercase-keys@3.0.0 lru-cache:10.0.0Description:
A cache object that deletes the least-recently-used items. License:
ISC File Path: /var/simplicite/simplicite-5.2/package-lock.json?/lru-cache:10.0.0
Referenced In Projects/Scopes: simplicite-js:5.2.54 simplicite-js:5.2.54/path-scurry:1.10.1 Evidence Type Source Name Value Confidence Vendor package.json author Isaac Z. Schlueter <i@izs.me> Highest Vendor package.json description A cache object that deletes the least-recently-used items. Highest Vendor package.json name lru-cache Highest Vendor package.json name lru-cache_project Highest Product package.json name lru-cache Highest Version package.json version 10.0.0 Highest
Related Dependencies lru-cache:10.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?path-scurry:1.10.1/lru-cache:^9.1.1 || ^10.0.0 pkg:npm/lru-cache@10.0.0 lru-cache:4.1.5Description:
A cache object that deletes the least-recently-used items. License:
ISC File Path: /var/simplicite/simplicite-5.2/package-lock.json?/lru-cache:4.1.5
Referenced In Projects/Scopes: simplicite-js:5.2.54/editorconfig:0.15.3 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author Isaac Z. Schlueter <i@izs.me> Highest Vendor package.json description A cache object that deletes the least-recently-used items. Highest Vendor package.json name lru-cache Highest Vendor package.json name lru-cache_project Highest Product package.json name lru-cache Highest Version package.json version 4.1.5 Highest
Related Dependencies lru-cache:4.1.5File Path: /var/simplicite/simplicite-5.2/package-lock.json?editorconfig:0.15.3/lru-cache:^4.1.5 pkg:npm/lru-cache@4.1.5 lru-cache:5.1.1Description:
A cache object that deletes the least-recently-used items. License:
ISC File Path: /var/simplicite/simplicite-5.2/package-lock.json?/lru-cache:5.1.1
Referenced In Projects/Scopes: simplicite-js:5.2.54/@babel/helper-compilation-targets:7.23.6 simplicite-js:5.2.54/make-fetch-happen:11.1.1 simplicite-js:5.2.54/hosted-git-info:4.1.0 simplicite-js:5.2.54/hosted-git-info:5.2.1 simplicite-js:5.2.54/cacache:17.1.3 simplicite-js:5.2.54/semver:7.5.4 simplicite-js:5.2.54/hosted-git-info:6.1.1 simplicite-js:5.2.54 simplicite-js:5.2.54/semver:7.5.3 simplicite-js:5.2.54/@npmcli/git:4.1.0 Evidence Type Source Name Value Confidence Vendor package.json author Isaac Z. Schlueter <i@izs.me> Highest Vendor package.json description A cache object that deletes the least-recently-used items. Highest Vendor package.json name lru-cache Highest Vendor package.json name lru-cache_project Highest Product package.json name lru-cache Highest Version package.json version 5.1.1 Highest
Related Dependencies lru-cache:5.1.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/helper-compilation-targets:7.23.6/lru-cache:^5.1.1 pkg:npm/lru-cache@5.1.1 lru-cache:5.1.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?hosted-git-info:5.2.1/lru-cache:^7.5.1 pkg:npm/lru-cache@5.1.1 lru-cache:5.1.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?hosted-git-info:6.1.1/lru-cache:^7.5.1 pkg:npm/lru-cache@5.1.1 lru-cache:5.1.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?semver:7.5.3/lru-cache:^6.0.0 pkg:npm/lru-cache@5.1.1 lru-cache:5.1.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?semver:7.5.4/lru-cache:^6.0.0 pkg:npm/lru-cache@5.1.1 lru-cache:6.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?/lru-cache:6.0.0 pkg:npm/lru-cache@6.0.0 lru-cache:6.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?hosted-git-info:4.1.0/lru-cache:^6.0.0 pkg:npm/lru-cache@6.0.0 lru-cache:6.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?semver:7.5.4/lru-cache:^6.0.0 pkg:npm/lru-cache@6.0.0 lru-cache:7.18.3File Path: /var/simplicite/simplicite-5.2/package-lock.json?/lru-cache:7.18.3 pkg:npm/lru-cache@7.18.3 lru-cache:7.18.3File Path: /var/simplicite/simplicite-5.2/package-lock.json?@npmcli/git:4.1.0/lru-cache:^7.4.4 pkg:npm/lru-cache@7.18.3 lru-cache:7.18.3File Path: /var/simplicite/simplicite-5.2/package-lock.json?cacache:17.1.3/lru-cache:^7.7.1 pkg:npm/lru-cache@7.18.3 lru-cache:7.18.3File Path: /var/simplicite/simplicite-5.2/package-lock.json?make-fetch-happen:11.1.1/lru-cache:^7.7.1 pkg:npm/lru-cache@7.18.3 lru-cache:6.0.0Description:
A cache object that deletes the least-recently-used items. License:
ISC File Path: /var/simplicite/simplicite-5.2/package-lock.json?/lru-cache:6.0.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/semver:7.5.4 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author Isaac Z. Schlueter <i@izs.me> Highest Vendor package.json description A cache object that deletes the least-recently-used items. Highest Vendor package.json name lru-cache Highest Vendor package.json name lru-cache_project Highest Product package.json name lru-cache Highest Version package.json version 6.0.0 Highest
Related Dependencies lru-cache:6.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?semver:7.5.4/lru-cache:^6.0.0 pkg:npm/lru-cache@6.0.0 lru-cache:7.18.3Description:
A cache object that deletes the least-recently-used items. License:
ISC File Path: /var/simplicite/simplicite-5.2/package-lock.json?/lru-cache:7.18.3
Referenced In Project/Scope: simplicite-js:5.2.54
Evidence Type Source Name Value Confidence Vendor package.json author Isaac Z. Schlueter <i@izs.me> Highest Vendor package.json description A cache object that deletes the least-recently-used items. Highest Vendor package.json name lru-cache Highest Vendor package.json name lru-cache_project Highest Product package.json name lru-cache Highest Version package.json version 7.18.3 Highest
lucene-core-8.9.0.jarDescription:
Apache Lucene Java Core File Path: /var/simplicite/.m2/repository/org/apache/lucene/lucene-core/8.9.0/lucene-core-8.9.0.jarMD5: 7128480b9293b6f225719688eb9bedf8SHA1: 5c3f72357089f7f0c1ef44bbe7b4c67b6149a5afSHA256: 5b0b8be0f86cc2d8aa9d0790624f7f9b8e895abd32752238829c6f0c69a902b8Referenced In Project/Scope: Simplicite Platform:compilelucene-core-8.9.0.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.simplicite/simplicite@5.2.54
Evidence Type Source Name Value Confidence Vendor file name lucene-core High Vendor jar package name apache Highest Vendor jar package name lucene Highest Vendor jar package name org Highest Vendor Manifest extension-name org.apache.lucene Medium Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor Manifest multi-release true Low Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor pom artifactid lucene-core Highest Vendor pom artifactid lucene-core Low Vendor pom groupid org.apache.lucene Highest Vendor pom name Lucene Core High Vendor pom parent-artifactid lucene-parent Low Product file name lucene-core High Product jar package name apache Highest Product jar package name lucene Highest Product jar package name org Highest Product jar package name search Highest Product Manifest extension-name org.apache.lucene Medium Product Manifest Implementation-Title org.apache.lucene High Product Manifest multi-release true Low Product Manifest specification-title Lucene Search Engine: core Medium Product pom artifactid lucene-core Highest Product pom groupid org.apache.lucene Highest Product pom name Lucene Core High Product pom parent-artifactid lucene-parent Medium Version file version 8.9.0 High Version pom version 8.9.0 Highest
luxon:1.28.1Description:
Immutable date wrapper License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/luxon:1.28.1
Referenced In Project/Scope: simplicite-js:5.2.54
Evidence Type Source Name Value Confidence Vendor package.json author Isaac Cambron Highest Vendor package.json description Immutable date wrapper Highest Vendor package.json name luxon Highest Vendor package.json name luxon_project Highest Product package.json name luxon Highest Version package.json version 1.28.1 Highest
lz4-java-1.8.0.jarDescription:
Java ports and bindings of the LZ4 compression algorithm and the xxHash hashing algorithm License:
The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /var/simplicite/.m2/repository/org/lz4/lz4-java/1.8.0/lz4-java-1.8.0.jar
MD5: 936a927700aa8fc3b75d21d7571171f6
SHA1: 4b986a99445e49ea5fbf5d149c4b63f6ed6c6780
SHA256: d74a3334fb35195009b338a951f918203d6bbca3d1d359033dc33edd1cadc9ef
Referenced In Project/Scope: Simplicite Platform:runtime
lz4-java-1.8.0.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.apache.kafka/kafka-clients@3.3.1
Evidence Type Source Name Value Confidence Vendor file name lz4-java High Vendor jar package name lz4 Highest Vendor jar package name xxhash Highest Vendor Manifest automatic-module-name org.lz4.java Medium Vendor Manifest bundle-symbolicname lz4-java Medium Vendor Manifest originally-created-by 1.7.0_302-b01 (Azul Systems, Inc.) Low Vendor pom artifactid lz4-java Highest Vendor pom artifactid lz4-java Low Vendor pom developer email jpountz@gmail.com Low Vendor pom developer email Rei.Odaira@gmail.com Low Vendor pom developer id jpountz Medium Vendor pom developer id odaira Medium Vendor pom developer name Adrien Grand Medium Vendor pom developer name Rei Odaira Medium Vendor pom groupid org.lz4 Highest Vendor pom name LZ4 and xxHash High Vendor pom url lz4/lz4-java Highest Product file name lz4-java High Product jar package name lz4 Highest Product jar package name xxhash Highest Product Manifest automatic-module-name org.lz4.java Medium Product Manifest Bundle-Name LZ4 Java Compression Medium Product Manifest bundle-symbolicname lz4-java Medium Product Manifest originally-created-by 1.7.0_302-b01 (Azul Systems, Inc.) Low Product pom artifactid lz4-java Highest Product pom developer email jpountz@gmail.com Low Product pom developer email Rei.Odaira@gmail.com Low Product pom developer id jpountz Low Product pom developer id odaira Low Product pom developer name Adrien Grand Low Product pom developer name Rei Odaira Low Product pom groupid org.lz4 Highest Product pom name LZ4 and xxHash High Product pom url lz4/lz4-java High Version file version 1.8.0 High Version Manifest Bundle-Version 1.8.0 High Version pom version 1.8.0 Highest
magic-string:0.30.0Description:
Modify strings, generate sourcemaps License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/magic-string:0.30.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/@vue/compiler-sfc:3.3.4 simplicite-js:5.2.54/@vue/reactivity-transform:3.3.4 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author Rich Harris Highest Vendor package.json description Modify strings, generate sourcemaps Highest Vendor package.json name magic-string Highest Vendor package.json name magic-string_project Highest Product package.json name magic-string Highest Version package.json version 0.30.0 Highest
Related Dependencies magic-string:0.30.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?@vue/compiler-sfc:3.3.4/magic-string:^0.30.0 pkg:npm/magic-string@0.30.0 magic-string:0.30.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?@vue/reactivity-transform:3.3.4/magic-string:^0.30.0 pkg:npm/magic-string@0.30.0 make-dir:2.1.0Description:
Make a directory and its parents if needed - Think `mkdir -p` License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/make-dir:2.1.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/find-cache-dir:2.1.0 simplicite-js:5.2.54/@babel/cli:7.23.9 simplicite-js:5.2.54 simplicite-js:5.2.54/@babel/register:7.23.7 Evidence Type Source Name Value Confidence Vendor package.json author.email sindresorhus@gmail.com Highest Vendor package.json author.name Sindre Sorhus Highest Vendor package.json author.url sindresorhus.com Highest Vendor package.json description Make a directory and its parents if needed - Think `mkdir -p` Highest Vendor package.json name make-dir Highest Vendor package.json name make-dir_project Highest Product package.json name make-dir Highest Version package.json version 2.1.0 Highest
Related Dependencies make-dir:2.1.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/cli:7.23.9/make-dir:^2.1.0 pkg:npm/make-dir@2.1.0 make-dir:2.1.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/register:7.23.7/make-dir:^2.1.0 pkg:npm/make-dir@2.1.0 make-dir:2.1.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?find-cache-dir:2.1.0/make-dir:^2.0.0 pkg:npm/make-dir@2.1.0 make-dir:3.1.0Description:
Make a directory and its parents if needed - Think `mkdir -p` License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/make-dir:3.1.0
Referenced In Projects/Scopes: simplicite-js:5.2.54 simplicite-js:5.2.54/configstore:5.0.1 Evidence Type Source Name Value Confidence Vendor package.json author.email sindresorhus@gmail.com Highest Vendor package.json author.name Sindre Sorhus Highest Vendor package.json author.url sindresorhus.com Highest Vendor package.json description Make a directory and its parents if needed - Think `mkdir -p` Highest Vendor package.json name make-dir Highest Vendor package.json name make-dir_project Highest Product package.json name make-dir Highest Version package.json version 3.1.0 Highest
Related Dependencies make-dir:3.1.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?configstore:5.0.1/make-dir:^3.0.0 pkg:npm/make-dir@3.1.0 make-fetch-happen:11.1.1Description:
Opinionated, caching, retrying fetch client License:
ISC File Path: /var/simplicite/simplicite-5.2/package-lock.json?tuf-js:1.1.7/make-fetch-happen:^11.1.1
Referenced In Projects/Scopes: simplicite-js:5.2.54/npm-registry-fetch:14.0.5 simplicite-js:5.2.54/sigstore:1.8.0 simplicite-js:5.2.54/node-gyp:9.4.0 simplicite-js:5.2.54/npm-check-updates:16.14.14 simplicite-js:5.2.54/tuf-js:1.1.7 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author GitHub Inc. Highest Vendor package.json description Opinionated, caching, retrying fetch client Highest Vendor package.json name make-fetch-happen Highest Vendor package.json name make-fetch-happen_project Highest Product package.json name make-fetch-happen Highest Version package.json version 11.1.1 Highest
Related Dependencies make-fetch-happen:11.1.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?/make-fetch-happen:11.1.1 pkg:npm/make-fetch-happen@11.1.1 make-fetch-happen:11.1.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?node-gyp:9.4.0/make-fetch-happen:^11.0.3 pkg:npm/make-fetch-happen@11.1.1 make-fetch-happen:11.1.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?npm-check-updates:16.14.14/make-fetch-happen:^11.1.1 pkg:npm/make-fetch-happen@11.1.1 make-fetch-happen:11.1.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?npm-registry-fetch:14.0.5/make-fetch-happen:^11.0.0 pkg:npm/make-fetch-happen@11.1.1 make-fetch-happen:11.1.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?sigstore:1.8.0/make-fetch-happen:^11.0.1 pkg:npm/make-fetch-happen@11.1.1 map-obj:1.0.1Description:
Map object keys and values into a new object License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/map-obj:1.0.1
Referenced In Projects/Scopes: simplicite-js:5.2.54 simplicite-js:5.2.54/decamelize-keys:1.1.1 Evidence Type Source Name Value Confidence Vendor package.json author.email sindresorhus@gmail.com Highest Vendor package.json author.name Sindre Sorhus Highest Vendor package.json author.url sindresorhus.com Highest Vendor package.json description Map object keys and values into a new object Highest Vendor package.json name map-obj Highest Vendor package.json name map-obj_project Highest Product package.json name map-obj Highest Version package.json version 1.0.1 Highest
Related Dependencies map-obj:1.0.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?decamelize-keys:1.1.1/map-obj:^1.0.0 pkg:npm/map-obj@1.0.1 map-obj:4.3.0Description:
Map object keys and values into a new object License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/map-obj:4.3.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/camelcase-keys:6.2.2 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author.email sindresorhus@gmail.com Highest Vendor package.json author.name Sindre Sorhus Highest Vendor package.json author.url https://sindresorhus.com Highest Vendor package.json description Map object keys and values into a new object Highest Vendor package.json name map-obj Highest Vendor package.json name map-obj_project Highest Product package.json name map-obj Highest Version package.json version 4.3.0 Highest
Related Dependencies map-obj:4.3.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?camelcase-keys:6.2.2/map-obj:^4.0.0 pkg:npm/map-obj@4.3.0 markdown-it-anchor:8.6.7Description:
Header anchors for markdown-it. License:
Unlicense File Path: /var/simplicite/simplicite-5.2/package-lock.json?/markdown-it-anchor:8.6.7
Referenced In Projects/Scopes: simplicite-js:5.2.54/jsdoc:4.0.2 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json description Header anchors for markdown-it. Highest Vendor package.json name markdown-it-anchor Highest Vendor package.json name markdown-it-anchor_project Highest Product package.json name markdown-it-anchor Highest Version package.json version 8.6.7 Highest
Related Dependencies markdown-it-anchor:8.6.7File Path: /var/simplicite/simplicite-5.2/package-lock.json?jsdoc:4.0.2/markdown-it-anchor:^8.4.1 pkg:npm/markdown-it-anchor@8.6.7 markdown-it:12.3.2Description:
Markdown-it - modern pluggable markdown parser. License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/markdown-it:12.3.2
Referenced In Projects/Scopes: simplicite-js:5.2.54/jsdoc:4.0.2 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json description Markdown-it - modern pluggable markdown parser. Highest Vendor package.json name markdown-it Highest Vendor package.json name markdown-it_project Highest Product package.json name markdown-it Highest Version package.json version 12.3.2 Highest
Related Dependencies markdown-it:12.3.2File Path: /var/simplicite/simplicite-5.2/package-lock.json?jsdoc:4.0.2/markdown-it:^12.3.2 pkg:npm/markdown-it@12.3.2 marked:1.2.9Description:
A markdown parser built for speed License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/marked:1.2.9
Referenced In Projects/Scopes: simplicite-js:5.2.54/npm-audit-html:1.5.0 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author Christopher Jeffrey Highest Vendor package.json bugs.url http://github.com/markedjs/marked/issues Highest Vendor package.json description A markdown parser built for speed Highest Vendor package.json homepage https://marked.js.org Highest Vendor package.json name marked Highest Vendor package.json name marked_project Highest Product package.json name marked Highest Version package.json version 1.2.9 Highest
Related Dependencies marked:1.2.9File Path: /var/simplicite/simplicite-5.2/package-lock.json?npm-audit-html:1.5.0/marked:^1.2.2 pkg:npm/marked@1.2.9 CVE-2021-21306 suppress
Marked is an open-source markdown parser and compiler (npm package "marked"). In marked from version 1.1.1 and before version 2.0.0, there is a Regular expression Denial of Service vulnerability. This vulnerability can affect anyone who runs user generated code through marked. This vulnerability is fixed in version 2.0.0. CWE-400 Uncontrolled Resource Consumption
CVSSv2:
Base Score: MEDIUM (5.0) Vector: /AV:N/AC:L/Au:N/C:N/I:N/A:P CVSSv3:
Base Score: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H References:
Vulnerable Software & Versions:
CVE-2022-21680 suppress
Marked is a markdown parser and compiler. Prior to version 4.0.10, the regular expression `block.def` may cause catastrophic backtracking against some strings and lead to a regular expression denial of service (ReDoS). Anyone who runs untrusted markdown through a vulnerable version of marked and does not use a worker with a time limit may be affected. This issue is patched in version 4.0.10. As a workaround, avoid running untrusted markdown through marked or run marked on a worker thread and set a reasonable time limit to prevent draining resources. CWE-1333 Inefficient Regular Expression Complexity
CVSSv2:
Base Score: MEDIUM (5.0) Vector: /AV:N/AC:L/Au:N/C:N/I:N/A:P CVSSv3:
Base Score: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H References:
Vulnerable Software & Versions:
CVE-2022-21681 suppress
Marked is a markdown parser and compiler. Prior to version 4.0.10, the regular expression `inline.reflinkSearch` may cause catastrophic backtracking against some strings and lead to a denial of service (DoS). Anyone who runs untrusted markdown through a vulnerable version of marked and does not use a worker with a time limit may be affected. This issue is patched in version 4.0.10. As a workaround, avoid running untrusted markdown through marked or run marked on a worker thread and set a reasonable time limit to prevent draining resources. CWE-1333 Inefficient Regular Expression Complexity
CVSSv2:
Base Score: MEDIUM (5.0) Vector: /AV:N/AC:L/Au:N/C:N/I:N/A:P CVSSv3:
Base Score: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H References:
Vulnerable Software & Versions:
GHSA-5v2h-r2cx-5xgj (NPM) suppress
### Impact
_What kind of vulnerability is it?_
Denial of service.
The regular expression `inline.reflinkSearch` may cause catastrophic backtracking against some strings.
PoC is the following.
```javascript
import * as marked from 'marked';
console.log(marked.parse(`[x]: x
\\[\\](\\[\\](\\[\\](\\[\\](\\[\\](\\[\\](\\[\\](\\[\\](\\[\\](\\[\\](\\[\\](\\[\\](\\[\\](\\[\\](\\[\\](\\[\\](\\[\\](\\[\\](\\[\\](\\[\\](\\[\\](\\[\\](\\[\\](\\[\\](\\[\\](\\[\\](\\[\\](\\[\\](\\[\\](\\[\\](`));
```
_Who is impacted?_
Anyone who runs untrusted markdown through marked and does not use a worker with a time limit.
### Patches
_Has the problem been patched?_
Yes
_What versions should users upgrade to?_
4.0.10
### Workarounds
_Is there a way for users to fix or remediate the vulnerability without upgrading?_
Do not run untrusted markdown through marked or run marked on a [worker](https://marked.js.org/using_advanced#workers) thread and set a reasonable time limit to prevent draining resources.
### References
_Are there any links users can visit to find out more?_
- https://marked.js.org/using_advanced#workers
- https://owasp.org/www-community/attacks/Regular_expression_Denial_of_Service_-_ReDoS
### For more information
If you have any questions or comments about this advisory:
* Open an issue in [marked](https://github.com/markedjs/marked)
CWE-1333 Inefficient Regular Expression Complexity
CVSSv3:
Base Score: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Unscored:
References:
Vulnerable Software & Versions (NPM):
cpe:2.3:a:*:marked:\<4.0.10:*:*:*:*:*:*:* GHSA-rrrm-qjm4-v8hf (NPM) suppress
### Impact
_What kind of vulnerability is it?_
Denial of service.
The regular expression `block.def` may cause catastrophic backtracking against some strings.
PoC is the following.
```javascript
import * as marked from "marked";
marked.parse(`[x]:${' '.repeat(1500)}x ${' '.repeat(1500)} x`);
```
_Who is impacted?_
Anyone who runs untrusted markdown through marked and does not use a worker with a time limit.
### Patches
_Has the problem been patched?_
Yes
_What versions should users upgrade to?_
4.0.10
### Workarounds
_Is there a way for users to fix or remediate the vulnerability without upgrading?_
Do not run untrusted markdown through marked or run marked on a [worker](https://marked.js.org/using_advanced#workers) thread and set a reasonable time limit to prevent draining resources.
### References
_Are there any links users can visit to find out more?_
- https://marked.js.org/using_advanced#workers
- https://owasp.org/www-community/attacks/Regular_expression_Denial_of_Service_-_ReDoS
### For more information
If you have any questions or comments about this advisory:
* Open an issue in [marked](https://github.com/markedjs/marked)
CWE-400 Uncontrolled Resource Consumption, CWE-1333 Inefficient Regular Expression Complexity
CVSSv3:
Base Score: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Unscored:
References:
Vulnerable Software & Versions (NPM):
cpe:2.3:a:*:marked:\<4.0.10:*:*:*:*:*:*:* GHSA-4r62-v4vq-hr96 (NPM) suppress
### Impact
_What kind of vulnerability is it? Who is impacted?_
[Regular expression Denial of Service](https://owasp.org/www-community/attacks/Regular_expression_Denial_of_Service_-_ReDoS)
A Denial of Service attack can affect anyone who runs user generated code through `marked`.
### Patches
_Has the problem been patched? What versions should users upgrade to?_
patched in v2.0.0
### Workarounds
_Is there a way for users to fix or remediate the vulnerability without upgrading?_
None.
### References
_Are there any links users can visit to find out more?_
https://github.com/markedjs/marked/issues/1927
https://owasp.org/www-community/attacks/Regular_expression_Denial_of_Service_-_ReDoS
### For more information
If you have any questions or comments about this advisory:
* Open an issue in [marked](https://github.com/markedjs/marked/issues) CWE-400 Uncontrolled Resource Consumption
CVSSv3:
Base Score: MEDIUM (5.3) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L Unscored:
References:
Vulnerable Software & Versions (NPM):
cpe:2.3:a:*:marked:\>\=1.1.1\<2.0.0:*:*:*:*:*:*:* marked:3.0.4Description:
A markdown parser built for speed License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/marked:3.0.4
Referenced In Project/Scope: simplicite-js:5.2.54
Evidence Type Source Name Value Confidence Vendor package.json author Christopher Jeffrey Highest Vendor package.json bugs.url http://github.com/markedjs/marked/issues Highest Vendor package.json description A markdown parser built for speed Highest Vendor package.json homepage https://marked.js.org Highest Vendor package.json name marked Highest Vendor package.json name marked_project Highest Product package.json name marked Highest Version package.json version 3.0.4 Highest
CVE-2022-21680 suppress
Marked is a markdown parser and compiler. Prior to version 4.0.10, the regular expression `block.def` may cause catastrophic backtracking against some strings and lead to a regular expression denial of service (ReDoS). Anyone who runs untrusted markdown through a vulnerable version of marked and does not use a worker with a time limit may be affected. This issue is patched in version 4.0.10. As a workaround, avoid running untrusted markdown through marked or run marked on a worker thread and set a reasonable time limit to prevent draining resources. CWE-1333 Inefficient Regular Expression Complexity
CVSSv2:
Base Score: MEDIUM (5.0) Vector: /AV:N/AC:L/Au:N/C:N/I:N/A:P CVSSv3:
Base Score: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H References:
Vulnerable Software & Versions:
CVE-2022-21681 suppress
Marked is a markdown parser and compiler. Prior to version 4.0.10, the regular expression `inline.reflinkSearch` may cause catastrophic backtracking against some strings and lead to a denial of service (DoS). Anyone who runs untrusted markdown through a vulnerable version of marked and does not use a worker with a time limit may be affected. This issue is patched in version 4.0.10. As a workaround, avoid running untrusted markdown through marked or run marked on a worker thread and set a reasonable time limit to prevent draining resources. CWE-1333 Inefficient Regular Expression Complexity
CVSSv2:
Base Score: MEDIUM (5.0) Vector: /AV:N/AC:L/Au:N/C:N/I:N/A:P CVSSv3:
Base Score: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H References:
Vulnerable Software & Versions:
marked:4.3.0Description:
A markdown parser built for speed License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/marked:4.3.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/jsdoc:4.0.2 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author Christopher Jeffrey Highest Vendor package.json bugs.url http://github.com/markedjs/marked/issues Highest Vendor package.json description A markdown parser built for speed Highest Vendor package.json homepage https://marked.js.org Highest Vendor package.json name marked Highest Vendor package.json name marked_project Highest Product package.json name marked Highest Version package.json version 4.3.0 Highest
Related Dependencies marked:4.3.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?jsdoc:4.0.2/marked:^4.0.10 pkg:npm/marked@4.3.0 mathml-tag-names:2.1.3Description:
List of known MathML tag-names License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?stylelint:14.16.1/mathml-tag-names:^2.1.3
Referenced In Projects/Scopes: simplicite-js:5.2.54/stylelint:14.16.1 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author Titus Wormer <tituswormer@gmail.com> (https://wooorm.com) Highest Vendor package.json bugs https://github.com/wooorm/mathml-tag-names/issues Highest Vendor package.json description List of known MathML tag-names Highest Vendor package.json name mathml-tag-names Highest Vendor package.json name mathml-tag-names_project Highest Product package.json name mathml-tag-names Highest Version package.json version 2.1.3 Highest
Related Dependencies mathml-tag-names:2.1.3File Path: /var/simplicite/simplicite-5.2/package-lock.json?/mathml-tag-names:2.1.3 pkg:npm/mathml-tag-names@2.1.3 mbassador-1.3.2.jarDescription:
Mbassador is a fast and flexible event bus system following the publish subscribe pattern.
It is designed for ease of use and aims to be feature rich and extensible while preserving resource efficiency
and performance.
It provides non-blocking iterators and minimal write contention with low memory footprint.
Some features:
declarative handler definition via annotations,
sync and/or async event delivery,
weak or strong references,
configurable event filters,
License:
MIT license: http://www.opensource.org/licenses/mit-license.php File Path: /var/simplicite/.m2/repository/net/engio/mbassador/1.3.2/mbassador-1.3.2.jar
MD5: 6844d9220e623fa491776e38a61f29a2
SHA1: 4ebb2c5f853bf8a5f87147b186a9758d2e2ec0af
SHA256: 469e2e9c68271eadaff12483bbb1abc640ea9973af7fa0519250e04f503aca67
Referenced In Project/Scope: Simplicite Platform:compile
mbassador-1.3.2.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.docx4j/docx4j-core@11.2.9
Evidence Type Source Name Value Confidence Vendor file name mbassador High Vendor jar package name bus Highest Vendor jar package name engio Highest Vendor jar package name net Highest Vendor Manifest bundle-symbolicname net.engio.mbassador Medium Vendor pom artifactid mbassador Highest Vendor pom artifactid mbassador Low Vendor pom developer email b.diedrichsen@googlemail.com Low Vendor pom developer id bennidi Medium Vendor pom developer name Benjamin Diedrichsen Medium Vendor pom groupid net.engio Highest Vendor pom name mbassador High Vendor pom url bennidi/mbassador Highest Product file name mbassador High Product jar package name bus Highest Product jar package name engio Highest Product jar package name net Highest Product Manifest Bundle-Name mbassador Medium Product Manifest bundle-symbolicname net.engio.mbassador Medium Product pom artifactid mbassador Highest Product pom developer email b.diedrichsen@googlemail.com Low Product pom developer id bennidi Low Product pom developer name Benjamin Diedrichsen Low Product pom groupid net.engio Highest Product pom name mbassador High Product pom url bennidi/mbassador High Version file version 1.3.2 High Version Manifest Bundle-Version 1.3.2 High Version pom version 1.3.2 Highest
mchange-commons-java-0.2.19.jarDescription:
mchange-commons-java License:
GNU Lesser General Public License, Version 2.1: http://www.gnu.org/licenses/lgpl-2.1.html
Eclipse Public License, Version 1.0: http://www.eclipse.org/org/documents/epl-v10.html File Path: /var/simplicite/.m2/repository/com/mchange/mchange-commons-java/0.2.19/mchange-commons-java-0.2.19.jar
MD5: 795d7e75026388f4d90aa9719666e5db
SHA1: 7a4bee38ea02bd7dee776869b19fb3f6861d6acf
SHA256: 03761838ba2a7c9cce56ba84781633f107c8befb4e3607b336ee3010f915165d
Referenced In Project/Scope: Simplicite Platform:compile
mchange-commons-java-0.2.19.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.mchange/c3p0@0.9.5.5
Evidence Type Source Name Value Confidence Vendor file name mchange-commons-java High Vendor jar package name mchange Highest Vendor Manifest Implementation-Vendor com.mchange High Vendor Manifest Implementation-Vendor-Id com.mchange Medium Vendor Manifest specification-vendor com.mchange Low Vendor pom artifactid mchange-commons-java Highest Vendor pom artifactid mchange-commons-java Low Vendor pom developer email swaldman@mchange.com Low Vendor pom developer id swaldman Medium Vendor pom developer name Steve Waldman Medium Vendor pom groupid com.mchange Highest Vendor pom name mchange-commons-java High Vendor pom organization name com.mchange High Vendor pom url swaldman/mchange-commons-java Highest Product file name mchange-commons-java High Product jar package name mchange Highest Product Manifest Implementation-Title mchange-commons-java High Product Manifest specification-title mchange-commons-java Medium Product pom artifactid mchange-commons-java Highest Product pom developer email swaldman@mchange.com Low Product pom developer id swaldman Low Product pom developer name Steve Waldman Low Product pom groupid com.mchange Highest Product pom name mchange-commons-java High Product pom organization name com.mchange Low Product pom url swaldman/mchange-commons-java High Version file version 0.2.19 High Version Manifest Implementation-Version 0.2.19 High Version pom version 0.2.19 Highest
mdurl:1.0.1Description:
URL utilities for markdown-it License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/mdurl:1.0.1
Referenced In Projects/Scopes: simplicite-js:5.2.54 simplicite-js:5.2.54/markdown-it:12.3.2 Evidence Type Source Name Value Confidence Vendor package.json description URL utilities for markdown-it Highest Vendor package.json name mdurl Highest Vendor package.json name mdurl_project Highest Product package.json name mdurl Highest Version package.json version 1.0.1 Highest
Related Dependencies mdurl:1.0.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?markdown-it:12.3.2/mdurl:^1.0.1 pkg:npm/mdurl@1.0.1 meow:9.0.0Description:
CLI app helper License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?stylelint:14.16.1/meow:^9.0.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/npm-check:6.0.1 simplicite-js:5.2.54/stylelint:14.16.1 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author.email sindresorhus@gmail.com Highest Vendor package.json author.name Sindre Sorhus Highest Vendor package.json author.url https://sindresorhus.com Highest Vendor package.json description CLI app helper Highest Vendor package.json name meow Highest Vendor package.json name meow_project Highest Product package.json name meow Highest Version package.json version 9.0.0 Highest
Related Dependencies meow:9.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?/meow:9.0.0 pkg:npm/meow@9.0.0 meow:9.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?npm-check:6.0.1/meow:^9.0.0 pkg:npm/meow@9.0.0 merge-stream:2.0.0Description:
Create a stream that emits events from multiple other streams License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/merge-stream:2.0.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/execa:5.1.1 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author Stephen Sugden <me@stephensugden.com> Highest Vendor package.json description Create a stream that emits events from multiple other streams Highest Vendor package.json name merge-stream Highest Vendor package.json name merge-stream_project Highest Product package.json name merge-stream Highest Version package.json version 2.0.0 Highest
Related Dependencies merge-stream:2.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?execa:5.1.1/merge-stream:^2.0.0 pkg:npm/merge-stream@2.0.0 merge2:1.4.1Description:
Merge multiple streams into one stream in sequence or parallel. License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/merge2:1.4.1
Referenced In Projects/Scopes: simplicite-js:5.2.54 simplicite-js:5.2.54/globby:11.1.0 simplicite-js:5.2.54/fast-glob:3.3.0 Evidence Type Source Name Value Confidence Vendor package.json description Merge multiple streams into one stream in sequence or parallel. Highest Vendor package.json homepage https://github.com/teambition/merge2 Highest Vendor package.json name merge2 Highest Vendor package.json name merge2_project Highest Product package.json name merge2 Highest Version package.json version 1.4.1 Highest
Related Dependencies merge2:1.4.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?fast-glob:3.3.0/merge2:^1.3.0 pkg:npm/merge2@1.4.1 merge2:1.4.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?globby:11.1.0/merge2:^1.4.1 pkg:npm/merge2@1.4.1 metadata-extractor-2.15.0.1.jarDescription:
This is a fork of com.drewnoakes' metadata-extractor that relocates com.adobe.internal to com.adobe.
Java library for extracting EXIF, IPTC, XMP, ICC and other metadata from image and video files.
License:
The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /var/simplicite/.m2/repository/org/tallison/metadata-extractor/2.15.0.1/metadata-extractor-2.15.0.1.jar
MD5: 3457db7f82e0be00137425862eab5a5b
SHA1: a50bdbe87196f314917c2dc94f70622b8cf93e56
SHA256: 73b7bce2a7c72a118d487cc78fe243367cc48a7a40b2d8629ad5df5bea37cadd
Referenced In Project/Scope: Simplicite Platform:compile
metadata-extractor-2.15.0.1.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.apache.tika/tika-parsers@1.27
Evidence Type Source Name Value Confidence Vendor file name metadata-extractor High Vendor jar package name adobe Highest Vendor jar package name exif Highest Vendor jar package name icc Highest Vendor jar package name iptc Highest Vendor jar package name metadata Highest Vendor jar package name xmp Highest Vendor Manifest build-jdk-spec 1.8 Low Vendor Manifest Implementation-Vendor Tim Allison High Vendor pom artifactid metadata-extractor Highest Vendor pom artifactid metadata-extractor Low Vendor pom developer id drewnoakes Medium Vendor pom developer name Drew Noakes Medium Vendor pom groupid org.tallison Highest Vendor pom name : High Vendor pom url https://drewnoakes.com/code/exif/ Highest Product file name metadata-extractor High Product jar package name adobe Highest Product jar package name exif Highest Product jar package name icc Highest Product jar package name iptc Highest Product jar package name metadata Highest Product jar package name xmp Highest Product Manifest build-jdk-spec 1.8 Low Product Manifest Implementation-Title metadata-extractor High Product pom artifactid metadata-extractor Highest Product pom developer id drewnoakes Low Product pom developer name Drew Noakes Low Product pom groupid org.tallison Highest Product pom name : High Product pom url https://drewnoakes.com/code/exif/ Medium Version file version 2.15.0.1 High Version Manifest Implementation-Version 2.15.0.1 High Version pom version 2.15.0.1 Highest
CVE-2022-24613 suppress
metadata-extractor up to 2.16.0 can throw various uncaught exceptions while parsing a specially crafted JPEG file, which could result in an application crash. This could be used to mount a denial of service attack against services that use metadata-extractor library. CWE-755 Improper Handling of Exceptional Conditions
CVSSv2:
Base Score: MEDIUM (4.3) Vector: /AV:N/AC:M/Au:N/C:N/I:N/A:P CVSSv3:
Base Score: MEDIUM (5.5) Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H References:
Vulnerable Software & Versions:
CVE-2022-24614 suppress
When reading a specially crafted JPEG file, metadata-extractor up to 2.16.0 can be made to allocate large amounts of memory that finally leads to an out-of-memory error even for very small inputs. This could be used to mount a denial of service attack against services that use metadata-extractor library. CWE-770 Allocation of Resources Without Limits or Throttling
CVSSv2:
Base Score: MEDIUM (4.3) Vector: /AV:N/AC:M/Au:N/C:N/I:N/A:P CVSSv3:
Base Score: MEDIUM (5.5) Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H References:
Vulnerable Software & Versions:
micromatch:4.0.5Description:
Glob matching for javascript/node.js. A replacement and faster alternative to minimatch and multimatch. License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?stylelint:14.16.1/micromatch:^4.0.5
Referenced In Projects/Scopes: simplicite-js:5.2.54/stylelint:14.16.1 simplicite-js:5.2.54/find-yarn-workspace-root2:1.2.16 simplicite-js:5.2.54 simplicite-js:5.2.54/fast-glob:3.3.0 Evidence Type Source Name Value Confidence Vendor package.json author Jon Schlinkert (https://github.com/jonschlinkert) Highest Vendor package.json bugs.url https://github.com/micromatch/micromatch/issues Highest Vendor package.json description Glob matching for javascript/node.js. A replacement and faster alternative to minimatch and multimatch. Highest Vendor package.json homepage https://github.com/micromatch/micromatch Highest Vendor package.json name micromatch Highest Vendor package.json name micromatch_project Highest Product package.json name micromatch Highest Version package.json version 4.0.5 Highest
Related Dependencies micromatch:4.0.5File Path: /var/simplicite/simplicite-5.2/package-lock.json?/micromatch:4.0.5 pkg:npm/micromatch@4.0.5 micromatch:4.0.5File Path: /var/simplicite/simplicite-5.2/package-lock.json?fast-glob:3.3.0/micromatch:^4.0.4 pkg:npm/micromatch@4.0.5 micromatch:4.0.5File Path: /var/simplicite/simplicite-5.2/package-lock.json?find-yarn-workspace-root2:1.2.16/micromatch:^4.0.2 pkg:npm/micromatch@4.0.5 migbase64-2.2.jarDescription:
MiGBase64 is a very fast and small Base64 Codec written in Java License:
Prior BSD License: http://en.wikipedia.org/wiki/BSD_licenses File Path: /var/simplicite/.m2/repository/com/brsanthu/migbase64/2.2/migbase64-2.2.jar
MD5: da3ef3a9a9fa358ed789b37a3c780727
SHA1: bcc14967d516e93c527897a6c531ba76b5751faa
SHA256: 07224584b6227efbb815e96e3153945786e2a6b1a934620b6130331c2351c129
Referenced In Project/Scope: Simplicite Platform:provided
migbase64-2.2.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.docusign/docusign-esign-java@3.14.0
Evidence Type Source Name Value Confidence Vendor file name migbase64 High Vendor jar package name base64 Highest Vendor jar package name migbase64 Highest Vendor Manifest bundle-docurl http://sourceforge.net/projects/migbase64/ Low Vendor Manifest bundle-symbolicname com.brsanthu.migbase64 Medium Vendor Manifest Implementation-Vendor Mikael Grev High Vendor Manifest Implementation-Vendor-Id com.brsanthu Medium Vendor Manifest specification-vendor Mikael Grev Low Vendor pom artifactid migbase64 Highest Vendor pom artifactid migbase64 Low Vendor pom developer email http://sourceforge.net/u/mgrev/profile/ Low Vendor pom developer name Mikael Grev Medium Vendor pom developer org URL http://sourceforge.net/u/mgrev/profile/ Medium Vendor pom groupid com.brsanthu Highest Vendor pom name MiG Base64 High Vendor pom organization name Mikael Grev High Vendor pom organization url http://sourceforge.net/projects/migbase64/ Medium Vendor pom url http://sourceforge.net/projects/migbase64/ Highest Product file name migbase64 High Product jar package name base64 Highest Product jar package name migbase64 Highest Product Manifest bundle-docurl http://sourceforge.net/projects/migbase64/ Low Product Manifest Bundle-Name MiG Base64 Medium Product Manifest bundle-symbolicname com.brsanthu.migbase64 Medium Product Manifest Implementation-Title MiG Base64 High Product Manifest specification-title MiG Base64 Medium Product pom artifactid migbase64 Highest Product pom developer email http://sourceforge.net/u/mgrev/profile/ Low Product pom developer name Mikael Grev Low Product pom developer org URL http://sourceforge.net/u/mgrev/profile/ Low Product pom groupid com.brsanthu Highest Product pom name MiG Base64 High Product pom organization name Mikael Grev Low Product pom organization url http://sourceforge.net/projects/migbase64/ Low Product pom url http://sourceforge.net/projects/migbase64/ Medium Version file version 2.2 High Version Manifest Implementation-Version 2.2 High Version pom version 2.2 Highest
mimepull-1.9.11.jarDescription:
Provides a streaming API to access attachments parts in a MIME message. License:
Eclipse Distribution License - v 1.0: http://www.eclipse.org/org/documents/edl-v10.php File Path: /var/simplicite/.m2/repository/org/jvnet/mimepull/mimepull/1.9.11/mimepull-1.9.11.jar
MD5: 14d04d21f1d41b42438f4be94f6e6057
SHA1: d1cd7921d4c6c77938cefbb16d4f646c74278718
SHA256: 58a29baedb4d7affdcc35624f3fd0674b6de3fbb188afb8515ae1b52ffedaf69
Referenced In Project/Scope: Simplicite Platform:provided
mimepull-1.9.11.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.docusign/docusign-esign-java@3.14.0
Evidence Type Source Name Value Confidence Vendor file name mimepull High Vendor jar package name jvnet Highest Vendor jar package name mimepull Highest Vendor Manifest bundle-docurl https://www.eclipse.org Low Vendor Manifest bundle-symbolicname org.jvnet.mimepull Medium Vendor Manifest implementation-build-id 1.9.11-5a60527, 2018-12-28T12:45:24+0000 Low Vendor Manifest Implementation-Vendor Oracle Corporation High Vendor pom artifactid mimepull Highest Vendor pom artifactid mimepull Low Vendor pom developer email Roman.Grigoriadi@oracle.com Low Vendor pom developer id bravehorsie Medium Vendor pom developer name Roman Grigoriadi Medium Vendor pom groupid org.jvnet.mimepull Highest Vendor pom name MIME streaming extension High Vendor pom parent-artifactid project Low Vendor pom parent-groupid org.eclipse.ee4j Medium Vendor pom url eclipse-ee4j/metro-mimepull Highest Product file name mimepull High Product jar package name jvnet Highest Product jar package name mimepull Highest Product Manifest bundle-docurl https://www.eclipse.org Low Product Manifest Bundle-Name MIME streaming extension Medium Product Manifest bundle-symbolicname org.jvnet.mimepull Medium Product Manifest implementation-build-id 1.9.11-5a60527, 2018-12-28T12:45:24+0000 Low Product pom artifactid mimepull Highest Product pom developer email Roman.Grigoriadi@oracle.com Low Product pom developer id bravehorsie Low Product pom developer name Roman Grigoriadi Low Product pom groupid org.jvnet.mimepull Highest Product pom name MIME streaming extension High Product pom parent-artifactid project Medium Product pom parent-groupid org.eclipse.ee4j Medium Product pom url eclipse-ee4j/metro-mimepull High Version file version 1.9.11 High Version Manifest Bundle-Version 1.9.11 High Version pom parent-version 1.9.11 Low Version pom version 1.9.11 Highest
mimic-fn:2.1.0Description:
Make a function mimic another one License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?onetime:5.1.2/mimic-fn:^2.1.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/onetime:5.1.2 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author.email sindresorhus@gmail.com Highest Vendor package.json author.name Sindre Sorhus Highest Vendor package.json author.url sindresorhus.com Highest Vendor package.json description Make a function mimic another one Highest Vendor package.json name mimic-fn Highest Vendor package.json name mimic-fn_project Highest Product package.json name mimic-fn Highest Version package.json version 2.1.0 Highest
Related Dependencies mimic-fn:2.1.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?/mimic-fn:2.1.0 pkg:npm/mimic-fn@2.1.0 mimic-response:1.0.1Description:
Mimic a Node.js HTTP response stream License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/mimic-response:1.0.1
Referenced In Project/Scope: simplicite-js:5.2.54
Evidence Type Source Name Value Confidence Vendor package.json author.email sindresorhus@gmail.com Highest Vendor package.json author.name Sindre Sorhus Highest Vendor package.json author.url sindresorhus.com Highest Vendor package.json description Mimic a Node.js HTTP response stream Highest Vendor package.json name mimic-response Highest Vendor package.json name mimic-response_project Highest Product package.json name mimic-response Highest Version package.json version 1.0.1 Highest
mimic-response:3.1.0Description:
Mimic a Node.js HTTP response stream License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/mimic-response:3.1.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/decompress-response:6.0.0 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author.email sindresorhus@gmail.com Highest Vendor package.json author.name Sindre Sorhus Highest Vendor package.json author.url https://sindresorhus.com Highest Vendor package.json description Mimic a Node.js HTTP response stream Highest Vendor package.json name mimic-response Highest Vendor package.json name mimic-response_project Highest Product package.json name mimic-response Highest Version package.json version 3.1.0 Highest
Related Dependencies mimic-response:3.1.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?decompress-response:6.0.0/mimic-response:^3.1.0 pkg:npm/mimic-response@3.1.0 mimic-response:4.0.0Description:
Mimic a Node.js HTTP response stream License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/mimic-response:4.0.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/decompress-response:3.3.0 simplicite-js:5.2.54/cacheable-request:10.2.12 simplicite-js:5.2.54/clone-response:1.0.3 simplicite-js:5.2.54/got:9.6.0 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author.email sindresorhus@gmail.com Highest Vendor package.json author.name Sindre Sorhus Highest Vendor package.json author.url https://sindresorhus.com Highest Vendor package.json description Mimic a Node.js HTTP response stream Highest Vendor package.json name mimic-response Highest Vendor package.json name mimic-response_project Highest Product package.json name mimic-response Highest Version package.json version 4.0.0 Highest
Related Dependencies mimic-response:1.0.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?/mimic-response:1.0.1 pkg:npm/mimic-response@1.0.1 mimic-response:1.0.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?clone-response:1.0.3/mimic-response:^1.0.0 pkg:npm/mimic-response@1.0.1 mimic-response:4.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?cacheable-request:10.2.12/mimic-response:^4.0.0 pkg:npm/mimic-response@4.0.0 mimic-response:4.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?decompress-response:3.3.0/mimic-response:^1.0.0 pkg:npm/mimic-response@4.0.0 mimic-response:4.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?got:9.6.0/mimic-response:^1.0.1 pkg:npm/mimic-response@4.0.0 min-indent:1.0.1Description:
Get the shortest leading whitespace from lines in a string License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?strip-indent:3.0.0/min-indent:^1.0.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/strip-indent:3.0.0 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author.email me@thejameskyle.com Highest Vendor package.json author.name James Kyle Highest Vendor package.json author.url thejameskyle.com Highest Vendor package.json description Get the shortest leading whitespace from lines in a string Highest Vendor package.json name min-indent Highest Vendor package.json name min-indent_project Highest Product package.json name min-indent Highest Version package.json version 1.0.1 Highest
Related Dependencies min-indent:1.0.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?/min-indent:1.0.1 pkg:npm/min-indent@1.0.1 minimatch:3.1.2Description:
a glob matcher in javascript License:
ISC File Path: /var/simplicite/simplicite-5.2/package-lock.json?npm-check:6.0.1/minimatch:^3.0.2
Referenced In Projects/Scopes: simplicite-js:5.2.54/npm-check:6.0.1 simplicite-js:5.2.54/glob:7.2.3 simplicite-js:5.2.54/multimatch:5.0.0 simplicite-js:5.2.54/ignore-walk:6.0.3 simplicite-js:5.2.54/@eslint/eslintrc:2.1.4 simplicite-js:5.2.54/jshint:2.13.1 simplicite-js:5.2.54/npm-check-updates:16.14.14 simplicite-js:5.2.54 simplicite-js:5.2.54/@humanwhocodes/config-array:0.11.13 simplicite-js:5.2.54/depcheck:1.4.3 simplicite-js:5.2.54/@tufjs/models:1.0.4 simplicite-js:5.2.54/eslint:8.56.0 simplicite-js:5.2.54/glob:10.3.10 simplicite-js:5.2.54/glob:10.3.3 Evidence Type Source Name Value Confidence Vendor package.json author Isaac Z. Schlueter <i@izs.me> (http://blog.izs.me) Highest Vendor package.json description a glob matcher in javascript Highest Vendor package.json name minimatch Highest Vendor package.json name minimatch_project Highest Product package.json name minimatch Highest Version package.json version 3.1.2 Highest
Related Dependencies minimatch:3.0.8File Path: /var/simplicite/simplicite-5.2/package-lock.json?/minimatch:3.0.8 pkg:npm/minimatch@3.0.8 minimatch:3.0.8File Path: /var/simplicite/simplicite-5.2/package-lock.json?jshint:2.13.1/minimatch:~3.0.2 pkg:npm/minimatch@3.0.8 minimatch:3.1.2File Path: /var/simplicite/simplicite-5.2/package-lock.json?/minimatch:3.1.2 pkg:npm/minimatch@3.1.2 minimatch:3.1.2File Path: /var/simplicite/simplicite-5.2/package-lock.json?@eslint/eslintrc:2.1.4/minimatch:^3.1.2 pkg:npm/minimatch@3.1.2 minimatch:3.1.2File Path: /var/simplicite/simplicite-5.2/package-lock.json?@humanwhocodes/config-array:0.11.13/minimatch:^3.0.5 pkg:npm/minimatch@3.1.2 minimatch:3.1.2File Path: /var/simplicite/simplicite-5.2/package-lock.json?depcheck:1.4.3/minimatch:^3.0.4 pkg:npm/minimatch@3.1.2 minimatch:3.1.2File Path: /var/simplicite/simplicite-5.2/package-lock.json?eslint:8.56.0/minimatch:^3.1.2 pkg:npm/minimatch@3.1.2 minimatch:3.1.2File Path: /var/simplicite/simplicite-5.2/package-lock.json?glob:10.3.10/minimatch:^9.0.1 pkg:npm/minimatch@3.1.2 minimatch:3.1.2File Path: /var/simplicite/simplicite-5.2/package-lock.json?glob:10.3.3/minimatch:^9.0.1 pkg:npm/minimatch@3.1.2 minimatch:3.1.2File Path: /var/simplicite/simplicite-5.2/package-lock.json?glob:7.2.3/minimatch:^3.1.1 pkg:npm/minimatch@3.1.2 minimatch:3.1.2File Path: /var/simplicite/simplicite-5.2/package-lock.json?multimatch:5.0.0/minimatch:^3.0.4 pkg:npm/minimatch@3.1.2 minimatch:9.0.3File Path: /var/simplicite/simplicite-5.2/package-lock.json?/minimatch:9.0.3 pkg:npm/minimatch@9.0.3 minimatch:9.0.3File Path: /var/simplicite/simplicite-5.2/package-lock.json?@tufjs/models:1.0.4/minimatch:^9.0.0 pkg:npm/minimatch@9.0.3 minimatch:9.0.3File Path: /var/simplicite/simplicite-5.2/package-lock.json?ignore-walk:6.0.3/minimatch:^9.0.0 pkg:npm/minimatch@9.0.3 minimatch:9.0.3File Path: /var/simplicite/simplicite-5.2/package-lock.json?npm-check-updates:16.14.14/minimatch:^9.0.3 pkg:npm/minimatch@9.0.3 minimatch:9.0.3Description:
a glob matcher in javascript License:
ISC File Path: /var/simplicite/simplicite-5.2/package-lock.json?/minimatch:9.0.3
Referenced In Project/Scope: simplicite-js:5.2.54
Evidence Type Source Name Value Confidence Vendor package.json author Isaac Z. Schlueter <i@izs.me> (http://blog.izs.me) Highest Vendor package.json description a glob matcher in javascript Highest Vendor package.json name minimatch Highest Vendor package.json name minimatch_project Highest Product package.json name minimatch Highest Version package.json version 9.0.3 Highest
minimist-options:4.1.0Description:
Pretty options for minimist License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/minimist-options:4.1.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/meow:9.0.0 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author Vadim Demedes <vdemedes@gmail.com> Highest Vendor package.json description Pretty options for minimist Highest Vendor package.json name minimist-options Highest Vendor package.json name minimist-options_project Highest Product package.json name minimist-options Highest Version package.json version 4.1.0 Highest
Related Dependencies minimist-options:4.1.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?meow:9.0.0/minimist-options:4.1.0 pkg:npm/minimist-options@4.1.0 minimist:1.2.8Description:
parse argument options License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?split-text-to-chunks:1.0.0/minimist:^1.2.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/rc:1.2.8 simplicite-js:5.2.54/split-text-to-chunks:1.0.0 simplicite-js:5.2.54/handlebars:4.7.7 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author.email mail@substack.net Highest Vendor package.json author.name James Halliday Highest Vendor package.json author.url http://substack.net Highest Vendor package.json description parse argument options Highest Vendor package.json homepage https://github.com/minimistjs/minimist Highest Vendor package.json name minimist Highest Vendor package.json name minimist_project Highest Product package.json name minimist Highest Version package.json version 1.2.8 Highest
Related Dependencies minimist:1.2.8File Path: /var/simplicite/simplicite-5.2/package-lock.json?/minimist:1.2.8 pkg:npm/minimist@1.2.8 minimist:1.2.8File Path: /var/simplicite/simplicite-5.2/package-lock.json?handlebars:4.7.7/minimist:^1.2.5 pkg:npm/minimist@1.2.8 minimist:1.2.8File Path: /var/simplicite/simplicite-5.2/package-lock.json?rc:1.2.8/minimist:^1.2.0 pkg:npm/minimist@1.2.8 minipass-collect:1.0.2Description:
A Minipass stream that collects all the data into a single chunk License:
ISC File Path: /var/simplicite/simplicite-5.2/package-lock.json?/minipass-collect:1.0.2
Referenced In Projects/Scopes: simplicite-js:5.2.54/cacache:17.1.3 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author Isaac Z. Schlueter <i@izs.me> (https://izs.me) Highest Vendor package.json description A Minipass stream that collects all the data into a single chunk Highest Vendor package.json name minipass-collect Highest Vendor package.json name minipass-collect_project Highest Product package.json name minipass-collect Highest Version package.json version 1.0.2 Highest
Related Dependencies minipass-collect:1.0.2File Path: /var/simplicite/simplicite-5.2/package-lock.json?cacache:17.1.3/minipass-collect:^1.0.2 pkg:npm/minipass-collect@1.0.2 minipass-fetch:3.0.3Description:
An implementation of window.fetch in Node.js using Minipass streams License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?npm-registry-fetch:14.0.5/minipass-fetch:^3.0.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/npm-registry-fetch:14.0.5 simplicite-js:5.2.54/make-fetch-happen:11.1.1 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author GitHub Inc. Highest Vendor package.json description An implementation of window.fetch in Node.js using Minipass streams Highest Vendor package.json name minipass-fetch Highest Vendor package.json name minipass-fetch_project Highest Product package.json name minipass-fetch Highest Version package.json version 3.0.3 Highest
Related Dependencies minipass-fetch:3.0.3File Path: /var/simplicite/simplicite-5.2/package-lock.json?/minipass-fetch:3.0.3 pkg:npm/minipass-fetch@3.0.3 minipass-fetch:3.0.3File Path: /var/simplicite/simplicite-5.2/package-lock.json?make-fetch-happen:11.1.1/minipass-fetch:^3.0.0 pkg:npm/minipass-fetch@3.0.3 minipass-flush:1.0.5Description:
A Minipass stream that calls a flush function before emitting 'end' License:
ISC File Path: /var/simplicite/simplicite-5.2/package-lock.json?/minipass-flush:1.0.5
Referenced In Projects/Scopes: simplicite-js:5.2.54/make-fetch-happen:11.1.1 simplicite-js:5.2.54/cacache:17.1.3 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author Isaac Z. Schlueter <i@izs.me> (https://izs.me) Highest Vendor package.json description A Minipass stream that calls a flush function before emitting 'end' Highest Vendor package.json name minipass-flush Highest Vendor package.json name minipass-flush_project Highest Product package.json name minipass-flush Highest Version package.json version 1.0.5 Highest
Related Dependencies minipass-flush:1.0.5File Path: /var/simplicite/simplicite-5.2/package-lock.json?cacache:17.1.3/minipass-flush:^1.0.5 pkg:npm/minipass-flush@1.0.5 minipass-flush:1.0.5File Path: /var/simplicite/simplicite-5.2/package-lock.json?make-fetch-happen:11.1.1/minipass-flush:^1.0.5 pkg:npm/minipass-flush@1.0.5 minipass-json-stream:1.0.1Description:
Like JSONStream, but using Minipass streams License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?npm-registry-fetch:14.0.5/minipass-json-stream:^1.0.1
Referenced In Projects/Scopes: simplicite-js:5.2.54/npm-registry-fetch:14.0.5 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author Isaac Z. Schlueter <i@izs.me> (https://izs.me) Highest Vendor package.json description Like JSONStream, but using Minipass streams Highest Vendor package.json name minipass-json-stream Highest Vendor package.json name minipass-json-stream_project Highest Product package.json name minipass-json-stream Highest Version package.json version 1.0.1 Highest
Related Dependencies minipass-json-stream:1.0.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?/minipass-json-stream:1.0.1 pkg:npm/minipass-json-stream@1.0.1 minipass-pipeline:1.2.4Description:
create a pipeline of streams using Minipass License:
ISC File Path: /var/simplicite/simplicite-5.2/package-lock.json?/minipass-pipeline:1.2.4
Referenced In Projects/Scopes: simplicite-js:5.2.54/make-fetch-happen:11.1.1 simplicite-js:5.2.54/cacache:17.1.3 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author Isaac Z. Schlueter <i@izs.me> (https://izs.me) Highest Vendor package.json description create a pipeline of streams using Minipass Highest Vendor package.json name minipass-pipeline Highest Vendor package.json name minipass-pipeline_project Highest Product package.json name minipass-pipeline Highest Version package.json version 1.2.4 Highest
Related Dependencies minipass-pipeline:1.2.4File Path: /var/simplicite/simplicite-5.2/package-lock.json?cacache:17.1.3/minipass-pipeline:^1.2.4 pkg:npm/minipass-pipeline@1.2.4 minipass-pipeline:1.2.4File Path: /var/simplicite/simplicite-5.2/package-lock.json?make-fetch-happen:11.1.1/minipass-pipeline:^1.2.4 pkg:npm/minipass-pipeline@1.2.4 minipass-sized:1.0.3Description:
A Minipass stream that raises an error if you get a different number of bytes than expected License:
ISC File Path: /var/simplicite/simplicite-5.2/package-lock.json?/minipass-sized:1.0.3
Referenced In Projects/Scopes: simplicite-js:5.2.54/minipass-fetch:3.0.3 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author Isaac Z. Schlueter <i@izs.me> (https://izs.me) Highest Vendor package.json description A Minipass stream that raises an error if you get a different number of bytes than expected Highest Vendor package.json name minipass-sized Highest Vendor package.json name minipass-sized_project Highest Product package.json name minipass-sized Highest Version package.json version 1.0.3 Highest
Related Dependencies minipass-sized:1.0.3File Path: /var/simplicite/simplicite-5.2/package-lock.json?minipass-fetch:3.0.3/minipass-sized:^1.0.3 pkg:npm/minipass-sized@1.0.3 minipass:3.3.6Description:
minimal implementation of a PassThrough stream License:
ISC File Path: /var/simplicite/simplicite-5.2/package-lock.json?/minipass:3.3.6
Referenced In Projects/Scopes: simplicite-js:5.2.54/minipass-pipeline:1.2.4 simplicite-js:5.2.54/fs-minipass:2.1.0 simplicite-js:5.2.54/minipass-sized:1.0.3 simplicite-js:5.2.54/minipass-json-stream:1.0.1 simplicite-js:5.2.54/minizlib:2.1.2 simplicite-js:5.2.54/minipass-flush:1.0.5 simplicite-js:5.2.54/minipass-collect:1.0.2 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author Isaac Z. Schlueter <i@izs.me> (http://blog.izs.me/) Highest Vendor package.json description minimal implementation of a PassThrough stream Highest Vendor package.json name minipass Highest Vendor package.json name minipass_project Highest Product package.json name minipass Highest Version package.json version 3.3.6 Highest
Related Dependencies minipass:3.3.6File Path: /var/simplicite/simplicite-5.2/package-lock.json?fs-minipass:2.1.0/minipass:^3.0.0 pkg:npm/minipass@3.3.6 minipass:3.3.6File Path: /var/simplicite/simplicite-5.2/package-lock.json?minipass-collect:1.0.2/minipass:^3.0.0 pkg:npm/minipass@3.3.6 minipass:3.3.6File Path: /var/simplicite/simplicite-5.2/package-lock.json?minipass-flush:1.0.5/minipass:^3.0.0 pkg:npm/minipass@3.3.6 minipass:3.3.6File Path: /var/simplicite/simplicite-5.2/package-lock.json?minipass-json-stream:1.0.1/minipass:^3.0.0 pkg:npm/minipass@3.3.6 minipass:3.3.6File Path: /var/simplicite/simplicite-5.2/package-lock.json?minipass-pipeline:1.2.4/minipass:^3.0.0 pkg:npm/minipass@3.3.6 minipass:3.3.6File Path: /var/simplicite/simplicite-5.2/package-lock.json?minipass-sized:1.0.3/minipass:^3.0.0 pkg:npm/minipass@3.3.6 minipass:3.3.6File Path: /var/simplicite/simplicite-5.2/package-lock.json?minizlib:2.1.2/minipass:^3.0.0 pkg:npm/minipass@3.3.6 minipass:5.0.0Description:
minimal implementation of a PassThrough stream License:
ISC File Path: /var/simplicite/simplicite-5.2/package-lock.json?tar:6.1.15/minipass:^5.0.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/npm-registry-fetch:14.0.5 simplicite-js:5.2.54/make-fetch-happen:11.1.1 simplicite-js:5.2.54 simplicite-js:5.2.54/ssri:10.0.4 simplicite-js:5.2.54/path-scurry:1.10.1 simplicite-js:5.2.54/fs-minipass:3.0.2 simplicite-js:5.2.54/tar:6.1.15 simplicite-js:5.2.54/glob:10.3.10 simplicite-js:5.2.54/minipass-fetch:3.0.3 simplicite-js:5.2.54/cacache:17.1.3 simplicite-js:5.2.54/pacote:15.2.0 simplicite-js:5.2.54/glob:10.3.3 Evidence Type Source Name Value Confidence Vendor package.json author Isaac Z. Schlueter <i@izs.me> (http://blog.izs.me/) Highest Vendor package.json description minimal implementation of a PassThrough stream Highest Vendor package.json name minipass Highest Vendor package.json name minipass_project Highest Product package.json name minipass Highest Version package.json version 5.0.0 Highest
Related Dependencies minipass:5.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?/minipass:5.0.0 pkg:npm/minipass@5.0.0 minipass:5.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?cacache:17.1.3/minipass:^5.0.0 pkg:npm/minipass@5.0.0 minipass:5.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?fs-minipass:3.0.2/minipass:^5.0.0 pkg:npm/minipass@5.0.0 minipass:5.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?glob:10.3.10/minipass:^5.0.0 || ^6.0.2 || ^7.0.0 pkg:npm/minipass@5.0.0 minipass:5.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?glob:10.3.3/minipass:^5.0.0 || ^6.0.2 || ^7.0.0 pkg:npm/minipass@5.0.0 minipass:5.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?make-fetch-happen:11.1.1/minipass:^5.0.0 pkg:npm/minipass@5.0.0 minipass:5.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?minipass-fetch:3.0.3/minipass:^5.0.0 pkg:npm/minipass@5.0.0 minipass:5.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?npm-registry-fetch:14.0.5/minipass:^5.0.0 pkg:npm/minipass@5.0.0 minipass:5.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?pacote:15.2.0/minipass:^5.0.0 pkg:npm/minipass@5.0.0 minipass:5.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?ssri:10.0.4/minipass:^5.0.0 pkg:npm/minipass@5.0.0 minipass:6.0.2File Path: /var/simplicite/simplicite-5.2/package-lock.json?/minipass:6.0.2 pkg:npm/minipass@6.0.2 minipass:6.0.2File Path: /var/simplicite/simplicite-5.2/package-lock.json?path-scurry:1.10.1/minipass:^5.0.0 || ^6.0.2 || ^7.0.0 pkg:npm/minipass@6.0.2 minizlib:2.1.2Description:
A small fast zlib stream built on [minipass](http://npm.im/minipass) and Node.js's zlib binding. License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?tar:6.1.15/minizlib:^2.1.1
Referenced In Projects/Scopes: simplicite-js:5.2.54/npm-registry-fetch:14.0.5 simplicite-js:5.2.54/tar:6.1.15 simplicite-js:5.2.54/minipass-fetch:3.0.3 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author Isaac Z. Schlueter <i@izs.me> (http://blog.izs.me/) Highest Vendor package.json description A small fast zlib stream built on [minipass](http://npm.im/minipass) and Node.js's zlib binding. Highest Vendor package.json name minizlib Highest Vendor package.json name minizlib_project Highest Product package.json name minizlib Highest Version package.json version 2.1.2 Highest
Related Dependencies minizlib:2.1.2File Path: /var/simplicite/simplicite-5.2/package-lock.json?/minizlib:2.1.2 pkg:npm/minizlib@2.1.2 minizlib:2.1.2File Path: /var/simplicite/simplicite-5.2/package-lock.json?minipass-fetch:3.0.3/minizlib:^2.1.2 pkg:npm/minizlib@2.1.2 minizlib:2.1.2File Path: /var/simplicite/simplicite-5.2/package-lock.json?npm-registry-fetch:14.0.5/minizlib:^2.1.2 pkg:npm/minizlib@2.1.2 mkdirp:1.0.4Description:
Recursively mkdir, like `mkdir -p` License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?tar:6.1.15/mkdirp:^1.0.3
Referenced In Projects/Scopes: simplicite-js:5.2.54/jsdoc:4.0.2 simplicite-js:5.2.54/tar:6.1.15 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json description Recursively mkdir, like `mkdir -p` Highest Vendor package.json name mkdirp Highest Vendor package.json name mkdirp_project Highest Product package.json name mkdirp Highest Version package.json version 1.0.4 Highest
Related Dependencies mkdirp:1.0.4File Path: /var/simplicite/simplicite-5.2/package-lock.json?/mkdirp:1.0.4 pkg:npm/mkdirp@1.0.4 mkdirp:1.0.4File Path: /var/simplicite/simplicite-5.2/package-lock.json?jsdoc:4.0.2/mkdirp:^1.0.4 pkg:npm/mkdirp@1.0.4 mockito-core-4.5.1.jarDescription:
Mockito mock objects library core API and implementation License:
The MIT License: https://github.com/mockito/mockito/blob/main/LICENSE File Path: /var/simplicite/.m2/repository/org/mockito/mockito-core/4.5.1/mockito-core-4.5.1.jar
MD5: 839f61b6c516e873a28b4830c18a0a06
SHA1: 0ed456e623e5afc6f4cee3ae58144e5c45f3b3bf
SHA256: 0b66f11abbb39eaffb05989109892a50fd344d633a3b3587726ef1fe5fc8ab78
Referenced In Project/Scope: Simplicite Platform:compile
mockito-core-4.5.1.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.simplicite/simplicite@5.2.54
Evidence Type Source Name Value Confidence Vendor file name mockito-core High Vendor jar package name and Highest Vendor jar package name api Highest Vendor jar package name mockito Highest Vendor Manifest automatic-module-name org.mockito Medium Vendor Manifest bundle-symbolicname org.mockito.mockito-core Medium Vendor pom artifactid mockito-core Highest Vendor pom artifactid mockito-core Low Vendor pom developer id bric3 Medium Vendor pom developer id mockitoguy Medium Vendor pom developer id raphw Medium Vendor pom developer id TimvdLippe Medium Vendor pom developer name Brice Dutheil Medium Vendor pom developer name Rafael Winterhalter Medium Vendor pom developer name Szczepan Faber Medium Vendor pom developer name Tim van der Lippe Medium Vendor pom groupid org.mockito Highest Vendor pom name mockito-core High Vendor pom url mockito/mockito Highest Product file name mockito-core High Product jar package name and Highest Product jar package name api Highest Product jar package name mockito Highest Product Manifest automatic-module-name org.mockito Medium Product Manifest Bundle-Name Mockito Mock Library for Java. Core bundle requires Byte Buddy and Objenesis. Medium Product Manifest bundle-symbolicname org.mockito.mockito-core Medium Product pom artifactid mockito-core Highest Product pom developer id bric3 Low Product pom developer id mockitoguy Low Product pom developer id raphw Low Product pom developer id TimvdLippe Low Product pom developer name Brice Dutheil Low Product pom developer name Rafael Winterhalter Low Product pom developer name Szczepan Faber Low Product pom developer name Tim van der Lippe Low Product pom groupid org.mockito Highest Product pom name mockito-core High Product pom url mockito/mockito High Version file version 4.5.1 High Version Manifest Bundle-Version 4.5.1 High Version pom version 4.5.1 Highest
moment-timezone:0.5.34Description:
Parse and display moments in any timezone. License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/moment-timezone:0.5.34
Referenced In Project/Scope: simplicite-js:5.2.54
Evidence Type Source Name Value Confidence Vendor package.json author Tim Wood <washwithcare@gmail.com> (http://timwoodcreates.com/) Highest Vendor package.json bugs.url https://github.com/moment/moment-timezone/issues Highest Vendor package.json description Parse and display moments in any timezone. Highest Vendor package.json homepage http://momentjs.com/timezone/ Highest Vendor package.json name moment-timezone Highest Vendor package.json name moment-timezone_project Highest Product package.json name moment-timezone Highest Version package.json version 0.5.34 Highest
GHSA-v78c-4p63-2j6c (NPM) suppress
### Impact
* if Alice uses `grunt data` (or `grunt release`) to prepare a custom-build, moment-timezone with the latest tzdata from IANA's website
* and Mallory intercepts the request to IANA's unencrypted ftp server, Mallory can serve data which might exploit further stages of the moment-timezone tzdata pipeline, or potentially produce a tainted version of moment-timezone (practicality of such attacks is not proved)
### Patches
Problem has been patched in version 0.5.35, patch should be applicable with minor modifications to all affected versions. The patch includes changing the FTP endpoint with an HTTPS endpoint.
### Workarounds
Specify the exact version of tzdata (like `2014d`, full command being `grunt data:2014d`, then run the rest of the release tasks by hand), or just apply the patch before issuing the grunt command.
CWE-319 Cleartext Transmission of Sensitive Information
Unscored:
References:
Vulnerable Software & Versions (NPM):
cpe:2.3:a:*:moment-timezone:\>\=0.1.0\<0.5.35:*:*:*:*:*:*:* GHSA-56x4-j7p9-fcf9 (NPM) suppress
### Impact
All versions of moment-timezone from 0.1.0 contain build tasks vulnerable to command injection.
* if Alice uses tzdata pipeline to package moment-timezone on her own (for example via `grunt data:2014d`, where `2014d` stands for the version of the tzdata to be used from IANA's website),
* and Alice let's Mallory select the version (`2014d` in our example), then Mallory can execute arbitrary commands on the machine running the grunt task, with the same privilege as the grunt task
#### Am I affected?
##### Do you build custom versions of moment-timezone with grunt?
If no, you're not affected.
##### Do you allow a third party to specify which particular version you want build?
If yes, you're vulnerable to command injection -- third party may execute arbitrary commands on the system running grunt task with the same privileges as grunt task.
### Description
#### Command Injection via grunt-zdownload.js and MITM on iana's ftp endpoint
The `tasks/data-download.js` script takes in a parameter from grunt and uses it to form a command line which is then executed:
```
6 module.exports = function (grunt) {
7 grunt.registerTask('data-download', '1. Download data from iana.org/time-zones.', function (version) {
8 version = version || 'latest';
10 var done = this.async(),
11 src = 'ftp://ftp.iana.org/tz/tzdata-latest.tar.gz',
12 curl = path.resolve('temp/curl', version, 'data.tar.gz'),
13 dest = path.resolve('temp/download', version);
...
24 exec('curl ' + src + ' -o ' + curl + ' && cd ' + dest + ' && gzip -dc ' + curl + ' | tar -xf -', function (err) {
```
Ordinarily, one one run this script using something like `grunt data-download:2014d`, in which case version would have the value `2014d`. However, if an attacker were to provide additional content on the command line, they would be able to execute arbitrary code
```
root@e94ba0490b65:/usr/src/app/moment-timezone# grunt 'data-download:2014d ; echo flag>/tmp/foo #'
\Running "data-download:2014d ; echo flag>/tmp/foo #" (data-download) task
>> Downloading https://data.iana.org/time-zones/releases/tzdata2014d ; echo flag>/tmp/foo #.tar.gz
>> Downloaded https://data.iana.org/time-zones/releases/tzdata2014d ; echo flag>/tmp/foo #.tar.gz
Done.
root@e94ba0490b65:/usr/src/app/moment-timezone# cat /tmp/foo
flag
```
#### Command Injection via data-zdump.js
The `tasks/data-zdump.js` script reads a list of files present in a temporary directory (created by previous tasks), and for each one, assembles and executes a command line without sanitization. As a result, an attacker able to influence the contents of that directory could gain code execution. This attack is exacerbated by timezone data being downloaded via cleartext FTP (described above), but beyond that, an attacker at iana.org able to modify the timezone files could disrupt any systems that build moment-timezone.
```
15 files = grunt.file.expand({ filter : 'isFile', cwd : 'temp/zic/' + version }, '**/*');
...
27 function next () {
...
33 var file = files.pop(),
34 src = path.join(zicBase, file),
35 dest = path.join(zdumpBase, file);
36 exec('zdump -v ' + src, { maxBuffer: 20*1024*1024 }, function (err, stdout) {
```
In this case, an attacker able to add a file to `temp/zic/2014d` (for example) with a filename like `Z; curl www.example.com` would influence the called to exec on line 36 and run arbitrary code. There are a few minor challenges in exploiting this, since the string needs to be a valid filename.
#### Command Injection via data-zic.js
Similar to the vulnerability in /tasks/data-download.js, the /tasks/data-zic.js script takes a version from the command line and uses it as part of a command line, executed without sanitization.
```
10 var done = this.async(),
11 dest = path.resolve('temp/zic', version),
...
22 var file = files.shift(),
23 src = path.resolve('temp/download', version, file);
24
25 exec('zic -d ' + dest + ' ' + src, function (err) {
```
As a result, an attacker able to influence that string can run arbitrary commands. Of course, it requires an attacker able to influence the command passed to grunt, so may be unlikely in practice.
```
root@e94ba0490b65:/usr/src/app/moment-timezone# grunt 'data-zic:2014d; echo hi > /tmp/evil; echo '
Running "data-zic:2014d; echo hi > /tmp/evil; echo " (data-zic) task
exec: zid -d /usr/src/app/moment-timezone/temp/zic/2014d; echo hi > /tmp/evil; echo /usr/src/app/moment-timezone/temp/download/2014d; echo hi > /tmp/evil; echo /africa
...
root@e94ba0490b65:/usr/src/app/moment-timezone# cat /tmp/evil
hi
```
### Patches
The supplied patch on top of 0.5.34 is applicable with minor tweaks to all affected versions. It switches `exec` to `execFile` so arbitrary bash fragments won't be executed any more.
### References
* https://knowledge-base.secureflag.com/vulnerabilities/code_injection/os_command_injection_nodejs.html
* https://auth0.com/blog/preventing-command-injection-attacks-in-node-js-apps/ Unscored:
References:
Vulnerable Software & Versions (NPM):
cpe:2.3:a:*:moment-timezone:\>\=0.1.0\<0.5.35:*:*:*:*:*:*:* moment:2.29.4Description:
Parse, validate, manipulate, and display dates License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?npm-audit-html:1.5.0/moment:^2.29.1
Referenced In Projects/Scopes: simplicite-js:5.2.54/npm-audit-html:1.5.0 simplicite-js:5.2.54/chart.js:2.9.4 simplicite-js:5.2.54/moment-timezone:0.5.34 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author Iskren Ivov Chernev <iskren.chernev@gmail.com> (https://github.com/ichernev) Highest Vendor package.json bugs.url https://github.com/moment/moment/issues Highest Vendor package.json description Parse, validate, manipulate, and display dates Highest Vendor package.json homepage https://momentjs.com Highest Vendor package.json name moment Highest Vendor package.json name moment_project Highest Product package.json name moment Highest Version package.json version 2.29.4 Highest
Related Dependencies moment:2.29.4File Path: /var/simplicite/simplicite-5.2/package-lock.json?/moment:2.29.4 pkg:npm/moment@2.29.4 moment:2.29.4File Path: /var/simplicite/simplicite-5.2/package-lock.json?chart.js:2.9.4/moment:^2.10.2 pkg:npm/moment@2.29.4 moment:2.29.4File Path: /var/simplicite/simplicite-5.2/package-lock.json?moment-timezone:0.5.34/moment:>= 2.9.0 pkg:npm/moment@2.29.4 mongodb-driver-core-3.12.12.jarDescription:
The Java operations layer for the MongoDB Java Driver.
Third parties can wrap this layer to provide custom higher-level APIs License:
The Apache License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /var/simplicite/.m2/repository/org/mongodb/mongodb-driver-core/3.12.12/mongodb-driver-core-3.12.12.jar
MD5: 909a1ce74cb81db2a2686d958fa1ecd0
SHA1: f0ce8a99d1b3705fd2702c3532036bbb68f88221
SHA256: 9103fe4e5d95f752614de7f074a2953119a8fba87c5e3dba1c806139c8c42382
Referenced In Project/Scope: Simplicite Platform:compile
mongodb-driver-core-3.12.12.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.mongodb/mongodb-driver@3.12.12
Evidence Type Source Name Value Confidence Vendor file name mongodb-driver-core High Vendor jar package name mongodb Highest Vendor jar package name operations Highest Vendor Manifest automatic-module-name org.mongodb.driver.core Medium Vendor Manifest bundle-symbolicname org.mongodb.driver-core Medium Vendor pom artifactid mongodb-driver-core Highest Vendor pom artifactid mongodb-driver-core Low Vendor pom developer name Various Medium Vendor pom developer org MongoDB Medium Vendor pom groupid org.mongodb Highest Vendor pom name MongoDB Java Driver Core High Vendor pom url http://www.mongodb.org Highest Product file name mongodb-driver-core High Product jar package name mongodb Highest Product jar package name operations Highest Product Manifest automatic-module-name org.mongodb.driver.core Medium Product Manifest Bundle-Name mongodb-driver-core Medium Product Manifest bundle-symbolicname org.mongodb.driver-core Medium Product pom artifactid mongodb-driver-core Highest Product pom developer name Various Low Product pom developer org MongoDB Low Product pom groupid org.mongodb Highest Product pom name MongoDB Java Driver Core High Product pom url http://www.mongodb.org Medium Version file version 3.12.12 High Version Manifest build-version 3.12.12 Medium Version Manifest Bundle-Version 3.12.12 High Version pom version 3.12.12 Highest
Related Dependencies mongodb-driver-3.12.12.jarFile Path: /var/simplicite/.m2/repository/org/mongodb/mongodb-driver/3.12.12/mongodb-driver-3.12.12.jar MD5: 0784f660ebacb6495e61b59e8f5e4f58 SHA1: 08cce064e8fe17f4afa38f5e29471c8f42d2eb3b SHA256: 216758bface8f381855f2042404f8d628b1c08f2ff690e859a8c94d1727bf1fb pkg:maven/org.mongodb/mongodb-driver@3.12.12 ms:2.1.2Description:
Tiny millisecond conversion utility License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/ms:2.1.2
Referenced In Projects/Scopes: simplicite-js:5.2.54/debug:4.3.4 simplicite-js:5.2.54 simplicite-js:5.2.54/humanize-ms:1.2.1 Evidence Type Source Name Value Confidence Vendor package.json description Tiny millisecond conversion utility Highest Vendor package.json name ms Highest Vendor package.json name ms_project Highest Product package.json name ms Highest Version package.json version 2.1.2 Highest
Related Dependencies ms:2.1.2File Path: /var/simplicite/simplicite-5.2/package-lock.json?debug:4.3.4/ms:2.1.2 pkg:npm/ms@2.1.2 ms:2.1.2File Path: /var/simplicite/simplicite-5.2/package-lock.json?humanize-ms:1.2.1/ms:^2.0.0 pkg:npm/ms@2.1.2 mssql-jdbc-12.4.1.jre8.jarDescription:
Microsoft JDBC Driver for SQL Server.
License:
MIT License: http://www.opensource.org/licenses/mit-license.php File Path: /var/simplicite/.m2/repository/com/microsoft/sqlserver/mssql-jdbc/12.4.1.jre8/mssql-jdbc-12.4.1.jre8.jar
MD5: 56461011bb8aae30f3f0b8d1ff1a8159
SHA1: 9654deb288383d3048cd907c65ada3832d58ccc0
SHA256: 0a2e7d30b539d0397eae652cb57edcfc1740249fc608260ba9ccabc46af683b1
Referenced In Project/Scope: Simplicite Platform:runtime
mssql-jdbc-12.4.1.jre8.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.simplicite/simplicite@5.2.54
Evidence Type Source Name Value Confidence Vendor file name mssql-jdbc High Vendor jar package name jdbc Highest Vendor jar package name microsoft Highest Vendor jar package name mssql Highest Vendor jar package name sql Highest Vendor jar package name sqlserver Highest Vendor Manifest build-jdk-spec 11 Low Vendor Manifest bundle-symbolicname com.microsoft.sqlserver.mssql-jdbc Medium Vendor pom artifactid mssql-jdbc Highest Vendor pom artifactid mssql-jdbc Low Vendor pom developer org Microsoft Medium Vendor pom developer org URL http://www.microsoft.com Medium Vendor pom groupid com.microsoft.sqlserver Highest Vendor pom name Microsoft JDBC Driver for SQL Server High Vendor pom organization name Microsoft Corporation High Vendor pom url Microsoft/mssql-jdbc Highest Product file name mssql-jdbc High Product jar package name jdbc Highest Product jar package name microsoft Highest Product jar package name mssql Highest Product jar package name sql Highest Product jar package name sqlserver Highest Product Manifest build-jdk-spec 11 Low Product Manifest Bundle-Name Microsoft JDBC Driver for SQL Server Medium Product Manifest bundle-symbolicname com.microsoft.sqlserver.mssql-jdbc Medium Product pom artifactid mssql-jdbc Highest Product pom developer org Microsoft Low Product pom developer org URL http://www.microsoft.com Low Product pom groupid com.microsoft.sqlserver Highest Product pom name Microsoft JDBC Driver for SQL Server High Product pom organization name Microsoft Corporation Low Product pom url Microsoft/mssql-jdbc High Version file version 12.4.1.jre8 High Version pom version 12.4.1.jre8 Highest
multimatch:5.0.0Description:
Extends `minimatch.match()` with support for multiple patterns License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/multimatch:5.0.0
Referenced In Projects/Scopes: simplicite-js:5.2.54 simplicite-js:5.2.54/depcheck:1.4.3 Evidence Type Source Name Value Confidence Vendor package.json author.email sindresorhus@gmail.com Highest Vendor package.json author.name Sindre Sorhus Highest Vendor package.json author.url https://sindresorhus.com Highest Vendor package.json description Extends `minimatch.match()` with support for multiple patterns Highest Vendor package.json name multimatch Highest Vendor package.json name multimatch_project Highest Product package.json name multimatch Highest Version package.json version 5.0.0 Highest
Related Dependencies multimatch:5.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?depcheck:1.4.3/multimatch:^5.0.0 pkg:npm/multimatch@5.0.0 mustache:4.2.0Description:
Logic-less {{mustache}} templates with JavaScript License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/mustache:4.2.0
Referenced In Project/Scope: simplicite-js:5.2.54
Evidence Type Source Name Value Confidence Vendor package.json author mustache.js Authors <http://github.com/janl/mustache.js> Highest Vendor package.json description Logic-less {{mustache}} templates with JavaScript Highest Vendor package.json homepage https://github.com/janl/mustache.js Highest Vendor package.json name mustache Highest Vendor package.json name mustache_project Highest Product package.json name mustache Highest Version package.json version 4.2.0 Highest
mute-stream:0.0.8Description:
Bytes go in, but they don't come out (when muted). License:
ISC File Path: /var/simplicite/simplicite-5.2/package-lock.json?/mute-stream:0.0.8
Referenced In Projects/Scopes: simplicite-js:5.2.54/inquirer:7.3.3 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author Isaac Z. Schlueter <i@izs.me> (http://blog.izs.me/) Highest Vendor package.json description Bytes go in, but they don't come out (when muted). Highest Vendor package.json name mute-stream Highest Vendor package.json name mute-stream_project Highest Product package.json name mute-stream Highest Version package.json version 0.0.8 Highest
Related Dependencies mute-stream:0.0.8File Path: /var/simplicite/simplicite-5.2/package-lock.json?inquirer:7.3.3/mute-stream:0.0.8 pkg:npm/mute-stream@0.0.8 mysql-connector-j-8.1.0.jarDescription:
JDBC Type 4 driver for MySQL. License:
The GNU General Public License, v2 with Universal FOSS Exception, v1.0 File Path: /var/simplicite/.m2/repository/com/mysql/mysql-connector-j/8.1.0/mysql-connector-j-8.1.0.jar
MD5: e84fdafa40e6625878f79efc7339d93b
SHA1: 3f78d2963935f44a61edb3961a591cdc392c8941
SHA256: e2e657e9c5ebe06a73485c9739ebd8a18e7bebb852a58d0da287da850beca1c7
Referenced In Project/Scope: Simplicite Platform:runtime
mysql-connector-j-8.1.0.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.simplicite/simplicite@5.2.54
Evidence Type Source Name Value Confidence Vendor file name mysql-connector-j High Vendor hint analyzer vendor oracle Highest Vendor hint analyzer (hint) vendor sun Highest Vendor jar package name cj Highest Vendor jar package name driver Highest Vendor jar package name jdbc Highest Vendor jar package name mysql Highest Vendor jar package name type Highest Vendor Manifest bundle-symbolicname com.mysql.cj Medium Vendor Manifest Implementation-Vendor Oracle High Vendor Manifest Implementation-Vendor-Id com.mysql Medium Vendor Manifest specification-vendor Oracle Corporation Low Vendor Manifest (hint) Implementation-Vendor sun High Vendor pom artifactid mysql-connector-j Highest Vendor pom artifactid mysql-connector-j Low Vendor pom developer email filipe.silva@oracle.com Low Vendor pom developer name Filipe Silva Medium Vendor pom developer org Oracle Corporation Medium Vendor pom developer org URL https://www.oracle.com/ Medium Vendor pom groupid com.mysql Highest Vendor pom name MySQL Connector/J High Vendor pom organization name Oracle Corporation High Vendor pom organization url https://www.oracle.com/ Medium Vendor pom url http://dev.mysql.com/doc/connector-j/en/ Highest Product file name mysql-connector-j High Product hint analyzer product mysql_connector/j Highest Product hint analyzer product mysql_connector_j Highest Product hint analyzer product mysql_connectors Highest Product jar package name cj Highest Product jar package name driver Highest Product jar package name jdbc Highest Product jar package name mysql Highest Product jar package name type Highest Product jar package name xdevapi Highest Product Manifest Bundle-Name Oracle Corporation's JDBC and XDevAPI Driver for MySQL Medium Product Manifest bundle-symbolicname com.mysql.cj Medium Product Manifest Implementation-Title MySQL Connector/J High Product Manifest specification-title JDBC Medium Product pom artifactid mysql-connector-j Highest Product pom developer email filipe.silva@oracle.com Low Product pom developer name Filipe Silva Low Product pom developer org Oracle Corporation Low Product pom developer org URL https://www.oracle.com/ Low Product pom groupid com.mysql Highest Product pom name MySQL Connector/J High Product pom organization name Oracle Corporation Low Product pom organization url https://www.oracle.com/ Low Product pom url http://dev.mysql.com/doc/connector-j/en/ Medium Version file version 8.1.0 High Version Manifest Bundle-Version 8.1.0 High Version Manifest Implementation-Version 8.1.0 High Version pom version 8.1.0 Highest
CVE-2023-22102 suppress
Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/J). Supported versions that are affected are 8.1.0 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Connectors. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in MySQL Connectors, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in takeover of MySQL Connectors. CVSS 3.1 Base Score 8.3 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H). NVD-CWE-noinfo
CVSSv3:
Base Score: HIGH (8.3) Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H References:
Vulnerable Software & Versions: (show all )
nanoid:3.3.6Description:
A tiny (116 bytes), secure URL-friendly unique string ID generator License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?postcss:8.4.24/nanoid:^3.3.6
Referenced In Projects/Scopes: simplicite-js:5.2.54/postcss:8.4.24 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author Andrey Sitnik <andrey@sitnik.ru> Highest Vendor package.json description A tiny (116 bytes), secure URL-friendly unique string ID generator Highest Vendor package.json name nanoid Highest Vendor package.json name nanoid_project Highest Product package.json name nanoid Highest Version package.json version 3.3.6 Highest
Related Dependencies nanoid:3.3.6File Path: /var/simplicite/simplicite-5.2/package-lock.json?/nanoid:3.3.6 pkg:npm/nanoid@3.3.6 natural-compare:1.4.0Description:
Compare strings containing a mix of letters and numbers in the way a human being would in sort order. License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/natural-compare:1.4.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/eslint:8.56.0 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author Lauri Rooden (https://github.com/litejs/natural-compare-lite) Highest Vendor package.json bugs.url https://github.com/litejs/natural-compare-lite/issues Highest Vendor package.json description Compare strings containing a mix of letters and numbers in the way a human being would in sort order. Highest Vendor package.json name natural-compare Highest Vendor package.json name natural-compare_project Highest Product package.json name natural-compare Highest Version package.json version 1.4.0 Highest
Related Dependencies natural-compare:1.4.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?eslint:8.56.0/natural-compare:^1.4.0 pkg:npm/natural-compare@1.4.0 negotiator:0.6.3Description:
HTTP content negotiation License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/negotiator:0.6.3
Referenced In Projects/Scopes: simplicite-js:5.2.54/make-fetch-happen:11.1.1 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json description HTTP content negotiation Highest Vendor package.json name negotiator Highest Vendor package.json name negotiator_project Highest Product package.json name negotiator Highest Version package.json version 0.6.3 Highest
Related Dependencies negotiator:0.6.3File Path: /var/simplicite/simplicite-5.2/package-lock.json?make-fetch-happen:11.1.1/negotiator:^0.6.3 pkg:npm/negotiator@0.6.3 neo-async:2.6.2Description:
Neo-Async is a drop-in replacement for Async, it almost fully covers its functionality and runs faster License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/neo-async:2.6.2
Referenced In Projects/Scopes: simplicite-js:5.2.54/handlebars:4.7.7 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json description Neo-Async is a drop-in replacement for Async, it almost fully covers its functionality and runs faster Highest Vendor package.json homepage https://github.com/suguru03/neo-async Highest Vendor package.json name neo-async Highest Vendor package.json name neo-async_project Highest Product package.json name neo-async Highest Version package.json version 2.6.2 Highest
Related Dependencies neo-async:2.6.2File Path: /var/simplicite/simplicite-5.2/package-lock.json?handlebars:4.7.7/neo-async:^2.6.0 pkg:npm/neo-async@2.6.2 netcdf4-4.5.5.jarFile Path: /var/simplicite/.m2/repository/edu/ucar/netcdf4/4.5.5/netcdf4-4.5.5.jarMD5: 5f14df469295650fd65748a003c9ba56SHA1: 0675d63ecc857c50dd50858011b670160aa30b62SHA256: 131e3983dcf001677be069a7471797a4a9ad2c9783e88db56e32506cf1039635Referenced In Project/Scope: Simplicite Platform:compilenetcdf4-4.5.5.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.apache.tika/tika-parsers@1.27
Evidence Type Source Name Value Confidence Vendor file name netcdf4 High Vendor jar package name jni Highest Vendor jar package name netcdf Highest Vendor jar package name ucar Highest Vendor Manifest built-on 20150306.1537 Low Vendor Manifest Implementation-Vendor UCAR/Unidata High Vendor Manifest Implementation-Vendor-Id edu.ucar Medium Vendor pom artifactid netcdf4 Highest Vendor pom artifactid netcdf4 Low Vendor pom groupid edu.ucar Highest Vendor pom name netCDF-4 IOSP JNI connection to C library High Vendor pom parent-artifactid thredds-parent Low Product file name netcdf4 High Product jar package name jni Highest Product jar package name netcdf Highest Product jar package name ucar Highest Product Manifest built-on 20150306.1537 Low Product Manifest Implementation-Title netCDF-4 IOSP JNI connection to C library High Product pom artifactid netcdf4 Highest Product pom groupid edu.ucar Highest Product pom name netCDF-4 IOSP JNI connection to C library High Product pom parent-artifactid thredds-parent Medium Version file version 4.5.5 High Version Manifest Implementation-Version 4.5.5 High Version pom version 4.5.5 Highest
netty-codec-4.1.59.Final.jarDescription:
Netty is an asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers and clients. License:
https://www.apache.org/licenses/LICENSE-2.0 File Path: /var/simplicite/.m2/repository/io/netty/netty-codec/4.1.59.Final/netty-codec-4.1.59.Final.jar
MD5: f38a8ce1d0a9a7a93032f759ef5af0dd
SHA1: 5e563309b99cf55bdbecc4dab7c417a0167c31aa
SHA256: 7f65a27aed141fef0e1601dc6e7172f0d337ca5bdce0162b60a5b07be4929547
Referenced In Project/Scope: Simplicite Platform:compile
netty-codec-4.1.59.Final.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/io.netty/netty-handler@4.1.59.Final
Evidence Type Source Name Value Confidence Vendor file name netty-codec High Vendor jar package name codec Highest Vendor jar package name io Highest Vendor jar package name netty Highest Vendor Manifest automatic-module-name io.netty.codec Medium Vendor Manifest bundle-docurl https://netty.io/ Low Vendor Manifest bundle-symbolicname io.netty.codec Medium Vendor Manifest implementation-url https://netty.io/netty-codec/ Low Vendor Manifest Implementation-Vendor The Netty Project High Vendor Manifest Implementation-Vendor-Id io.netty Medium Vendor pom artifactid netty-codec Highest Vendor pom artifactid netty-codec Low Vendor pom groupid io.netty Highest Vendor pom name Netty/Codec High Vendor pom parent-artifactid netty-parent Low Product file name netty-codec High Product jar package name codec Highest Product jar package name io Highest Product jar package name netty Highest Product Manifest automatic-module-name io.netty.codec Medium Product Manifest bundle-docurl https://netty.io/ Low Product Manifest Bundle-Name Netty/Codec Medium Product Manifest bundle-symbolicname io.netty.codec Medium Product Manifest Implementation-Title Netty/Codec High Product Manifest implementation-url https://netty.io/netty-codec/ Low Product pom artifactid netty-codec Highest Product pom groupid io.netty Highest Product pom name Netty/Codec High Product pom parent-artifactid netty-parent Medium Version Manifest Bundle-Version 4.1.59.Final High Version Manifest Implementation-Version 4.1.59.Final High Version pom version 4.1.59.Final Highest
CVE-2021-37136 suppress
The Bzip2 decompression decoder function doesn't allow setting size restrictions on the decompressed output data (which affects the allocation size used during decompression). All users of Bzip2Decoder are affected. The malicious input can trigger an OOME and so a DoS attack CWE-400 Uncontrolled Resource Consumption
CVSSv2:
Base Score: MEDIUM (5.0) Vector: /AV:N/AC:L/Au:N/C:N/I:N/A:P CVSSv3:
Base Score: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H References:
Vulnerable Software & Versions: (show all )
CVE-2021-37137 suppress
The Snappy frame decoder function doesn't restrict the chunk length which may lead to excessive memory usage. Beside this it also may buffer reserved skippable chunks until the whole chunk was received which may lead to excessive memory usage as well. This vulnerability can be triggered by supplying malicious input that decompresses to a very big size (via a network stream or a file) or by sending a huge skippable chunk. CWE-400 Uncontrolled Resource Consumption
CVSSv2:
Base Score: MEDIUM (5.0) Vector: /AV:N/AC:L/Au:N/C:N/I:N/A:P CVSSv3:
Base Score: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H References:
Vulnerable Software & Versions: (show all )
CVE-2022-41881 suppress
Netty project is an event-driven asynchronous network application framework. In versions prior to 4.1.86.Final, a StackOverflowError can be raised when parsing a malformed crafted message due to an infinite recursion. This issue is patched in version 4.1.86.Final. There is no workaround, except using a custom HaProxyMessageDecoder. CWE-674 Uncontrolled Recursion
CVSSv3:
Base Score: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H References:
Vulnerable Software & Versions:
CVE-2023-44487 suppress
CISA Known Exploited Vulnerability: Product: IETF HTTP/2 Name: HTTP/2 Rapid Reset Attack Vulnerability Date Added: 2023-10-10 Description: HTTP/2 contains a rapid reset vulnerability that allows for a distributed denial-of-service attack (DDoS). Required Action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable. Due Date: 2023-10-31 Notes: https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack/
The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023. CWE-400 Uncontrolled Resource Consumption
CVSSv3:
Base Score: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H References:
Vulnerable Software & Versions: (show all )
CVE-2021-43797 suppress
Netty is an asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers & clients. Netty prior to version 4.1.71.Final skips control chars when they are present at the beginning / end of the header name. It should instead fail fast as these are not allowed by the spec and could lead to HTTP request smuggling. Failing to do the validation might cause netty to "sanitize" header names before it forward these to another remote system when used as proxy. This remote system can't see the invalid usage anymore, and therefore does not do the validation itself. Users should upgrade to version 4.1.71.Final. CWE-444 Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')
CVSSv2:
Base Score: MEDIUM (4.3) Vector: /AV:N/AC:M/Au:N/C:N/I:P/A:N CVSSv3:
Base Score: MEDIUM (6.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N References:
Vulnerable Software & Versions: (show all )
CVE-2022-41915 (OSSINDEX) suppress
Netty project is an event-driven asynchronous network application framework. Starting in version 4.1.83.Final and prior to 4.1.86.Final, when calling `DefaultHttpHeadesr.set` with an _iterator_ of values, header value validation was not performed, allowing malicious header values in the iterator to perform HTTP Response Splitting. This issue has been patched in version 4.1.86.Final. Integrators can work around the issue by changing the `DefaultHttpHeaders.set(CharSequence, Iterator<?>)` call, into a `remove()` call, and call `add()` in a loop over the iterator of values.
Sonatype's research suggests that this CVE's details differ from those defined at NVD. See https://ossindex.sonatype.org/vulnerability/CVE-2022-41915 for details CWE-113 Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Request/Response Splitting')
CVSSv2:
Base Score: MEDIUM (6.5) Vector: /AV:N/AC:L/Au:/C:L/I:L/A:N References:
Vulnerable Software & Versions (OSSINDEX):
cpe:2.3:a:io.netty:netty-codec:4.1.59.Final:*:*:*:*:*:*:* CVE-2023-34462 suppress
Netty is an asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers & clients. The `SniHandler` can allocate up to 16MB of heap for each channel during the TLS handshake. When the handler or the channel does not have an idle timeout, it can be used to make a TCP server using the `SniHandler` to allocate 16MB of heap. The `SniHandler` class is a handler that waits for the TLS handshake to configure a `SslHandler` according to the indicated server name by the `ClientHello` record. For this matter it allocates a `ByteBuf` using the value defined in the `ClientHello` record. Normally the value of the packet should be smaller than the handshake packet but there are not checks done here and the way the code is written, it is possible to craft a packet that makes the `SslClientHelloHandler`. This vulnerability has been fixed in version 4.1.94.Final. CWE-400 Uncontrolled Resource Consumption
CVSSv3:
Base Score: MEDIUM (6.5) Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H References:
Vulnerable Software & Versions:
CVE-2021-21295 suppress
Netty is an open-source, asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers & clients. In Netty (io.netty:netty-codec-http2) before version 4.1.60.Final there is a vulnerability that enables request smuggling. If a Content-Length header is present in the original HTTP/2 request, the field is not validated by `Http2MultiplexHandler` as it is propagated up. This is fine as long as the request is not proxied through as HTTP/1.1. If the request comes in as an HTTP/2 stream, gets converted into the HTTP/1.1 domain objects (`HttpRequest`, `HttpContent`, etc.) via `Http2StreamFrameToHttpObjectCodec `and then sent up to the child channel's pipeline and proxied through a remote peer as HTTP/1.1 this may result in request smuggling. In a proxy case, users may assume the content-length is validated somehow, which is not the case. If the request is forwarded to a backend channel that is a HTTP/1.1 connection, the Content-Length now has meaning and needs to be checked. An attacker can smuggle requests inside the body as it gets downgraded from HTTP/2 to HTTP/1.1. For an example attack refer to the linked GitHub Advisory. Users are only affected if all of this is true: `HTTP2MultiplexCodec` or `Http2FrameCodec` is used, `Http2StreamFrameToHttpObjectCodec` is used to convert to HTTP/1.1 objects, and these HTTP/1.1 objects are forwarded to another remote peer. This has been patched in 4.1.60.Final As a workaround, the user can do the validation by themselves by implementing a custom `ChannelInboundHandler` that is put in the `ChannelPipeline` behind `Http2StreamFrameToHttpObjectCodec`. CWE-444 Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')
CVSSv2:
Base Score: LOW (2.6) Vector: /AV:N/AC:H/Au:N/C:N/I:P/A:N CVSSv3:
Base Score: MEDIUM (5.9) Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N References:
- [bookkeeper-issues] 20210330 [GitHub] [bookkeeper] eolivelli opened a new issue #2669: Update Netty to 4.1.60.final - [flink-dev] 20210424 [jira] [Created] (FLINK-22441) In Flink v1.11.3 contains netty(version:3.10.6) netty(version:4.1.60) . There are many vulnerabilities, like CVE-2021-21409 etc. please confirm these version and fix. thx - [flink-issues] 20210424 [jira] [Created] (FLINK-22441) In Flink v1.11.3 contains netty(version:3.10.6) netty(version:4.1.60) . There are many vulnerabilities, like CVE-2021-21409 etc. please confirm these version and fix. thx - [flink-issues] 20210426 [jira] [Commented] (FLINK-22441) In Flink v1.11.3 contains netty(version:3.10.6) netty(version:4.1.60) . There are many vulnerabilities, like CVE-2021-21409 etc. please confirm these version and fix. thx - [flink-issues] 20210426 [jira] [Updated] (FLINK-22441) In Flink v1.11.3 contains netty(version:3.10.6) netty(version:4.1.60) . There are many vulnerabilities, like CVE-2021-21409 etc. please confirm these version and fix. thx - [flink-issues] 20210511 [jira] [Commented] (FLINK-22441) In Flink v1.11.3 contains netty(version:3.10.6) netty(version:4.1.60) . There are many vulnerabilities, like CVE-2021-21409 etc. please confirm these version and fix. thx - [flink-issues] 20210610 [jira] [Updated] (FLINK-22441) In Flink v1.11.3 contains netty(version:3.10.6) netty(version:4.1.60) . There are many vulnerabilities, like CVE-2021-21409 etc. please confirm these version and fix. thx - [flink-issues] 20210618 [jira] [Updated] (FLINK-22441) In Flink v1.11.3 contains netty(version:3.10.6) netty(version:4.1.60) . There are many vulnerabilities, like CVE-2021-21409 etc. please confirm these version and fix. thx - [hbase-commits] 20210402 [hbase-thirdparty] branch master updated: HBASE-25728 [hbase-thirdparty] Upgrade Netty library to >= 4.1.60 due to security vulnerability CVE-2021-21295 (#48) - [hbase-dev] 20210402 [jira] [Created] (HBASE-25728) [hbase-thirdparty] ZOOKEEPER-4272: Upgrade Netty library to > 4.1.60 due to security vulnerability CVE-2021-21295 - [hbase-issues] 20210402 [GitHub] [hbase-thirdparty] Apache-HBase commented on pull request #48: HBASE-25728 [hbase-thirdparty] Upgrade Netty library to >= 4.1.60 due to security vulnerability CVE-2021-21295 - [hbase-issues] 20210402 [GitHub] [hbase-thirdparty] HorizonNet commented on pull request #48: HBASE-25728 [hbase-thirdparty] Upgrade Netty library to >= 4.1.60 due to security vulnerability CVE-2021-21295 - [hbase-issues] 20210402 [GitHub] [hbase-thirdparty] apurtell commented on pull request #48: HBASE-25728 [hbase-thirdparty] Upgrade Netty library to >= 4.1.60 due to security vulnerability CVE-2021-21295 - [hbase-issues] 20210402 [GitHub] [hbase-thirdparty] apurtell merged pull request #48: HBASE-25728 [hbase-thirdparty] Upgrade Netty library to >= 4.1.60 due to security vulnerability CVE-2021-21295 - [hbase-issues] 20210402 [GitHub] [hbase-thirdparty] apurtell opened a new pull request #48: HBASE-25728 [hbase-thirdparty] Upgrade Netty library to >= 4.1.60 due to security vulnerability CVE-2021-21295 - [hbase-issues] 20210402 [jira] [Assigned] (HBASE-25728) [hbase-thirdparty] Upgrade Netty library to >= 4.1.60 due to security vulnerability CVE-2021-21295 - [hbase-issues] 20210402 [jira] [Created] (HBASE-25728) [hbase-thirdparty] ZOOKEEPER-4272: Upgrade Netty library to > 4.1.60 due to security vulnerability CVE-2021-21295 - [hbase-issues] 20210402 [jira] [Updated] (HBASE-25728) [hbase-thirdparty] Upgrade Netty library to > 4.1.60 due to security vulnerability CVE-2021-21295 - [hbase-issues] 20210402 [jira] [Updated] (HBASE-25728) [hbase-thirdparty] Upgrade Netty library to >= 4.1.60 due to security vulnerability CVE-2021-21295 - [jackrabbit-dev] 20210709 [GitHub] [jackrabbit-oak] blackat opened a new pull request #321: Update netty to resolve CVE-2021-21295 and BDSA-2018-4022 - [kafka-dev] 20210330 [jira] [Created] (KAFKA-12583) Upgrade of netty-codec due to CVE-2021-21295 - [kafka-dev] 20210401 [jira] [Resolved] (KAFKA-12583) Upgrade of netty-codec due to CVE-2021-21295 - [kafka-jira] 20210330 [jira] [Created] (KAFKA-12583) Upgrade of netty-codec due to CVE-2021-21295 - [kafka-jira] 20210330 [jira] [Updated] (KAFKA-12583) Upgrade of netty-codec due to CVE-2021-21295 - [kafka-jira] 20210331 [GitHub] [kafka] dongjinleekr commented on pull request #10448: KAFKA-12583: Upgrade of netty-codec due to CVE-2021-21295 - [kafka-jira] 20210331 [GitHub] [kafka] dongjinleekr opened a new pull request #10448: KAFKA-12583: Upgrade of netty-codec due to CVE-2021-21295 - [kafka-jira] 20210401 [jira] [Commented] (KAFKA-12583) Upgrade of netty-codec due to CVE-2021-21295 - [kafka-jira] 20210401 [jira] [Resolved] (KAFKA-12583) Upgrade of netty-codec due to CVE-2021-21295 - [kafka-jira] 20210402 [jira] [Assigned] (KAFKA-12583) Upgrade of netty-codec due to CVE-2021-21295 - [kudu-issues] 20210904 [jira] [Created] (KUDU-3313) There is a CVE-2021-21409 vulnerability in netty version 4.1.60 - [kudu-issues] 20210904 [jira] [Updated] (KUDU-3313) There is a CVE-2021-21409 vulnerability in netty version 4.1.60 - [kudu-issues] 20210907 [jira] [Commented] (KUDU-3313) There is a CVE-2021-21409 vulnerability in netty version 4.1.60 - [kudu-issues] 20210907 [jira] [Resolved] (KUDU-3313) There is a CVE-2021-21409 vulnerability in netty version 4.1.60 - [kudu-issues] 20210907 [jira] [Updated] (KUDU-3313) There is a CVE-2021-21409 vulnerability in netty version 4.1.60 - [pulsar-commits] 20210329 [GitHub] [pulsar] aahmed-se opened a new pull request #10073: Upgrade Netty version to 4.1.60.final - [pulsar-commits] 20210329 [GitHub] [pulsar] merlimat closed issue #10071: CVE-2021-21295 & CVE-2021-21290 - [pulsar-commits] 20210329 [GitHub] [pulsar] yaswanthnadella opened a new issue #10071: CVE-2021-21295 & CVE-2021-21290 - [pulsar-commits] 20211020 [GitHub] [pulsar] Shoothzj opened a new pull request #12437: [Security] Bump grpc to 1.41.0 - [ranger-dev] 20210317 [jira] [Assigned] (RANGER-3209) Upgrade netty to 4.1.60+ due to CVE-2021-21290 and CVE-2021-21295 - [ranger-dev] 20210317 [jira] [Created] (RANGER-3209) Upgrade netty to 4.1.60+ due to CVE-2021-21290 and CVE-2021-21295 - [zookeeper-commits] 20210331 [zookeeper] branch branch-3.5 updated: ZOOKEEPER-4272 ZOOKEEPER-4272: Upgrade Netty library to > 4.1.60 due to security vulnerability CVE-2021-21295 - [zookeeper-commits] 20210331 [zookeeper] branch branch-3.6 updated: ZOOKEEPER-4272: Upgrade Netty library to > 4.1.60 due to security vulnerability CVE-2021-21295 - [zookeeper-commits] 20210331 [zookeeper] branch branch-3.7 updated: ZOOKEEPER-4272: Upgrade Netty library to > 4.1.60 due to security vulnerability CVE-2021-21295 - [zookeeper-commits] 20210331 [zookeeper] branch master updated: ZOOKEEPER-4272: Upgrade Netty library to > 4.1.60 due to security vulnerability CVE-2021-21295 - [zookeeper-dev] 20210330 [jira] [Created] (ZOOKEEPER-4272) Upgrade Netty library to > 4.1.60 due to security vulnerability CVE-2021-21295 - [zookeeper-dev] 20210928 [jira] [Created] (ZOOKEEPER-4390) CVE-2021-28169 - Upgrade jetty to 9.4.42 - [zookeeper-issues] 20210330 [jira] [Created] (ZOOKEEPER-4272) Upgrade Netty library to > 4.1.60 due to security vulnerability CVE-2021-21295 - [zookeeper-issues] 20210330 [jira] [Updated] (ZOOKEEPER-4272) Upgrade Netty library to > 4.1.60 due to security vulnerability CVE-2021-21295 - [zookeeper-issues] 20210331 [jira] [Assigned] (ZOOKEEPER-4272) Upgrade Netty library to > 4.1.60 due to security vulnerability CVE-2021-21295 - [zookeeper-issues] 20210331 [jira] [Commented] (ZOOKEEPER-4272) Upgrade Netty library to > 4.1.60 due to security vulnerability CVE-2021-21295 - [zookeeper-issues] 20210331 [jira] [Resolved] (ZOOKEEPER-4272) Upgrade Netty library to > 4.1.60 due to security vulnerability CVE-2021-21295 - [zookeeper-issues] 20210331 [jira] [Updated] (ZOOKEEPER-4272) Upgrade Netty library to > 4.1.60 due to security vulnerability CVE-2021-21295 - [zookeeper-issues] 20210401 [jira] [Commented] (ZOOKEEPER-4272) Upgrade Netty library to > 4.1.60 due to security vulnerability CVE-2021-21295 - [zookeeper-issues] 20210402 [jira] [Commented] (ZOOKEEPER-4272) Upgrade Netty library to > 4.1.60 due to security vulnerability CVE-2021-21295 - [zookeeper-issues] 20210928 [jira] [Created] (ZOOKEEPER-4390) CVE-2021-28169 - Upgrade jetty to 9.4.42 - [zookeeper-issues] 20210928 [jira] [Updated] (ZOOKEEPER-4390) CVE-2021-28169 , - Upgrade jetty to 9.4.42 - [zookeeper-issues] 20210928 [jira] [Updated] (ZOOKEEPER-4390) CVE-2021-28169 , CVE-2021-28163, - Upgrade jetty to 9.4.42 - [zookeeper-issues] 20210928 [jira] [Updated] (ZOOKEEPER-4390) CVE-2021-28169 , CVE-2021-28163, CVE-2021-34428- Upgrade jetty to 9.4.42 - [zookeeper-issues] 20210928 [jira] [Updated] (ZOOKEEPER-4390) CVE-2021-28169 - Upgrade jetty to 9.4.42 - [zookeeper-notifications] 20210331 [GitHub] [zookeeper] arshadmohammad closed pull request #1670: ZOOKEEPER-4272: Upgrade Netty library to > 4.1.60 due to security vulnerability CVE-2021-21295 - [zookeeper-notifications] 20210331 [GitHub] [zookeeper] arshadmohammad commented on pull request #1669: ZOOKEEPER-4272: Upgrade Netty library to > 4.1.60 due to security vulnerability CVE-2021-21295 - [zookeeper-notifications] 20210331 [GitHub] [zookeeper] arshadmohammad commented on pull request #1670: ZOOKEEPER-4272: Upgrade Netty library to > 4.1.60 due to security vulnerability CVE-2021-21295 - [zookeeper-notifications] 20210331 [GitHub] [zookeeper] asfgit closed pull request #1669: ZOOKEEPER-4272: Upgrade Netty library to > 4.1.60 due to security vulnerability CVE-2021-21295 - [zookeeper-notifications] 20210331 [GitHub] [zookeeper] ayushmantri opened a new pull request #1669: ZOOKEEPER-4272: Upgrade Netty library to > 4.1.60 due to security vulnerability CVE-2021-21295 - [zookeeper-notifications] 20210331 [GitHub] [zookeeper] ayushmantri opened a new pull request #1670: ZOOKEEPER-4272: Upgrade Netty library to > 4.1.60 due to security vulnerability CVE-2021-21295 - [zookeeper-notifications] 20210331 [GitHub] [zookeeper] eolivelli commented on pull request #1669: ZOOKEEPER-4272: Upgrade Netty library to > 4.1.60 due to security vulnerability CVE-2021-21295 - https://lists.apache.org/thread.html/r04a3e0d9f53421fb946c60cc54762b7151dc692eb4e39970a7579052%40%3Ccommits.servicecomb.apache.org%3E - https://lists.apache.org/thread.html/r16c4b55ac82be72f28adad4f8061477e5f978199d5725691dcc82c24%40%3Ccommits.servicecomb.apache.org%3E - https://lists.apache.org/thread.html/r2e93ce23e04c3f0a61e987d1111d0695cb668ac4ec4edbf237bd3e80%40%3Ccommits.servicecomb.apache.org%3E - https://lists.apache.org/thread.html/r490ca5611c150d193b320a2608209180713b7c68e501b67b0cffb925%40%3Ccommits.servicecomb.apache.org%3E - https://lists.apache.org/thread.html/r57245853c7245baab09eae08728c52b58fd77666538092389cc3e882%40%3Ccommits.servicecomb.apache.org%3E - https://lists.apache.org/thread.html/r6d32fc3cd547f7c9a288a57c7f525f5d00a00d5d163613e0d10a23ef%40%3Ccommits.servicecomb.apache.org%3E - https://lists.apache.org/thread.html/r8bcaf7821247b1836b10f6a1a3a3212b06272fd4cde4a859de1b78cf%40%3Ccommits.servicecomb.apache.org%3E - https://lists.apache.org/thread.html/r8db1d7b3b9acc9e8d2776395e280eb9615dd7790e1da8c57039963de%40%3Cnotifications.zookeeper.apache.org%3E - https://lists.apache.org/thread.html/ra96c74c37ed7252f78392e1ad16442bd16ae72a4d6c8db50dd55c88b%40%3Ccommits.servicecomb.apache.org%3E - https://lists.apache.org/thread.html/racc191a1f70a4f13155e8002c61bddef2870b26441971c697436ad5d%40%3Ccommits.servicecomb.apache.org%3E - https://lists.apache.org/thread.html/rae198f44c3f7ac5264045e6ba976be1703cff38dcf1609916e50210d%40%3Ccommits.servicecomb.apache.org%3E - https://lists.apache.org/thread.html/rb523bb6c60196c5f58514b86a8585c2069a4852039b45de3818b29d2%40%3Ccommits.servicecomb.apache.org%3E - https://lists.apache.org/thread.html/rc73b8dd01b1be276d06bdf07883ecd93fe1a01f139a99ef30ba4308c%40%3Ccommits.servicecomb.apache.org%3E - https://lists.apache.org/thread.html/rcfc154eb2de23d2dc08a56100341161e1a40a8ea86c693735437e8f2%40%3Ccommits.servicecomb.apache.org%3E - https://lists.apache.org/thread.html/rd25c88aad0e76240dd09f0eb34bdab924933946429e068a167adcb73%40%3Ccommits.servicecomb.apache.org%3E - https://lists.apache.org/thread.html/rdb4db3f5a9c478ca52a7b164680b88877a5a9c174e7047676c006b2c%40%3Ccommits.servicecomb.apache.org%3E - https://lists.apache.org/thread.html/re4f70b62843e92163fab03b65e2aa8078693293a0c36f1cc260079ed%40%3Ccommits.servicecomb.apache.org%3E - https://lists.apache.org/thread.html/reafc834062486adfc7be5bb8f7b7793be0d33f483678a094c3f9d468%40%3Ccommits.servicecomb.apache.org%3E - https://lists.apache.org/thread.html/rf87b870a22aa5c77c27900967b518a71a7d954c2952860fce3794b60%40%3Ccommits.servicecomb.apache.org%3E CONFIRM - https://github.com/netty/netty/security/advisories/GHSA-wm47-8v5p-wjpj CONFIRM - https://security.netapp.com/advisory/ntap-20210604-0003/ DEBIAN - DSA-4885 MISC - https://github.com/Netflix/zuul/pull/980 MISC - https://github.com/netty/netty/commit/89c241e3b1795ff257af4ad6eadc616cb2fb3dc4 MISC - https://www.oracle.com/security-alerts/cpuapr2022.html OSSINDEX - [CVE-2021-21295] CWE-444: Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') OSSINDEX - [CVE-2021-21295] CWE-444: Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') OSSIndex - http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-21295 OSSIndex - https://github.com/netty/netty/security/advisories/GHSA-wm47-8v5p-wjpj OSSIndex - https://lists.apache.org/thread/ztx01jknlcoq0v6pp2cwl609dyzk9r5h Vulnerable Software & Versions: (show all )
CVE-2021-21409 suppress
Netty is an open-source, asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers & clients. In Netty (io.netty:netty-codec-http2) before version 4.1.61.Final there is a vulnerability that enables request smuggling. The content-length header is not correctly validated if the request only uses a single Http2HeaderFrame with the endStream set to to true. This could lead to request smuggling if the request is proxied to a remote peer and translated to HTTP/1.1. This is a followup of GHSA-wm47-8v5p-wjpj/CVE-2021-21295 which did miss to fix this one case. This was fixed as part of 4.1.61.Final. CWE-444 Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')
CVSSv2:
Base Score: MEDIUM (4.3) Vector: /AV:N/AC:M/Au:N/C:N/I:P/A:N CVSSv3:
Base Score: MEDIUM (5.9) Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N References:
Vulnerable Software & Versions: (show all )
CVE-2022-24823 suppress
Netty is an open-source, asynchronous event-driven network application framework. The package `io.netty:netty-codec-http` prior to version 4.1.77.Final contains an insufficient fix for CVE-2021-21290. When Netty's multipart decoders are used local information disclosure can occur via the local system temporary directory if temporary storing uploads on the disk is enabled. This only impacts applications running on Java version 6 and lower. Additionally, this vulnerability impacts code running on Unix-like systems, and very old versions of Mac OSX and Windows as they all share the system temporary directory between all users. Version 4.1.77.Final contains a patch for this vulnerability. As a workaround, specify one's own `java.io.tmpdir` when starting the JVM or use DefaultHttpDataFactory.setBaseDir(...) to set the directory to something that is only readable by the current user. CWE-378 Creation of Temporary File With Insecure Permissions, CWE-379 Creation of Temporary File in Directory with Insecure Permissions, CWE-668 Exposure of Resource to Wrong Sphere
CVSSv2:
Base Score: LOW (1.9) Vector: /AV:L/AC:M/Au:N/C:P/I:N/A:N CVSSv3:
Base Score: MEDIUM (5.5) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N References:
Vulnerable Software & Versions: (show all )
netty-codec-http-4.1.59.Final.jarDescription:
Netty is an asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers and clients. License:
https://www.apache.org/licenses/LICENSE-2.0 File Path: /var/simplicite/.m2/repository/io/netty/netty-codec-http/4.1.59.Final/netty-codec-http-4.1.59.Final.jar
MD5: 14eb72d0a3b44d64949575ec5e1121d7
SHA1: 766327d675678686a05faa446c4413d8ccb79b5c
SHA256: 79cfb3a2bfe87f5f0f3a969bab783724eeee78d1fecef2fe841beddf947336b7
Referenced In Project/Scope: Simplicite Platform:compile
netty-codec-http-4.1.59.Final.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.simplicite/simplicite@5.2.54
Evidence Type Source Name Value Confidence Vendor file name netty-codec-http High Vendor jar package name codec Highest Vendor jar package name io Highest Vendor jar package name netty Highest Vendor Manifest automatic-module-name io.netty.codec.http Medium Vendor Manifest bundle-docurl https://netty.io/ Low Vendor Manifest bundle-symbolicname io.netty.codec-http Medium Vendor Manifest implementation-url https://netty.io/netty-codec-http/ Low Vendor Manifest Implementation-Vendor The Netty Project High Vendor Manifest Implementation-Vendor-Id io.netty Medium Vendor pom artifactid netty-codec-http Highest Vendor pom artifactid netty-codec-http Low Vendor pom groupid io.netty Highest Vendor pom name Netty/Codec/HTTP High Vendor pom parent-artifactid netty-parent Low Product file name netty-codec-http High Product jar package name codec Highest Product jar package name io Highest Product jar package name netty Highest Product Manifest automatic-module-name io.netty.codec.http Medium Product Manifest bundle-docurl https://netty.io/ Low Product Manifest Bundle-Name Netty/Codec/HTTP Medium Product Manifest bundle-symbolicname io.netty.codec-http Medium Product Manifest Implementation-Title Netty/Codec/HTTP High Product Manifest implementation-url https://netty.io/netty-codec-http/ Low Product pom artifactid netty-codec-http Highest Product pom groupid io.netty Highest Product pom name Netty/Codec/HTTP High Product pom parent-artifactid netty-parent Medium Version Manifest Bundle-Version 4.1.59.Final High Version Manifest Implementation-Version 4.1.59.Final High Version pom version 4.1.59.Final Highest
CVE-2021-37136 suppress
The Bzip2 decompression decoder function doesn't allow setting size restrictions on the decompressed output data (which affects the allocation size used during decompression). All users of Bzip2Decoder are affected. The malicious input can trigger an OOME and so a DoS attack CWE-400 Uncontrolled Resource Consumption
CVSSv2:
Base Score: MEDIUM (5.0) Vector: /AV:N/AC:L/Au:N/C:N/I:N/A:P CVSSv3:
Base Score: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H References:
Vulnerable Software & Versions: (show all )
CVE-2021-37137 suppress
The Snappy frame decoder function doesn't restrict the chunk length which may lead to excessive memory usage. Beside this it also may buffer reserved skippable chunks until the whole chunk was received which may lead to excessive memory usage as well. This vulnerability can be triggered by supplying malicious input that decompresses to a very big size (via a network stream or a file) or by sending a huge skippable chunk. CWE-400 Uncontrolled Resource Consumption
CVSSv2:
Base Score: MEDIUM (5.0) Vector: /AV:N/AC:L/Au:N/C:N/I:N/A:P CVSSv3:
Base Score: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H References:
Vulnerable Software & Versions: (show all )
CVE-2022-41881 suppress
Netty project is an event-driven asynchronous network application framework. In versions prior to 4.1.86.Final, a StackOverflowError can be raised when parsing a malformed crafted message due to an infinite recursion. This issue is patched in version 4.1.86.Final. There is no workaround, except using a custom HaProxyMessageDecoder. CWE-674 Uncontrolled Recursion
CVSSv3:
Base Score: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H References:
Vulnerable Software & Versions:
CVE-2023-44487 suppress
CISA Known Exploited Vulnerability: Product: IETF HTTP/2 Name: HTTP/2 Rapid Reset Attack Vulnerability Date Added: 2023-10-10 Description: HTTP/2 contains a rapid reset vulnerability that allows for a distributed denial-of-service attack (DDoS). Required Action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable. Due Date: 2023-10-31 Notes: https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack/
The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023. CWE-400 Uncontrolled Resource Consumption
CVSSv3:
Base Score: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H References:
Vulnerable Software & Versions: (show all )
CVE-2021-43797 suppress
Netty is an asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers & clients. Netty prior to version 4.1.71.Final skips control chars when they are present at the beginning / end of the header name. It should instead fail fast as these are not allowed by the spec and could lead to HTTP request smuggling. Failing to do the validation might cause netty to "sanitize" header names before it forward these to another remote system when used as proxy. This remote system can't see the invalid usage anymore, and therefore does not do the validation itself. Users should upgrade to version 4.1.71.Final. CWE-444 Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')
CVSSv2:
Base Score: MEDIUM (4.3) Vector: /AV:N/AC:M/Au:N/C:N/I:P/A:N CVSSv3:
Base Score: MEDIUM (6.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N References:
Vulnerable Software & Versions: (show all )
CVE-2023-34462 suppress
Netty is an asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers & clients. The `SniHandler` can allocate up to 16MB of heap for each channel during the TLS handshake. When the handler or the channel does not have an idle timeout, it can be used to make a TCP server using the `SniHandler` to allocate 16MB of heap. The `SniHandler` class is a handler that waits for the TLS handshake to configure a `SslHandler` according to the indicated server name by the `ClientHello` record. For this matter it allocates a `ByteBuf` using the value defined in the `ClientHello` record. Normally the value of the packet should be smaller than the handshake packet but there are not checks done here and the way the code is written, it is possible to craft a packet that makes the `SslClientHelloHandler`. This vulnerability has been fixed in version 4.1.94.Final. CWE-400 Uncontrolled Resource Consumption
CVSSv3:
Base Score: MEDIUM (6.5) Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H References:
Vulnerable Software & Versions:
CVE-2021-21295 suppress
Netty is an open-source, asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers & clients. In Netty (io.netty:netty-codec-http2) before version 4.1.60.Final there is a vulnerability that enables request smuggling. If a Content-Length header is present in the original HTTP/2 request, the field is not validated by `Http2MultiplexHandler` as it is propagated up. This is fine as long as the request is not proxied through as HTTP/1.1. If the request comes in as an HTTP/2 stream, gets converted into the HTTP/1.1 domain objects (`HttpRequest`, `HttpContent`, etc.) via `Http2StreamFrameToHttpObjectCodec `and then sent up to the child channel's pipeline and proxied through a remote peer as HTTP/1.1 this may result in request smuggling. In a proxy case, users may assume the content-length is validated somehow, which is not the case. If the request is forwarded to a backend channel that is a HTTP/1.1 connection, the Content-Length now has meaning and needs to be checked. An attacker can smuggle requests inside the body as it gets downgraded from HTTP/2 to HTTP/1.1. For an example attack refer to the linked GitHub Advisory. Users are only affected if all of this is true: `HTTP2MultiplexCodec` or `Http2FrameCodec` is used, `Http2StreamFrameToHttpObjectCodec` is used to convert to HTTP/1.1 objects, and these HTTP/1.1 objects are forwarded to another remote peer. This has been patched in 4.1.60.Final As a workaround, the user can do the validation by themselves by implementing a custom `ChannelInboundHandler` that is put in the `ChannelPipeline` behind `Http2StreamFrameToHttpObjectCodec`. CWE-444 Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')
CVSSv2:
Base Score: LOW (2.6) Vector: /AV:N/AC:H/Au:N/C:N/I:P/A:N CVSSv3:
Base Score: MEDIUM (5.9) Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N References:
- [bookkeeper-issues] 20210330 [GitHub] [bookkeeper] eolivelli opened a new issue #2669: Update Netty to 4.1.60.final - [flink-dev] 20210424 [jira] [Created] (FLINK-22441) In Flink v1.11.3 contains netty(version:3.10.6) netty(version:4.1.60) . There are many vulnerabilities, like CVE-2021-21409 etc. please confirm these version and fix. thx - [flink-issues] 20210424 [jira] [Created] (FLINK-22441) In Flink v1.11.3 contains netty(version:3.10.6) netty(version:4.1.60) . There are many vulnerabilities, like CVE-2021-21409 etc. please confirm these version and fix. thx - [flink-issues] 20210426 [jira] [Commented] (FLINK-22441) In Flink v1.11.3 contains netty(version:3.10.6) netty(version:4.1.60) . There are many vulnerabilities, like CVE-2021-21409 etc. please confirm these version and fix. thx - [flink-issues] 20210426 [jira] [Updated] (FLINK-22441) In Flink v1.11.3 contains netty(version:3.10.6) netty(version:4.1.60) . There are many vulnerabilities, like CVE-2021-21409 etc. please confirm these version and fix. thx - [flink-issues] 20210511 [jira] [Commented] (FLINK-22441) In Flink v1.11.3 contains netty(version:3.10.6) netty(version:4.1.60) . There are many vulnerabilities, like CVE-2021-21409 etc. please confirm these version and fix. thx - [flink-issues] 20210610 [jira] [Updated] (FLINK-22441) In Flink v1.11.3 contains netty(version:3.10.6) netty(version:4.1.60) . There are many vulnerabilities, like CVE-2021-21409 etc. please confirm these version and fix. thx - [flink-issues] 20210618 [jira] [Updated] (FLINK-22441) In Flink v1.11.3 contains netty(version:3.10.6) netty(version:4.1.60) . There are many vulnerabilities, like CVE-2021-21409 etc. please confirm these version and fix. thx - [hbase-commits] 20210402 [hbase-thirdparty] branch master updated: HBASE-25728 [hbase-thirdparty] Upgrade Netty library to >= 4.1.60 due to security vulnerability CVE-2021-21295 (#48) - [hbase-dev] 20210402 [jira] [Created] (HBASE-25728) [hbase-thirdparty] ZOOKEEPER-4272: Upgrade Netty library to > 4.1.60 due to security vulnerability CVE-2021-21295 - [hbase-issues] 20210402 [GitHub] [hbase-thirdparty] Apache-HBase commented on pull request #48: HBASE-25728 [hbase-thirdparty] Upgrade Netty library to >= 4.1.60 due to security vulnerability CVE-2021-21295 - [hbase-issues] 20210402 [GitHub] [hbase-thirdparty] HorizonNet commented on pull request #48: HBASE-25728 [hbase-thirdparty] Upgrade Netty library to >= 4.1.60 due to security vulnerability CVE-2021-21295 - [hbase-issues] 20210402 [GitHub] [hbase-thirdparty] apurtell commented on pull request #48: HBASE-25728 [hbase-thirdparty] Upgrade Netty library to >= 4.1.60 due to security vulnerability CVE-2021-21295 - [hbase-issues] 20210402 [GitHub] [hbase-thirdparty] apurtell merged pull request #48: HBASE-25728 [hbase-thirdparty] Upgrade Netty library to >= 4.1.60 due to security vulnerability CVE-2021-21295 - [hbase-issues] 20210402 [GitHub] [hbase-thirdparty] apurtell opened a new pull request #48: HBASE-25728 [hbase-thirdparty] Upgrade Netty library to >= 4.1.60 due to security vulnerability CVE-2021-21295 - [hbase-issues] 20210402 [jira] [Assigned] (HBASE-25728) [hbase-thirdparty] Upgrade Netty library to >= 4.1.60 due to security vulnerability CVE-2021-21295 - [hbase-issues] 20210402 [jira] [Created] (HBASE-25728) [hbase-thirdparty] ZOOKEEPER-4272: Upgrade Netty library to > 4.1.60 due to security vulnerability CVE-2021-21295 - [hbase-issues] 20210402 [jira] [Updated] (HBASE-25728) [hbase-thirdparty] Upgrade Netty library to > 4.1.60 due to security vulnerability CVE-2021-21295 - [hbase-issues] 20210402 [jira] [Updated] (HBASE-25728) [hbase-thirdparty] Upgrade Netty library to >= 4.1.60 due to security vulnerability CVE-2021-21295 - [jackrabbit-dev] 20210709 [GitHub] [jackrabbit-oak] blackat opened a new pull request #321: Update netty to resolve CVE-2021-21295 and BDSA-2018-4022 - [kafka-dev] 20210330 [jira] [Created] (KAFKA-12583) Upgrade of netty-codec due to CVE-2021-21295 - [kafka-dev] 20210401 [jira] [Resolved] (KAFKA-12583) Upgrade of netty-codec due to CVE-2021-21295 - [kafka-jira] 20210330 [jira] [Created] (KAFKA-12583) Upgrade of netty-codec due to CVE-2021-21295 - [kafka-jira] 20210330 [jira] [Updated] (KAFKA-12583) Upgrade of netty-codec due to CVE-2021-21295 - [kafka-jira] 20210331 [GitHub] [kafka] dongjinleekr commented on pull request #10448: KAFKA-12583: Upgrade of netty-codec due to CVE-2021-21295 - [kafka-jira] 20210331 [GitHub] [kafka] dongjinleekr opened a new pull request #10448: KAFKA-12583: Upgrade of netty-codec due to CVE-2021-21295 - [kafka-jira] 20210401 [jira] [Commented] (KAFKA-12583) Upgrade of netty-codec due to CVE-2021-21295 - [kafka-jira] 20210401 [jira] [Resolved] (KAFKA-12583) Upgrade of netty-codec due to CVE-2021-21295 - [kafka-jira] 20210402 [jira] [Assigned] (KAFKA-12583) Upgrade of netty-codec due to CVE-2021-21295 - [kudu-issues] 20210904 [jira] [Created] (KUDU-3313) There is a CVE-2021-21409 vulnerability in netty version 4.1.60 - [kudu-issues] 20210904 [jira] [Updated] (KUDU-3313) There is a CVE-2021-21409 vulnerability in netty version 4.1.60 - [kudu-issues] 20210907 [jira] [Commented] (KUDU-3313) There is a CVE-2021-21409 vulnerability in netty version 4.1.60 - [kudu-issues] 20210907 [jira] [Resolved] (KUDU-3313) There is a CVE-2021-21409 vulnerability in netty version 4.1.60 - [kudu-issues] 20210907 [jira] [Updated] (KUDU-3313) There is a CVE-2021-21409 vulnerability in netty version 4.1.60 - [pulsar-commits] 20210329 [GitHub] [pulsar] aahmed-se opened a new pull request #10073: Upgrade Netty version to 4.1.60.final - [pulsar-commits] 20210329 [GitHub] [pulsar] merlimat closed issue #10071: CVE-2021-21295 & CVE-2021-21290 - [pulsar-commits] 20210329 [GitHub] [pulsar] yaswanthnadella opened a new issue #10071: CVE-2021-21295 & CVE-2021-21290 - [pulsar-commits] 20211020 [GitHub] [pulsar] Shoothzj opened a new pull request #12437: [Security] Bump grpc to 1.41.0 - [ranger-dev] 20210317 [jira] [Assigned] (RANGER-3209) Upgrade netty to 4.1.60+ due to CVE-2021-21290 and CVE-2021-21295 - [ranger-dev] 20210317 [jira] [Created] (RANGER-3209) Upgrade netty to 4.1.60+ due to CVE-2021-21290 and CVE-2021-21295 - [zookeeper-commits] 20210331 [zookeeper] branch branch-3.5 updated: ZOOKEEPER-4272 ZOOKEEPER-4272: Upgrade Netty library to > 4.1.60 due to security vulnerability CVE-2021-21295 - [zookeeper-commits] 20210331 [zookeeper] branch branch-3.6 updated: ZOOKEEPER-4272: Upgrade Netty library to > 4.1.60 due to security vulnerability CVE-2021-21295 - [zookeeper-commits] 20210331 [zookeeper] branch branch-3.7 updated: ZOOKEEPER-4272: Upgrade Netty library to > 4.1.60 due to security vulnerability CVE-2021-21295 - [zookeeper-commits] 20210331 [zookeeper] branch master updated: ZOOKEEPER-4272: Upgrade Netty library to > 4.1.60 due to security vulnerability CVE-2021-21295 - [zookeeper-dev] 20210330 [jira] [Created] (ZOOKEEPER-4272) Upgrade Netty library to > 4.1.60 due to security vulnerability CVE-2021-21295 - [zookeeper-dev] 20210928 [jira] [Created] (ZOOKEEPER-4390) CVE-2021-28169 - Upgrade jetty to 9.4.42 - [zookeeper-issues] 20210330 [jira] [Created] (ZOOKEEPER-4272) Upgrade Netty library to > 4.1.60 due to security vulnerability CVE-2021-21295 - [zookeeper-issues] 20210330 [jira] [Updated] (ZOOKEEPER-4272) Upgrade Netty library to > 4.1.60 due to security vulnerability CVE-2021-21295 - [zookeeper-issues] 20210331 [jira] [Assigned] (ZOOKEEPER-4272) Upgrade Netty library to > 4.1.60 due to security vulnerability CVE-2021-21295 - [zookeeper-issues] 20210331 [jira] [Commented] (ZOOKEEPER-4272) Upgrade Netty library to > 4.1.60 due to security vulnerability CVE-2021-21295 - [zookeeper-issues] 20210331 [jira] [Resolved] (ZOOKEEPER-4272) Upgrade Netty library to > 4.1.60 due to security vulnerability CVE-2021-21295 - [zookeeper-issues] 20210331 [jira] [Updated] (ZOOKEEPER-4272) Upgrade Netty library to > 4.1.60 due to security vulnerability CVE-2021-21295 - [zookeeper-issues] 20210401 [jira] [Commented] (ZOOKEEPER-4272) Upgrade Netty library to > 4.1.60 due to security vulnerability CVE-2021-21295 - [zookeeper-issues] 20210402 [jira] [Commented] (ZOOKEEPER-4272) Upgrade Netty library to > 4.1.60 due to security vulnerability CVE-2021-21295 - [zookeeper-issues] 20210928 [jira] [Created] (ZOOKEEPER-4390) CVE-2021-28169 - Upgrade jetty to 9.4.42 - [zookeeper-issues] 20210928 [jira] [Updated] (ZOOKEEPER-4390) CVE-2021-28169 , - Upgrade jetty to 9.4.42 - [zookeeper-issues] 20210928 [jira] [Updated] (ZOOKEEPER-4390) CVE-2021-28169 , CVE-2021-28163, - Upgrade jetty to 9.4.42 - [zookeeper-issues] 20210928 [jira] [Updated] (ZOOKEEPER-4390) CVE-2021-28169 , CVE-2021-28163, CVE-2021-34428- Upgrade jetty to 9.4.42 - [zookeeper-issues] 20210928 [jira] [Updated] (ZOOKEEPER-4390) CVE-2021-28169 - Upgrade jetty to 9.4.42 - [zookeeper-notifications] 20210331 [GitHub] [zookeeper] arshadmohammad closed pull request #1670: ZOOKEEPER-4272: Upgrade Netty library to > 4.1.60 due to security vulnerability CVE-2021-21295 - [zookeeper-notifications] 20210331 [GitHub] [zookeeper] arshadmohammad commented on pull request #1669: ZOOKEEPER-4272: Upgrade Netty library to > 4.1.60 due to security vulnerability CVE-2021-21295 - [zookeeper-notifications] 20210331 [GitHub] [zookeeper] arshadmohammad commented on pull request #1670: ZOOKEEPER-4272: Upgrade Netty library to > 4.1.60 due to security vulnerability CVE-2021-21295 - [zookeeper-notifications] 20210331 [GitHub] [zookeeper] asfgit closed pull request #1669: ZOOKEEPER-4272: Upgrade Netty library to > 4.1.60 due to security vulnerability CVE-2021-21295 - [zookeeper-notifications] 20210331 [GitHub] [zookeeper] ayushmantri opened a new pull request #1669: ZOOKEEPER-4272: Upgrade Netty library to > 4.1.60 due to security vulnerability CVE-2021-21295 - [zookeeper-notifications] 20210331 [GitHub] [zookeeper] ayushmantri opened a new pull request #1670: ZOOKEEPER-4272: Upgrade Netty library to > 4.1.60 due to security vulnerability CVE-2021-21295 - [zookeeper-notifications] 20210331 [GitHub] [zookeeper] eolivelli commented on pull request #1669: ZOOKEEPER-4272: Upgrade Netty library to > 4.1.60 due to security vulnerability CVE-2021-21295 - https://lists.apache.org/thread.html/r04a3e0d9f53421fb946c60cc54762b7151dc692eb4e39970a7579052%40%3Ccommits.servicecomb.apache.org%3E - https://lists.apache.org/thread.html/r16c4b55ac82be72f28adad4f8061477e5f978199d5725691dcc82c24%40%3Ccommits.servicecomb.apache.org%3E - https://lists.apache.org/thread.html/r2e93ce23e04c3f0a61e987d1111d0695cb668ac4ec4edbf237bd3e80%40%3Ccommits.servicecomb.apache.org%3E - https://lists.apache.org/thread.html/r490ca5611c150d193b320a2608209180713b7c68e501b67b0cffb925%40%3Ccommits.servicecomb.apache.org%3E - https://lists.apache.org/thread.html/r57245853c7245baab09eae08728c52b58fd77666538092389cc3e882%40%3Ccommits.servicecomb.apache.org%3E - https://lists.apache.org/thread.html/r6d32fc3cd547f7c9a288a57c7f525f5d00a00d5d163613e0d10a23ef%40%3Ccommits.servicecomb.apache.org%3E - https://lists.apache.org/thread.html/r8bcaf7821247b1836b10f6a1a3a3212b06272fd4cde4a859de1b78cf%40%3Ccommits.servicecomb.apache.org%3E - https://lists.apache.org/thread.html/r8db1d7b3b9acc9e8d2776395e280eb9615dd7790e1da8c57039963de%40%3Cnotifications.zookeeper.apache.org%3E - https://lists.apache.org/thread.html/ra96c74c37ed7252f78392e1ad16442bd16ae72a4d6c8db50dd55c88b%40%3Ccommits.servicecomb.apache.org%3E - https://lists.apache.org/thread.html/racc191a1f70a4f13155e8002c61bddef2870b26441971c697436ad5d%40%3Ccommits.servicecomb.apache.org%3E - https://lists.apache.org/thread.html/rae198f44c3f7ac5264045e6ba976be1703cff38dcf1609916e50210d%40%3Ccommits.servicecomb.apache.org%3E - https://lists.apache.org/thread.html/rb523bb6c60196c5f58514b86a8585c2069a4852039b45de3818b29d2%40%3Ccommits.servicecomb.apache.org%3E - https://lists.apache.org/thread.html/rc73b8dd01b1be276d06bdf07883ecd93fe1a01f139a99ef30ba4308c%40%3Ccommits.servicecomb.apache.org%3E - https://lists.apache.org/thread.html/rcfc154eb2de23d2dc08a56100341161e1a40a8ea86c693735437e8f2%40%3Ccommits.servicecomb.apache.org%3E - https://lists.apache.org/thread.html/rd25c88aad0e76240dd09f0eb34bdab924933946429e068a167adcb73%40%3Ccommits.servicecomb.apache.org%3E - https://lists.apache.org/thread.html/rdb4db3f5a9c478ca52a7b164680b88877a5a9c174e7047676c006b2c%40%3Ccommits.servicecomb.apache.org%3E - https://lists.apache.org/thread.html/re4f70b62843e92163fab03b65e2aa8078693293a0c36f1cc260079ed%40%3Ccommits.servicecomb.apache.org%3E - https://lists.apache.org/thread.html/reafc834062486adfc7be5bb8f7b7793be0d33f483678a094c3f9d468%40%3Ccommits.servicecomb.apache.org%3E - https://lists.apache.org/thread.html/rf87b870a22aa5c77c27900967b518a71a7d954c2952860fce3794b60%40%3Ccommits.servicecomb.apache.org%3E CONFIRM - https://github.com/netty/netty/security/advisories/GHSA-wm47-8v5p-wjpj CONFIRM - https://security.netapp.com/advisory/ntap-20210604-0003/ DEBIAN - DSA-4885 MISC - https://github.com/Netflix/zuul/pull/980 MISC - https://github.com/netty/netty/commit/89c241e3b1795ff257af4ad6eadc616cb2fb3dc4 MISC - https://www.oracle.com/security-alerts/cpuapr2022.html OSSINDEX - [CVE-2021-21295] CWE-444: Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') OSSINDEX - [CVE-2021-21295] CWE-444: Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') OSSIndex - http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-21295 OSSIndex - https://github.com/netty/netty/security/advisories/GHSA-wm47-8v5p-wjpj OSSIndex - https://lists.apache.org/thread/ztx01jknlcoq0v6pp2cwl609dyzk9r5h Vulnerable Software & Versions: (show all )
CVE-2021-21409 suppress
Netty is an open-source, asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers & clients. In Netty (io.netty:netty-codec-http2) before version 4.1.61.Final there is a vulnerability that enables request smuggling. The content-length header is not correctly validated if the request only uses a single Http2HeaderFrame with the endStream set to to true. This could lead to request smuggling if the request is proxied to a remote peer and translated to HTTP/1.1. This is a followup of GHSA-wm47-8v5p-wjpj/CVE-2021-21295 which did miss to fix this one case. This was fixed as part of 4.1.61.Final. CWE-444 Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')
CVSSv2:
Base Score: MEDIUM (4.3) Vector: /AV:N/AC:M/Au:N/C:N/I:P/A:N CVSSv3:
Base Score: MEDIUM (5.9) Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N References:
Vulnerable Software & Versions: (show all )
CVE-2022-24823 suppress
Netty is an open-source, asynchronous event-driven network application framework. The package `io.netty:netty-codec-http` prior to version 4.1.77.Final contains an insufficient fix for CVE-2021-21290. When Netty's multipart decoders are used local information disclosure can occur via the local system temporary directory if temporary storing uploads on the disk is enabled. This only impacts applications running on Java version 6 and lower. Additionally, this vulnerability impacts code running on Unix-like systems, and very old versions of Mac OSX and Windows as they all share the system temporary directory between all users. Version 4.1.77.Final contains a patch for this vulnerability. As a workaround, specify one's own `java.io.tmpdir` when starting the JVM or use DefaultHttpDataFactory.setBaseDir(...) to set the directory to something that is only readable by the current user. CWE-378 Creation of Temporary File With Insecure Permissions, CWE-379 Creation of Temporary File in Directory with Insecure Permissions, CWE-668 Exposure of Resource to Wrong Sphere
CVSSv2:
Base Score: LOW (1.9) Vector: /AV:L/AC:M/Au:N/C:P/I:N/A:N CVSSv3:
Base Score: MEDIUM (5.5) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N References:
Vulnerable Software & Versions: (show all )
CVE-2024-29025 (OSSINDEX) suppress
Netty is an asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers & clients. The `HttpPostRequestDecoder` can be tricked to accumulate data. While the decoder can store items on the disk if configured so, there are no limits to the number of fields the form can have, an attacher can send a chunked post consisting of many small fields that will be accumulated in the `bodyListHttpData` list. The decoder cumulates bytes in the `undecodedChunk` buffer until it can decode a field, this field can cumulate data without limits. This vulnerability is fixed in 4.1.108.Final.
Sonatype's research suggests that this CVE's details differ from those defined at NVD. See https://ossindex.sonatype.org/vulnerability/CVE-2024-29025 for details CWE-770 Allocation of Resources Without Limits or Throttling
CVSSv2:
Base Score: MEDIUM (5.3) Vector: /AV:N/AC:L/Au:/C:N/I:N/A:L References:
Vulnerable Software & Versions (OSSINDEX):
cpe:2.3:a:io.netty:netty-codec-http:4.1.59.Final:*:*:*:*:*:*:* netty-codec-mqtt-4.1.59.Final.jarDescription:
Netty is an asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers and clients. License:
https://www.apache.org/licenses/LICENSE-2.0 File Path: /var/simplicite/.m2/repository/io/netty/netty-codec-mqtt/4.1.59.Final/netty-codec-mqtt-4.1.59.Final.jar
MD5: 19100012fe39601c746da260a5b7222d
SHA1: 67fc273b306e2b14a83dd7d63cad86031d46c25a
SHA256: 2df05770e36cd592db3e98858f858f87f2f3bc3e3d762c11986d99b1e68403c8
Referenced In Project/Scope: Simplicite Platform:compile
netty-codec-mqtt-4.1.59.Final.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.simplicite/simplicite@5.2.54
Evidence Type Source Name Value Confidence Vendor file name netty-codec-mqtt High Vendor jar package name codec Highest Vendor jar package name io Highest Vendor jar package name netty Highest Vendor Manifest automatic-module-name io.netty.codec.mqtt Medium Vendor Manifest bundle-docurl https://netty.io/ Low Vendor Manifest bundle-symbolicname io.netty.codec-mqtt Medium Vendor Manifest implementation-url https://netty.io/netty-codec-mqtt/ Low Vendor Manifest Implementation-Vendor The Netty Project High Vendor Manifest Implementation-Vendor-Id io.netty Medium Vendor pom artifactid netty-codec-mqtt Highest Vendor pom artifactid netty-codec-mqtt Low Vendor pom groupid io.netty Highest Vendor pom name Netty/Codec/MQTT High Vendor pom parent-artifactid netty-parent Low Product file name netty-codec-mqtt High Product jar package name codec Highest Product jar package name io Highest Product jar package name netty Highest Product Manifest automatic-module-name io.netty.codec.mqtt Medium Product Manifest bundle-docurl https://netty.io/ Low Product Manifest Bundle-Name Netty/Codec/MQTT Medium Product Manifest bundle-symbolicname io.netty.codec-mqtt Medium Product Manifest Implementation-Title Netty/Codec/MQTT High Product Manifest implementation-url https://netty.io/netty-codec-mqtt/ Low Product pom artifactid netty-codec-mqtt Highest Product pom groupid io.netty Highest Product pom name Netty/Codec/MQTT High Product pom parent-artifactid netty-parent Medium Version Manifest Bundle-Version 4.1.59.Final High Version Manifest Implementation-Version 4.1.59.Final High Version pom version 4.1.59.Final Highest
CVE-2021-37136 suppress
The Bzip2 decompression decoder function doesn't allow setting size restrictions on the decompressed output data (which affects the allocation size used during decompression). All users of Bzip2Decoder are affected. The malicious input can trigger an OOME and so a DoS attack CWE-400 Uncontrolled Resource Consumption
CVSSv2:
Base Score: MEDIUM (5.0) Vector: /AV:N/AC:L/Au:N/C:N/I:N/A:P CVSSv3:
Base Score: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H References:
Vulnerable Software & Versions: (show all )
CVE-2021-37137 suppress
The Snappy frame decoder function doesn't restrict the chunk length which may lead to excessive memory usage. Beside this it also may buffer reserved skippable chunks until the whole chunk was received which may lead to excessive memory usage as well. This vulnerability can be triggered by supplying malicious input that decompresses to a very big size (via a network stream or a file) or by sending a huge skippable chunk. CWE-400 Uncontrolled Resource Consumption
CVSSv2:
Base Score: MEDIUM (5.0) Vector: /AV:N/AC:L/Au:N/C:N/I:N/A:P CVSSv3:
Base Score: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H References:
Vulnerable Software & Versions: (show all )
CVE-2022-41881 suppress
Netty project is an event-driven asynchronous network application framework. In versions prior to 4.1.86.Final, a StackOverflowError can be raised when parsing a malformed crafted message due to an infinite recursion. This issue is patched in version 4.1.86.Final. There is no workaround, except using a custom HaProxyMessageDecoder. CWE-674 Uncontrolled Recursion
CVSSv3:
Base Score: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H References:
Vulnerable Software & Versions:
CVE-2023-44487 suppress
CISA Known Exploited Vulnerability: Product: IETF HTTP/2 Name: HTTP/2 Rapid Reset Attack Vulnerability Date Added: 2023-10-10 Description: HTTP/2 contains a rapid reset vulnerability that allows for a distributed denial-of-service attack (DDoS). Required Action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable. Due Date: 2023-10-31 Notes: https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack/
The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023. CWE-400 Uncontrolled Resource Consumption
CVSSv3:
Base Score: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H References:
Vulnerable Software & Versions: (show all )
CVE-2021-43797 suppress
Netty is an asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers & clients. Netty prior to version 4.1.71.Final skips control chars when they are present at the beginning / end of the header name. It should instead fail fast as these are not allowed by the spec and could lead to HTTP request smuggling. Failing to do the validation might cause netty to "sanitize" header names before it forward these to another remote system when used as proxy. This remote system can't see the invalid usage anymore, and therefore does not do the validation itself. Users should upgrade to version 4.1.71.Final. CWE-444 Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')
CVSSv2:
Base Score: MEDIUM (4.3) Vector: /AV:N/AC:M/Au:N/C:N/I:P/A:N CVSSv3:
Base Score: MEDIUM (6.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N References:
Vulnerable Software & Versions: (show all )
CVE-2023-34462 suppress
Netty is an asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers & clients. The `SniHandler` can allocate up to 16MB of heap for each channel during the TLS handshake. When the handler or the channel does not have an idle timeout, it can be used to make a TCP server using the `SniHandler` to allocate 16MB of heap. The `SniHandler` class is a handler that waits for the TLS handshake to configure a `SslHandler` according to the indicated server name by the `ClientHello` record. For this matter it allocates a `ByteBuf` using the value defined in the `ClientHello` record. Normally the value of the packet should be smaller than the handshake packet but there are not checks done here and the way the code is written, it is possible to craft a packet that makes the `SslClientHelloHandler`. This vulnerability has been fixed in version 4.1.94.Final. CWE-400 Uncontrolled Resource Consumption
CVSSv3:
Base Score: MEDIUM (6.5) Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H References:
Vulnerable Software & Versions:
CVE-2021-21295 suppress
Netty is an open-source, asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers & clients. In Netty (io.netty:netty-codec-http2) before version 4.1.60.Final there is a vulnerability that enables request smuggling. If a Content-Length header is present in the original HTTP/2 request, the field is not validated by `Http2MultiplexHandler` as it is propagated up. This is fine as long as the request is not proxied through as HTTP/1.1. If the request comes in as an HTTP/2 stream, gets converted into the HTTP/1.1 domain objects (`HttpRequest`, `HttpContent`, etc.) via `Http2StreamFrameToHttpObjectCodec `and then sent up to the child channel's pipeline and proxied through a remote peer as HTTP/1.1 this may result in request smuggling. In a proxy case, users may assume the content-length is validated somehow, which is not the case. If the request is forwarded to a backend channel that is a HTTP/1.1 connection, the Content-Length now has meaning and needs to be checked. An attacker can smuggle requests inside the body as it gets downgraded from HTTP/2 to HTTP/1.1. For an example attack refer to the linked GitHub Advisory. Users are only affected if all of this is true: `HTTP2MultiplexCodec` or `Http2FrameCodec` is used, `Http2StreamFrameToHttpObjectCodec` is used to convert to HTTP/1.1 objects, and these HTTP/1.1 objects are forwarded to another remote peer. This has been patched in 4.1.60.Final As a workaround, the user can do the validation by themselves by implementing a custom `ChannelInboundHandler` that is put in the `ChannelPipeline` behind `Http2StreamFrameToHttpObjectCodec`. CWE-444 Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')
CVSSv2:
Base Score: LOW (2.6) Vector: /AV:N/AC:H/Au:N/C:N/I:P/A:N CVSSv3:
Base Score: MEDIUM (5.9) Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N References:
- [bookkeeper-issues] 20210330 [GitHub] [bookkeeper] eolivelli opened a new issue #2669: Update Netty to 4.1.60.final - [flink-dev] 20210424 [jira] [Created] (FLINK-22441) In Flink v1.11.3 contains netty(version:3.10.6) netty(version:4.1.60) . There are many vulnerabilities, like CVE-2021-21409 etc. please confirm these version and fix. thx - [flink-issues] 20210424 [jira] [Created] (FLINK-22441) In Flink v1.11.3 contains netty(version:3.10.6) netty(version:4.1.60) . There are many vulnerabilities, like CVE-2021-21409 etc. please confirm these version and fix. thx - [flink-issues] 20210426 [jira] [Commented] (FLINK-22441) In Flink v1.11.3 contains netty(version:3.10.6) netty(version:4.1.60) . There are many vulnerabilities, like CVE-2021-21409 etc. please confirm these version and fix. thx - [flink-issues] 20210426 [jira] [Updated] (FLINK-22441) In Flink v1.11.3 contains netty(version:3.10.6) netty(version:4.1.60) . There are many vulnerabilities, like CVE-2021-21409 etc. please confirm these version and fix. thx - [flink-issues] 20210511 [jira] [Commented] (FLINK-22441) In Flink v1.11.3 contains netty(version:3.10.6) netty(version:4.1.60) . There are many vulnerabilities, like CVE-2021-21409 etc. please confirm these version and fix. thx - [flink-issues] 20210610 [jira] [Updated] (FLINK-22441) In Flink v1.11.3 contains netty(version:3.10.6) netty(version:4.1.60) . There are many vulnerabilities, like CVE-2021-21409 etc. please confirm these version and fix. thx - [flink-issues] 20210618 [jira] [Updated] (FLINK-22441) In Flink v1.11.3 contains netty(version:3.10.6) netty(version:4.1.60) . There are many vulnerabilities, like CVE-2021-21409 etc. please confirm these version and fix. thx - [hbase-commits] 20210402 [hbase-thirdparty] branch master updated: HBASE-25728 [hbase-thirdparty] Upgrade Netty library to >= 4.1.60 due to security vulnerability CVE-2021-21295 (#48) - [hbase-dev] 20210402 [jira] [Created] (HBASE-25728) [hbase-thirdparty] ZOOKEEPER-4272: Upgrade Netty library to > 4.1.60 due to security vulnerability CVE-2021-21295 - [hbase-issues] 20210402 [GitHub] [hbase-thirdparty] Apache-HBase commented on pull request #48: HBASE-25728 [hbase-thirdparty] Upgrade Netty library to >= 4.1.60 due to security vulnerability CVE-2021-21295 - [hbase-issues] 20210402 [GitHub] [hbase-thirdparty] HorizonNet commented on pull request #48: HBASE-25728 [hbase-thirdparty] Upgrade Netty library to >= 4.1.60 due to security vulnerability CVE-2021-21295 - [hbase-issues] 20210402 [GitHub] [hbase-thirdparty] apurtell commented on pull request #48: HBASE-25728 [hbase-thirdparty] Upgrade Netty library to >= 4.1.60 due to security vulnerability CVE-2021-21295 - [hbase-issues] 20210402 [GitHub] [hbase-thirdparty] apurtell merged pull request #48: HBASE-25728 [hbase-thirdparty] Upgrade Netty library to >= 4.1.60 due to security vulnerability CVE-2021-21295 - [hbase-issues] 20210402 [GitHub] [hbase-thirdparty] apurtell opened a new pull request #48: HBASE-25728 [hbase-thirdparty] Upgrade Netty library to >= 4.1.60 due to security vulnerability CVE-2021-21295 - [hbase-issues] 20210402 [jira] [Assigned] (HBASE-25728) [hbase-thirdparty] Upgrade Netty library to >= 4.1.60 due to security vulnerability CVE-2021-21295 - [hbase-issues] 20210402 [jira] [Created] (HBASE-25728) [hbase-thirdparty] ZOOKEEPER-4272: Upgrade Netty library to > 4.1.60 due to security vulnerability CVE-2021-21295 - [hbase-issues] 20210402 [jira] [Updated] (HBASE-25728) [hbase-thirdparty] Upgrade Netty library to > 4.1.60 due to security vulnerability CVE-2021-21295 - [hbase-issues] 20210402 [jira] [Updated] (HBASE-25728) [hbase-thirdparty] Upgrade Netty library to >= 4.1.60 due to security vulnerability CVE-2021-21295 - [jackrabbit-dev] 20210709 [GitHub] [jackrabbit-oak] blackat opened a new pull request #321: Update netty to resolve CVE-2021-21295 and BDSA-2018-4022 - [kafka-dev] 20210330 [jira] [Created] (KAFKA-12583) Upgrade of netty-codec due to CVE-2021-21295 - [kafka-dev] 20210401 [jira] [Resolved] (KAFKA-12583) Upgrade of netty-codec due to CVE-2021-21295 - [kafka-jira] 20210330 [jira] [Created] (KAFKA-12583) Upgrade of netty-codec due to CVE-2021-21295 - [kafka-jira] 20210330 [jira] [Updated] (KAFKA-12583) Upgrade of netty-codec due to CVE-2021-21295 - [kafka-jira] 20210331 [GitHub] [kafka] dongjinleekr commented on pull request #10448: KAFKA-12583: Upgrade of netty-codec due to CVE-2021-21295 - [kafka-jira] 20210331 [GitHub] [kafka] dongjinleekr opened a new pull request #10448: KAFKA-12583: Upgrade of netty-codec due to CVE-2021-21295 - [kafka-jira] 20210401 [jira] [Commented] (KAFKA-12583) Upgrade of netty-codec due to CVE-2021-21295 - [kafka-jira] 20210401 [jira] [Resolved] (KAFKA-12583) Upgrade of netty-codec due to CVE-2021-21295 - [kafka-jira] 20210402 [jira] [Assigned] (KAFKA-12583) Upgrade of netty-codec due to CVE-2021-21295 - [kudu-issues] 20210904 [jira] [Created] (KUDU-3313) There is a CVE-2021-21409 vulnerability in netty version 4.1.60 - [kudu-issues] 20210904 [jira] [Updated] (KUDU-3313) There is a CVE-2021-21409 vulnerability in netty version 4.1.60 - [kudu-issues] 20210907 [jira] [Commented] (KUDU-3313) There is a CVE-2021-21409 vulnerability in netty version 4.1.60 - [kudu-issues] 20210907 [jira] [Resolved] (KUDU-3313) There is a CVE-2021-21409 vulnerability in netty version 4.1.60 - [kudu-issues] 20210907 [jira] [Updated] (KUDU-3313) There is a CVE-2021-21409 vulnerability in netty version 4.1.60 - [pulsar-commits] 20210329 [GitHub] [pulsar] aahmed-se opened a new pull request #10073: Upgrade Netty version to 4.1.60.final - [pulsar-commits] 20210329 [GitHub] [pulsar] merlimat closed issue #10071: CVE-2021-21295 & CVE-2021-21290 - [pulsar-commits] 20210329 [GitHub] [pulsar] yaswanthnadella opened a new issue #10071: CVE-2021-21295 & CVE-2021-21290 - [pulsar-commits] 20211020 [GitHub] [pulsar] Shoothzj opened a new pull request #12437: [Security] Bump grpc to 1.41.0 - [ranger-dev] 20210317 [jira] [Assigned] (RANGER-3209) Upgrade netty to 4.1.60+ due to CVE-2021-21290 and CVE-2021-21295 - [ranger-dev] 20210317 [jira] [Created] (RANGER-3209) Upgrade netty to 4.1.60+ due to CVE-2021-21290 and CVE-2021-21295 - [zookeeper-commits] 20210331 [zookeeper] branch branch-3.5 updated: ZOOKEEPER-4272 ZOOKEEPER-4272: Upgrade Netty library to > 4.1.60 due to security vulnerability CVE-2021-21295 - [zookeeper-commits] 20210331 [zookeeper] branch branch-3.6 updated: ZOOKEEPER-4272: Upgrade Netty library to > 4.1.60 due to security vulnerability CVE-2021-21295 - [zookeeper-commits] 20210331 [zookeeper] branch branch-3.7 updated: ZOOKEEPER-4272: Upgrade Netty library to > 4.1.60 due to security vulnerability CVE-2021-21295 - [zookeeper-commits] 20210331 [zookeeper] branch master updated: ZOOKEEPER-4272: Upgrade Netty library to > 4.1.60 due to security vulnerability CVE-2021-21295 - [zookeeper-dev] 20210330 [jira] [Created] (ZOOKEEPER-4272) Upgrade Netty library to > 4.1.60 due to security vulnerability CVE-2021-21295 - [zookeeper-dev] 20210928 [jira] [Created] (ZOOKEEPER-4390) CVE-2021-28169 - Upgrade jetty to 9.4.42 - [zookeeper-issues] 20210330 [jira] [Created] (ZOOKEEPER-4272) Upgrade Netty library to > 4.1.60 due to security vulnerability CVE-2021-21295 - [zookeeper-issues] 20210330 [jira] [Updated] (ZOOKEEPER-4272) Upgrade Netty library to > 4.1.60 due to security vulnerability CVE-2021-21295 - [zookeeper-issues] 20210331 [jira] [Assigned] (ZOOKEEPER-4272) Upgrade Netty library to > 4.1.60 due to security vulnerability CVE-2021-21295 - [zookeeper-issues] 20210331 [jira] [Commented] (ZOOKEEPER-4272) Upgrade Netty library to > 4.1.60 due to security vulnerability CVE-2021-21295 - [zookeeper-issues] 20210331 [jira] [Resolved] (ZOOKEEPER-4272) Upgrade Netty library to > 4.1.60 due to security vulnerability CVE-2021-21295 - [zookeeper-issues] 20210331 [jira] [Updated] (ZOOKEEPER-4272) Upgrade Netty library to > 4.1.60 due to security vulnerability CVE-2021-21295 - [zookeeper-issues] 20210401 [jira] [Commented] (ZOOKEEPER-4272) Upgrade Netty library to > 4.1.60 due to security vulnerability CVE-2021-21295 - [zookeeper-issues] 20210402 [jira] [Commented] (ZOOKEEPER-4272) Upgrade Netty library to > 4.1.60 due to security vulnerability CVE-2021-21295 - [zookeeper-issues] 20210928 [jira] [Created] (ZOOKEEPER-4390) CVE-2021-28169 - Upgrade jetty to 9.4.42 - [zookeeper-issues] 20210928 [jira] [Updated] (ZOOKEEPER-4390) CVE-2021-28169 , - Upgrade jetty to 9.4.42 - [zookeeper-issues] 20210928 [jira] [Updated] (ZOOKEEPER-4390) CVE-2021-28169 , CVE-2021-28163, - Upgrade jetty to 9.4.42 - [zookeeper-issues] 20210928 [jira] [Updated] (ZOOKEEPER-4390) CVE-2021-28169 , CVE-2021-28163, CVE-2021-34428- Upgrade jetty to 9.4.42 - [zookeeper-issues] 20210928 [jira] [Updated] (ZOOKEEPER-4390) CVE-2021-28169 - Upgrade jetty to 9.4.42 - [zookeeper-notifications] 20210331 [GitHub] [zookeeper] arshadmohammad closed pull request #1670: ZOOKEEPER-4272: Upgrade Netty library to > 4.1.60 due to security vulnerability CVE-2021-21295 - [zookeeper-notifications] 20210331 [GitHub] [zookeeper] arshadmohammad commented on pull request #1669: ZOOKEEPER-4272: Upgrade Netty library to > 4.1.60 due to security vulnerability CVE-2021-21295 - [zookeeper-notifications] 20210331 [GitHub] [zookeeper] arshadmohammad commented on pull request #1670: ZOOKEEPER-4272: Upgrade Netty library to > 4.1.60 due to security vulnerability CVE-2021-21295 - [zookeeper-notifications] 20210331 [GitHub] [zookeeper] asfgit closed pull request #1669: ZOOKEEPER-4272: Upgrade Netty library to > 4.1.60 due to security vulnerability CVE-2021-21295 - [zookeeper-notifications] 20210331 [GitHub] [zookeeper] ayushmantri opened a new pull request #1669: ZOOKEEPER-4272: Upgrade Netty library to > 4.1.60 due to security vulnerability CVE-2021-21295 - [zookeeper-notifications] 20210331 [GitHub] [zookeeper] ayushmantri opened a new pull request #1670: ZOOKEEPER-4272: Upgrade Netty library to > 4.1.60 due to security vulnerability CVE-2021-21295 - [zookeeper-notifications] 20210331 [GitHub] [zookeeper] eolivelli commented on pull request #1669: ZOOKEEPER-4272: Upgrade Netty library to > 4.1.60 due to security vulnerability CVE-2021-21295 - https://lists.apache.org/thread.html/r04a3e0d9f53421fb946c60cc54762b7151dc692eb4e39970a7579052%40%3Ccommits.servicecomb.apache.org%3E - https://lists.apache.org/thread.html/r16c4b55ac82be72f28adad4f8061477e5f978199d5725691dcc82c24%40%3Ccommits.servicecomb.apache.org%3E - https://lists.apache.org/thread.html/r2e93ce23e04c3f0a61e987d1111d0695cb668ac4ec4edbf237bd3e80%40%3Ccommits.servicecomb.apache.org%3E - https://lists.apache.org/thread.html/r490ca5611c150d193b320a2608209180713b7c68e501b67b0cffb925%40%3Ccommits.servicecomb.apache.org%3E - https://lists.apache.org/thread.html/r57245853c7245baab09eae08728c52b58fd77666538092389cc3e882%40%3Ccommits.servicecomb.apache.org%3E - https://lists.apache.org/thread.html/r6d32fc3cd547f7c9a288a57c7f525f5d00a00d5d163613e0d10a23ef%40%3Ccommits.servicecomb.apache.org%3E - https://lists.apache.org/thread.html/r8bcaf7821247b1836b10f6a1a3a3212b06272fd4cde4a859de1b78cf%40%3Ccommits.servicecomb.apache.org%3E - https://lists.apache.org/thread.html/r8db1d7b3b9acc9e8d2776395e280eb9615dd7790e1da8c57039963de%40%3Cnotifications.zookeeper.apache.org%3E - https://lists.apache.org/thread.html/ra96c74c37ed7252f78392e1ad16442bd16ae72a4d6c8db50dd55c88b%40%3Ccommits.servicecomb.apache.org%3E - https://lists.apache.org/thread.html/racc191a1f70a4f13155e8002c61bddef2870b26441971c697436ad5d%40%3Ccommits.servicecomb.apache.org%3E - https://lists.apache.org/thread.html/rae198f44c3f7ac5264045e6ba976be1703cff38dcf1609916e50210d%40%3Ccommits.servicecomb.apache.org%3E - https://lists.apache.org/thread.html/rb523bb6c60196c5f58514b86a8585c2069a4852039b45de3818b29d2%40%3Ccommits.servicecomb.apache.org%3E - https://lists.apache.org/thread.html/rc73b8dd01b1be276d06bdf07883ecd93fe1a01f139a99ef30ba4308c%40%3Ccommits.servicecomb.apache.org%3E - https://lists.apache.org/thread.html/rcfc154eb2de23d2dc08a56100341161e1a40a8ea86c693735437e8f2%40%3Ccommits.servicecomb.apache.org%3E - https://lists.apache.org/thread.html/rd25c88aad0e76240dd09f0eb34bdab924933946429e068a167adcb73%40%3Ccommits.servicecomb.apache.org%3E - https://lists.apache.org/thread.html/rdb4db3f5a9c478ca52a7b164680b88877a5a9c174e7047676c006b2c%40%3Ccommits.servicecomb.apache.org%3E - https://lists.apache.org/thread.html/re4f70b62843e92163fab03b65e2aa8078693293a0c36f1cc260079ed%40%3Ccommits.servicecomb.apache.org%3E - https://lists.apache.org/thread.html/reafc834062486adfc7be5bb8f7b7793be0d33f483678a094c3f9d468%40%3Ccommits.servicecomb.apache.org%3E - https://lists.apache.org/thread.html/rf87b870a22aa5c77c27900967b518a71a7d954c2952860fce3794b60%40%3Ccommits.servicecomb.apache.org%3E CONFIRM - https://github.com/netty/netty/security/advisories/GHSA-wm47-8v5p-wjpj CONFIRM - https://security.netapp.com/advisory/ntap-20210604-0003/ DEBIAN - DSA-4885 MISC - https://github.com/Netflix/zuul/pull/980 MISC - https://github.com/netty/netty/commit/89c241e3b1795ff257af4ad6eadc616cb2fb3dc4 MISC - https://www.oracle.com/security-alerts/cpuapr2022.html OSSINDEX - [CVE-2021-21295] CWE-444: Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') OSSINDEX - [CVE-2021-21295] CWE-444: Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') OSSIndex - http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-21295 OSSIndex - https://github.com/netty/netty/security/advisories/GHSA-wm47-8v5p-wjpj OSSIndex - https://lists.apache.org/thread/ztx01jknlcoq0v6pp2cwl609dyzk9r5h Vulnerable Software & Versions: (show all )
CVE-2021-21409 suppress
Netty is an open-source, asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers & clients. In Netty (io.netty:netty-codec-http2) before version 4.1.61.Final there is a vulnerability that enables request smuggling. The content-length header is not correctly validated if the request only uses a single Http2HeaderFrame with the endStream set to to true. This could lead to request smuggling if the request is proxied to a remote peer and translated to HTTP/1.1. This is a followup of GHSA-wm47-8v5p-wjpj/CVE-2021-21295 which did miss to fix this one case. This was fixed as part of 4.1.61.Final. CWE-444 Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')
CVSSv2:
Base Score: MEDIUM (4.3) Vector: /AV:N/AC:M/Au:N/C:N/I:P/A:N CVSSv3:
Base Score: MEDIUM (5.9) Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N References:
Vulnerable Software & Versions: (show all )
CVE-2022-24823 suppress
Netty is an open-source, asynchronous event-driven network application framework. The package `io.netty:netty-codec-http` prior to version 4.1.77.Final contains an insufficient fix for CVE-2021-21290. When Netty's multipart decoders are used local information disclosure can occur via the local system temporary directory if temporary storing uploads on the disk is enabled. This only impacts applications running on Java version 6 and lower. Additionally, this vulnerability impacts code running on Unix-like systems, and very old versions of Mac OSX and Windows as they all share the system temporary directory between all users. Version 4.1.77.Final contains a patch for this vulnerability. As a workaround, specify one's own `java.io.tmpdir` when starting the JVM or use DefaultHttpDataFactory.setBaseDir(...) to set the directory to something that is only readable by the current user. CWE-378 Creation of Temporary File With Insecure Permissions, CWE-379 Creation of Temporary File in Directory with Insecure Permissions, CWE-668 Exposure of Resource to Wrong Sphere
CVSSv2:
Base Score: LOW (1.9) Vector: /AV:L/AC:M/Au:N/C:P/I:N/A:N CVSSv3:
Base Score: MEDIUM (5.5) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N References:
Vulnerable Software & Versions: (show all )
netty-common-4.1.59.Final.jar (shaded: org.jctools:jctools-core:3.1.0)Description:
Java Concurrency Tools Core Library License:
Apache License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /var/simplicite/.m2/repository/io/netty/netty-common/4.1.59.Final/netty-common-4.1.59.Final.jar/META-INF/maven/org.jctools/jctools-core/pom.xml
MD5: 08e7326c64d7fd6ae4ea32e7eb4e5b79
SHA1: 9deceaba814dea198202b04fe0eec0d2dbf69ea9
SHA256: acaf1b4c366f6794a734288a2c003f16af90a9c479cf4d7daade689764e4fb47
Referenced In Project/Scope: Simplicite Platform:compile
Evidence Type Source Name Value Confidence Vendor pom artifactid jctools-core Low Vendor pom groupid org.jctools Highest Vendor pom name Java Concurrency Tools Core Library High Vendor pom url JCTools Highest Product pom artifactid jctools-core Highest Product pom groupid org.jctools Highest Product pom name Java Concurrency Tools Core Library High Product pom url JCTools High Version pom version 3.1.0 Highest
netty-transport-4.1.59.Final.jarDescription:
Netty is an asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers and clients. License:
https://www.apache.org/licenses/LICENSE-2.0 File Path: /var/simplicite/.m2/repository/io/netty/netty-transport/4.1.59.Final/netty-transport-4.1.59.Final.jar
MD5: 106b6b5e9e73a22a77caae2f5afda8c4
SHA1: 864d20f35ce909e6a7462095cb8f91ee94d1cd4c
SHA256: 59b7b84be412683a26cfaa4c85b01ff5c5aeb38f07baeabbd8ca98f6e8b0715e
Referenced In Project/Scope: Simplicite Platform:compile
netty-transport-4.1.59.Final.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.simplicite/simplicite@5.2.54
Evidence Type Source Name Value Confidence Vendor file name netty-transport High Vendor jar package name io Highest Vendor jar package name netty Highest Vendor Manifest automatic-module-name io.netty.transport Medium Vendor Manifest bundle-docurl https://netty.io/ Low Vendor Manifest bundle-symbolicname io.netty.transport Medium Vendor Manifest implementation-url https://netty.io/netty-transport/ Low Vendor Manifest Implementation-Vendor The Netty Project High Vendor Manifest Implementation-Vendor-Id io.netty Medium Vendor pom artifactid netty-transport Highest Vendor pom artifactid netty-transport Low Vendor pom groupid io.netty Highest Vendor pom name Netty/Transport High Vendor pom parent-artifactid netty-parent Low Product file name netty-transport High Product jar package name io Highest Product jar package name netty Highest Product Manifest automatic-module-name io.netty.transport Medium Product Manifest bundle-docurl https://netty.io/ Low Product Manifest Bundle-Name Netty/Transport Medium Product Manifest bundle-symbolicname io.netty.transport Medium Product Manifest Implementation-Title Netty/Transport High Product Manifest implementation-url https://netty.io/netty-transport/ Low Product pom artifactid netty-transport Highest Product pom groupid io.netty Highest Product pom name Netty/Transport High Product pom parent-artifactid netty-parent Medium Version Manifest Bundle-Version 4.1.59.Final High Version Manifest Implementation-Version 4.1.59.Final High Version pom version 4.1.59.Final Highest
Related Dependencies netty-buffer-4.1.59.Final.jarFile Path: /var/simplicite/.m2/repository/io/netty/netty-buffer/4.1.59.Final/netty-buffer-4.1.59.Final.jar MD5: b62f5994741071c1b801a26ab602fd8f SHA1: a1f281008d7e9574c14d386b39b3639a240eb0d1 SHA256: 6a1b3b6b12a5686df8ef6780211c42fe5a4a5ad0cbf779ff5216d826b2e77564 pkg:maven/io.netty/netty-buffer@4.1.59.Final netty-codec-http2-4.1.59.Final.jarFile Path: /var/simplicite/.m2/repository/io/netty/netty-codec-http2/4.1.59.Final/netty-codec-http2-4.1.59.Final.jar MD5: 93c2b1895b6b6c8ba9225fb92a3287fc SHA1: b23b7fbffa4de30f336c2cc8bd1951403d1bebaa SHA256: 6e900863ca676577173cf884eb1fba38ff22e4c52257bc2fd97774d875da7609 pkg:maven/io.netty/netty-codec-http2@4.1.59.Final netty-codec-redis-4.1.59.Final.jarFile Path: /var/simplicite/.m2/repository/io/netty/netty-codec-redis/4.1.59.Final/netty-codec-redis-4.1.59.Final.jar MD5: c54b10789b10d840b595e68562df4084 SHA1: adaf10c4ec12066bd0f16fb3806af29533f53fce SHA256: e8b1e0c6a29bc0de9016c3e3e13461105e4795f5107d636d9656794691139306 pkg:maven/io.netty/netty-codec-redis@4.1.59.Final netty-codec-socks-4.1.59.Final.jarFile Path: /var/simplicite/.m2/repository/io/netty/netty-codec-socks/4.1.59.Final/netty-codec-socks-4.1.59.Final.jar MD5: d3b763d705d4cfbf2ccea50d6b2156c5 SHA1: 37401ea0d02a86ccd529dc9bb70241bda18e42ff SHA256: ad3e7e58c5130bcfcab9d9a337a389b7e957de1ed468e43ad412eab917270631 pkg:maven/io.netty/netty-codec-socks@4.1.59.Final netty-common-4.1.59.Final.jarFile Path: /var/simplicite/.m2/repository/io/netty/netty-common/4.1.59.Final/netty-common-4.1.59.Final.jar MD5: a816ce4940a79890bb939f3bc9bb3d38 SHA1: e8800b0c50b6743ec1c5a3713816ce58910a703a SHA256: f7f4e5b9e8cb6db6ddfee42505f4b7f5facbcbd3a7b7067abd9db49925189a75 pkg:maven/io.netty/netty-common@4.1.59.Final netty-handler-4.1.59.Final.jarFile Path: /var/simplicite/.m2/repository/io/netty/netty-handler/4.1.59.Final/netty-handler-4.1.59.Final.jar MD5: 853a01dfba5d6e1711b7c27e0ee7bd1f SHA1: 302b4c8ca800aeddcf94401f2403114c8f5db5a5 SHA256: 86a191b9fe80ba6af8f670db8c04b84bcf74e9b6a8001d74020668579bf966db pkg:maven/io.netty/netty-handler@4.1.59.Final netty-handler-proxy-4.1.59.Final.jarFile Path: /var/simplicite/.m2/repository/io/netty/netty-handler-proxy/4.1.59.Final/netty-handler-proxy-4.1.59.Final.jar MD5: dd854a7201789f7585ca8914ac7fc62a SHA1: 46050c8dafd8d97ea6d04c861b75db20fe4ac39f SHA256: 7d588f265c7fe4b34d4245c811b8a0bcda5b8d82d17ee841e1b4982e87641219 pkg:maven/io.netty/netty-handler-proxy@4.1.59.Final netty-resolver-4.1.59.Final.jarFile Path: /var/simplicite/.m2/repository/io/netty/netty-resolver/4.1.59.Final/netty-resolver-4.1.59.Final.jar MD5: f4e68df3d7481d9d071722abf2ae6266 SHA1: 26bc136952a9f7a994dd7162f481c860275948de SHA256: 64528c663a0d39102020a4ea0cd9b809b29ddd03592840874ea6c3e8345f5619 pkg:maven/io.netty/netty-resolver@4.1.59.Final netty-transport-native-epoll-4.1.59.Final.jarFile Path: /var/simplicite/.m2/repository/io/netty/netty-transport-native-epoll/4.1.59.Final/netty-transport-native-epoll-4.1.59.Final.jar MD5: ec7c8bc259dd6813ebe92f10c6d0f3e8 SHA1: 0d80613566ff6aa65580325d4a8ec6126b6cd47a SHA256: d394a821ff9555816ff6e3b752bcc82b5a0818291e979eb183296379fa29e1db pkg:maven/io.netty/netty-transport-native-epoll@4.1.59.Final netty-transport-native-kqueue-4.1.59.Final.jarFile Path: /var/simplicite/.m2/repository/io/netty/netty-transport-native-kqueue/4.1.59.Final/netty-transport-native-kqueue-4.1.59.Final.jar MD5: ef98f7fe9690391dbf1fdcab1805afd4 SHA1: 128523fa2b437fb543b0cfb5ed9590a38485e3ce SHA256: cd5d3b52da5defcbc54446f9d4228ae8b6958a01ee75e070c217789349b5cfd8 pkg:maven/io.netty/netty-transport-native-kqueue@4.1.59.Final netty-transport-native-unix-common-4.1.59.Final.jarFile Path: /var/simplicite/.m2/repository/io/netty/netty-transport-native-unix-common/4.1.59.Final/netty-transport-native-unix-common-4.1.59.Final.jar MD5: 2d0afb3dfa37747935803b8d1963d5ee SHA1: f5d4ad1f995ec40c20220ad9ec75b14172ac9320 SHA256: 77de650a8caceb9479ccc35444ca087671292df0552d6edf7d9ae5f40e0551ce pkg:maven/io.netty/netty-transport-native-unix-common@4.1.59.Final CVE-2021-37136 suppress
The Bzip2 decompression decoder function doesn't allow setting size restrictions on the decompressed output data (which affects the allocation size used during decompression). All users of Bzip2Decoder are affected. The malicious input can trigger an OOME and so a DoS attack CWE-400 Uncontrolled Resource Consumption
CVSSv2:
Base Score: MEDIUM (5.0) Vector: /AV:N/AC:L/Au:N/C:N/I:N/A:P CVSSv3:
Base Score: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H References:
Vulnerable Software & Versions: (show all )
CVE-2021-37137 suppress
The Snappy frame decoder function doesn't restrict the chunk length which may lead to excessive memory usage. Beside this it also may buffer reserved skippable chunks until the whole chunk was received which may lead to excessive memory usage as well. This vulnerability can be triggered by supplying malicious input that decompresses to a very big size (via a network stream or a file) or by sending a huge skippable chunk. CWE-400 Uncontrolled Resource Consumption
CVSSv2:
Base Score: MEDIUM (5.0) Vector: /AV:N/AC:L/Au:N/C:N/I:N/A:P CVSSv3:
Base Score: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H References:
Vulnerable Software & Versions: (show all )
CVE-2022-41881 suppress
Netty project is an event-driven asynchronous network application framework. In versions prior to 4.1.86.Final, a StackOverflowError can be raised when parsing a malformed crafted message due to an infinite recursion. This issue is patched in version 4.1.86.Final. There is no workaround, except using a custom HaProxyMessageDecoder. CWE-674 Uncontrolled Recursion
CVSSv3:
Base Score: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H References:
Vulnerable Software & Versions:
CVE-2023-44487 suppress
CISA Known Exploited Vulnerability: Product: IETF HTTP/2 Name: HTTP/2 Rapid Reset Attack Vulnerability Date Added: 2023-10-10 Description: HTTP/2 contains a rapid reset vulnerability that allows for a distributed denial-of-service attack (DDoS). Required Action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable. Due Date: 2023-10-31 Notes: https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack/
The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023. CWE-400 Uncontrolled Resource Consumption
CVSSv3:
Base Score: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H References:
Vulnerable Software & Versions: (show all )
CVE-2021-43797 suppress
Netty is an asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers & clients. Netty prior to version 4.1.71.Final skips control chars when they are present at the beginning / end of the header name. It should instead fail fast as these are not allowed by the spec and could lead to HTTP request smuggling. Failing to do the validation might cause netty to "sanitize" header names before it forward these to another remote system when used as proxy. This remote system can't see the invalid usage anymore, and therefore does not do the validation itself. Users should upgrade to version 4.1.71.Final. CWE-444 Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')
CVSSv2:
Base Score: MEDIUM (4.3) Vector: /AV:N/AC:M/Au:N/C:N/I:P/A:N CVSSv3:
Base Score: MEDIUM (6.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N References:
Vulnerable Software & Versions: (show all )
CVE-2023-34462 suppress
Netty is an asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers & clients. The `SniHandler` can allocate up to 16MB of heap for each channel during the TLS handshake. When the handler or the channel does not have an idle timeout, it can be used to make a TCP server using the `SniHandler` to allocate 16MB of heap. The `SniHandler` class is a handler that waits for the TLS handshake to configure a `SslHandler` according to the indicated server name by the `ClientHello` record. For this matter it allocates a `ByteBuf` using the value defined in the `ClientHello` record. Normally the value of the packet should be smaller than the handshake packet but there are not checks done here and the way the code is written, it is possible to craft a packet that makes the `SslClientHelloHandler`. This vulnerability has been fixed in version 4.1.94.Final. CWE-400 Uncontrolled Resource Consumption
CVSSv3:
Base Score: MEDIUM (6.5) Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H References:
Vulnerable Software & Versions:
CVE-2021-21295 suppress
Netty is an open-source, asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers & clients. In Netty (io.netty:netty-codec-http2) before version 4.1.60.Final there is a vulnerability that enables request smuggling. If a Content-Length header is present in the original HTTP/2 request, the field is not validated by `Http2MultiplexHandler` as it is propagated up. This is fine as long as the request is not proxied through as HTTP/1.1. If the request comes in as an HTTP/2 stream, gets converted into the HTTP/1.1 domain objects (`HttpRequest`, `HttpContent`, etc.) via `Http2StreamFrameToHttpObjectCodec `and then sent up to the child channel's pipeline and proxied through a remote peer as HTTP/1.1 this may result in request smuggling. In a proxy case, users may assume the content-length is validated somehow, which is not the case. If the request is forwarded to a backend channel that is a HTTP/1.1 connection, the Content-Length now has meaning and needs to be checked. An attacker can smuggle requests inside the body as it gets downgraded from HTTP/2 to HTTP/1.1. For an example attack refer to the linked GitHub Advisory. Users are only affected if all of this is true: `HTTP2MultiplexCodec` or `Http2FrameCodec` is used, `Http2StreamFrameToHttpObjectCodec` is used to convert to HTTP/1.1 objects, and these HTTP/1.1 objects are forwarded to another remote peer. This has been patched in 4.1.60.Final As a workaround, the user can do the validation by themselves by implementing a custom `ChannelInboundHandler` that is put in the `ChannelPipeline` behind `Http2StreamFrameToHttpObjectCodec`. CWE-444 Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')
CVSSv2:
Base Score: LOW (2.6) Vector: /AV:N/AC:H/Au:N/C:N/I:P/A:N CVSSv3:
Base Score: MEDIUM (5.9) Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N References:
- [bookkeeper-issues] 20210330 [GitHub] [bookkeeper] eolivelli opened a new issue #2669: Update Netty to 4.1.60.final - [flink-dev] 20210424 [jira] [Created] (FLINK-22441) In Flink v1.11.3 contains netty(version:3.10.6) netty(version:4.1.60) . There are many vulnerabilities, like CVE-2021-21409 etc. please confirm these version and fix. thx - [flink-issues] 20210424 [jira] [Created] (FLINK-22441) In Flink v1.11.3 contains netty(version:3.10.6) netty(version:4.1.60) . There are many vulnerabilities, like CVE-2021-21409 etc. please confirm these version and fix. thx - [flink-issues] 20210426 [jira] [Commented] (FLINK-22441) In Flink v1.11.3 contains netty(version:3.10.6) netty(version:4.1.60) . There are many vulnerabilities, like CVE-2021-21409 etc. please confirm these version and fix. thx - [flink-issues] 20210426 [jira] [Updated] (FLINK-22441) In Flink v1.11.3 contains netty(version:3.10.6) netty(version:4.1.60) . There are many vulnerabilities, like CVE-2021-21409 etc. please confirm these version and fix. thx - [flink-issues] 20210511 [jira] [Commented] (FLINK-22441) In Flink v1.11.3 contains netty(version:3.10.6) netty(version:4.1.60) . There are many vulnerabilities, like CVE-2021-21409 etc. please confirm these version and fix. thx - [flink-issues] 20210610 [jira] [Updated] (FLINK-22441) In Flink v1.11.3 contains netty(version:3.10.6) netty(version:4.1.60) . There are many vulnerabilities, like CVE-2021-21409 etc. please confirm these version and fix. thx - [flink-issues] 20210618 [jira] [Updated] (FLINK-22441) In Flink v1.11.3 contains netty(version:3.10.6) netty(version:4.1.60) . There are many vulnerabilities, like CVE-2021-21409 etc. please confirm these version and fix. thx - [hbase-commits] 20210402 [hbase-thirdparty] branch master updated: HBASE-25728 [hbase-thirdparty] Upgrade Netty library to >= 4.1.60 due to security vulnerability CVE-2021-21295 (#48) - [hbase-dev] 20210402 [jira] [Created] (HBASE-25728) [hbase-thirdparty] ZOOKEEPER-4272: Upgrade Netty library to > 4.1.60 due to security vulnerability CVE-2021-21295 - [hbase-issues] 20210402 [GitHub] [hbase-thirdparty] Apache-HBase commented on pull request #48: HBASE-25728 [hbase-thirdparty] Upgrade Netty library to >= 4.1.60 due to security vulnerability CVE-2021-21295 - [hbase-issues] 20210402 [GitHub] [hbase-thirdparty] HorizonNet commented on pull request #48: HBASE-25728 [hbase-thirdparty] Upgrade Netty library to >= 4.1.60 due to security vulnerability CVE-2021-21295 - [hbase-issues] 20210402 [GitHub] [hbase-thirdparty] apurtell commented on pull request #48: HBASE-25728 [hbase-thirdparty] Upgrade Netty library to >= 4.1.60 due to security vulnerability CVE-2021-21295 - [hbase-issues] 20210402 [GitHub] [hbase-thirdparty] apurtell merged pull request #48: HBASE-25728 [hbase-thirdparty] Upgrade Netty library to >= 4.1.60 due to security vulnerability CVE-2021-21295 - [hbase-issues] 20210402 [GitHub] [hbase-thirdparty] apurtell opened a new pull request #48: HBASE-25728 [hbase-thirdparty] Upgrade Netty library to >= 4.1.60 due to security vulnerability CVE-2021-21295 - [hbase-issues] 20210402 [jira] [Assigned] (HBASE-25728) [hbase-thirdparty] Upgrade Netty library to >= 4.1.60 due to security vulnerability CVE-2021-21295 - [hbase-issues] 20210402 [jira] [Created] (HBASE-25728) [hbase-thirdparty] ZOOKEEPER-4272: Upgrade Netty library to > 4.1.60 due to security vulnerability CVE-2021-21295 - [hbase-issues] 20210402 [jira] [Updated] (HBASE-25728) [hbase-thirdparty] Upgrade Netty library to > 4.1.60 due to security vulnerability CVE-2021-21295 - [hbase-issues] 20210402 [jira] [Updated] (HBASE-25728) [hbase-thirdparty] Upgrade Netty library to >= 4.1.60 due to security vulnerability CVE-2021-21295 - [jackrabbit-dev] 20210709 [GitHub] [jackrabbit-oak] blackat opened a new pull request #321: Update netty to resolve CVE-2021-21295 and BDSA-2018-4022 - [kafka-dev] 20210330 [jira] [Created] (KAFKA-12583) Upgrade of netty-codec due to CVE-2021-21295 - [kafka-dev] 20210401 [jira] [Resolved] (KAFKA-12583) Upgrade of netty-codec due to CVE-2021-21295 - [kafka-jira] 20210330 [jira] [Created] (KAFKA-12583) Upgrade of netty-codec due to CVE-2021-21295 - [kafka-jira] 20210330 [jira] [Updated] (KAFKA-12583) Upgrade of netty-codec due to CVE-2021-21295 - [kafka-jira] 20210331 [GitHub] [kafka] dongjinleekr commented on pull request #10448: KAFKA-12583: Upgrade of netty-codec due to CVE-2021-21295 - [kafka-jira] 20210331 [GitHub] [kafka] dongjinleekr opened a new pull request #10448: KAFKA-12583: Upgrade of netty-codec due to CVE-2021-21295 - [kafka-jira] 20210401 [jira] [Commented] (KAFKA-12583) Upgrade of netty-codec due to CVE-2021-21295 - [kafka-jira] 20210401 [jira] [Resolved] (KAFKA-12583) Upgrade of netty-codec due to CVE-2021-21295 - [kafka-jira] 20210402 [jira] [Assigned] (KAFKA-12583) Upgrade of netty-codec due to CVE-2021-21295 - [kudu-issues] 20210904 [jira] [Created] (KUDU-3313) There is a CVE-2021-21409 vulnerability in netty version 4.1.60 - [kudu-issues] 20210904 [jira] [Updated] (KUDU-3313) There is a CVE-2021-21409 vulnerability in netty version 4.1.60 - [kudu-issues] 20210907 [jira] [Commented] (KUDU-3313) There is a CVE-2021-21409 vulnerability in netty version 4.1.60 - [kudu-issues] 20210907 [jira] [Resolved] (KUDU-3313) There is a CVE-2021-21409 vulnerability in netty version 4.1.60 - [kudu-issues] 20210907 [jira] [Updated] (KUDU-3313) There is a CVE-2021-21409 vulnerability in netty version 4.1.60 - [pulsar-commits] 20210329 [GitHub] [pulsar] aahmed-se opened a new pull request #10073: Upgrade Netty version to 4.1.60.final - [pulsar-commits] 20210329 [GitHub] [pulsar] merlimat closed issue #10071: CVE-2021-21295 & CVE-2021-21290 - [pulsar-commits] 20210329 [GitHub] [pulsar] yaswanthnadella opened a new issue #10071: CVE-2021-21295 & CVE-2021-21290 - [pulsar-commits] 20211020 [GitHub] [pulsar] Shoothzj opened a new pull request #12437: [Security] Bump grpc to 1.41.0 - [ranger-dev] 20210317 [jira] [Assigned] (RANGER-3209) Upgrade netty to 4.1.60+ due to CVE-2021-21290 and CVE-2021-21295 - [ranger-dev] 20210317 [jira] [Created] (RANGER-3209) Upgrade netty to 4.1.60+ due to CVE-2021-21290 and CVE-2021-21295 - [zookeeper-commits] 20210331 [zookeeper] branch branch-3.5 updated: ZOOKEEPER-4272 ZOOKEEPER-4272: Upgrade Netty library to > 4.1.60 due to security vulnerability CVE-2021-21295 - [zookeeper-commits] 20210331 [zookeeper] branch branch-3.6 updated: ZOOKEEPER-4272: Upgrade Netty library to > 4.1.60 due to security vulnerability CVE-2021-21295 - [zookeeper-commits] 20210331 [zookeeper] branch branch-3.7 updated: ZOOKEEPER-4272: Upgrade Netty library to > 4.1.60 due to security vulnerability CVE-2021-21295 - [zookeeper-commits] 20210331 [zookeeper] branch master updated: ZOOKEEPER-4272: Upgrade Netty library to > 4.1.60 due to security vulnerability CVE-2021-21295 - [zookeeper-dev] 20210330 [jira] [Created] (ZOOKEEPER-4272) Upgrade Netty library to > 4.1.60 due to security vulnerability CVE-2021-21295 - [zookeeper-dev] 20210928 [jira] [Created] (ZOOKEEPER-4390) CVE-2021-28169 - Upgrade jetty to 9.4.42 - [zookeeper-issues] 20210330 [jira] [Created] (ZOOKEEPER-4272) Upgrade Netty library to > 4.1.60 due to security vulnerability CVE-2021-21295 - [zookeeper-issues] 20210330 [jira] [Updated] (ZOOKEEPER-4272) Upgrade Netty library to > 4.1.60 due to security vulnerability CVE-2021-21295 - [zookeeper-issues] 20210331 [jira] [Assigned] (ZOOKEEPER-4272) Upgrade Netty library to > 4.1.60 due to security vulnerability CVE-2021-21295 - [zookeeper-issues] 20210331 [jira] [Commented] (ZOOKEEPER-4272) Upgrade Netty library to > 4.1.60 due to security vulnerability CVE-2021-21295 - [zookeeper-issues] 20210331 [jira] [Resolved] (ZOOKEEPER-4272) Upgrade Netty library to > 4.1.60 due to security vulnerability CVE-2021-21295 - [zookeeper-issues] 20210331 [jira] [Updated] (ZOOKEEPER-4272) Upgrade Netty library to > 4.1.60 due to security vulnerability CVE-2021-21295 - [zookeeper-issues] 20210401 [jira] [Commented] (ZOOKEEPER-4272) Upgrade Netty library to > 4.1.60 due to security vulnerability CVE-2021-21295 - [zookeeper-issues] 20210402 [jira] [Commented] (ZOOKEEPER-4272) Upgrade Netty library to > 4.1.60 due to security vulnerability CVE-2021-21295 - [zookeeper-issues] 20210928 [jira] [Created] (ZOOKEEPER-4390) CVE-2021-28169 - Upgrade jetty to 9.4.42 - [zookeeper-issues] 20210928 [jira] [Updated] (ZOOKEEPER-4390) CVE-2021-28169 , - Upgrade jetty to 9.4.42 - [zookeeper-issues] 20210928 [jira] [Updated] (ZOOKEEPER-4390) CVE-2021-28169 , CVE-2021-28163, - Upgrade jetty to 9.4.42 - [zookeeper-issues] 20210928 [jira] [Updated] (ZOOKEEPER-4390) CVE-2021-28169 , CVE-2021-28163, CVE-2021-34428- Upgrade jetty to 9.4.42 - [zookeeper-issues] 20210928 [jira] [Updated] (ZOOKEEPER-4390) CVE-2021-28169 - Upgrade jetty to 9.4.42 - [zookeeper-notifications] 20210331 [GitHub] [zookeeper] arshadmohammad closed pull request #1670: ZOOKEEPER-4272: Upgrade Netty library to > 4.1.60 due to security vulnerability CVE-2021-21295 - [zookeeper-notifications] 20210331 [GitHub] [zookeeper] arshadmohammad commented on pull request #1669: ZOOKEEPER-4272: Upgrade Netty library to > 4.1.60 due to security vulnerability CVE-2021-21295 - [zookeeper-notifications] 20210331 [GitHub] [zookeeper] arshadmohammad commented on pull request #1670: ZOOKEEPER-4272: Upgrade Netty library to > 4.1.60 due to security vulnerability CVE-2021-21295 - [zookeeper-notifications] 20210331 [GitHub] [zookeeper] asfgit closed pull request #1669: ZOOKEEPER-4272: Upgrade Netty library to > 4.1.60 due to security vulnerability CVE-2021-21295 - [zookeeper-notifications] 20210331 [GitHub] [zookeeper] ayushmantri opened a new pull request #1669: ZOOKEEPER-4272: Upgrade Netty library to > 4.1.60 due to security vulnerability CVE-2021-21295 - [zookeeper-notifications] 20210331 [GitHub] [zookeeper] ayushmantri opened a new pull request #1670: ZOOKEEPER-4272: Upgrade Netty library to > 4.1.60 due to security vulnerability CVE-2021-21295 - [zookeeper-notifications] 20210331 [GitHub] [zookeeper] eolivelli commented on pull request #1669: ZOOKEEPER-4272: Upgrade Netty library to > 4.1.60 due to security vulnerability CVE-2021-21295 - https://lists.apache.org/thread.html/r04a3e0d9f53421fb946c60cc54762b7151dc692eb4e39970a7579052%40%3Ccommits.servicecomb.apache.org%3E - https://lists.apache.org/thread.html/r16c4b55ac82be72f28adad4f8061477e5f978199d5725691dcc82c24%40%3Ccommits.servicecomb.apache.org%3E - https://lists.apache.org/thread.html/r2e93ce23e04c3f0a61e987d1111d0695cb668ac4ec4edbf237bd3e80%40%3Ccommits.servicecomb.apache.org%3E - https://lists.apache.org/thread.html/r490ca5611c150d193b320a2608209180713b7c68e501b67b0cffb925%40%3Ccommits.servicecomb.apache.org%3E - https://lists.apache.org/thread.html/r57245853c7245baab09eae08728c52b58fd77666538092389cc3e882%40%3Ccommits.servicecomb.apache.org%3E - https://lists.apache.org/thread.html/r6d32fc3cd547f7c9a288a57c7f525f5d00a00d5d163613e0d10a23ef%40%3Ccommits.servicecomb.apache.org%3E - https://lists.apache.org/thread.html/r8bcaf7821247b1836b10f6a1a3a3212b06272fd4cde4a859de1b78cf%40%3Ccommits.servicecomb.apache.org%3E - https://lists.apache.org/thread.html/r8db1d7b3b9acc9e8d2776395e280eb9615dd7790e1da8c57039963de%40%3Cnotifications.zookeeper.apache.org%3E - https://lists.apache.org/thread.html/ra96c74c37ed7252f78392e1ad16442bd16ae72a4d6c8db50dd55c88b%40%3Ccommits.servicecomb.apache.org%3E - https://lists.apache.org/thread.html/racc191a1f70a4f13155e8002c61bddef2870b26441971c697436ad5d%40%3Ccommits.servicecomb.apache.org%3E - https://lists.apache.org/thread.html/rae198f44c3f7ac5264045e6ba976be1703cff38dcf1609916e50210d%40%3Ccommits.servicecomb.apache.org%3E - https://lists.apache.org/thread.html/rb523bb6c60196c5f58514b86a8585c2069a4852039b45de3818b29d2%40%3Ccommits.servicecomb.apache.org%3E - https://lists.apache.org/thread.html/rc73b8dd01b1be276d06bdf07883ecd93fe1a01f139a99ef30ba4308c%40%3Ccommits.servicecomb.apache.org%3E - https://lists.apache.org/thread.html/rcfc154eb2de23d2dc08a56100341161e1a40a8ea86c693735437e8f2%40%3Ccommits.servicecomb.apache.org%3E - https://lists.apache.org/thread.html/rd25c88aad0e76240dd09f0eb34bdab924933946429e068a167adcb73%40%3Ccommits.servicecomb.apache.org%3E - https://lists.apache.org/thread.html/rdb4db3f5a9c478ca52a7b164680b88877a5a9c174e7047676c006b2c%40%3Ccommits.servicecomb.apache.org%3E - https://lists.apache.org/thread.html/re4f70b62843e92163fab03b65e2aa8078693293a0c36f1cc260079ed%40%3Ccommits.servicecomb.apache.org%3E - https://lists.apache.org/thread.html/reafc834062486adfc7be5bb8f7b7793be0d33f483678a094c3f9d468%40%3Ccommits.servicecomb.apache.org%3E - https://lists.apache.org/thread.html/rf87b870a22aa5c77c27900967b518a71a7d954c2952860fce3794b60%40%3Ccommits.servicecomb.apache.org%3E CONFIRM - https://github.com/netty/netty/security/advisories/GHSA-wm47-8v5p-wjpj CONFIRM - https://security.netapp.com/advisory/ntap-20210604-0003/ DEBIAN - DSA-4885 MISC - https://github.com/Netflix/zuul/pull/980 MISC - https://github.com/netty/netty/commit/89c241e3b1795ff257af4ad6eadc616cb2fb3dc4 MISC - https://www.oracle.com/security-alerts/cpuapr2022.html OSSINDEX - [CVE-2021-21295] CWE-444: Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') OSSINDEX - [CVE-2021-21295] CWE-444: Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') OSSIndex - http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-21295 OSSIndex - https://github.com/netty/netty/security/advisories/GHSA-wm47-8v5p-wjpj OSSIndex - https://lists.apache.org/thread/ztx01jknlcoq0v6pp2cwl609dyzk9r5h Vulnerable Software & Versions: (show all )
CVE-2021-21409 suppress
Netty is an open-source, asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers & clients. In Netty (io.netty:netty-codec-http2) before version 4.1.61.Final there is a vulnerability that enables request smuggling. The content-length header is not correctly validated if the request only uses a single Http2HeaderFrame with the endStream set to to true. This could lead to request smuggling if the request is proxied to a remote peer and translated to HTTP/1.1. This is a followup of GHSA-wm47-8v5p-wjpj/CVE-2021-21295 which did miss to fix this one case. This was fixed as part of 4.1.61.Final. CWE-444 Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')
CVSSv2:
Base Score: MEDIUM (4.3) Vector: /AV:N/AC:M/Au:N/C:N/I:P/A:N CVSSv3:
Base Score: MEDIUM (5.9) Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N References:
Vulnerable Software & Versions: (show all )
CVE-2022-24823 suppress
Netty is an open-source, asynchronous event-driven network application framework. The package `io.netty:netty-codec-http` prior to version 4.1.77.Final contains an insufficient fix for CVE-2021-21290. When Netty's multipart decoders are used local information disclosure can occur via the local system temporary directory if temporary storing uploads on the disk is enabled. This only impacts applications running on Java version 6 and lower. Additionally, this vulnerability impacts code running on Unix-like systems, and very old versions of Mac OSX and Windows as they all share the system temporary directory between all users. Version 4.1.77.Final contains a patch for this vulnerability. As a workaround, specify one's own `java.io.tmpdir` when starting the JVM or use DefaultHttpDataFactory.setBaseDir(...) to set the directory to something that is only readable by the current user. CWE-378 Creation of Temporary File With Insecure Permissions, CWE-379 Creation of Temporary File in Directory with Insecure Permissions, CWE-668 Exposure of Resource to Wrong Sphere
CVSSv2:
Base Score: LOW (1.9) Vector: /AV:L/AC:M/Au:N/C:P/I:N/A:N CVSSv3:
Base Score: MEDIUM (5.5) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N References:
Vulnerable Software & Versions: (show all )
netty-transport-native-kqueue-4.1.65.Final-osx-x86_64.jarDescription:
Netty is an asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers and clients. License:
https://www.apache.org/licenses/LICENSE-2.0 File Path: /var/simplicite/.m2/repository/io/netty/netty-transport-native-kqueue/4.1.65.Final/netty-transport-native-kqueue-4.1.65.Final-osx-x86_64.jar
MD5: 9e3e10aecd5534c7f1c0fece085e11e9
SHA1: 502a18402e38131c669840363ad50fe60a899d0d
SHA256: 73a15a9312b591b585da4063f88b2cea6b470008879e647704d83b28a0fb062e
Referenced In Project/Scope: Simplicite Platform:compile
netty-transport-native-kqueue-4.1.65.Final-osx-x86_64.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.apache.qpid/qpid-jms-client@1.1.0
Evidence Type Source Name Value Confidence Vendor file name netty-transport-native-kqueue High Vendor jar package name io Highest Vendor jar package name kqueue Highest Vendor jar package name netty Highest Vendor Manifest automatic-module-name io.netty.transport.kqueue Medium Vendor Manifest bundle-docurl https://netty.io/ Low Vendor Manifest bundle-nativecode META-INF/native/libnetty_transport_native_kqueue_x86_64.jnilib; osname=MacOSX; processor=x86_64 Low Vendor Manifest bundle-symbolicname io.netty.transport-native-kqueue Medium Vendor Manifest implementation-url https://netty.io/netty-transport-native-kqueue/ Low Vendor Manifest Implementation-Vendor The Netty Project High Vendor Manifest Implementation-Vendor-Id io.netty Medium Vendor pom artifactid netty-transport-native-kqueue Highest Vendor pom artifactid netty-transport-native-kqueue Low Vendor pom groupid io.netty Highest Vendor pom name Netty/Transport/Native/KQueue High Vendor pom parent-artifactid netty-parent Low Product file name netty-transport-native-kqueue High Product jar package name io Highest Product jar package name kqueue Highest Product jar package name netty Highest Product Manifest automatic-module-name io.netty.transport.kqueue Medium Product Manifest bundle-docurl https://netty.io/ Low Product Manifest Bundle-Name Netty/Transport/Native/KQueue Medium Product Manifest bundle-nativecode META-INF/native/libnetty_transport_native_kqueue_x86_64.jnilib; osname=MacOSX; processor=x86_64 Low Product Manifest bundle-symbolicname io.netty.transport-native-kqueue Medium Product Manifest Implementation-Title Netty/Transport/Native/KQueue High Product Manifest implementation-url https://netty.io/netty-transport-native-kqueue/ Low Product pom artifactid netty-transport-native-kqueue Highest Product pom groupid io.netty Highest Product pom name Netty/Transport/Native/KQueue High Product pom parent-artifactid netty-parent Medium Version Manifest Bundle-Version 4.1.65.Final High Version Manifest Implementation-Version 4.1.65.Final High Version pom version 4.1.65.Final Highest
Related Dependencies netty-transport-native-epoll-4.1.65.Final-linux-x86_64.jarFile Path: /var/simplicite/.m2/repository/io/netty/netty-transport-native-epoll/4.1.65.Final/netty-transport-native-epoll-4.1.65.Final-linux-x86_64.jar MD5: 236bcc1a2e90221ff48d9f9ad6b30713 SHA1: 0ed1ce93ceaaec02c7d3d88daf82360745499747 SHA256: 6438d194322d5d393b1f6b841bb1643349ccdf635ca0e8b06fa2749551b97481 pkg:maven/io.netty/netty-transport-native-epoll@4.1.65.Final CVE-2021-37136 suppress
The Bzip2 decompression decoder function doesn't allow setting size restrictions on the decompressed output data (which affects the allocation size used during decompression). All users of Bzip2Decoder are affected. The malicious input can trigger an OOME and so a DoS attack CWE-400 Uncontrolled Resource Consumption
CVSSv2:
Base Score: MEDIUM (5.0) Vector: /AV:N/AC:L/Au:N/C:N/I:N/A:P CVSSv3:
Base Score: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H References:
Vulnerable Software & Versions: (show all )
CVE-2021-37137 suppress
The Snappy frame decoder function doesn't restrict the chunk length which may lead to excessive memory usage. Beside this it also may buffer reserved skippable chunks until the whole chunk was received which may lead to excessive memory usage as well. This vulnerability can be triggered by supplying malicious input that decompresses to a very big size (via a network stream or a file) or by sending a huge skippable chunk. CWE-400 Uncontrolled Resource Consumption
CVSSv2:
Base Score: MEDIUM (5.0) Vector: /AV:N/AC:L/Au:N/C:N/I:N/A:P CVSSv3:
Base Score: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H References:
Vulnerable Software & Versions: (show all )
CVE-2022-41881 suppress
Netty project is an event-driven asynchronous network application framework. In versions prior to 4.1.86.Final, a StackOverflowError can be raised when parsing a malformed crafted message due to an infinite recursion. This issue is patched in version 4.1.86.Final. There is no workaround, except using a custom HaProxyMessageDecoder. CWE-674 Uncontrolled Recursion
CVSSv3:
Base Score: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H References:
Vulnerable Software & Versions:
CVE-2023-44487 suppress
CISA Known Exploited Vulnerability: Product: IETF HTTP/2 Name: HTTP/2 Rapid Reset Attack Vulnerability Date Added: 2023-10-10 Description: HTTP/2 contains a rapid reset vulnerability that allows for a distributed denial-of-service attack (DDoS). Required Action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable. Due Date: 2023-10-31 Notes: https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack/
The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023. CWE-400 Uncontrolled Resource Consumption
CVSSv3:
Base Score: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H References:
Vulnerable Software & Versions: (show all )
CVE-2021-43797 suppress
Netty is an asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers & clients. Netty prior to version 4.1.71.Final skips control chars when they are present at the beginning / end of the header name. It should instead fail fast as these are not allowed by the spec and could lead to HTTP request smuggling. Failing to do the validation might cause netty to "sanitize" header names before it forward these to another remote system when used as proxy. This remote system can't see the invalid usage anymore, and therefore does not do the validation itself. Users should upgrade to version 4.1.71.Final. CWE-444 Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')
CVSSv2:
Base Score: MEDIUM (4.3) Vector: /AV:N/AC:M/Au:N/C:N/I:P/A:N CVSSv3:
Base Score: MEDIUM (6.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N References:
Vulnerable Software & Versions: (show all )
CVE-2023-34462 suppress
Netty is an asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers & clients. The `SniHandler` can allocate up to 16MB of heap for each channel during the TLS handshake. When the handler or the channel does not have an idle timeout, it can be used to make a TCP server using the `SniHandler` to allocate 16MB of heap. The `SniHandler` class is a handler that waits for the TLS handshake to configure a `SslHandler` according to the indicated server name by the `ClientHello` record. For this matter it allocates a `ByteBuf` using the value defined in the `ClientHello` record. Normally the value of the packet should be smaller than the handshake packet but there are not checks done here and the way the code is written, it is possible to craft a packet that makes the `SslClientHelloHandler`. This vulnerability has been fixed in version 4.1.94.Final. CWE-400 Uncontrolled Resource Consumption
CVSSv3:
Base Score: MEDIUM (6.5) Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H References:
Vulnerable Software & Versions:
CVE-2022-24823 suppress
Netty is an open-source, asynchronous event-driven network application framework. The package `io.netty:netty-codec-http` prior to version 4.1.77.Final contains an insufficient fix for CVE-2021-21290. When Netty's multipart decoders are used local information disclosure can occur via the local system temporary directory if temporary storing uploads on the disk is enabled. This only impacts applications running on Java version 6 and lower. Additionally, this vulnerability impacts code running on Unix-like systems, and very old versions of Mac OSX and Windows as they all share the system temporary directory between all users. Version 4.1.77.Final contains a patch for this vulnerability. As a workaround, specify one's own `java.io.tmpdir` when starting the JVM or use DefaultHttpDataFactory.setBaseDir(...) to set the directory to something that is only readable by the current user. CWE-378 Creation of Temporary File With Insecure Permissions, CWE-379 Creation of Temporary File in Directory with Insecure Permissions, CWE-668 Exposure of Resource to Wrong Sphere
CVSSv2:
Base Score: LOW (1.9) Vector: /AV:L/AC:M/Au:N/C:P/I:N/A:N CVSSv3:
Base Score: MEDIUM (5.5) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N References:
Vulnerable Software & Versions: (show all )
no-case:3.0.4Description:
Transform into a lower cased string with spaces between words License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?sentence-case:3.0.4/no-case:^3.0.4
Referenced In Projects/Scopes: simplicite-js:5.2.54/sentence-case:3.0.4 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author.email hello@blakeembrey.com Highest Vendor package.json author.name Blake Embrey Highest Vendor package.json author.url http://blakeembrey.me Highest Vendor package.json bugs.url https://github.com/blakeembrey/change-case/issues Highest Vendor package.json description Transform into a lower cased string with spaces between words Highest Vendor package.json homepage https://github.com/blakeembrey/change-case/tree/master/packages/no-case#readme Highest Vendor package.json name no-case Highest Vendor package.json name no-case_project Highest Product package.json name no-case Highest Version package.json version 3.0.4 Highest
Related Dependencies no-case:3.0.4File Path: /var/simplicite/simplicite-5.2/package-lock.json?/no-case:3.0.4 pkg:npm/no-case@3.0.4 node-emoji:1.11.0Description:
simple emoji support for node.js projects License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?npm-check:6.0.1/node-emoji:^1.10.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/npm-check:6.0.1 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author Daniel Bugl <daniel.bugl@touchlay.com> Highest Vendor package.json bugs.url https://github.com/omnidan/node-emoji/issues Highest Vendor package.json description simple emoji support for node.js projects Highest Vendor package.json name node-emoji Highest Vendor package.json name node-emoji_project Highest Product package.json name node-emoji Highest Version package.json version 1.11.0 Highest
Related Dependencies node-emoji:1.11.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?/node-emoji:1.11.0 pkg:npm/node-emoji@1.11.0 node-environment-flags:1.0.6License:
Apache-2.0 File Path: /var/simplicite/simplicite-5.2/package-lock.json?/node-environment-flags:1.0.6
Referenced In Projects/Scopes: simplicite-js:5.2.54/@babel/node:7.23.9 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author Christopher Hiller <boneskull@boneskull.com> (https://boneskull.com/) Highest Vendor package.json description Highest Vendor package.json name node-environment-flags Highest Vendor package.json name node-environment-flags_project Highest Product package.json name node-environment-flags Highest Version package.json version 1.0.6 Highest
Related Dependencies node-environment-flags:1.0.6File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/node:7.23.9/node-environment-flags:^1.0.5 pkg:npm/node-environment-flags@1.0.6 node-gyp:9.4.0Description:
Node.js native addon build tool License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/node-gyp:9.4.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/@npmcli/run-script:6.0.2 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author Nathan Rajlich <nathan@tootallnate.net> (http://tootallnate.net) Highest Vendor package.json description Node.js native addon build tool Highest Vendor package.json name node-gyp Highest Vendor package.json name node-gyp_project Highest Product package.json name node-gyp Highest Version package.json version 9.4.0 Highest
Related Dependencies node-gyp:9.4.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?@npmcli/run-script:6.0.2/node-gyp:^9.0.0 pkg:npm/node-gyp@9.4.0 node-releases:2.0.14Description:
Node.js releases data License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/node-releases:2.0.14
Referenced In Projects/Scopes: simplicite-js:5.2.54/browserslist:4.22.3 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author Sergey Rubanov <chi187@gmail.com> Highest Vendor package.json description Node.js releases data Highest Vendor package.json name node-releases Highest Vendor package.json name node-releases_project Highest Product package.json name node-releases Highest Version package.json version 2.0.14 Highest
Related Dependencies node-releases:2.0.14File Path: /var/simplicite/simplicite-5.2/package-lock.json?browserslist:4.22.3/node-releases:^2.0.14 pkg:npm/node-releases@2.0.14 nopt:5.0.0Description:
Option parsing for Node, supporting types, shorthands, etc. Used by npm. License:
ISC File Path: /var/simplicite/simplicite-5.2/package-lock.json?/nopt:5.0.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/js-beautify:1.14.0 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author Isaac Z. Schlueter <i@izs.me> (http://blog.izs.me/) Highest Vendor package.json description Option parsing for Node, supporting types, shorthands, etc. Used by npm. Highest Vendor package.json name nopt Highest Vendor package.json name nopt_project Highest Product package.json name nopt Highest Version package.json version 5.0.0 Highest
Related Dependencies nopt:5.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?js-beautify:1.14.0/nopt:^5.0.0 pkg:npm/nopt@5.0.0 nopt:6.0.0Description:
Option parsing for Node, supporting types, shorthands, etc. Used by npm. License:
ISC File Path: /var/simplicite/simplicite-5.2/package-lock.json?/nopt:6.0.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/node-gyp:9.4.0 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author GitHub Inc. Highest Vendor package.json description Option parsing for Node, supporting types, shorthands, etc. Used by npm. Highest Vendor package.json name nopt Highest Vendor package.json name nopt_project Highest Product package.json name nopt Highest Version package.json version 6.0.0 Highest
Related Dependencies nopt:6.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?node-gyp:9.4.0/nopt:^6.0.0 pkg:npm/nopt@6.0.0 normalize-package-data:2.5.0Description:
Normalizes data that can be found in package.json files. License:
BSD-2-Clause File Path: /var/simplicite/simplicite-5.2/package-lock.json?/normalize-package-data:2.5.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/read-pkg:5.2.0 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author Meryn Stol <merynstol@gmail.com> Highest Vendor package.json description Normalizes data that can be found in package.json files. Highest Vendor package.json name normalize-package-data Highest Vendor package.json name normalize-package-data_project Highest Product package.json name normalize-package-data Highest Version package.json version 2.5.0 Highest
Related Dependencies normalize-package-data:2.5.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?read-pkg:5.2.0/normalize-package-data:^2.5.0 pkg:npm/normalize-package-data@2.5.0 normalize-package-data:3.0.3Description:
Normalizes data that can be found in package.json files. License:
BSD-2-Clause File Path: /var/simplicite/simplicite-5.2/package-lock.json?/normalize-package-data:3.0.3
Referenced In Projects/Scopes: simplicite-js:5.2.54/meow:9.0.0 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author Meryn Stol <merynstol@gmail.com> Highest Vendor package.json description Normalizes data that can be found in package.json files. Highest Vendor package.json name normalize-package-data Highest Vendor package.json name normalize-package-data_project Highest Product package.json name normalize-package-data Highest Version package.json version 3.0.3 Highest
Related Dependencies normalize-package-data:3.0.3File Path: /var/simplicite/simplicite-5.2/package-lock.json?meow:9.0.0/normalize-package-data:^3.0.0 pkg:npm/normalize-package-data@3.0.3 normalize-package-data:5.0.0Description:
Normalizes data that can be found in package.json files. License:
BSD-2-Clause File Path: /var/simplicite/simplicite-5.2/package-lock.json?/normalize-package-data:5.0.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/read-package-json:6.0.4 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author GitHub Inc. Highest Vendor package.json description Normalizes data that can be found in package.json files. Highest Vendor package.json name normalize-package-data Highest Vendor package.json name normalize-package-data_project Highest Product package.json name normalize-package-data Highest Version package.json version 5.0.0 Highest
Related Dependencies normalize-package-data:5.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?read-package-json:6.0.4/normalize-package-data:^5.0.0 pkg:npm/normalize-package-data@5.0.0 normalize-path:3.0.0Description:
Normalize slashes in a file path to be posix/unix-like forward slashes. Also condenses repeat slashes to a single slash and removes and trailing slashes, unless disabled. License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?stylelint:14.16.1/normalize-path:^3.0.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/anymatch:3.1.3 simplicite-js:5.2.54/stylelint:14.16.1 simplicite-js:5.2.54/chokidar:3.5.3 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author Jon Schlinkert (https://github.com/jonschlinkert) Highest Vendor package.json bugs.url https://github.com/jonschlinkert/normalize-path/issues Highest Vendor package.json description Normalize slashes in a file path to be posix/unix-like forward slashes. Also condenses repeat slashes to a single slash and removes and trailing slashes, unless disabled. Highest Vendor package.json homepage https://github.com/jonschlinkert/normalize-path Highest Vendor package.json name normalize-path Highest Vendor package.json name normalize-path_project Highest Product package.json name normalize-path Highest Version package.json version 3.0.0 Highest
Related Dependencies normalize-path:3.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?/normalize-path:3.0.0 pkg:npm/normalize-path@3.0.0 normalize-path:3.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?anymatch:3.1.3/normalize-path:^3.0.0 pkg:npm/normalize-path@3.0.0 normalize-path:3.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?chokidar:3.5.3/normalize-path:~3.0.0 pkg:npm/normalize-path@3.0.0 normalize-url:4.5.1Description:
Normalize a URL License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/normalize-url:4.5.1
Referenced In Project/Scope: simplicite-js:5.2.54
Evidence Type Source Name Value Confidence Vendor package.json author.email sindresorhus@gmail.com Highest Vendor package.json author.name Sindre Sorhus Highest Vendor package.json author.url sindresorhus.com Highest Vendor package.json description Normalize a URL Highest Vendor package.json name normalize-url Highest Vendor package.json name normalize-url_project Highest Product package.json name normalize-url Highest Version package.json version 4.5.1 Highest
normalize-url:8.0.0Description:
Normalize a URL License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/normalize-url:8.0.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/cacheable-request:6.1.0 simplicite-js:5.2.54/cacheable-request:10.2.12 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author.email sindresorhus@gmail.com Highest Vendor package.json author.name Sindre Sorhus Highest Vendor package.json author.url https://sindresorhus.com Highest Vendor package.json description Normalize a URL Highest Vendor package.json name normalize-url Highest Vendor package.json name normalize-url_project Highest Product package.json name normalize-url Highest Version package.json version 8.0.0 Highest
Related Dependencies normalize-url:8.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?cacheable-request:10.2.12/normalize-url:^8.0.0 pkg:npm/normalize-url@8.0.0 normalize-url:8.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?cacheable-request:6.1.0/normalize-url:^4.1.0 pkg:npm/normalize-url@8.0.0 npm-audit-html:1.5.0Description:
Generate a HTML report for NPM Audit License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/npm-audit-html:1.5.0
Referenced In Project/Scope: simplicite-js:5.2.54
Evidence Type Source Name Value Confidence Vendor package.json author eventOne Labs <opensource@event1.io> Highest Vendor package.json description Generate a HTML report for NPM Audit Highest Vendor package.json name npm-audit-html Highest Vendor package.json name npm-audit-html_project Highest Product package.json name npm-audit-html Highest Version package.json version 1.5.0 Highest
npm-bundled:3.0.0Description:
list things in node_modules that are bundledDependencies, or transitive dependencies thereof License:
ISC File Path: /var/simplicite/simplicite-5.2/package-lock.json?/npm-bundled:3.0.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/@npmcli/installed-package-contents:2.0.2 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author GitHub Inc. Highest Vendor package.json description list things in node_modules that are bundledDependencies, or transitive dependencies thereof Highest Vendor package.json name npm-bundled Highest Vendor package.json name npm-bundled_project Highest Product package.json name npm-bundled Highest Version package.json version 3.0.0 Highest
Related Dependencies npm-bundled:3.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?@npmcli/installed-package-contents:2.0.2/npm-bundled:^3.0.0 pkg:npm/npm-bundled@3.0.0 npm-check-updates:16.14.14Description:
Find newer versions of dependencies than what your package.json allows License:
Apache-2.0 File Path: /var/simplicite/simplicite-5.2/package-lock.json?/npm-check-updates:16.14.14
Referenced In Project/Scope: simplicite-js:5.2.54
Evidence Type Source Name Value Confidence Vendor package.json author Tomas Junnonen <tomas1@gmail.com> Highest Vendor package.json bugs.url https://github.com/raineorshine/npm-check-updates/issues Highest Vendor package.json description Find newer versions of dependencies than what your package.json allows Highest Vendor package.json homepage https://github.com/raineorshine/npm-check-updates Highest Vendor package.json name npm-check-updates Highest Vendor package.json name npm-check-updates_project Highest Product package.json name npm-check-updates Highest Version package.json version 16.14.14 Highest
npm-check:6.0.1Description:
Check for outdated, incorrect, and unused dependencies. License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/npm-check:6.0.1
Referenced In Project/Scope: simplicite-js:5.2.54
Evidence Type Source Name Value Confidence Vendor package.json author.email dylang@gmail.com Highest Vendor package.json author.name Dylan Greene Highest Vendor package.json bugs.url https://github.com/dylang/npm-check/issues Highest Vendor package.json description Check for outdated, incorrect, and unused dependencies. Highest Vendor package.json homepage https://github.com/dylang/npm-check Highest Vendor package.json name npm-check Highest Vendor package.json name npm-check_project Highest Product package.json name npm-check Highest Version package.json version 6.0.1 Highest
npm-install-checks:6.1.1Description:
Check the engines and platform fields in package.json License:
BSD-2-Clause File Path: /var/simplicite/simplicite-5.2/package-lock.json?npm-pick-manifest:8.0.2/npm-install-checks:^6.0.0
Referenced In Projects/Scopes: simplicite-js:5.2.54 simplicite-js:5.2.54/npm-pick-manifest:8.0.2 Evidence Type Source Name Value Confidence Vendor package.json author GitHub Inc. Highest Vendor package.json description Check the engines and platform fields in package.json Highest Vendor package.json name npm-install-checks Highest Vendor package.json name npm-install-checks_project Highest Product package.json name npm-install-checks Highest Version package.json version 6.1.1 Highest
Related Dependencies npm-install-checks:6.1.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?/npm-install-checks:6.1.1 pkg:npm/npm-install-checks@6.1.1 npm-normalize-package-bin:3.0.1Description:
Turn any flavor of allowable package.json bin into a normalized object License:
ISC File Path: /var/simplicite/simplicite-5.2/package-lock.json?read-package-json-fast:3.0.2/npm-normalize-package-bin:^3.0.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/read-package-json:6.0.4 simplicite-js:5.2.54/@npmcli/installed-package-contents:2.0.2 simplicite-js:5.2.54/read-package-json-fast:3.0.2 simplicite-js:5.2.54 simplicite-js:5.2.54/npm-bundled:3.0.0 simplicite-js:5.2.54/npm-pick-manifest:8.0.2 Evidence Type Source Name Value Confidence Vendor package.json author GitHub Inc. Highest Vendor package.json description Turn any flavor of allowable package.json bin into a normalized object Highest Vendor package.json name npm-normalize-package-bin Highest Vendor package.json name npm-normalize-package-bin_project Highest Product package.json name npm-normalize-package-bin Highest Version package.json version 3.0.1 Highest
Related Dependencies npm-normalize-package-bin:3.0.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?/npm-normalize-package-bin:3.0.1 pkg:npm/npm-normalize-package-bin@3.0.1 npm-normalize-package-bin:3.0.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?@npmcli/installed-package-contents:2.0.2/npm-normalize-package-bin:^3.0.0 pkg:npm/npm-normalize-package-bin@3.0.1 npm-normalize-package-bin:3.0.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?npm-bundled:3.0.0/npm-normalize-package-bin:^3.0.0 pkg:npm/npm-normalize-package-bin@3.0.1 npm-normalize-package-bin:3.0.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?npm-pick-manifest:8.0.2/npm-normalize-package-bin:^3.0.0 pkg:npm/npm-normalize-package-bin@3.0.1 npm-normalize-package-bin:3.0.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?read-package-json:6.0.4/npm-normalize-package-bin:^3.0.0 pkg:npm/npm-normalize-package-bin@3.0.1 npm-package-arg:10.1.0Description:
Parse the things that can be arguments to `npm install` License:
ISC File Path: /var/simplicite/simplicite-5.2/package-lock.json?pacote:15.2.0/npm-package-arg:^10.0.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/npm-registry-fetch:14.0.5 simplicite-js:5.2.54/pacote:15.2.0 simplicite-js:5.2.54 simplicite-js:5.2.54/npm-pick-manifest:8.0.2 Evidence Type Source Name Value Confidence Vendor package.json author GitHub Inc. Highest Vendor package.json bugs.url https://github.com/npm/npm-package-arg/issues Highest Vendor package.json description Parse the things that can be arguments to `npm install` Highest Vendor package.json homepage https://github.com/npm/npm-package-arg Highest Vendor package.json name npm-package-arg Highest Vendor package.json name npm-package-arg_project Highest Product package.json name npm-package-arg Highest Version package.json version 10.1.0 Highest
Related Dependencies npm-package-arg:10.1.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?/npm-package-arg:10.1.0 pkg:npm/npm-package-arg@10.1.0 npm-package-arg:10.1.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?npm-pick-manifest:8.0.2/npm-package-arg:^10.0.0 pkg:npm/npm-package-arg@10.1.0 npm-package-arg:10.1.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?npm-registry-fetch:14.0.5/npm-package-arg:^10.0.0 pkg:npm/npm-package-arg@10.1.0 npm-packlist:7.0.4Description:
Get a list of the files to add from a folder into an npm package License:
ISC File Path: /var/simplicite/simplicite-5.2/package-lock.json?pacote:15.2.0/npm-packlist:^7.0.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/pacote:15.2.0 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author GitHub Inc. Highest Vendor package.json description Get a list of the files to add from a folder into an npm package Highest Vendor package.json name npm-packlist Highest Vendor package.json name npm-packlist_project Highest Product package.json name npm-packlist Highest Version package.json version 7.0.4 Highest
Related Dependencies npm-packlist:7.0.4File Path: /var/simplicite/simplicite-5.2/package-lock.json?/npm-packlist:7.0.4 pkg:npm/npm-packlist@7.0.4 npm-pick-manifest:8.0.2Description:
Resolves a matching manifest from a package metadata document according to standard npm semver resolution rules. License:
ISC File Path: /var/simplicite/simplicite-5.2/package-lock.json?pacote:15.2.0/npm-pick-manifest:^8.0.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/pacote:15.2.0 simplicite-js:5.2.54 simplicite-js:5.2.54/@npmcli/git:4.1.0 Evidence Type Source Name Value Confidence Vendor package.json author GitHub Inc. Highest Vendor package.json description Resolves a matching manifest from a package metadata document according to standard npm semver resolution rules. Highest Vendor package.json name npm-pick-manifest Highest Vendor package.json name npm-pick-manifest_project Highest Product package.json name npm-pick-manifest Highest Version package.json version 8.0.2 Highest
Related Dependencies npm-pick-manifest:8.0.2File Path: /var/simplicite/simplicite-5.2/package-lock.json?/npm-pick-manifest:8.0.2 pkg:npm/npm-pick-manifest@8.0.2 npm-pick-manifest:8.0.2File Path: /var/simplicite/simplicite-5.2/package-lock.json?@npmcli/git:4.1.0/npm-pick-manifest:^8.0.0 pkg:npm/npm-pick-manifest@8.0.2 npm-registry-fetch:14.0.5Description:
Fetch-based http client for use with npm registry APIs License:
ISC File Path: /var/simplicite/simplicite-5.2/package-lock.json?pacote:15.2.0/npm-registry-fetch:^14.0.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/pacote:15.2.0 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author GitHub Inc. Highest Vendor package.json description Fetch-based http client for use with npm registry APIs Highest Vendor package.json name npm-registry-fetch Highest Vendor package.json name npm-registry-fetch_project Highest Product package.json name npm-registry-fetch Highest Version package.json version 14.0.5 Highest
Related Dependencies npm-registry-fetch:14.0.5File Path: /var/simplicite/simplicite-5.2/package-lock.json?/npm-registry-fetch:14.0.5 pkg:npm/npm-registry-fetch@14.0.5 npm-run-path:4.0.1Description:
Get your PATH prepended with locally installed binaries License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/npm-run-path:4.0.1
Referenced In Projects/Scopes: simplicite-js:5.2.54/execa:5.1.1 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author.email sindresorhus@gmail.com Highest Vendor package.json author.name Sindre Sorhus Highest Vendor package.json author.url sindresorhus.com Highest Vendor package.json description Get your PATH prepended with locally installed binaries Highest Vendor package.json name npm-run-path Highest Vendor package.json name npm-run-path_project Highest Product package.json name npm-run-path Highest Version package.json version 4.0.1 Highest
Related Dependencies npm-run-path:4.0.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?execa:5.1.1/npm-run-path:^4.0.1 pkg:npm/npm-run-path@4.0.1 npmlog:6.0.2Description:
logger for npm License:
ISC File Path: /var/simplicite/simplicite-5.2/package-lock.json?/npmlog:6.0.2
Referenced In Projects/Scopes: simplicite-js:5.2.54/node-gyp:9.4.0 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author GitHub Inc. Highest Vendor package.json description logger for npm Highest Vendor package.json name npmlog Highest Vendor package.json name npmlog_project Highest Product package.json name npmlog Highest Version package.json version 6.0.2 Highest
Related Dependencies npmlog:6.0.2File Path: /var/simplicite/simplicite-5.2/package-lock.json?node-gyp:9.4.0/npmlog:^6.0.0 pkg:npm/npmlog@6.0.2 numeral:2.0.6Description:
Format and manipulate numbers. License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/numeral:2.0.6
Referenced In Projects/Scopes: simplicite-js:5.2.54/npm-audit-html:1.5.0 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author.email adamwdraper@gmail.com Highest Vendor package.json author.name Adam Draper Highest Vendor package.json author.url http://github.com/adamwdraper Highest Vendor package.json bugs.url https://github.com/adamwdraper/Numeral-js/issues Highest Vendor package.json description Format and manipulate numbers. Highest Vendor package.json homepage http://numeraljs.com Highest Vendor package.json name numeral Highest Vendor package.json name numeral_project Highest Product package.json name numeral Highest Version package.json version 2.0.6 Highest
Related Dependencies numeral:2.0.6File Path: /var/simplicite/simplicite-5.2/package-lock.json?npm-audit-html:1.5.0/numeral:^2.0.6 pkg:npm/numeral@2.0.6 oauth-2.4.0.jarDescription:
jclouds components to access OAuth File Path: /var/simplicite/.m2/repository/org/apache/jclouds/api/oauth/2.4.0/oauth-2.4.0.jarMD5: 4dc6a5fbca4a566ee89f4da98cf729b1SHA1: eab326c93b3301a758852ff96727bfa5616d2c89SHA256: a34db1cda4a4087a9b17116f12110cb63c24fcf8aca95bcb09279de15ec7a05fReferenced In Project/Scope: Simplicite Platform:compileoauth-2.4.0.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.apache.jclouds.provider/azureblob@2.4.0
Evidence Type Source Name Value Confidence Vendor file name oauth High Vendor jar package name jclouds Highest Vendor jar package name oauth Highest Vendor Manifest bundle-symbolicname oauth Medium Vendor Manifest implementation-url https://jclouds.apache.org/oauth/ Low Vendor Manifest Implementation-Vendor jclouds High Vendor Manifest Implementation-Vendor-Id org.apache.jclouds Medium Vendor Manifest specification-vendor jclouds Low Vendor pom artifactid oauth Highest Vendor pom artifactid oauth Low Vendor pom groupid org.apache.jclouds.api Highest Vendor pom name jclouds OAuth core High Vendor pom parent-artifactid jclouds-project Low Vendor pom parent-groupid org.apache.jclouds Medium Product file name oauth High Product jar package name jclouds Highest Product jar package name oauth Highest Product Manifest Bundle-Name jclouds OAuth core Medium Product Manifest bundle-symbolicname oauth Medium Product Manifest Implementation-Title jclouds OAuth core High Product Manifest implementation-url https://jclouds.apache.org/oauth/ Low Product Manifest specification-title jclouds jclouds OAuth core Medium Product pom artifactid oauth Highest Product pom groupid org.apache.jclouds.api Highest Product pom name jclouds OAuth core High Product pom parent-artifactid jclouds-project Medium Product pom parent-groupid org.apache.jclouds Medium Version file version 2.4.0 High Version Manifest Bundle-Version 2.4.0 High Version Manifest Implementation-Version 2.4.0 High Version pom version 2.4.0 Highest
object-inspect:1.12.3Description:
string representations of objects in node and the browser License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?side-channel:1.0.4/object-inspect:^1.9.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/es-abstract:1.21.2 simplicite-js:5.2.54/side-channel:1.0.4 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author.email mail@substack.net Highest Vendor package.json author.name James Halliday Highest Vendor package.json author.url http://substack.net Highest Vendor package.json description string representations of objects in node and the browser Highest Vendor package.json homepage https://github.com/inspect-js/object-inspect Highest Vendor package.json name object-inspect Highest Vendor package.json name object-inspect_project Highest Product package.json name object-inspect Highest Version package.json version 1.12.3 Highest
Related Dependencies object-inspect:1.12.3File Path: /var/simplicite/simplicite-5.2/package-lock.json?/object-inspect:1.12.3 pkg:npm/object-inspect@1.12.3 object-inspect:1.12.3File Path: /var/simplicite/simplicite-5.2/package-lock.json?es-abstract:1.21.2/object-inspect:^1.12.3 pkg:npm/object-inspect@1.12.3 object-keys:1.1.1Description:
An Object.keys replacement, in case Object.keys is not available. From https://github.com/es-shims/es5-shim License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?object.assign:4.1.4/object-keys:^1.1.1
Referenced In Projects/Scopes: simplicite-js:5.2.54/es-abstract:1.21.2 simplicite-js:5.2.54/define-properties:1.2.0 simplicite-js:5.2.54 simplicite-js:5.2.54/object.assign:4.1.4 Evidence Type Source Name Value Confidence Vendor package.json author.email ljharb@gmail.com Highest Vendor package.json author.name Jordan Harband Highest Vendor package.json author.url http://ljharb.codes Highest Vendor package.json description An Object.keys replacement, in case Object.keys is not available. From https://github.com/es-shims/es5-shim Highest Vendor package.json name object-keys Highest Vendor package.json name object-keys_project Highest Product package.json name object-keys Highest Version package.json version 1.1.1 Highest
Related Dependencies object-keys:1.1.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?/object-keys:1.1.1 pkg:npm/object-keys@1.1.1 object-keys:1.1.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?define-properties:1.2.0/object-keys:^1.1.1 pkg:npm/object-keys@1.1.1 object-keys:1.1.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?es-abstract:1.21.2/object-keys:^1.1.1 pkg:npm/object-keys@1.1.1 object.assign:4.1.4Description:
ES6 spec-compliant Object.assign shim. From https://github.com/es-shims/es6-shim License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/object.assign:4.1.4
Referenced In Projects/Scopes: simplicite-js:5.2.54/es-abstract:1.21.2 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author Jordan Harband Highest Vendor package.json description ES6 spec-compliant Object.assign shim. From https://github.com/es-shims/es6-shim Highest Vendor package.json name object.assign Highest Vendor package.json name object.assign_project Highest Product package.json name object.assign Highest Version package.json version 4.1.4 Highest
Related Dependencies object.assign:4.1.4File Path: /var/simplicite/simplicite-5.2/package-lock.json?es-abstract:1.21.2/object.assign:^4.1.4 pkg:npm/object.assign@4.1.4 object.getownpropertydescriptors:2.1.6Description:
ES2017 spec-compliant shim for `Object.getOwnPropertyDescriptors` that works in ES5. License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/object.getownpropertydescriptors:2.1.6
Referenced In Projects/Scopes: simplicite-js:5.2.54/node-environment-flags:1.0.6 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author Jordan Harband <ljharb@gmail.com> Highest Vendor package.json description ES2017 spec-compliant shim for `Object.getOwnPropertyDescriptors` that works in ES5. Highest Vendor package.json name object.getownpropertydescriptors Highest Vendor package.json name object.getownpropertydescriptors_project Highest Product package.json name object.getownpropertydescriptors Highest Version package.json version 2.1.6 Highest
Related Dependencies object.getownpropertydescriptors:2.1.6File Path: /var/simplicite/simplicite-5.2/package-lock.json?node-environment-flags:1.0.6/object.getownpropertydescriptors:^2.0.3 pkg:npm/object.getownpropertydescriptors@2.1.6 objenesis-3.2.jarDescription:
A library for instantiating Java objects License:
http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /var/simplicite/.m2/repository/org/objenesis/objenesis/3.2/objenesis-3.2.jar
MD5: 5c1ee20481a06561af295034ea89c4b4
SHA1: 7fadf57620c8b8abdf7519533e5527367cb51f09
SHA256: 03d960bd5aef03c653eb000413ada15eb77cdd2b8e4448886edf5692805e35f3
Referenced In Project/Scope: Simplicite Platform:runtime
objenesis-3.2.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.mockito/mockito-core@4.5.1
Evidence Type Source Name Value Confidence Vendor file name objenesis High Vendor jar package name objenesis Highest Vendor Manifest automatic-module-name org.objenesis Medium Vendor Manifest build-jdk-spec 1.8 Low Vendor Manifest bundle-symbolicname org.objenesis Medium Vendor Manifest Implementation-Vendor Joe Walnes, Henri Tremblay, Leonardo Mesquita High Vendor Manifest specification-vendor Joe Walnes, Henri Tremblay, Leonardo Mesquita Low Vendor pom artifactid objenesis Highest Vendor pom artifactid objenesis Low Vendor pom groupid org.objenesis Highest Vendor pom name Objenesis High Vendor pom parent-artifactid objenesis-parent Low Product file name objenesis High Product jar package name objenesis Highest Product Manifest automatic-module-name org.objenesis Medium Product Manifest build-jdk-spec 1.8 Low Product Manifest Bundle-Name Objenesis Medium Product Manifest bundle-symbolicname org.objenesis Medium Product Manifest Implementation-Title Objenesis High Product Manifest specification-title Objenesis Medium Product pom artifactid objenesis Highest Product pom groupid org.objenesis Highest Product pom name Objenesis High Product pom parent-artifactid objenesis-parent Medium Version file version 3.2 High Version Manifest Implementation-Version 3.2 High Version pom version 3.2 Highest
ojdbc8-23.2.0.0.jarDescription:
Oracle JDBC Driver compatible with JDK8, JDK11, JDK12, JDK13, JDK14 and JDK15 License:
Oracle Free Use Terms and Conditions (FUTC): https://www.oracle.com/downloads/licenses/oracle-free-license.html File Path: /var/simplicite/.m2/repository/com/oracle/database/jdbc/ojdbc8/23.2.0.0/ojdbc8-23.2.0.0.jar
MD5: 26b4d74defb08bc6b2c4cfb70ee8a00b
SHA1: 49acfb33ee776e43d2085e2fcc838778202a9128
SHA256: 233c0e33ab58e516d7c91d5cef6bf6272fa518e4ea29e9123cc8fe8a70ea39c9
Referenced In Project/Scope: Simplicite Platform:runtime
ojdbc8-23.2.0.0.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.simplicite/simplicite@5.2.54
Evidence Type Source Name Value Confidence Vendor file name ojdbc8 High Vendor jar package name driver Highest Vendor jar package name jdbc Highest Vendor jar package name oracle Highest Vendor jar (hint) package name sun Highest Vendor Manifest automatic-module-name com.oracle.database.jdbc Medium Vendor Manifest Implementation-Vendor Oracle Corporation High Vendor Manifest repository-id JAVAVM_23.2.0.0.0_LINUX.X64_230319 Low Vendor Manifest specification-vendor Sun Microsystems Inc. Low Vendor pom artifactid ojdbc8 Highest Vendor pom artifactid ojdbc8 Low Vendor pom developer org Oracle America, Inc. Medium Vendor pom developer org URL http://www.oracle.com Medium Vendor pom groupid com.oracle.database.jdbc Highest Vendor pom name ojdbc8 High Vendor pom url https://www.oracle.com/database/technologies/maven-central-guide.html Highest Product file name ojdbc8 High Product jar package name driver Highest Product jar package name jdbc Highest Product jar package name oracle Highest Product Manifest automatic-module-name com.oracle.database.jdbc Medium Product Manifest Implementation-Title JDBC High Product Manifest repository-id JAVAVM_23.2.0.0.0_LINUX.X64_230319 Low Product Manifest specification-title JDBC Medium Product pom artifactid ojdbc8 Highest Product pom developer org Oracle America, Inc. Low Product pom developer org URL http://www.oracle.com Low Product pom groupid com.oracle.database.jdbc Highest Product pom name ojdbc8 High Product pom url https://www.oracle.com/database/technologies/maven-central-guide.html Medium Version file version 23.2.0.0 High Version pom version 23.2.0.0 Highest
okhttp-2.7.5.jarFile Path: /var/simplicite/.m2/repository/com/squareup/okhttp/okhttp/2.7.5/okhttp-2.7.5.jarMD5: 1943a0ecbb1c503874c8c483284377e4SHA1: 7a15a7db50f86c4b64aa3367424a60e3a325b8f1SHA256: 88ac9fd1bb51f82bcc664cc1eb9c225c90dc4389d660231b4cc737bebfe7d0aaReferenced In Project/Scope: Simplicite Platform:compileokhttp-2.7.5.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.apache.commons/commons-vfs2@2.9.0
Evidence Type Source Name Value Confidence Vendor file name okhttp High Vendor jar package name internal Low Vendor jar package name okhttp Highest Vendor jar package name okhttp Low Vendor jar package name squareup Highest Vendor jar package name squareup Low Vendor pom artifactid okhttp Highest Vendor pom artifactid okhttp Low Vendor pom groupid com.squareup.okhttp Highest Vendor pom name OkHttp High Vendor pom parent-artifactid parent Low Product file name okhttp High Product jar package name internal Low Product jar package name okhttp Highest Product jar package name okhttp Low Product jar package name squareup Highest Product pom artifactid okhttp Highest Product pom groupid com.squareup.okhttp Highest Product pom name OkHttp High Product pom parent-artifactid parent Medium Version file version 2.7.5 High Version pom version 2.7.5 Highest
CVE-2021-0341 (OSSINDEX) suppress
In verifyHostName of OkHostnameVerifier.java, there is a possible way to accept a certificate for the wrong domain due to improperly used crypto. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.1 Android-9 Android-10 Android-11Android ID: A-171980069 CWE-295 Improper Certificate Validation
CVSSv2:
Base Score: HIGH (7.5) Vector: /AV:N/AC:L/Au:/C:H/I:N/A:N References:
Vulnerable Software & Versions (OSSINDEX):
cpe:2.3:a:com.squareup.okhttp:okhttp:2.7.5:*:*:*:*:*:*:* CVE-2023-0833 suppress
A flaw was found in Red Hat's AMQ-Streams, which ships a version of the OKHttp component with an information disclosure flaw via an exception triggered by a header containing an illegal value. This issue could allow an authenticated attacker to access information outside of their regular permissions. CWE-209 Generation of Error Message Containing Sensitive Information
CVSSv3:
Base Score: MEDIUM (5.5) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N References:
Vulnerable Software & Versions: (show all )
okio-1.6.0.jarFile Path: /var/simplicite/.m2/repository/com/squareup/okio/okio/1.6.0/okio-1.6.0.jarMD5: 164d1c28c323cf6e2a917d60374c5718SHA1: 98476622f10715998eacf9240d6b479f12c66143SHA256: 114bdc1f47338a68bcbc95abf2f5cdc72beeec91812f2fcd7b521c1937876266Referenced In Project/Scope: Simplicite Platform:compileokio-1.6.0.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.apache.commons/commons-vfs2@2.9.0
Evidence Type Source Name Value Confidence Vendor file name okio High Vendor jar package name okio Highest Vendor jar package name okio Low Vendor pom artifactid okio Highest Vendor pom artifactid okio Low Vendor pom groupid com.squareup.okio Highest Vendor pom name Okio High Vendor pom parent-artifactid okio-parent Low Product file name okio High Product jar package name okio Highest Product pom artifactid okio Highest Product pom groupid com.squareup.okio Highest Product pom name Okio High Product pom parent-artifactid okio-parent Medium Version file version 1.6.0 High Version pom version 1.6.0 Highest
CVE-2023-3635 suppress
GzipSource does not handle an exception that might be raised when parsing a malformed gzip buffer. This may lead to denial of service of the Okio client when handling a crafted GZIP archive, by using the GzipSource class.
CWE-681 Incorrect Conversion between Numeric Types
CVSSv3:
Base Score: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H References:
Vulnerable Software & Versions: (show all )
once:1.4.0Description:
Run a function exactly one time License:
ISC File Path: /var/simplicite/simplicite-5.2/package-lock.json?pump:3.0.0/once:^1.3.1
Referenced In Projects/Scopes: simplicite-js:5.2.54/glob:7.2.3 simplicite-js:5.2.54/inflight:1.0.6 simplicite-js:5.2.54/end-of-stream:1.4.4 simplicite-js:5.2.54/pump:3.0.0 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author Isaac Z. Schlueter <i@izs.me> (http://blog.izs.me/) Highest Vendor package.json description Run a function exactly one time Highest Vendor package.json name once Highest Vendor package.json name once_project Highest Product package.json name once Highest Version package.json version 1.4.0 Highest
Related Dependencies once:1.4.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?/once:1.4.0 pkg:npm/once@1.4.0 once:1.4.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?end-of-stream:1.4.4/once:^1.4.0 pkg:npm/once@1.4.0 once:1.4.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?glob:7.2.3/once:^1.3.0 pkg:npm/once@1.4.0 once:1.4.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?inflight:1.0.6/once:^1.3.0 pkg:npm/once@1.4.0 onetime:5.1.2Description:
Ensure a function is only called once License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?restore-cursor:3.1.0/onetime:^5.1.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/restore-cursor:3.1.0 simplicite-js:5.2.54/execa:5.1.1 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author.email sindresorhus@gmail.com Highest Vendor package.json author.name Sindre Sorhus Highest Vendor package.json author.url https://sindresorhus.com Highest Vendor package.json description Ensure a function is only called once Highest Vendor package.json name onetime Highest Vendor package.json name onetime_project Highest Product package.json name onetime Highest Version package.json version 5.1.2 Highest
Related Dependencies onetime:5.1.2File Path: /var/simplicite/simplicite-5.2/package-lock.json?/onetime:5.1.2 pkg:npm/onetime@5.1.2 onetime:5.1.2File Path: /var/simplicite/simplicite-5.2/package-lock.json?execa:5.1.1/onetime:^5.1.2 pkg:npm/onetime@5.1.2 open:7.4.2Description:
Open stuff like URLs, files, executables. Cross-platform. License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/open:7.4.2
Referenced In Projects/Scopes: simplicite-js:5.2.54/npm-audit-html:1.5.0 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author.email sindresorhus@gmail.com Highest Vendor package.json author.name Sindre Sorhus Highest Vendor package.json author.url https://sindresorhus.com Highest Vendor package.json description Open stuff like URLs, files, executables. Cross-platform. Highest Vendor package.json name open Highest Vendor package.json name open_project Highest Product package.json name open Highest Version package.json version 7.4.2 Highest
Related Dependencies open:7.4.2File Path: /var/simplicite/simplicite-5.2/package-lock.json?npm-audit-html:1.5.0/open:^7.3.0 pkg:npm/open@7.4.2 opencensus-api-0.28.0.jarDescription:
null License:
The Apache License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /var/simplicite/.m2/repository/io/opencensus/opencensus-api/0.28.0/opencensus-api-0.28.0.jar
MD5: 5fc00658b2b2b6b2f90028078888b06e
SHA1: 0fc0d06a9d975a38c581dff59b99cf31db78bd99
SHA256: 0c1723f3f6d3061323845ce8b88b35fdda500812e0a75b8eb5fcc4ad8c871a95
Referenced In Project/Scope: Simplicite Platform:compile
opencensus-api-0.28.0.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.google.http-client/google-http-client@1.40.0
Evidence Type Source Name Value Confidence Vendor file name opencensus-api High Vendor jar package name io Highest Vendor jar package name opencensus Highest Vendor Manifest source-compatibility 1.7 Low Vendor Manifest target-compatibility 1.7 Low Vendor pom artifactid opencensus-api Highest Vendor pom artifactid opencensus-api Low Vendor pom developer email census-developers@googlegroups.com Low Vendor pom developer id io.opencensus Medium Vendor pom developer name OpenCensus Contributors Medium Vendor pom developer org OpenCensus Authors Medium Vendor pom developer org URL https://www.opencensus.io Medium Vendor pom groupid io.opencensus Highest Vendor pom name OpenCensus High Vendor pom url census-instrumentation/opencensus-java Highest Product file name opencensus-api High Product jar package name io Highest Product jar package name opencensus Highest Product Manifest Implementation-Title opencensus-api High Product Manifest source-compatibility 1.7 Low Product Manifest target-compatibility 1.7 Low Product pom artifactid opencensus-api Highest Product pom developer email census-developers@googlegroups.com Low Product pom developer id io.opencensus Low Product pom developer name OpenCensus Contributors Low Product pom developer org OpenCensus Authors Low Product pom developer org URL https://www.opencensus.io Low Product pom groupid io.opencensus Highest Product pom name OpenCensus High Product pom url census-instrumentation/opencensus-java High Version file version 0.28.0 High Version Manifest Implementation-Version 0.28.0 High Version pom version 0.28.0 Highest
opencensus-contrib-grpc-util-0.28.0.jarDescription:
null License:
The Apache License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /var/simplicite/.m2/repository/io/opencensus/opencensus-contrib-grpc-util/0.28.0/opencensus-contrib-grpc-util-0.28.0.jar
MD5: 686921311cfe29a47147d1f48eb737ff
SHA1: e70da9aae4aedd13383d4201bcb794b62d9e7d5f
SHA256: b9168346e6af6593300a1bc27ef74254aa1f24019885938dd8fb852b877d55f0
Referenced In Project/Scope: Simplicite Platform:compile
opencensus-contrib-grpc-util-0.28.0.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.google.firebase/firebase-admin@8.0.1
Evidence Type Source Name Value Confidence Vendor file name opencensus-contrib-grpc-util High Vendor jar package name contrib Highest Vendor jar package name grpc Highest Vendor jar package name io Highest Vendor jar package name opencensus Highest Vendor Manifest source-compatibility 1.7 Low Vendor Manifest target-compatibility 1.7 Low Vendor pom artifactid opencensus-contrib-grpc-util Highest Vendor pom artifactid opencensus-contrib-grpc-util Low Vendor pom developer email census-developers@googlegroups.com Low Vendor pom developer id io.opencensus Medium Vendor pom developer name OpenCensus Contributors Medium Vendor pom developer org OpenCensus Authors Medium Vendor pom developer org URL https://www.opencensus.io Medium Vendor pom groupid io.opencensus Highest Vendor pom name OpenCensus High Vendor pom url census-instrumentation/opencensus-java Highest Product file name opencensus-contrib-grpc-util High Product jar package name contrib Highest Product jar package name grpc Highest Product jar package name io Highest Product jar package name opencensus Highest Product Manifest Implementation-Title opencensus-contrib-grpc-util High Product Manifest source-compatibility 1.7 Low Product Manifest target-compatibility 1.7 Low Product pom artifactid opencensus-contrib-grpc-util Highest Product pom developer email census-developers@googlegroups.com Low Product pom developer id io.opencensus Low Product pom developer name OpenCensus Contributors Low Product pom developer org OpenCensus Authors Low Product pom developer org URL https://www.opencensus.io Low Product pom groupid io.opencensus Highest Product pom name OpenCensus High Product pom url census-instrumentation/opencensus-java High Version file version 0.28.0 High Version Manifest Implementation-Version 0.28.0 High Version pom version 0.28.0 Highest
opencensus-contrib-http-util-0.28.0.jarDescription:
null License:
The Apache License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /var/simplicite/.m2/repository/io/opencensus/opencensus-contrib-http-util/0.28.0/opencensus-contrib-http-util-0.28.0.jar
MD5: c582fce59defa7babdd6faa80c0879a0
SHA1: f6cb276330197d51dd65327fc305a3df7e622705
SHA256: 49c3db2a29f1fdb2f73928cbea969bd1d40fab7cc5bb6273022babd96f7a789b
Referenced In Project/Scope: Simplicite Platform:compile
opencensus-contrib-http-util-0.28.0.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.google.http-client/google-http-client@1.40.0
Evidence Type Source Name Value Confidence Vendor file name opencensus-contrib-http-util High Vendor jar package name contrib Highest Vendor jar package name http Highest Vendor jar package name io Highest Vendor jar package name opencensus Highest Vendor Manifest source-compatibility 1.7 Low Vendor Manifest target-compatibility 1.7 Low Vendor pom artifactid opencensus-contrib-http-util Highest Vendor pom artifactid opencensus-contrib-http-util Low Vendor pom developer email census-developers@googlegroups.com Low Vendor pom developer id io.opencensus Medium Vendor pom developer name OpenCensus Contributors Medium Vendor pom developer org OpenCensus Authors Medium Vendor pom developer org URL https://www.opencensus.io Medium Vendor pom groupid io.opencensus Highest Vendor pom name OpenCensus High Vendor pom url census-instrumentation/opencensus-java Highest Product file name opencensus-contrib-http-util High Product jar package name contrib Highest Product jar package name http Highest Product jar package name io Highest Product jar package name opencensus Highest Product Manifest Implementation-Title opencensus-contrib-http-util High Product Manifest source-compatibility 1.7 Low Product Manifest target-compatibility 1.7 Low Product pom artifactid opencensus-contrib-http-util Highest Product pom developer email census-developers@googlegroups.com Low Product pom developer id io.opencensus Low Product pom developer name OpenCensus Contributors Low Product pom developer org OpenCensus Authors Low Product pom developer org URL https://www.opencensus.io Low Product pom groupid io.opencensus Highest Product pom name OpenCensus High Product pom url census-instrumentation/opencensus-java High Version file version 0.28.0 High Version Manifest Implementation-Version 0.28.0 High Version pom version 0.28.0 Highest
openhtmltopdf-core-1.0.10.jarDescription:
Open HTML to PDF is a CSS 2.1 renderer written in Java. This artifact contains the core rendering and layout code. License:
GNU Lesser General Public License (LGPL), version 2.1 or later: http://www.gnu.org/licenses/lgpl.html File Path: /var/simplicite/.m2/repository/com/openhtmltopdf/openhtmltopdf-core/1.0.10/openhtmltopdf-core-1.0.10.jar
MD5: 3a71c751b039576e64db702941185600
SHA1: cab5dcb31834bd86ffb1b1f82811a37fcea63cd2
SHA256: 3e6fd2250d833d500b7cd48b7a896700d0c33bd9f77a219e820493b01566eda3
Referenced In Project/Scope: Simplicite Platform:compile
openhtmltopdf-core-1.0.10.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.openhtmltopdf/openhtmltopdf-pdfbox@1.0.10
Evidence Type Source Name Value Confidence Vendor file name openhtmltopdf-core High Vendor jar package name css Highest Vendor jar package name layout Highest Vendor jar package name openhtmltopdf Highest Vendor Manifest build-jdk-spec 11 Low Vendor Manifest bundle-symbolicname com.openhtmltopdf.core Medium Vendor pom artifactid openhtmltopdf-core Highest Vendor pom artifactid openhtmltopdf-core Low Vendor pom groupid com.openhtmltopdf Highest Vendor pom name Openhtmltopdf Core Renderer High Vendor pom parent-artifactid openhtmltopdf-parent Low Product file name openhtmltopdf-core High Product jar package name css Highest Product jar package name layout Highest Product jar package name openhtmltopdf Highest Product Manifest build-jdk-spec 11 Low Product Manifest Bundle-Name Openhtmltopdf Core Renderer Medium Product Manifest bundle-symbolicname com.openhtmltopdf.core Medium Product pom artifactid openhtmltopdf-core Highest Product pom groupid com.openhtmltopdf Highest Product pom name Openhtmltopdf Core Renderer High Product pom parent-artifactid openhtmltopdf-parent Medium Version file version 1.0.10 High Version Manifest Bundle-Version 1.0.10 High Version pom version 1.0.10 Highest
openhtmltopdf-pdfbox-1.0.10.jarDescription:
Openhtmltopdf is a CSS 2.1 renderer written in Java. This artifact supports PDF output with Apache PDF-BOX 2. License:
GNU Lesser General Public License (LGPL), version 2.1 or later: http://www.gnu.org/licenses/lgpl.html File Path: /var/simplicite/.m2/repository/com/openhtmltopdf/openhtmltopdf-pdfbox/1.0.10/openhtmltopdf-pdfbox-1.0.10.jar
MD5: 1a0db19be8e308ae5326833e7e08b674
SHA1: 4041442fda47e760985cea8005d51a830031420f
SHA256: 7de90df1b3ecf84e6f0daf808d724c11142007a2f22bff1936479bf17251d31a
Referenced In Project/Scope: Simplicite Platform:compile
openhtmltopdf-pdfbox-1.0.10.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.simplicite/simplicite@5.2.54
Evidence Type Source Name Value Confidence Vendor file name openhtmltopdf-pdfbox High Vendor jar package name openhtmltopdf Highest Vendor Manifest build-jdk-spec 11 Low Vendor Manifest bundle-symbolicname com.openhtmltopdf.pdfbox Medium Vendor pom artifactid openhtmltopdf-pdfbox Highest Vendor pom artifactid openhtmltopdf-pdfbox Low Vendor pom groupid com.openhtmltopdf Highest Vendor pom name Openhtmltopdf PDF Rendering (Apache PDF-BOX 2) High Vendor pom parent-artifactid openhtmltopdf-parent Low Product file name openhtmltopdf-pdfbox High Product jar package name openhtmltopdf Highest Product Manifest build-jdk-spec 11 Low Product Manifest Bundle-Name Openhtmltopdf PDF Rendering (Apache PDF-BOX 2) Medium Product Manifest bundle-symbolicname com.openhtmltopdf.pdfbox Medium Product pom artifactid openhtmltopdf-pdfbox Highest Product pom groupid com.openhtmltopdf Highest Product pom name Openhtmltopdf PDF Rendering (Apache PDF-BOX 2) High Product pom parent-artifactid openhtmltopdf-parent Medium Version file version 1.0.10 High Version Manifest Bundle-Version 1.0.10 High Version pom version 1.0.10 Highest
openjson-1.0.12.jarDescription:
A clean-room Apache-licensed implementation of simple JSON processing License:
The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /var/simplicite/.m2/repository/com/github/openjson/openjson/1.0.12/openjson-1.0.12.jar
MD5: a4c968095bf1930b82a2493c457cee14
SHA1: 9c0663c10b48a889709a2d125580a3f22b975769
SHA256: 6b2bf77baa2349792fe6076810b2a58046c2dc210c8c88b0af9b0bf078e37441
Referenced In Project/Scope: Simplicite Platform:compile
openjson-1.0.12.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.apache.tika/tika-parsers@1.27
Evidence Type Source Name Value Confidence Vendor file name openjson High Vendor jar package name github Highest Vendor jar package name json Highest Vendor jar package name openjson Highest Vendor Manifest automatic-module-name com.github.openjson Medium Vendor Manifest build-jdk-spec 1.8 Low Vendor Manifest bundle-docurl https://github.com/openjson/openjson Low Vendor Manifest bundle-symbolicname com.github.openjson Medium Vendor Manifest originally-created-by Apache Maven Bundle Plugin Low Vendor pom artifactid openjson Highest Vendor pom artifactid openjson Low Vendor pom developer id openjson Medium Vendor pom developer name openjson team Medium Vendor pom groupid com.github.openjson Highest Vendor pom name Open JSON High Vendor pom url openjson/openjson Highest Product file name openjson High Product jar package name github Highest Product jar package name json Highest Product jar package name openjson Highest Product Manifest automatic-module-name com.github.openjson Medium Product Manifest build-jdk-spec 1.8 Low Product Manifest bundle-docurl https://github.com/openjson/openjson Low Product Manifest Bundle-Name Open JSON Medium Product Manifest bundle-symbolicname com.github.openjson Medium Product Manifest originally-created-by Apache Maven Bundle Plugin Low Product pom artifactid openjson Highest Product pom developer id openjson Low Product pom developer name openjson team Low Product pom groupid com.github.openjson Highest Product pom name Open JSON High Product pom url openjson/openjson High Version file version 1.0.12 High Version Manifest Bundle-Version 1.0.12 High Version pom version 1.0.12 Highest
opennlp-tools-1.9.3.jarDescription:
The Apache Software Foundation provides support for the Apache community of open-source software projects. The Apache projects are characterized by a collaborative, consensus based development process, an open and pragmatic software license, and a desire to create high quality software that leads the way in its field. We consider ourselves not simply a group of projects sharing a server, but rather a community of developers and users. License:
https://www.apache.org/licenses/LICENSE-2.0.txt File Path: /var/simplicite/.m2/repository/org/apache/opennlp/opennlp-tools/1.9.3/opennlp-tools-1.9.3.jar
MD5: a2c6a0629cf557ec1f1362852fe84c41
SHA1: 7c54b10c830af892c1d6bbbd6f1bcf1bec07bff7
SHA256: 95b1b13d57dd9ac14d0131b8c12f206c6409be384523e354d64e603b10d93ceb
Referenced In Project/Scope: Simplicite Platform:compile
opennlp-tools-1.9.3.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.apache.tika/tika-parsers@1.27
Evidence Type Source Name Value Confidence Vendor file name opennlp-tools High Vendor jar package name opennlp Highest Vendor jar package name tools Highest Vendor Manifest automatic-module-name org.apache.opennlp.tools Medium Vendor Manifest bundle-docurl https://www.apache.org/ Low Vendor Manifest bundle-requiredexecutionenvironment JavaSE-1.8 Low Vendor Manifest bundle-symbolicname org.apache.opennlp.tools Medium Vendor Manifest implementation-url https://www.apache.org/opennlp/opennlp-tools/ Low Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor Manifest Implementation-Vendor-Id org.apache.opennlp Medium Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor pom artifactid opennlp-tools Highest Vendor pom artifactid opennlp-tools Low Vendor pom groupid org.apache.opennlp Highest Vendor pom name Apache OpenNLP Tools High Vendor pom parent-artifactid opennlp Low Product file name opennlp-tools High Product jar package name opennlp Highest Product jar package name tools Highest Product Manifest automatic-module-name org.apache.opennlp.tools Medium Product Manifest bundle-docurl https://www.apache.org/ Low Product Manifest Bundle-Name Apache OpenNLP Tools Medium Product Manifest bundle-requiredexecutionenvironment JavaSE-1.8 Low Product Manifest bundle-symbolicname org.apache.opennlp.tools Medium Product Manifest Implementation-Title Apache OpenNLP Tools High Product Manifest implementation-url https://www.apache.org/opennlp/opennlp-tools/ Low Product Manifest specification-title Apache OpenNLP Tools Medium Product pom artifactid opennlp-tools Highest Product pom groupid org.apache.opennlp Highest Product pom name Apache OpenNLP Tools High Product pom parent-artifactid opennlp Medium Version file version 1.9.3 High Version Manifest Bundle-Version 1.9.3 High Version Manifest Implementation-Version 1.9.3 High Version pom version 1.9.3 Highest
openstack-keystone-2.4.0.jarDescription:
jclouds components to access an implementation of OpenStack Keystone File Path: /var/simplicite/.m2/repository/org/apache/jclouds/api/openstack-keystone/2.4.0/openstack-keystone-2.4.0.jarMD5: ae9b025700ea731061ed08b3b48243ccSHA1: 4f47a6b485371d357827b6a517ba54d073dc7b8bSHA256: 00ad7bb98a976383b6662b48d46262fffd695f01a811ffc327df71dd8b77f862Referenced In Project/Scope: Simplicite Platform:compileopenstack-keystone-2.4.0.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.apache.jclouds.api/openstack-swift@2.4.0
Evidence Type Source Name Value Confidence Vendor file name openstack-keystone High Vendor jar package name jclouds Highest Vendor jar package name keystone Highest Vendor jar package name openstack Highest Vendor Manifest bundle-symbolicname openstack-keystone Medium Vendor Manifest implementation-url https://jclouds.apache.org/openstack-keystone/ Low Vendor Manifest Implementation-Vendor jclouds High Vendor Manifest Implementation-Vendor-Id org.apache.jclouds Medium Vendor Manifest specification-vendor jclouds Low Vendor pom artifactid openstack-keystone Highest Vendor pom artifactid openstack-keystone Low Vendor pom groupid org.apache.jclouds.api Highest Vendor pom name jclouds openstack-keystone api High Vendor pom parent-artifactid jclouds-project Low Vendor pom parent-groupid org.apache.jclouds Medium Product file name openstack-keystone High Product jar package name jclouds Highest Product jar package name keystone Highest Product jar package name openstack Highest Product Manifest Bundle-Name jclouds openstack-keystone api Medium Product Manifest bundle-symbolicname openstack-keystone Medium Product Manifest Implementation-Title jclouds openstack-keystone api High Product Manifest implementation-url https://jclouds.apache.org/openstack-keystone/ Low Product Manifest specification-title jclouds jclouds openstack-keystone api Medium Product pom artifactid openstack-keystone Highest Product pom groupid org.apache.jclouds.api Highest Product pom name jclouds openstack-keystone api High Product pom parent-artifactid jclouds-project Medium Product pom parent-groupid org.apache.jclouds Medium Version file version 2.4.0 High Version Manifest Bundle-Version 2.4.0 High Version Manifest Implementation-Version 2.4.0 High Version pom version 2.4.0 Highest
CVE-2020-12689 suppress
An issue was discovered in OpenStack Keystone before 15.0.1, and 16.0.0. Any user authenticated within a limited scope (trust/oauth/application credential) can create an EC2 credential with an escalated permission, such as obtaining admin while the user is on a limited viewer role. This potentially allows a malicious user to act as the admin on a project another user has the admin role on, which can effectively grant that user global admin privileges. CWE-269 Improper Privilege Management
CVSSv2:
Base Score: MEDIUM (6.5) Vector: /AV:N/AC:L/Au:S/C:P/I:P/A:P CVSSv3:
Base Score: HIGH (8.8) Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H References:
Vulnerable Software & Versions: (show all )
CVE-2020-12690 suppress
An issue was discovered in OpenStack Keystone before 15.0.1, and 16.0.0. The list of roles provided for an OAuth1 access token is silently ignored. Thus, when an access token is used to request a keystone token, the keystone token contains every role assignment the creator had for the project. This results in the provided keystone token having more role assignments than the creator intended, possibly giving unintended escalated access. CWE-613 Insufficient Session Expiration
CVSSv2:
Base Score: MEDIUM (6.5) Vector: /AV:N/AC:L/Au:S/C:P/I:P/A:P CVSSv3:
Base Score: HIGH (8.8) Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H References:
Vulnerable Software & Versions: (show all )
CVE-2020-12691 suppress
An issue was discovered in OpenStack Keystone before 15.0.1, and 16.0.0. Any authenticated user can create an EC2 credential for themselves for a project that they have a specified role on, and then perform an update to the credential user and project, allowing them to masquerade as another user. This potentially allows a malicious user to act as the admin on a project another user has the admin role on, which can effectively grant that user global admin privileges. CWE-863 Incorrect Authorization
CVSSv2:
Base Score: MEDIUM (6.5) Vector: /AV:N/AC:L/Au:S/C:P/I:P/A:P CVSSv3:
Base Score: HIGH (8.8) Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H References:
Vulnerable Software & Versions: (show all )
CVE-2021-3563 suppress
A flaw was found in openstack-keystone. Only the first 72 characters of an application secret are verified allowing attackers bypass some password complexity which administrators may be counting on. The highest threat from this vulnerability is to data confidentiality and integrity. CWE-863 Incorrect Authorization
CVSSv3:
Base Score: HIGH (7.4) Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N References:
Vulnerable Software & Versions: (show all )
CVE-2020-12692 suppress
An issue was discovered in OpenStack Keystone before 15.0.1, and 16.0.0. The EC2 API doesn't have a signature TTL check for AWS Signature V4. An attacker can sniff the Authorization header, and then use it to reissue an OpenStack token an unlimited number of times. CWE-347 Improper Verification of Cryptographic Signature, CWE-294 Authentication Bypass by Capture-replay
CVSSv2:
Base Score: MEDIUM (5.5) Vector: /AV:N/AC:L/Au:S/C:P/I:P/A:N CVSSv3:
Base Score: MEDIUM (5.4) Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N References:
Vulnerable Software & Versions: (show all )
CVE-2018-14432 suppress
In the Federation component of OpenStack Keystone before 11.0.4, 12.0.0, and 13.0.0, an authenticated "GET /v3/OS-FEDERATION/projects" request may bypass intended access restrictions on listing projects. An authenticated user may discover projects they have no authority to access, leaking all projects in the deployment and their attributes. Only Keystone with the /v3/OS-FEDERATION endpoint enabled via policy.json is affected. CWE-200 Exposure of Sensitive Information to an Unauthorized Actor
CVSSv2:
Base Score: LOW (3.5) Vector: /AV:N/AC:M/Au:S/C:P/I:N/A:N CVSSv3:
Base Score: MEDIUM (5.3) Vector: CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N References:
Vulnerable Software & Versions: (show all )
CVE-2018-20170 suppress
OpenStack Keystone through 14.0.1 has a user enumeration vulnerability because invalid usernames have much faster responses than valid ones for a POST /v3/auth/tokens request. NOTE: the vendor's position is that this is a hardening opportunity, and not necessarily an issue that should have an OpenStack Security Advisory CWE-200 Exposure of Sensitive Information to an Unauthorized Actor
CVSSv2:
Base Score: MEDIUM (5.0) Vector: /AV:N/AC:L/Au:N/C:P/I:N/A:N CVSSv3:
Base Score: MEDIUM (5.3) Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N References:
Vulnerable Software & Versions:
openstack-swift-2.4.0.jarDescription:
jclouds components to access an implementation of OpenStack Swift File Path: /var/simplicite/.m2/repository/org/apache/jclouds/api/openstack-swift/2.4.0/openstack-swift-2.4.0.jarMD5: 74c0129c880af626ef6ec8931c4b98eaSHA1: 3f8f54bbcb73608ac8b66f186a824b75065eb413SHA256: ae044e061a1842724eeb7cb9493cabe83ea781f523b75853472f22de966e6be0Referenced In Project/Scope: Simplicite Platform:compileopenstack-swift-2.4.0.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.simplicite/simplicite@5.2.54
Evidence Type Source Name Value Confidence Vendor file name openstack-swift High Vendor jar package name jclouds Highest Vendor jar package name openstack Highest Vendor jar package name swift Highest Vendor Manifest bundle-symbolicname openstack-swift Medium Vendor Manifest implementation-url https://jclouds.apache.org/openstack-swift/ Low Vendor Manifest Implementation-Vendor jclouds High Vendor Manifest Implementation-Vendor-Id org.apache.jclouds Medium Vendor Manifest specification-vendor jclouds Low Vendor pom artifactid openstack-swift Highest Vendor pom artifactid openstack-swift Low Vendor pom groupid org.apache.jclouds.api Highest Vendor pom name jclouds openstack-swift api High Vendor pom parent-artifactid jclouds-project Low Vendor pom parent-groupid org.apache.jclouds Medium Product file name openstack-swift High Product jar package name jclouds Highest Product jar package name openstack Highest Product jar package name swift Highest Product Manifest Bundle-Name jclouds openstack-swift api Medium Product Manifest bundle-symbolicname openstack-swift Medium Product Manifest Implementation-Title jclouds openstack-swift api High Product Manifest implementation-url https://jclouds.apache.org/openstack-swift/ Low Product Manifest specification-title jclouds jclouds openstack-swift api Medium Product pom artifactid openstack-swift Highest Product pom groupid org.apache.jclouds.api Highest Product pom name jclouds openstack-swift api High Product pom parent-artifactid jclouds-project Medium Product pom parent-groupid org.apache.jclouds Medium Version file version 2.4.0 High Version Manifest Bundle-Version 2.4.0 High Version Manifest Implementation-Version 2.4.0 High Version pom version 2.4.0 Highest
CVE-2017-16613 suppress
An issue was discovered in middleware.py in OpenStack Swauth through 1.2.0 when used with OpenStack Swift through 2.15.1. The Swift object store and proxy server are saving (unhashed) tokens retrieved from the Swauth middleware authentication mechanism to a log file as part of a GET URI. This allows attackers to bypass authentication by inserting a token into an X-Auth-Token header of a new request. NOTE: github.com/openstack/swauth URLs do not mean that Swauth is maintained by an official OpenStack project team. CWE-287 Improper Authentication
CVSSv2:
Base Score: HIGH (7.5) Vector: /AV:N/AC:L/Au:N/C:P/I:P/A:P CVSSv3:
Base Score: CRITICAL (9.8) Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H References:
Vulnerable Software & Versions: (show all )
CVE-2016-0738 suppress
OpenStack Object Storage (Swift) before 2.3.1 (Kilo), 2.4.x, and 2.5.x before 2.5.1 (Liberty) do not properly close server connections, which allows remote attackers to cause a denial of service (proxy-server resource consumption) via a series of interrupted requests to a Large Object URL. CWE-399 Resource Management Errors
CVSSv2:
Base Score: MEDIUM (5.0) Vector: /AV:N/AC:L/Au:N/C:N/I:N/A:P CVSSv3:
Base Score: HIGH (7.5) Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H References:
Vulnerable Software & Versions: (show all )
CVE-2022-47950 suppress
An issue was discovered in OpenStack Swift before 2.28.1, 2.29.x before 2.29.2, and 2.30.0. By supplying crafted XML files, an authenticated user may coerce the S3 API into returning arbitrary file contents from the host server, resulting in unauthorized read access to potentially sensitive data. This impacts both s3api deployments (Rocky or later), and swift3 deployments (Queens and earlier, no longer actively developed). CWE-552 Files or Directories Accessible to External Parties
CVSSv3:
Base Score: MEDIUM (6.5) Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N References:
Vulnerable Software & Versions: (show all )
CVE-2017-8761 suppress
In OpenStack Swift through 2.10.1, 2.11.0 through 2.13.0, and 2.14.0, the proxy-server logs full tempurl paths, potentially leaking reusable tempurl signatures to anyone with read access to these logs. All Swift deployments using the tempurl middleware are affected. CWE-200 Exposure of Sensitive Information to an Unauthorized Actor
CVSSv2:
Base Score: MEDIUM (4.0) Vector: /AV:N/AC:L/Au:S/C:P/I:N/A:N CVSSv3:
Base Score: MEDIUM (4.3) Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N References:
Vulnerable Software & Versions: (show all )
optionator:0.9.3Description:
option parsing and help generation License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/optionator:0.9.3
Referenced In Projects/Scopes: simplicite-js:5.2.54/eslint:8.56.0 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author George Zahariev <z@georgezahariev.com> Highest Vendor package.json bugs https://github.com/gkz/optionator/issues Highest Vendor package.json description option parsing and help generation Highest Vendor package.json homepage https://github.com/gkz/optionator Highest Vendor package.json name optionator Highest Vendor package.json name optionator_project Highest Product package.json name optionator Highest Version package.json version 0.9.3 Highest
Related Dependencies optionator:0.9.3File Path: /var/simplicite/simplicite-5.2/package-lock.json?eslint:8.56.0/optionator:^0.9.3 pkg:npm/optionator@0.9.3 ora:5.4.1Description:
Elegant terminal spinner License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/ora:5.4.1
Referenced In Projects/Scopes: simplicite-js:5.2.54/npm-check:6.0.1 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author.email sindresorhus@gmail.com Highest Vendor package.json author.name Sindre Sorhus Highest Vendor package.json author.url https://sindresorhus.com Highest Vendor package.json description Elegant terminal spinner Highest Vendor package.json name ora Highest Vendor package.json name ora_project Highest Product package.json name ora Highest Version package.json version 5.4.1 Highest
Related Dependencies ora:5.4.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?npm-check:6.0.1/ora:^5.3.0 pkg:npm/ora@5.4.1 org.apache.oltu.oauth2.client-1.0.2.jarDescription:
Apache Oltu is an OAuth protocol implementation in Java. License:
http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /var/simplicite/.m2/repository/org/apache/oltu/oauth2/org.apache.oltu.oauth2.client/1.0.2/org.apache.oltu.oauth2.client-1.0.2.jar
MD5: 433638a5fab67c3a8f111d58c1fec0a0
SHA1: b34e09d1cb84c4b63cedb65c5346ac44eecc22c5
SHA256: ebbe0095c829ecbbb29b5ab572277ff11b9e3969114e6f1bac5d23a8c97e7708
Referenced In Project/Scope: Simplicite Platform:compile
org.apache.oltu.oauth2.client-1.0.2.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.simplicite/simplicite@5.2.54
Evidence Type Source Name Value Confidence Vendor file name org.apache.oltu.oauth2.client High Vendor jar package name apache Highest Vendor jar package name client Highest Vendor jar package name oauth2 Highest Vendor jar package name oltu Highest Vendor Manifest bundle-docurl https://oltu.apache.org/org.apache.oltu.oauth2.parent/org.apache.oltu.oauth2.client/ Low Vendor Manifest bundle-symbolicname org.apache.oltu.oauth2.client Medium Vendor Manifest implementation-build tags/org.apache.oltu.oauth2.parent-1.0.2/client@r1740515 Low Vendor Manifest implementation-build-date 2016-04-22 13:07:39+0000 Low Vendor pom artifactid apache.oltu.oauth2.client Low Vendor pom artifactid org.apache.oltu.oauth2.client Highest Vendor pom groupid org.apache.oltu.oauth2 Highest Vendor pom name Apache Oltu - OAuth 2.0 - Client High Vendor pom parent-artifactid org.apache.oltu.oauth2.parent Low Product file name org.apache.oltu.oauth2.client High Product jar package name apache Highest Product jar package name client Highest Product jar package name oauth2 Highest Product jar package name oltu Highest Product Manifest bundle-docurl https://oltu.apache.org/org.apache.oltu.oauth2.parent/org.apache.oltu.oauth2.client/ Low Product Manifest Bundle-Name Apache Oltu - OAuth 2.0 - Client Medium Product Manifest bundle-symbolicname org.apache.oltu.oauth2.client Medium Product Manifest implementation-build tags/org.apache.oltu.oauth2.parent-1.0.2/client@r1740515 Low Product Manifest implementation-build-date 2016-04-22 13:07:39+0000 Low Product pom artifactid apache.oltu.oauth2.client Highest Product pom artifactid org.apache.oltu.oauth2.client Highest Product pom groupid org.apache.oltu.oauth2 Highest Product pom name Apache Oltu - OAuth 2.0 - Client High Product pom parent-artifactid org.apache.oltu.oauth2.parent Medium Version file version 1.0.2 High Version Manifest Bundle-Version 1.0.2 High Version pom version 1.0.2 Highest
org.apache.oltu.oauth2.common-1.0.2.jarDescription:
OAuth 2.0 library - Common License:
http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /var/simplicite/.m2/repository/org/apache/oltu/oauth2/org.apache.oltu.oauth2.common/1.0.2/org.apache.oltu.oauth2.common-1.0.2.jar
MD5: 48d5e8f17d2f292b32788d2b98b1aebd
SHA1: a82fff95276f4c6feadc7993670e659076e43260
SHA256: 5e7ce01db88b361543e75644269c9447a059a5fecc23a15f3546eff8680ec968
Referenced In Project/Scope: Simplicite Platform:compile
org.apache.oltu.oauth2.common-1.0.2.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.apache.oltu.oauth2/org.apache.oltu.oauth2.client@1.0.2
Evidence Type Source Name Value Confidence Vendor file name org.apache.oltu.oauth2.common High Vendor jar package name apache Highest Vendor jar package name common Highest Vendor jar package name oauth2 Highest Vendor jar package name oltu Highest Vendor Manifest bundle-docurl https://oltu.apache.org/org.apache.oltu.oauth2.parent/org.apache.oltu.oauth2.common/ Low Vendor Manifest bundle-symbolicname org.apache.oltu.oauth2.common Medium Vendor Manifest implementation-build tags/org.apache.oltu.oauth2.parent-1.0.2/common@r1740515 Low Vendor Manifest implementation-build-date 2016-04-22 13:07:39+0000 Low Vendor pom artifactid apache.oltu.oauth2.common Low Vendor pom artifactid org.apache.oltu.oauth2.common Highest Vendor pom groupid org.apache.oltu.oauth2 Highest Vendor pom name Apache Oltu - OAuth 2.0 - Common High Vendor pom parent-artifactid org.apache.oltu.oauth2.parent Low Product file name org.apache.oltu.oauth2.common High Product jar package name apache Highest Product jar package name common Highest Product jar package name oauth2 Highest Product jar package name oltu Highest Product Manifest bundle-docurl https://oltu.apache.org/org.apache.oltu.oauth2.parent/org.apache.oltu.oauth2.common/ Low Product Manifest Bundle-Name Apache Oltu - OAuth 2.0 - Common Medium Product Manifest bundle-symbolicname org.apache.oltu.oauth2.common Medium Product Manifest implementation-build tags/org.apache.oltu.oauth2.parent-1.0.2/common@r1740515 Low Product Manifest implementation-build-date 2016-04-22 13:07:39+0000 Low Product pom artifactid apache.oltu.oauth2.common Highest Product pom artifactid org.apache.oltu.oauth2.common Highest Product pom groupid org.apache.oltu.oauth2 Highest Product pom name Apache Oltu - OAuth 2.0 - Common High Product pom parent-artifactid org.apache.oltu.oauth2.parent Medium Version file version 1.0.2 High Version Manifest Bundle-Version 1.0.2 High Version pom version 1.0.2 Highest
org.eclipse.jgit.http.server-6.1.0.202203080745-r.jarDescription:
Git aware HTTP server implementation.
File Path: /var/simplicite/.m2/repository/org/eclipse/jgit/org.eclipse.jgit.http.server/6.1.0.202203080745-r/org.eclipse.jgit.http.server-6.1.0.202203080745-r.jarMD5: e98293841bce4f122bca2b0cf2e78fa0SHA1: 8c61b038cc12c78da107701e6a443bb9a88aa8adSHA256: c206f4eba35dba8aaa76a26fd19ae7dbcb4b2cd862cfb7b12c95cd0150a36449Referenced In Project/Scope: Simplicite Platform:compileorg.eclipse.jgit.http.server-6.1.0.202203080745-r.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.simplicite/simplicite@5.2.54
Evidence Type Source Name Value Confidence Vendor file name org.eclipse.jgit.http.server High Vendor jar package name eclipse Highest Vendor jar package name http Highest Vendor jar package name jgit Highest Vendor jar package name server Highest Vendor Manifest automatic-module-name org.eclipse.jgit.http.server Medium Vendor Manifest build-jdk-spec 11 Low Vendor Manifest bundle-activationpolicy lazy Low Vendor Manifest bundle-localization plugin Low Vendor Manifest bundle-requiredexecutionenvironment JavaSE-11 Low Vendor Manifest bundle-symbolicname org.eclipse.jgit.http.server Medium Vendor Manifest Implementation-Vendor Eclipse.org - JGit High Vendor Manifest Implementation-Vendor-Id org.eclipse.jgit Medium Vendor Manifest implementation-vendor-url https://www.eclipse.org/jgit/ Medium Vendor pom artifactid eclipse.jgit.http.server Low Vendor pom artifactid org.eclipse.jgit.http.server Highest Vendor pom groupid org.eclipse.jgit Highest Vendor pom name JGit - HTTP Server High Vendor pom parent-artifactid org.eclipse.jgit-parent Low Product file name org.eclipse.jgit.http.server High Product jar package name eclipse Highest Product jar package name http Highest Product jar package name jgit Highest Product jar package name server Highest Product Manifest automatic-module-name org.eclipse.jgit.http.server Medium Product Manifest build-jdk-spec 11 Low Product Manifest bundle-activationpolicy lazy Low Product Manifest bundle-localization plugin Low Product Manifest Bundle-Name %Bundle-Name Medium Product Manifest bundle-requiredexecutionenvironment JavaSE-11 Low Product Manifest bundle-symbolicname org.eclipse.jgit.http.server Medium Product Manifest Implementation-Title JGit org.eclipse.jgit.http.server High Product pom artifactid eclipse.jgit.http.server Highest Product pom artifactid org.eclipse.jgit.http.server Highest Product pom groupid org.eclipse.jgit Highest Product pom name JGit - HTTP Server High Product pom parent-artifactid org.eclipse.jgit-parent Medium Version Manifest Bundle-Version 6.1.0.202203080745-r High Version Manifest Implementation-Version 6.1.0.202203080745-r High Version pom version 6.1.0.202203080745-r Highest
Related Dependencies org.eclipse.jgit-6.1.0.202203080745-r.jarFile Path: /var/simplicite/.m2/repository/org/eclipse/jgit/org.eclipse.jgit/6.1.0.202203080745-r/org.eclipse.jgit-6.1.0.202203080745-r.jar MD5: 19a83df8b0132f825437715a33e91d28 SHA1: 7b4a7cc2ef31bea3d2b283c06864fe791ccb22be SHA256: b54f9fb14f62554a131bee6dd2a6dfaac82762037be5f2d78003d4ddd67c7e67 pkg:maven/org.eclipse.jgit/org.eclipse.jgit@6.1.0.202203080745-r org.eclipse.jgit.ssh.apache-6.1.0.202203080745-r.jarFile Path: /var/simplicite/.m2/repository/org/eclipse/jgit/org.eclipse.jgit.ssh.apache/6.1.0.202203080745-r/org.eclipse.jgit.ssh.apache-6.1.0.202203080745-r.jar MD5: f13c5b0708cec5945f45851ea3476f35 SHA1: 7d20d053b4103ad6b5fc6cbd689f56ffc52a6410 SHA256: cfb77a6f129e1256af85870b25fe25834d73606c8eb277980b485dd87ca19e72 pkg:maven/org.eclipse.jgit/org.eclipse.jgit.ssh.apache@6.1.0.202203080745-r CVE-2023-4759 suppress
Arbitrary File Overwrite in Eclipse JGit <= 6.6.0
In Eclipse JGit, all versions <= 6.6.0.202305301015-r, a symbolic link present in a specially crafted git repository can be used to write a file to locations outside the working tree when this repository is cloned with JGit to a case-insensitive filesystem, or when a checkout from a clone of such a repository is performed on a case-insensitive filesystem.
This can happen on checkout (DirCacheCheckout), merge (ResolveMerger via its WorkingTreeUpdater), pull (PullCommand using merge), and when applying a patch (PatchApplier). This can be exploited for remote code execution (RCE), for instance if the file written outside the working tree is a git filter that gets executed on a subsequent git command.
The issue occurs only on case-insensitive filesystems, like the default filesystems on Windows and macOS. The user performing the clone or checkout must have the rights to create symbolic links for the problem to occur, and symbolic links must be enabled in the git configuration.
Setting git configuration option core.symlinks = false before checking out avoids the problem.
The issue was fixed in Eclipse JGit version 6.6.1.202309021850-r and 6.7.0.202309050840-r, available via Maven Central https://repo1.maven.org/maven2/org/eclipse/jgit/ and repo.eclipse.org https://repo.eclipse.org/content/repositories/jgit-releases/ . A backport is available in 5.13.3 starting from 5.13.3.202401111512-r.
The JGit maintainers would like to thank RyotaK for finding and reporting this issue.
CWE-59 Improper Link Resolution Before File Access ('Link Following'), CWE-178 Improper Handling of Case Sensitivity
CVSSv3:
Base Score: HIGH (8.8) Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H References:
Vulnerable Software & Versions: (show all )
org.eclipse.paho.client.mqttv3-1.2.5.jarFile Path: /var/simplicite/.m2/repository/org/eclipse/paho/org.eclipse.paho.client.mqttv3/1.2.5/org.eclipse.paho.client.mqttv3-1.2.5.jarMD5: eb09d20835460ad2de7b6d46e77ad113SHA1: 1546cfc794449c39ad569853843a930104fdc297SHA256: 59914287adac506a28d5e8172eed262a22605f3df4d426b9d92f41dae2448185Referenced In Project/Scope: Simplicite Platform:compileorg.eclipse.paho.client.mqttv3-1.2.5.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.simplicite/simplicite@5.2.54
Evidence Type Source Name Value Confidence Vendor file name org.eclipse.paho.client.mqttv3 High Vendor jar package name client Highest Vendor jar package name eclipse Highest Vendor jar package name mqttv3 Highest Vendor jar package name paho Highest Vendor Manifest build-jdk-spec 1.8 Low Vendor Manifest bundle-activationpolicy lazy Low Vendor Manifest bundle-localization bundle Low Vendor Manifest bundle-requiredexecutionenvironment JavaSE-1.7 Low Vendor Manifest bundle-symbolicname org.eclipse.paho.client.mqttv3 Medium Vendor pom artifactid eclipse.paho.client.mqttv3 Low Vendor pom artifactid org.eclipse.paho.client.mqttv3 Highest Vendor pom groupid org.eclipse.paho Highest Vendor pom parent-artifactid java-parent Low Product file name org.eclipse.paho.client.mqttv3 High Product jar package name client Highest Product jar package name eclipse Highest Product jar package name mqttv3 Highest Product jar package name paho Highest Product Manifest build-jdk-spec 1.8 Low Product Manifest bundle-activationpolicy lazy Low Product Manifest bundle-localization bundle Low Product Manifest Bundle-Name org.eclipse.paho.client.mqttv3 Medium Product Manifest bundle-requiredexecutionenvironment JavaSE-1.7 Low Product Manifest bundle-symbolicname org.eclipse.paho.client.mqttv3 Medium Product pom artifactid eclipse.paho.client.mqttv3 Highest Product pom artifactid org.eclipse.paho.client.mqttv3 Highest Product pom groupid org.eclipse.paho Highest Product pom parent-artifactid java-parent Medium Version file version 1.2.5 High Version Manifest Bundle-Version 1.2.5 High Version pom version 1.2.5 Highest
os-tmpdir:1.0.2Description:
Node.js os.tmpdir() ponyfill License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?tmp:0.0.33/os-tmpdir:~1.0.2
Referenced In Projects/Scopes: simplicite-js:5.2.54/tmp:0.0.33 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author.email sindresorhus@gmail.com Highest Vendor package.json author.name Sindre Sorhus Highest Vendor package.json author.url sindresorhus.com Highest Vendor package.json description Node.js os.tmpdir() ponyfill Highest Vendor package.json name os-tmpdir Highest Vendor package.json name os-tmpdir_project Highest Product package.json name os-tmpdir Highest Version package.json version 1.0.2 Highest
Related Dependencies os-tmpdir:1.0.2File Path: /var/simplicite/simplicite-5.2/package-lock.json?/os-tmpdir:1.0.2 pkg:npm/os-tmpdir@1.0.2 osgi-resource-locator-1.0.3.jarDescription:
Used by various API providers that rely on META-INF/services mechanism to locate providers. License:
EPL 2.0: http://www.eclipse.org/legal/epl-2.0
GPL2 w/ CPE: https://www.gnu.org/software/classpath/license.html File Path: /var/simplicite/.m2/repository/org/glassfish/hk2/osgi-resource-locator/1.0.3/osgi-resource-locator-1.0.3.jar
MD5: e7e82b82118c5387ae45f7bf3892909b
SHA1: de3b21279df7e755e38275137539be5e2c80dd58
SHA256: aab5d7849f7cfcda2cc7c541ba1bd365151d42276f151c825387245dfde3dd74
Referenced In Project/Scope: Simplicite Platform:provided
osgi-resource-locator-1.0.3.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.docusign/docusign-esign-java@3.14.0
Evidence Type Source Name Value Confidence Vendor file name osgi-resource-locator High Vendor jar package name glassfish Highest Vendor jar package name hk2 Highest Vendor Manifest bundle-activationpolicy lazy Low Vendor Manifest bundle-docurl https://www.eclipse.org Low Vendor Manifest bundle-symbolicname org.glassfish.hk2.osgi-resource-locator Medium Vendor pom artifactid osgi-resource-locator Highest Vendor pom artifactid osgi-resource-locator Low Vendor pom developer id ss141213 Medium Vendor pom developer name Sahoo Medium Vendor pom developer org Oracle Corporation Medium Vendor pom groupid org.glassfish.hk2 Highest Vendor pom name OSGi resource locator High Vendor pom parent-artifactid project Low Vendor pom parent-groupid org.eclipse.ee4j Medium Product file name osgi-resource-locator High Product jar package name glassfish Highest Product jar package name hk2 Highest Product Manifest bundle-activationpolicy lazy Low Product Manifest bundle-docurl https://www.eclipse.org Low Product Manifest Bundle-Name OSGi resource locator Medium Product Manifest bundle-symbolicname org.glassfish.hk2.osgi-resource-locator Medium Product pom artifactid osgi-resource-locator Highest Product pom developer id ss141213 Low Product pom developer name Sahoo Low Product pom developer org Oracle Corporation Low Product pom groupid org.glassfish.hk2 Highest Product pom name OSGi resource locator High Product pom parent-artifactid project Medium Product pom parent-groupid org.eclipse.ee4j Medium Version file version 1.0.3 High Version Manifest Bundle-Version 1.0.3 High Version pom parent-version 1.0.3 Low Version pom version 1.0.3 Highest
p-cancelable:1.1.0Description:
Create a promise that can be canceled License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/p-cancelable:1.1.0
Referenced In Project/Scope: simplicite-js:5.2.54
Evidence Type Source Name Value Confidence Vendor package.json author.email sindresorhus@gmail.com Highest Vendor package.json author.name Sindre Sorhus Highest Vendor package.json author.url sindresorhus.com Highest Vendor package.json description Create a promise that can be canceled Highest Vendor package.json name p-cancelable Highest Vendor package.json name p-cancelable_project Highest Product package.json name p-cancelable Highest Version package.json version 1.1.0 Highest
p-cancelable:3.0.0Description:
Create a promise that can be canceled License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/p-cancelable:3.0.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/got:12.6.1 simplicite-js:5.2.54/got:9.6.0 simplicite-js:5.2.54 simplicite-js:5.2.54/got:13.0.0 Evidence Type Source Name Value Confidence Vendor package.json author.email sindresorhus@gmail.com Highest Vendor package.json author.name Sindre Sorhus Highest Vendor package.json author.url https://sindresorhus.com Highest Vendor package.json description Create a promise that can be canceled Highest Vendor package.json name p-cancelable Highest Vendor package.json name p-cancelable_project Highest Product package.json name p-cancelable Highest Version package.json version 3.0.0 Highest
Related Dependencies p-cancelable:3.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?got:12.6.1/p-cancelable:^3.0.0 pkg:npm/p-cancelable@3.0.0 p-cancelable:3.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?got:13.0.0/p-cancelable:^3.0.0 pkg:npm/p-cancelable@3.0.0 p-cancelable:3.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?got:9.6.0/p-cancelable:^1.0.0 pkg:npm/p-cancelable@3.0.0 p-limit:3.1.0Description:
Run multiple promise-returning & async functions with limited concurrency License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?p-locate:5.0.0/p-limit:^3.0.2
Referenced In Projects/Scopes: simplicite-js:5.2.54/p-locate:3.0.0 simplicite-js:5.2.54/p-locate:5.0.0 simplicite-js:5.2.54/p-locate:4.1.0 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author.email sindresorhus@gmail.com Highest Vendor package.json author.name Sindre Sorhus Highest Vendor package.json author.url https://sindresorhus.com Highest Vendor package.json author.url sindresorhus.com Highest Vendor package.json description Run multiple promise-returning & async functions with limited concurrency Highest Vendor package.json name p-limit Highest Vendor package.json name p-limit_project Highest Product package.json name p-limit Highest Version package.json version 3.1.0 Highest
Related Dependencies p-limit:2.3.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?/p-limit:2.3.0 pkg:npm/p-limit@2.3.0 p-limit:3.1.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?/p-limit:3.1.0 pkg:npm/p-limit@3.1.0 p-limit:3.1.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?p-locate:3.0.0/p-limit:^2.0.0 pkg:npm/p-limit@3.1.0 p-limit:3.1.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?p-locate:4.1.0/p-limit:^2.2.0 pkg:npm/p-limit@3.1.0 p-locate:3.0.0Description:
Get the first fulfilled promise that satisfies the provided testing function License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/p-locate:3.0.0
Referenced In Project/Scope: simplicite-js:5.2.54
Evidence Type Source Name Value Confidence Vendor package.json author.email sindresorhus@gmail.com Highest Vendor package.json author.name Sindre Sorhus Highest Vendor package.json author.url sindresorhus.com Highest Vendor package.json description Get the first fulfilled promise that satisfies the provided testing function Highest Vendor package.json name p-locate Highest Vendor package.json name p-locate_project Highest Product package.json name p-locate Highest Version package.json version 3.0.0 Highest
p-locate:4.1.0Description:
Get the first fulfilled promise that satisfies the provided testing function License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/p-locate:4.1.0
Referenced In Project/Scope: simplicite-js:5.2.54
Evidence Type Source Name Value Confidence Vendor package.json author.email sindresorhus@gmail.com Highest Vendor package.json author.name Sindre Sorhus Highest Vendor package.json author.url sindresorhus.com Highest Vendor package.json description Get the first fulfilled promise that satisfies the provided testing function Highest Vendor package.json name p-locate Highest Vendor package.json name p-locate_project Highest Product package.json name p-locate Highest Version package.json version 4.1.0 Highest
p-locate:5.0.0Description:
Get the first fulfilled promise that satisfies the provided testing function License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/p-locate:5.0.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/locate-path:5.0.0 simplicite-js:5.2.54/locate-path:6.0.0 simplicite-js:5.2.54/locate-path:3.0.0 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author.email sindresorhus@gmail.com Highest Vendor package.json author.name Sindre Sorhus Highest Vendor package.json author.url https://sindresorhus.com Highest Vendor package.json description Get the first fulfilled promise that satisfies the provided testing function Highest Vendor package.json name p-locate Highest Vendor package.json name p-locate_project Highest Product package.json name p-locate Highest Version package.json version 5.0.0 Highest
Related Dependencies p-locate:4.1.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?/p-locate:4.1.0 pkg:npm/p-locate@4.1.0 p-locate:5.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?locate-path:3.0.0/p-locate:^3.0.0 pkg:npm/p-locate@5.0.0 p-locate:5.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?locate-path:5.0.0/p-locate:^4.1.0 pkg:npm/p-locate@5.0.0 p-locate:5.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?locate-path:6.0.0/p-locate:^5.0.0 pkg:npm/p-locate@5.0.0 p-map:4.0.0Description:
Map over promises concurrently License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/p-map:4.0.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/cacache:17.1.3 simplicite-js:5.2.54/npm-check-updates:16.14.14 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author.email sindresorhus@gmail.com Highest Vendor package.json author.name Sindre Sorhus Highest Vendor package.json author.url https://sindresorhus.com Highest Vendor package.json description Map over promises concurrently Highest Vendor package.json name p-map Highest Vendor package.json name p-map_project Highest Product package.json name p-map Highest Version package.json version 4.0.0 Highest
Related Dependencies p-map:4.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?cacache:17.1.3/p-map:^4.0.0 pkg:npm/p-map@4.0.0 p-map:4.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?npm-check-updates:16.14.14/p-map:^4.0.0 pkg:npm/p-map@4.0.0 p-try:2.2.0Description:
`Start a promise chain License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?p-limit:2.3.0/p-try:^2.0.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/p-limit:2.3.0 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author.email sindresorhus@gmail.com Highest Vendor package.json author.name Sindre Sorhus Highest Vendor package.json author.url sindresorhus.com Highest Vendor package.json description `Start a promise chain Highest Vendor package.json name p-try Highest Vendor package.json name p-try_project Highest Product package.json name p-try Highest Version package.json version 2.2.0 Highest
Related Dependencies p-try:2.2.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?/p-try:2.2.0 pkg:npm/p-try@2.2.0 package-json:6.5.0Description:
Get metadata of a package from the npm registry License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/package-json:6.5.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/latest-version:7.0.0 simplicite-js:5.2.54/npm-check:6.0.1 simplicite-js:5.2.54 simplicite-js:5.2.54/latest-version:5.1.0 Evidence Type Source Name Value Confidence Vendor package.json author.email sindresorhus@gmail.com Highest Vendor package.json author.name Sindre Sorhus Highest Vendor package.json author.url sindresorhus.com Highest Vendor package.json description Get metadata of a package from the npm registry Highest Vendor package.json name package-json Highest Vendor package.json name package-json_project Highest Product package.json name package-json Highest Version package.json version 6.5.0 Highest
Related Dependencies package-json:6.5.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?latest-version:5.1.0/package-json:^6.3.0 pkg:npm/package-json@6.5.0 package-json:6.5.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?latest-version:7.0.0/package-json:^8.1.0 pkg:npm/package-json@6.5.0 package-json:6.5.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?npm-check:6.0.1/package-json:^6.5.0 pkg:npm/package-json@6.5.0 package-json:8.1.1Description:
Get metadata of a package from the npm registry License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/package-json:8.1.1
Referenced In Project/Scope: simplicite-js:5.2.54
Evidence Type Source Name Value Confidence Vendor package.json author.email sindresorhus@gmail.com Highest Vendor package.json author.name Sindre Sorhus Highest Vendor package.json author.url https://sindresorhus.com Highest Vendor package.json description Get metadata of a package from the npm registry Highest Vendor package.json name package-json Highest Vendor package.json name package-json_project Highest Product package.json name package-json Highest Version package.json version 8.1.1 Highest
pacote:15.2.0Description:
JavaScript package downloader License:
ISC File Path: /var/simplicite/simplicite-5.2/package-lock.json?/pacote:15.2.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/npm-check-updates:16.14.14 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author GitHub Inc. Highest Vendor package.json description JavaScript package downloader Highest Vendor package.json name pacote Highest Vendor package.json name pacote_project Highest Product package.json name pacote Highest Version package.json version 15.2.0 Highest
Related Dependencies pacote:15.2.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?npm-check-updates:16.14.14/pacote:15.2.0 pkg:npm/pacote@15.2.0 pako:1.0.11Description:
zlib port to javascript - fast, modularized, with browser support License:
(MIT AND Zlib) File Path: /var/simplicite/simplicite-5.2/package-lock.json?/pako:1.0.11
Referenced In Projects/Scopes: simplicite-js:5.2.54 simplicite-js:5.2.54/jszip:3.7.1 Evidence Type Source Name Value Confidence Vendor package.json description zlib port to javascript - fast, modularized, with browser support Highest Vendor package.json homepage https://github.com/nodeca/pako Highest Vendor package.json name pako Highest Vendor package.json name pako_project Highest Product package.json name pako Highest Version package.json version 1.0.11 Highest
Related Dependencies pako:1.0.11File Path: /var/simplicite/simplicite-5.2/package-lock.json?jszip:3.7.1/pako:~1.0.2 pkg:npm/pako@1.0.11 parent-module:1.0.1Description:
Get the path of the parent module License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/parent-module:1.0.1
Referenced In Projects/Scopes: simplicite-js:5.2.54/import-fresh:3.3.0 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author.email sindresorhus@gmail.com Highest Vendor package.json author.name Sindre Sorhus Highest Vendor package.json author.url sindresorhus.com Highest Vendor package.json description Get the path of the parent module Highest Vendor package.json name parent-module Highest Vendor package.json name parent-module_project Highest Product package.json name parent-module Highest Version package.json version 1.0.1 Highest
Related Dependencies parent-module:1.0.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?import-fresh:3.3.0/parent-module:^1.0.0 pkg:npm/parent-module@1.0.1 parse-github-url:1.0.2Description:
Parse a github URL into an object. License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/parse-github-url:1.0.2
Referenced In Projects/Scopes: simplicite-js:5.2.54/npm-check-updates:16.14.14 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author Jon Schlinkert (https://github.com/jonschlinkert) Highest Vendor package.json bugs.url https://github.com/jonschlinkert/parse-github-url/issues Highest Vendor package.json description Parse a github URL into an object. Highest Vendor package.json homepage https://github.com/jonschlinkert/parse-github-url Highest Vendor package.json name parse-github-url Highest Vendor package.json name parse-github-url_project Highest Product package.json name parse-github-url Highest Version package.json version 1.0.2 Highest
Related Dependencies parse-github-url:1.0.2File Path: /var/simplicite/simplicite-5.2/package-lock.json?npm-check-updates:16.14.14/parse-github-url:^1.0.2 pkg:npm/parse-github-url@1.0.2 parse-json:5.2.0Description:
Parse JSON with more helpful errors License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?read-pkg:5.2.0/parse-json:^5.0.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/read-pkg:5.2.0 simplicite-js:5.2.54/cosmiconfig:7.1.0 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author.email sindresorhus@gmail.com Highest Vendor package.json author.name Sindre Sorhus Highest Vendor package.json author.url https://sindresorhus.com Highest Vendor package.json description Parse JSON with more helpful errors Highest Vendor package.json name parse-json Highest Vendor package.json name parse-json_project Highest Product package.json name parse-json Highest Version package.json version 5.2.0 Highest
Related Dependencies parse-json:5.2.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?/parse-json:5.2.0 pkg:npm/parse-json@5.2.0 parse-json:5.2.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?cosmiconfig:7.1.0/parse-json:^5.0.0 pkg:npm/parse-json@5.2.0 pkg:npm/parse-json@5.2.0 (Confidence :Highest)cpe:2.3:a:parsejson_project:parsejson:5.2.0:*:*:*:*:*:*:* (Confidence :Low) suppress parse-passwd:1.0.0Description:
Parse a passwd file into a list of users. License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/parse-passwd:1.0.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/homedir-polyfill:1.0.3 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author Brian Woodward (https://github.com/doowb) Highest Vendor package.json bugs.url https://github.com/doowb/parse-passwd/issues Highest Vendor package.json description Parse a passwd file into a list of users. Highest Vendor package.json homepage https://github.com/doowb/parse-passwd Highest Vendor package.json name parse-passwd Highest Vendor package.json name parse-passwd_project Highest Product package.json name parse-passwd Highest Version package.json version 1.0.0 Highest
Related Dependencies parse-passwd:1.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?homedir-polyfill:1.0.3/parse-passwd:^1.0.0 pkg:npm/parse-passwd@1.0.0 parso-2.0.14.jarDescription:
Parso is a lightweight Java library designed to read SAS7BDAT datasets. The Parso interfaces
are analogous to libraries designed to read table-storing files, for example, CSVReader library.
Despite its small size, the Parso library is the only full-featured open-source solution to process SAS7BDAT
datasets, both uncompressed, CHAR-compressed and BIN-compressed. It is effective in processing clinical and
statistical data often stored in SAS7BDAT format. Parso allows converting data into CSV format.
License:
Apache License v2: http://www.apache.org/licenses/LICENSE-2.0.html File Path: /var/simplicite/.m2/repository/com/epam/parso/2.0.14/parso-2.0.14.jar
MD5: bcc5179208e31ecddd8ec1cd2f5fca10
SHA1: a02ea1b198c410a105d261efd2d7043739aecd8e
SHA256: 3b7e7a32915e04caed5dba31be1430aa57b4f9fa2b3d0ab0ed29067510d16575
Referenced In Project/Scope: Simplicite Platform:compile
parso-2.0.14.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.apache.tika/tika-parsers@1.27
Evidence Type Source Name Value Confidence Vendor file name parso High Vendor jar package name date Low Vendor jar package name epam Highest Vendor jar package name epam Low Vendor jar package name parso Highest Vendor jar package name parso Low Vendor pom artifactid parso Highest Vendor pom artifactid parso Low Vendor pom developer email arat90@ya.ru Low Vendor pom developer email Igor_Printsev@epam.com Low Vendor pom developer name Igor Printsev Medium Vendor pom developer name Petr Tsurinov Medium Vendor pom developer org EPAM Medium Vendor pom developer org URL http://www.epam.com Medium Vendor pom groupid com.epam Highest Vendor pom name parso High Vendor pom url epam/parso Highest Product file name parso High Product jar package name date Low Product jar package name epam Highest Product jar package name parso Highest Product jar package name parso Low Product pom artifactid parso Highest Product pom developer email arat90@ya.ru Low Product pom developer email Igor_Printsev@epam.com Low Product pom developer name Igor Printsev Low Product pom developer name Petr Tsurinov Low Product pom developer org EPAM Low Product pom developer org URL http://www.epam.com Low Product pom groupid com.epam Highest Product pom name parso High Product pom url epam/parso High Version file version 2.0.14 High Version pom version 2.0.14 Highest
path-exists:3.0.0Description:
Check if a path exists License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/path-exists:3.0.0
Referenced In Project/Scope: simplicite-js:5.2.54
Evidence Type Source Name Value Confidence Vendor package.json author.email sindresorhus@gmail.com Highest Vendor package.json author.name Sindre Sorhus Highest Vendor package.json author.url sindresorhus.com Highest Vendor package.json description Check if a path exists Highest Vendor package.json name path-exists Highest Vendor package.json name path-exists_project Highest Product package.json name path-exists Highest Version package.json version 3.0.0 Highest
path-exists:4.0.0Description:
Check if a path exists License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?which-pm:2.0.0/path-exists:^4.0.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/find-up:4.1.0 simplicite-js:5.2.54/npm-check:6.0.1 simplicite-js:5.2.54/find-up:5.0.0 simplicite-js:5.2.54/preferred-pm:3.0.3 simplicite-js:5.2.54/locate-path:3.0.0 simplicite-js:5.2.54/which-pm:2.0.0 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author.email sindresorhus@gmail.com Highest Vendor package.json author.name Sindre Sorhus Highest Vendor package.json author.url sindresorhus.com Highest Vendor package.json description Check if a path exists Highest Vendor package.json name path-exists Highest Vendor package.json name path-exists_project Highest Product package.json name path-exists Highest Version package.json version 4.0.0 Highest
Related Dependencies path-exists:4.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?/path-exists:4.0.0 pkg:npm/path-exists@4.0.0 path-exists:4.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?find-up:4.1.0/path-exists:^4.0.0 pkg:npm/path-exists@4.0.0 path-exists:4.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?find-up:5.0.0/path-exists:^4.0.0 pkg:npm/path-exists@4.0.0 path-exists:4.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?locate-path:3.0.0/path-exists:^3.0.0 pkg:npm/path-exists@4.0.0 path-exists:4.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?npm-check:6.0.1/path-exists:^4.0.0 pkg:npm/path-exists@4.0.0 path-exists:4.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?preferred-pm:3.0.3/path-exists:^4.0.0 pkg:npm/path-exists@4.0.0 path-is-absolute:1.0.1Description:
Node.js 0.12 path.isAbsolute() ponyfill License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/path-is-absolute:1.0.1
Referenced In Projects/Scopes: simplicite-js:5.2.54/glob:7.2.3 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author.email sindresorhus@gmail.com Highest Vendor package.json author.name Sindre Sorhus Highest Vendor package.json author.url sindresorhus.com Highest Vendor package.json description Node.js 0.12 path.isAbsolute() ponyfill Highest Vendor package.json name path-is-absolute Highest Vendor package.json name path-is-absolute_project Highest Product package.json name path-is-absolute Highest Version package.json version 1.0.1 Highest
Related Dependencies path-is-absolute:1.0.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?glob:7.2.3/path-is-absolute:^1.0.0 pkg:npm/path-is-absolute@1.0.1 path-key:3.1.1Description:
Get the PATH environment variable key cross-platform License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/path-key:3.1.1
Referenced In Projects/Scopes: simplicite-js:5.2.54/npm-run-path:4.0.1 simplicite-js:5.2.54/cross-spawn:7.0.3 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author.email sindresorhus@gmail.com Highest Vendor package.json author.name Sindre Sorhus Highest Vendor package.json author.url sindresorhus.com Highest Vendor package.json description Get the PATH environment variable key cross-platform Highest Vendor package.json name path-key Highest Vendor package.json name path-key_project Highest Product package.json name path-key Highest Version package.json version 3.1.1 Highest
Related Dependencies path-key:3.1.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?cross-spawn:7.0.3/path-key:^3.1.0 pkg:npm/path-key@3.1.1 path-key:3.1.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?npm-run-path:4.0.1/path-key:^3.0.0 pkg:npm/path-key@3.1.1 path-parse:1.0.7Description:
Node.js path.parse() ponyfill License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?resolve:1.22.2/path-parse:^1.0.7
Referenced In Projects/Scopes: simplicite-js:5.2.54 simplicite-js:5.2.54/resolve:1.22.2 Evidence Type Source Name Value Confidence Vendor package.json author Javier Blanco <http://jbgutierrez.info> Highest Vendor package.json bugs.url https://github.com/jbgutierrez/path-parse/issues Highest Vendor package.json description Node.js path.parse() ponyfill Highest Vendor package.json homepage https://github.com/jbgutierrez/path-parse#readme Highest Vendor package.json name path-parse Highest Vendor package.json name path-parse_project Highest Product package.json name path-parse Highest Version package.json version 1.0.7 Highest
Related Dependencies path-parse:1.0.7File Path: /var/simplicite/simplicite-5.2/package-lock.json?/path-parse:1.0.7 pkg:npm/path-parse@1.0.7 path-scurry:1.10.1Description:
walk paths fast and efficiently License:
BlueOak-1.0.0 File Path: /var/simplicite/simplicite-5.2/package-lock.json?glob:10.3.3/path-scurry:^1.10.1
Referenced In Projects/Scopes: simplicite-js:5.2.54/glob:10.3.10 simplicite-js:5.2.54 simplicite-js:5.2.54/glob:10.3.3 Evidence Type Source Name Value Confidence Vendor package.json author Isaac Z. Schlueter <i@izs.me> (https://blog.izs.me) Highest Vendor package.json description walk paths fast and efficiently Highest Vendor package.json name path-scurry Highest Vendor package.json name path-scurry_project Highest Product package.json name path-scurry Highest Version package.json version 1.10.1 Highest
Related Dependencies path-scurry:1.10.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?/path-scurry:1.10.1 pkg:npm/path-scurry@1.10.1 path-scurry:1.10.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?glob:10.3.10/path-scurry:^1.10.1 pkg:npm/path-scurry@1.10.1 path-type:4.0.0Description:
Check if a path is a file, directory, or symlink License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/path-type:4.0.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/dir-glob:3.0.1 simplicite-js:5.2.54/cosmiconfig:7.1.0 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author.email sindresorhus@gmail.com Highest Vendor package.json author.name Sindre Sorhus Highest Vendor package.json author.url sindresorhus.com Highest Vendor package.json description Check if a path is a file, directory, or symlink Highest Vendor package.json name path-type Highest Vendor package.json name path-type_project Highest Product package.json name path-type Highest Version package.json version 4.0.0 Highest
Related Dependencies path-type:4.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?cosmiconfig:7.1.0/path-type:^4.0.0 pkg:npm/path-type@4.0.0 path-type:4.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?dir-glob:3.0.1/path-type:^4.0.0 pkg:npm/path-type@4.0.0 pdfbox-2.0.23.jarDescription:
The Apache PDFBox library is an open source Java tool for working with PDF documents.
License:
https://www.apache.org/licenses/LICENSE-2.0.txt File Path: /var/simplicite/.m2/repository/org/apache/pdfbox/pdfbox/2.0.23/pdfbox-2.0.23.jar
MD5: 6b71c42c567d419f068f46f410dcc3a5
SHA1: b89643d162c4e30b4fe39cfa265546cc506d4d18
SHA256: d465edb2a805ec69dd7425d4e26968cfb23b471d885f475e0e6154744e3387a7
Referenced In Project/Scope: Simplicite Platform:compile
pdfbox-2.0.23.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.simplicite/simplicite@5.2.54
Evidence Type Source Name Value Confidence Vendor file name pdfbox High Vendor jar package name apache Highest Vendor jar package name pdfbox Highest Vendor Manifest automatic-module-name org.apache.pdfbox Medium Vendor Manifest bundle-docurl http://pdfbox.apache.org Low Vendor Manifest bundle-symbolicname org.apache.pdfbox Medium Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor Manifest Implementation-Vendor-Id org.apache.pdfbox Medium Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor pom artifactid pdfbox Highest Vendor pom artifactid pdfbox Low Vendor pom groupid org.apache.pdfbox Highest Vendor pom name Apache PDFBox High Vendor pom parent-artifactid pdfbox-parent Low Product file name pdfbox High Product jar package name apache Highest Product jar package name pdfbox Highest Product Manifest automatic-module-name org.apache.pdfbox Medium Product Manifest bundle-docurl http://pdfbox.apache.org Low Product Manifest Bundle-Name Apache PDFBox Medium Product Manifest bundle-symbolicname org.apache.pdfbox Medium Product Manifest Implementation-Title Apache PDFBox High Product Manifest specification-title Apache PDFBox Medium Product pom artifactid pdfbox Highest Product pom groupid org.apache.pdfbox Highest Product pom name Apache PDFBox High Product pom parent-artifactid pdfbox-parent Medium Version file version 2.0.23 High Version Manifest Bundle-Version 2.0.23 High Version Manifest Implementation-Version 2.0.23 High Version pom version 2.0.23 Highest
Related Dependencies pdfbox-debugger-2.0.23.jarFile Path: /var/simplicite/.m2/repository/org/apache/pdfbox/pdfbox-debugger/2.0.23/pdfbox-debugger-2.0.23.jar MD5: 4721265704026059d9c01dcf1f044d6e SHA1: 6038bae9a09bba0b40ae45ef9eff692257e8cd5b SHA256: 98913d41d048be2346ddf71be70730b403936e3a7e20d217f343bf74aeffc5e8 pkg:maven/org.apache.pdfbox/pdfbox-debugger@2.0.23 pdfbox-tools-2.0.23.jarFile Path: /var/simplicite/.m2/repository/org/apache/pdfbox/pdfbox-tools/2.0.23/pdfbox-tools-2.0.23.jar MD5: 018b607a28a4855d882ab465661ea6a6 SHA1: 4c018ab6925aa9762934e1a42fc4532c11bc989b SHA256: 84838c4f6946a25d10531a12c921a53db60326ea309fdb76cff9c82da6210721 pkg:maven/org.apache.pdfbox/pdfbox-tools@2.0.23 CVE-2021-31811 suppress
In Apache PDFBox, a carefully crafted PDF file can trigger an OutOfMemory-Exception while loading the file. This issue affects Apache PDFBox version 2.0.23 and prior 2.0.x versions. CWE-770 Allocation of Resources Without Limits or Throttling
CVSSv2:
Base Score: MEDIUM (4.3) Vector: /AV:N/AC:M/Au:N/C:N/I:N/A:P CVSSv3:
Base Score: MEDIUM (5.5) Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H References:
Vulnerable Software & Versions: (show all )
CVE-2021-31812 suppress
In Apache PDFBox, a carefully crafted PDF file can trigger an infinite loop while loading the file. This issue affects Apache PDFBox version 2.0.23 and prior 2.0.x versions. CWE-835 Loop with Unreachable Exit Condition ('Infinite Loop')
CVSSv2:
Base Score: MEDIUM (4.3) Vector: /AV:N/AC:M/Au:N/C:N/I:N/A:P CVSSv3:
Base Score: MEDIUM (5.5) Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H References:
Vulnerable Software & Versions: (show all )
perfmark-api-0.23.0.jarDescription:
PerfMark API License:
Apache 2.0: https://opensource.org/licenses/Apache-2.0 File Path: /var/simplicite/.m2/repository/io/perfmark/perfmark-api/0.23.0/perfmark-api-0.23.0.jar
MD5: 571d67b7639e3aa95e6f2b887ca53357
SHA1: 0b813b7539fae6550541da8caafd6add86d4e22f
SHA256: c705b5c10c18ff3032b9e81742bc2f6b0e5607f6a6dfc0c8ad0cff75d4913042
Referenced In Project/Scope: Simplicite Platform:runtime
perfmark-api-0.23.0.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.google.cloud/google-cloud-pubsub@1.114.4
Evidence Type Source Name Value Confidence Vendor file name perfmark-api High Vendor jar package name io Highest Vendor jar package name io Low Vendor jar package name perfmark Highest Vendor jar package name perfmark Low Vendor pom artifactid perfmark-api Highest Vendor pom artifactid perfmark-api Low Vendor pom developer email carl@carlmastrangelo.com Low Vendor pom developer id carl-mastrangelo Medium Vendor pom developer name Carl Mastrangelo Medium Vendor pom groupid io.perfmark Highest Vendor pom name perfmark:perfmark-api High Vendor pom url perfmark/perfmark Highest Product file name perfmark-api High Product jar package name io Highest Product jar package name perfmark Highest Product jar package name perfmark Low Product pom artifactid perfmark-api Highest Product pom developer email carl@carlmastrangelo.com Low Product pom developer id carl-mastrangelo Low Product pom developer name Carl Mastrangelo Low Product pom groupid io.perfmark Highest Product pom name perfmark:perfmark-api High Product pom url perfmark/perfmark High Version file version 0.23.0 High Version pom version 0.23.0 Highest
picocolors:1.0.0Description:
The tiniest and the fastest library for terminal output formatting with ANSI colors License:
ISC File Path: /var/simplicite/simplicite-5.2/package-lock.json?update-browserslist-db:1.0.13/picocolors:^1.0.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/postcss:8.4.24 simplicite-js:5.2.54/stylelint:14.16.1 simplicite-js:5.2.54 simplicite-js:5.2.54/update-browserslist-db:1.0.13 Evidence Type Source Name Value Confidence Vendor package.json author Alexey Raspopov Highest Vendor package.json description The tiniest and the fastest library for terminal output formatting with ANSI colors Highest Vendor package.json name picocolors Highest Vendor package.json name picocolors_project Highest Product package.json name picocolors Highest Version package.json version 1.0.0 Highest
Related Dependencies picocolors:1.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?/picocolors:1.0.0 pkg:npm/picocolors@1.0.0 picocolors:1.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?postcss:8.4.24/picocolors:^1.0.0 pkg:npm/picocolors@1.0.0 picocolors:1.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?stylelint:14.16.1/picocolors:^1.0.0 pkg:npm/picocolors@1.0.0 picomatch:2.3.1Description:
Blazing fast and accurate glob matcher written in JavaScript, with no dependencies and full support for standard and extended Bash glob features, including braces, extglobs, POSIX brackets, and regular expressions. License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?readdirp:3.6.0/picomatch:^2.2.1
Referenced In Projects/Scopes: simplicite-js:5.2.54/anymatch:3.1.3 simplicite-js:5.2.54/readdirp:3.6.0 simplicite-js:5.2.54 simplicite-js:5.2.54/micromatch:4.0.5 Evidence Type Source Name Value Confidence Vendor package.json author Jon Schlinkert (https://github.com/jonschlinkert) Highest Vendor package.json bugs.url https://github.com/micromatch/picomatch/issues Highest Vendor package.json description Blazing fast and accurate glob matcher written in JavaScript, with no dependencies and full support for standard and extended Bash glob features, including braces, extglobs, POSIX brackets, and regular expressions. Highest Vendor package.json homepage https://github.com/micromatch/picomatch Highest Vendor package.json name picomatch Highest Vendor package.json name picomatch_project Highest Product package.json name picomatch Highest Version package.json version 2.3.1 Highest
Related Dependencies picomatch:2.3.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?/picomatch:2.3.1 pkg:npm/picomatch@2.3.1 picomatch:2.3.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?anymatch:3.1.3/picomatch:^2.0.4 pkg:npm/picomatch@2.3.1 picomatch:2.3.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?micromatch:4.0.5/picomatch:^2.3.1 pkg:npm/picomatch@2.3.1 pify:4.0.1Description:
Promisify a callback-style function License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/pify:4.0.1
Referenced In Projects/Scopes: simplicite-js:5.2.54/load-yaml-file:0.2.0 simplicite-js:5.2.54 simplicite-js:5.2.54/make-dir:2.1.0 Evidence Type Source Name Value Confidence Vendor package.json author.email sindresorhus@gmail.com Highest Vendor package.json author.name Sindre Sorhus Highest Vendor package.json author.url sindresorhus.com Highest Vendor package.json description Promisify a callback-style function Highest Vendor package.json name pify Highest Vendor package.json name pify_project Highest Product package.json name pify Highest Version package.json version 4.0.1 Highest
Related Dependencies pify:4.0.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?load-yaml-file:0.2.0/pify:^4.0.1 pkg:npm/pify@4.0.1 pify:4.0.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?make-dir:2.1.0/pify:^4.0.1 pkg:npm/pify@4.0.1 pinkie-promise:2.0.1Description:
ES2015 Promise ponyfill License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/pinkie-promise:2.0.1
Referenced In Projects/Scopes: simplicite-js:5.2.54/callsite-record:4.1.5 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author.email floatdrop@gmail.com Highest Vendor package.json author.name Vsevolod Strukchinsky Highest Vendor package.json author.url github.com/floatdrop Highest Vendor package.json description ES2015 Promise ponyfill Highest Vendor package.json name pinkie-promise Highest Vendor package.json name pinkie-promise_project Highest Product package.json name pinkie-promise Highest Version package.json version 2.0.1 Highest
Related Dependencies pinkie-promise:2.0.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?callsite-record:4.1.5/pinkie-promise:^2.0.0 pkg:npm/pinkie-promise@2.0.1 pinkie:2.0.4Description:
Itty bitty little widdle twinkie pinkie ES2015 Promise implementation License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?pinkie-promise:2.0.1/pinkie:^2.0.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/pinkie-promise:2.0.1 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author.email floatdrop@gmail.com Highest Vendor package.json author.name Vsevolod Strukchinsky Highest Vendor package.json author.url github.com/floatdrop Highest Vendor package.json description Itty bitty little widdle twinkie pinkie ES2015 Promise implementation Highest Vendor package.json name pinkie Highest Vendor package.json name pinkie_project Highest Product package.json name pinkie Highest Version package.json version 2.0.4 Highest
Related Dependencies pinkie:2.0.4File Path: /var/simplicite/simplicite-5.2/package-lock.json?/pinkie:2.0.4 pkg:npm/pinkie@2.0.4 pirates:4.0.6Description:
Properly hijack require, i.e., properly define require hooks and customizations License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/pirates:4.0.6
Referenced In Projects/Scopes: simplicite-js:5.2.54 simplicite-js:5.2.54/@babel/register:7.23.7 Evidence Type Source Name Value Confidence Vendor package.json author.email ari@ariporad.com Highest Vendor package.json author.name Ari Porad Highest Vendor package.json author.url http://ariporad.com Highest Vendor package.json bugs.url https://github.com/danez/pirates/issues Highest Vendor package.json description Properly hijack require, i.e., properly define require hooks and customizations Highest Vendor package.json homepage https://github.com/danez/pirates#readme Highest Vendor package.json name pirates Highest Vendor package.json name pirates_project Highest Product package.json name pirates Highest Version package.json version 4.0.6 Highest
Related Dependencies pirates:4.0.6File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/register:7.23.7/pirates:^4.0.6 pkg:npm/pirates@4.0.6 pkg-dir:3.0.0Description:
Find the root directory of a Node.js project or npm package License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/pkg-dir:3.0.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/find-cache-dir:2.1.0 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author.email sindresorhus@gmail.com Highest Vendor package.json author.name Sindre Sorhus Highest Vendor package.json author.url sindresorhus.com Highest Vendor package.json description Find the root directory of a Node.js project or npm package Highest Vendor package.json name pkg-dir Highest Vendor package.json name pkg-dir_project Highest Product package.json name pkg-dir Highest Version package.json version 3.0.0 Highest
Related Dependencies pkg-dir:3.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?find-cache-dir:2.1.0/pkg-dir:^3.0.0 pkg:npm/pkg-dir@3.0.0 pkg-dir:4.2.0Description:
Find the root directory of a Node.js project or npm package License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/pkg-dir:4.2.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/find-yarn-workspace-root2:1.2.16 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author.email sindresorhus@gmail.com Highest Vendor package.json author.name Sindre Sorhus Highest Vendor package.json author.url sindresorhus.com Highest Vendor package.json description Find the root directory of a Node.js project or npm package Highest Vendor package.json name pkg-dir Highest Vendor package.json name pkg-dir_project Highest Product package.json name pkg-dir Highest Version package.json version 4.2.0 Highest
Related Dependencies pkg-dir:4.2.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?find-yarn-workspace-root2:1.2.16/pkg-dir:^4.2.0 pkg:npm/pkg-dir@4.2.0 pkg-dir:5.0.0Description:
Find the root directory of a Node.js project or npm package License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/pkg-dir:5.0.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/npm-check:6.0.1 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author.email sindresorhus@gmail.com Highest Vendor package.json author.name Sindre Sorhus Highest Vendor package.json author.url https://sindresorhus.com Highest Vendor package.json description Find the root directory of a Node.js project or npm package Highest Vendor package.json name pkg-dir Highest Vendor package.json name pkg-dir_project Highest Product package.json name pkg-dir Highest Version package.json version 5.0.0 Highest
Related Dependencies pkg-dir:5.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?npm-check:6.0.1/pkg-dir:^5.0.0 pkg:npm/pkg-dir@5.0.0 please-upgrade-node:3.2.0Description:
Displays a beginner-friendly message telling your user to upgrade their version of Node License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/please-upgrade-node:3.2.0
Referenced In Projects/Scopes: simplicite-js:5.2.54 simplicite-js:5.2.54/depcheck:1.4.3 Evidence Type Source Name Value Confidence Vendor package.json author typicode Highest Vendor package.json bugs.url https://github.com/typicode/please-upgrade-node/issues Highest Vendor package.json description Displays a beginner-friendly message telling your user to upgrade their version of Node Highest Vendor package.json homepage https://github.com/typicode/please-upgrade-node#readme Highest Vendor package.json name please-upgrade-node Highest Vendor package.json name please-upgrade-node_project Highest Product package.json name please-upgrade-node Highest Version package.json version 3.2.0 Highest
Related Dependencies please-upgrade-node:3.2.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?depcheck:1.4.3/please-upgrade-node:^3.2.0 pkg:npm/please-upgrade-node@3.2.0 poi-4.1.2.jarDescription:
Apache POI - Java API To Access Microsoft Format Files License:
Apache License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /var/simplicite/.m2/repository/org/apache/poi/poi/4.1.2/poi-4.1.2.jar
MD5: e9a7c049c62c41c70354669bcd448212
SHA1: 964bf41cf68bce08e4ef6b2279b559fdf8d454f4
SHA256: ab1612406541968434044b2defad58aa8b657cad073baa22a04faaf9d7fb9d1c
Referenced In Project/Scope: Simplicite Platform:compile
poi-4.1.2.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.simplicite/simplicite@5.2.54
Evidence Type Source Name Value Confidence Vendor file name poi High Vendor jar package name apache Highest Vendor jar package name format Highest Vendor jar package name poi Highest Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor Manifest Implementation-Vendor-Id org.apache.poi Medium Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor pom artifactid poi Highest Vendor pom artifactid poi Low Vendor pom groupid org.apache.poi Highest Vendor pom name Apache POI High Vendor pom organization name Apache Software Foundation High Vendor pom organization url http://www.apache.org/ Medium Vendor pom url http://poi.apache.org/ Highest Product file name poi High Product jar package name apache Highest Product jar package name format Highest Product jar package name poi Highest Product Manifest Implementation-Title Apache POI High Product Manifest specification-title Apache POI Medium Product pom artifactid poi Highest Product pom groupid org.apache.poi Highest Product pom name Apache POI High Product pom organization name Apache Software Foundation Low Product pom organization url http://www.apache.org/ Low Product pom url http://poi.apache.org/ Medium Version file version 4.1.2 High Version Manifest Implementation-Version 4.1.2 High Version pom version 4.1.2 Highest
Related Dependencies poi-ooxml-4.1.2.jarFile Path: /var/simplicite/.m2/repository/org/apache/poi/poi-ooxml/4.1.2/poi-ooxml-4.1.2.jar MD5: c0aa71b597560d29c1d17f7c2adbdff0 SHA1: 87d9a22aa9a7dd26e80c360e709f7ee02e32ab3b SHA256: 0aaaeeee3f5831b036b7053f8048b0f83aa9fa8897771ffd871ddfc84653eba1 pkg:maven/org.apache.poi/poi-ooxml@4.1.2 poi-ooxml-schemas-4.1.2.jarFile Path: /var/simplicite/.m2/repository/org/apache/poi/poi-ooxml-schemas/4.1.2/poi-ooxml-schemas-4.1.2.jar MD5: 381222563bf1fc4e9c2528acee7f8bf5 SHA1: 550cc22a598c0b0a51d1f55f8371e83c1229802d SHA256: b4c579f34c377008ec16a5a784539b73776a1dcedf15196f88a80f1b208d9bb2 pkg:maven/org.apache.poi/poi-ooxml-schemas@4.1.2 poi-scratchpad-4.1.2.jarFile Path: /var/simplicite/.m2/repository/org/apache/poi/poi-scratchpad/4.1.2/poi-scratchpad-4.1.2.jar MD5: 39953af9153a7559a37af717bd34bd8f SHA1: 1be379e91d3d3fb0cd11425451acdbfb0d2264e7 SHA256: 4ad6a0579a0a216ff951a80f11c648792268189591fe86015b9d197d650424f3 pkg:maven/org.apache.poi/poi-scratchpad@4.1.2 CVE-2022-26336 suppress
A shortcoming in the HMEF package of poi-scratchpad (Apache POI) allows an attacker to cause an Out of Memory exception. This package is used to read TNEF files (Microsoft Outlook and Microsoft Exchange Server). If an application uses poi-scratchpad to parse TNEF files and the application allows untrusted users to supply them, then a carefully crafted file can cause an Out of Memory exception. This issue affects poi-scratchpad version 5.2.0 and prior versions. Users are recommended to upgrade to poi-scratchpad 5.2.1. CWE-20 Improper Input Validation, CWE-770 Allocation of Resources Without Limits or Throttling
CVSSv2:
Base Score: MEDIUM (4.3) Vector: /AV:N/AC:M/Au:N/C:N/I:N/A:P CVSSv3:
Base Score: MEDIUM (5.5) Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H References:
Vulnerable Software & Versions: (show all )
popper.js:1.16.1Description:
A kickass library to manage your poppers License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/popper.js:1.16.1
Referenced In Projects/Scopes: simplicite-js:5.2.54/bootbox:5.5.2 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author Federico Zivolo <federico.zivolo@gmail.com> Highest Vendor package.json bugs.url https://github.com/FezVrasta/popper.js/issues Highest Vendor package.json description A kickass library to manage your poppers Highest Vendor package.json homepage https://popper.js.org Highest Vendor package.json name popper.js Highest Vendor package.json name popper.js_project Highest Product package.json name popper.js Highest Version package.json version 1.16.1 Highest
Related Dependencies popper.js:1.16.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?bootbox:5.5.2/popper.js:^1.16.0 pkg:npm/popper.js@1.16.1 postcss-less:6.0.0Description:
LESS parser for PostCSS License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/postcss-less:6.0.0
Referenced In Project/Scope: simplicite-js:5.2.54
Evidence Type Source Name Value Confidence Vendor package.json author Denys Kniazevych <webschik@gmail.com> Highest Vendor package.json bugs https://github.com/shellscape/postcss-less/issues Highest Vendor package.json description LESS parser for PostCSS Highest Vendor package.json homepage https://github.com/shellscape/postcss-less Highest Vendor package.json name postcss-less Highest Vendor package.json name postcss-less_project Highest Product package.json name postcss-less Highest Version package.json version 6.0.0 Highest
postcss-media-query-parser:0.2.3Description:
A tool for parsing media query lists. License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?stylelint:14.16.1/postcss-media-query-parser:^0.2.3
Referenced In Projects/Scopes: simplicite-js:5.2.54/stylelint:14.16.1 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author dryoma Highest Vendor package.json bugs.url https://github.com/dryoma/postcss-media-query-parser/issues Highest Vendor package.json description A tool for parsing media query lists. Highest Vendor package.json homepage https://github.com/dryoma/postcss-media-query-parser Highest Vendor package.json name postcss-media-query-parser Highest Vendor package.json name postcss-media-query-parser_project Highest Product package.json name postcss-media-query-parser Highest Version package.json version 0.2.3 Highest
Related Dependencies postcss-media-query-parser:0.2.3File Path: /var/simplicite/simplicite-5.2/package-lock.json?/postcss-media-query-parser:0.2.3 pkg:npm/postcss-media-query-parser@0.2.3 postcss-resolve-nested-selector:0.1.1Description:
Resolve a nested selector in a PostCSS AST License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?stylelint:14.16.1/postcss-resolve-nested-selector:^0.1.1
Referenced In Projects/Scopes: simplicite-js:5.2.54/stylelint:14.16.1 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author David Clark Highest Vendor package.json description Resolve a nested selector in a PostCSS AST Highest Vendor package.json name postcss-resolve-nested-selector Highest Vendor package.json name postcss-resolve-nested-selector_project Highest Product package.json name postcss-resolve-nested-selector Highest Version package.json version 0.1.1 Highest
Related Dependencies postcss-resolve-nested-selector:0.1.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?/postcss-resolve-nested-selector:0.1.1 pkg:npm/postcss-resolve-nested-selector@0.1.1 postcss-safe-parser:6.0.0Description:
Fault-tolerant CSS parser for PostCSS License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?stylelint:14.16.1/postcss-safe-parser:^6.0.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/stylelint:14.16.1 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author Andrey Sitnik <andrey@sitnik.ru> Highest Vendor package.json description Fault-tolerant CSS parser for PostCSS Highest Vendor package.json name postcss-safe-parser Highest Vendor package.json name postcss-safe-parser_project Highest Product package.json name postcss-safe-parser Highest Version package.json version 6.0.0 Highest
Related Dependencies postcss-safe-parser:6.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?/postcss-safe-parser:6.0.0 pkg:npm/postcss-safe-parser@6.0.0 postcss-selector-parser:6.0.13License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?stylelint:14.16.1/postcss-selector-parser:^6.0.11
Referenced In Projects/Scopes: simplicite-js:5.2.54/stylelint:14.16.1 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json homepage https://github.com/postcss/postcss-selector-parser Highest Vendor package.json name postcss-selector-parser Highest Vendor package.json name postcss-selector-parser_project Highest Product package.json name postcss-selector-parser Highest Version package.json version 6.0.13 Highest
Related Dependencies postcss-selector-parser:6.0.13File Path: /var/simplicite/simplicite-5.2/package-lock.json?/postcss-selector-parser:6.0.13 pkg:npm/postcss-selector-parser@6.0.13 postcss-value-parser:4.2.0Description:
Transforms css values and at-rule params into the tree License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?stylelint:14.16.1/postcss-value-parser:^4.2.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/stylelint:14.16.1 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author Bogdan Chadkin <trysound@yandex.ru> Highest Vendor package.json bugs.url https://github.com/TrySound/postcss-value-parser/issues Highest Vendor package.json description Transforms css values and at-rule params into the tree Highest Vendor package.json homepage https://github.com/TrySound/postcss-value-parser Highest Vendor package.json name postcss-value-parser Highest Vendor package.json name postcss-value-parser_project Highest Product package.json name postcss-value-parser Highest Version package.json version 4.2.0 Highest
Related Dependencies postcss-value-parser:4.2.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?/postcss-value-parser:4.2.0 pkg:npm/postcss-value-parser@4.2.0 postcss:8.4.24Description:
Tool for transforming styles with JS plugins License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?stylelint:14.16.1/postcss:^8.4.19
Referenced In Projects/Scopes: simplicite-js:5.2.54/@vue/compiler-sfc:3.3.4 simplicite-js:5.2.54/stylelint:14.16.1 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author Andrey Sitnik <andrey@sitnik.ru> Highest Vendor package.json bugs.url https://github.com/postcss/postcss/issues Highest Vendor package.json description Tool for transforming styles with JS plugins Highest Vendor package.json homepage https://postcss.org/ Highest Vendor package.json name postcss Highest Vendor package.json name postcss_project Highest Product package.json name postcss Highest Version package.json version 8.4.24 Highest
Related Dependencies postcss:8.4.24File Path: /var/simplicite/simplicite-5.2/package-lock.json?/postcss:8.4.24 pkg:npm/postcss@8.4.24 postcss:8.4.24File Path: /var/simplicite/simplicite-5.2/package-lock.json?@vue/compiler-sfc:3.3.4/postcss:^8.1.10 pkg:npm/postcss@8.4.24 CVE-2023-44270 suppress
An issue was discovered in PostCSS before 8.4.31. The vulnerability affects linters using PostCSS to parse external untrusted CSS. An attacker can prepare CSS in such a way that it will contains parts parsed by PostCSS as a CSS comment. After processing by PostCSS, it will be included in the PostCSS output in CSS nodes (rules, properties) despite being included in a comment. CWE-74 Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
CVSSv3:
Base Score: MEDIUM (5.3) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N References:
Vulnerable Software & Versions:
postgresql-42.6.0.jarDescription:
PostgreSQL JDBC Driver Postgresql License:
BSD-2-Clause: https://jdbc.postgresql.org/about/license.html File Path: /var/simplicite/.m2/repository/org/postgresql/postgresql/42.6.0/postgresql-42.6.0.jar
MD5: 527f2c51d65f6a78d6548c51a35556aa
SHA1: 7614cfce466145b84972781ab0079b8dea49e363
SHA256: b817c67a40c94249fd59d4e686e3327ed0d3d3fae426b20da0f1e75652cfc461
Referenced In Project/Scope: Simplicite Platform:runtime
postgresql-42.6.0.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.simplicite/simplicite@5.2.54
Evidence Type Source Name Value Confidence Vendor file name postgresql High Vendor jar package name driver Highest Vendor jar package name jdbc Highest Vendor jar package name postgresql Highest Vendor Manifest automatic-module-name org.postgresql.jdbc Medium Vendor Manifest bundle-copyright Copyright (c) 2003-2020, PostgreSQL Global Development Group Low Vendor Manifest bundle-docurl https://jdbc.postgresql.org/ Low Vendor Manifest bundle-symbolicname org.postgresql.jdbc Medium Vendor Manifest Implementation-Vendor PostgreSQL Global Development Group High Vendor Manifest Implementation-Vendor-Id org.postgresql Medium Vendor Manifest provide-capability osgi.service;effective:=active;objectClass="org.osgi.service.jdbc.DataSourceFactory";osgi.jdbc.driver.class="org.postgresql.Driver";osgi.jdbc.driver.name="PostgreSQL JDBC Driver" Low Vendor Manifest specification-vendor Oracle Corporation Low Vendor pom artifactid postgresql Highest Vendor pom artifactid postgresql Low Vendor pom developer id bokken Medium Vendor pom developer id davecramer Medium Vendor pom developer id jurka Medium Vendor pom developer id oliver Medium Vendor pom developer id ringerc Medium Vendor pom developer id vlsi Medium Vendor pom developer name Brett Okken Medium Vendor pom developer name Craig Ringer Medium Vendor pom developer name Dave Cramer Medium Vendor pom developer name Kris Jurka Medium Vendor pom developer name Oliver Jowett Medium Vendor pom developer name Vladimir Sitnikov Medium Vendor pom groupid org.postgresql Highest Vendor pom name PostgreSQL JDBC Driver High Vendor pom organization name PostgreSQL Global Development Group High Vendor pom organization url https://jdbc.postgresql.org/ Medium Vendor pom url https://jdbc.postgresql.org Highest Product file name postgresql High Product hint analyzer product pgjdbc Highest Product hint analyzer product postgresql_jdbc_driver Highest Product jar package name driver Highest Product jar package name jdbc Highest Product jar package name osgi Highest Product jar package name postgresql Highest Product Manifest automatic-module-name org.postgresql.jdbc Medium Product Manifest bundle-copyright Copyright (c) 2003-2020, PostgreSQL Global Development Group Low Product Manifest bundle-docurl https://jdbc.postgresql.org/ Low Product Manifest Bundle-Name PostgreSQL JDBC Driver Medium Product Manifest bundle-symbolicname org.postgresql.jdbc Medium Product Manifest Implementation-Title PostgreSQL JDBC Driver High Product Manifest provide-capability osgi.service;effective:=active;objectClass="org.osgi.service.jdbc.DataSourceFactory";osgi.jdbc.driver.class="org.postgresql.Driver";osgi.jdbc.driver.name="PostgreSQL JDBC Driver" Low Product Manifest specification-title JDBC Medium Product pom artifactid postgresql Highest Product pom developer id bokken Low Product pom developer id davecramer Low Product pom developer id jurka Low Product pom developer id oliver Low Product pom developer id ringerc Low Product pom developer id vlsi Low Product pom developer name Brett Okken Low Product pom developer name Craig Ringer Low Product pom developer name Dave Cramer Low Product pom developer name Kris Jurka Low Product pom developer name Oliver Jowett Low Product pom developer name Vladimir Sitnikov Low Product pom groupid org.postgresql Highest Product pom name PostgreSQL JDBC Driver High Product pom organization name PostgreSQL Global Development Group Low Product pom organization url https://jdbc.postgresql.org/ Low Product pom url https://jdbc.postgresql.org Medium Version file version 42.6.0 High Version Manifest Bundle-Version 42.6.0 High Version Manifest Implementation-Version 42.6.0 High Version pom version 42.6.0 Highest
CVE-2024-1597 suppress
pgjdbc, the PostgreSQL JDBC Driver, allows attacker to inject SQL if using PreferQueryMode=SIMPLE. Note this is not the default. In the default mode there is no vulnerability. A placeholder for a numeric value must be immediately preceded by a minus. There must be a second placeholder for a string value after the first placeholder; both must be on the same line. By constructing a matching string payload, the attacker can inject SQL to alter the query,bypassing the protections that parameterized queries bring against SQL Injection attacks. Versions before 42.7.2, 42.6.1, 42.5.5, 42.4.4, 42.3.9, and 42.2.8 are affected. CWE-89 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVSSv3:
Base Score: CRITICAL (9.8) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H References:
Vulnerable Software & Versions: (show all )
preact:10.15.1Description:
Fast 3kb React-compatible Virtual DOM library. License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/preact:10.15.1
Referenced In Projects/Scopes: simplicite-js:5.2.54/@fullcalendar/core:5.11.0 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json bugs https://github.com/preactjs/preact/issues Highest Vendor package.json description Fast 3kb React-compatible Virtual DOM library. Highest Vendor package.json homepage https://preactjs.com Highest Vendor package.json name preact Highest Vendor package.json name preact_project Highest Product package.json name preact Highest Version package.json version 10.15.1 Highest
Related Dependencies preact:10.15.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?@fullcalendar/core:5.11.0/preact:^10.0.5 pkg:npm/preact@10.15.1 preferred-pm:3.0.3Description:
Detects what package manager was used for installation License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/preferred-pm:3.0.3
Referenced In Projects/Scopes: simplicite-js:5.2.54/npm-check:6.0.1 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author.email z@kochan.io Highest Vendor package.json author.name Zoltan Kochan Highest Vendor package.json author.twitter ZoltanKochan Highest Vendor package.json author.url https://www.kochan.io/ Highest Vendor package.json bugs.url https://github.com/zkochan/packages/labels/package%3A%20preferred-pm Highest Vendor package.json description Detects what package manager was used for installation Highest Vendor package.json name preferred-pm Highest Vendor package.json name preferred-pm_project Highest Product package.json name preferred-pm Highest Version package.json version 3.0.3 Highest
Related Dependencies preferred-pm:3.0.3File Path: /var/simplicite/simplicite-5.2/package-lock.json?npm-check:6.0.1/preferred-pm:^3.0.3 pkg:npm/preferred-pm@3.0.3 preflight-2.0.23.jarDescription:
The Apache Preflight library is an open source Java tool that implements
a parser compliant with the ISO-19005 (PDF/A) specification. Preflight is a
subproject of Apache PDFBox.
License:
https://www.apache.org/licenses/LICENSE-2.0.txt File Path: /var/simplicite/.m2/repository/org/apache/pdfbox/preflight/2.0.23/preflight-2.0.23.jar
MD5: d297d9afec757a6f405575be83626a04
SHA1: c862a2ca119e37280a1658420e3349b9f295f177
SHA256: a5c0812996f38e798356fa92e5ec2c0220c619242dfd884b62af463be1460990
Referenced In Project/Scope: Simplicite Platform:compile
preflight-2.0.23.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.simplicite/simplicite@5.2.54
Evidence Type Source Name Value Confidence Vendor file name preflight High Vendor jar package name apache Highest Vendor jar package name parser Highest Vendor jar package name pdfbox Highest Vendor jar package name preflight Highest Vendor Manifest bundle-docurl http://pdfbox.apache.org Low Vendor Manifest bundle-symbolicname org.apache.pdfbox.preflight Medium Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor Manifest Implementation-Vendor-Id org.apache.pdfbox Medium Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor pom artifactid preflight Highest Vendor pom artifactid preflight Low Vendor pom groupid org.apache.pdfbox Highest Vendor pom name Apache Preflight High Vendor pom parent-artifactid pdfbox-parent Low Product file name preflight High Product jar package name apache Highest Product jar package name parser Highest Product jar package name pdfbox Highest Product jar package name preflight Highest Product Manifest bundle-docurl http://pdfbox.apache.org Low Product Manifest Bundle-Name Apache Preflight Medium Product Manifest bundle-symbolicname org.apache.pdfbox.preflight Medium Product Manifest Implementation-Title Apache Preflight High Product Manifest specification-title Apache Preflight Medium Product pom artifactid preflight Highest Product pom groupid org.apache.pdfbox Highest Product pom name Apache Preflight High Product pom parent-artifactid pdfbox-parent Medium Version file version 2.0.23 High Version Manifest Bundle-Version 2.0.23 High Version Manifest Implementation-Version 2.0.23 High Version pom version 2.0.23 Highest
CVE-2021-31811 suppress
In Apache PDFBox, a carefully crafted PDF file can trigger an OutOfMemory-Exception while loading the file. This issue affects Apache PDFBox version 2.0.23 and prior 2.0.x versions. CWE-770 Allocation of Resources Without Limits or Throttling
CVSSv2:
Base Score: MEDIUM (4.3) Vector: /AV:N/AC:M/Au:N/C:N/I:N/A:P CVSSv3:
Base Score: MEDIUM (5.5) Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H References:
Vulnerable Software & Versions: (show all )
CVE-2021-31812 suppress
In Apache PDFBox, a carefully crafted PDF file can trigger an infinite loop while loading the file. This issue affects Apache PDFBox version 2.0.23 and prior 2.0.x versions. CWE-835 Loop with Unreachable Exit Condition ('Infinite Loop')
CVSSv2:
Base Score: MEDIUM (4.3) Vector: /AV:N/AC:M/Au:N/C:N/I:N/A:P CVSSv3:
Base Score: MEDIUM (5.5) Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H References:
Vulnerable Software & Versions: (show all )
prelude-ls:1.2.1Description:
prelude.ls is a functionally oriented utility library. It is powerful and flexible. Almost all of its functions are curried. It is written in, and is the recommended base library for, LiveScript. License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?type-check:0.4.0/prelude-ls:^1.2.1
Referenced In Projects/Scopes: simplicite-js:5.2.54/levn:0.4.1 simplicite-js:5.2.54/type-check:0.4.0 simplicite-js:5.2.54/optionator:0.9.3 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author George Zahariev <z@georgezahariev.com> Highest Vendor package.json bugs https://github.com/gkz/prelude-ls/issues Highest Vendor package.json description prelude.ls is a functionally oriented utility library. It is powerful and flexible. Almost all of its functions are curried. It is written in, and is the recommended base library for, LiveScript. Highest Vendor package.json homepage http://preludels.com Highest Vendor package.json name prelude-ls Highest Vendor package.json name prelude-ls_project Highest Product package.json name prelude-ls Highest Version package.json version 1.2.1 Highest
Related Dependencies prelude-ls:1.2.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?/prelude-ls:1.2.1 pkg:npm/prelude-ls@1.2.1 prelude-ls:1.2.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?levn:0.4.1/prelude-ls:^1.2.1 pkg:npm/prelude-ls@1.2.1 prelude-ls:1.2.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?optionator:0.9.3/prelude-ls:^1.2.1 pkg:npm/prelude-ls@1.2.1 prepend-http:2.0.0Description:
Prepend `http://` to humanized URLs like todomvc.com and localhost License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?url-parse-lax:3.0.0/prepend-http:^2.0.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/url-parse-lax:3.0.0 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author.email sindresorhus@gmail.com Highest Vendor package.json author.name Sindre Sorhus Highest Vendor package.json author.url sindresorhus.com Highest Vendor package.json description Prepend `http://` to humanized URLs like todomvc.com and localhost Highest Vendor package.json name prepend-http Highest Vendor package.json name prepend-http_project Highest Product package.json name prepend-http Highest Version package.json version 2.0.0 Highest
Related Dependencies prepend-http:2.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?/prepend-http:2.0.0 pkg:npm/prepend-http@2.0.0 proc-log:3.0.0Description:
just emit 'log' events on the process object License:
ISC File Path: /var/simplicite/simplicite-5.2/package-lock.json?/proc-log:3.0.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/npm-registry-fetch:14.0.5 simplicite-js:5.2.54/npm-package-arg:10.1.0 simplicite-js:5.2.54/pacote:15.2.0 simplicite-js:5.2.54 simplicite-js:5.2.54/@npmcli/git:4.1.0 Evidence Type Source Name Value Confidence Vendor package.json author GitHub Inc. Highest Vendor package.json description just emit 'log' events on the process object Highest Vendor package.json name proc-log Highest Vendor package.json name proc-log_project Highest Product package.json name proc-log Highest Version package.json version 3.0.0 Highest
Related Dependencies proc-log:3.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?@npmcli/git:4.1.0/proc-log:^3.0.0 pkg:npm/proc-log@3.0.0 proc-log:3.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?npm-package-arg:10.1.0/proc-log:^3.0.0 pkg:npm/proc-log@3.0.0 proc-log:3.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?npm-registry-fetch:14.0.5/proc-log:^3.0.0 pkg:npm/proc-log@3.0.0 proc-log:3.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?pacote:15.2.0/proc-log:^3.0.0 pkg:npm/proc-log@3.0.0 process-nextick-args:2.0.1Description:
process.nextTick but always with args License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/process-nextick-args:2.0.1
Referenced In Projects/Scopes: simplicite-js:5.2.54/readable-stream:2.3.8 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author Highest Vendor package.json bugs.url https://github.com/calvinmetcalf/process-nextick-args/issues Highest Vendor package.json description process.nextTick but always with args Highest Vendor package.json homepage https://github.com/calvinmetcalf/process-nextick-args Highest Vendor package.json name process-nextick-args Highest Vendor package.json name process-nextick-args_project Highest Product package.json name process-nextick-args Highest Version package.json version 2.0.1 Highest
Related Dependencies process-nextick-args:2.0.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?readable-stream:2.3.8/process-nextick-args:~2.0.0 pkg:npm/process-nextick-args@2.0.1 progress:2.0.3Description:
Flexible ascii progress bar License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/progress:2.0.3
Referenced In Projects/Scopes: simplicite-js:5.2.54/npm-check-updates:16.14.14 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author TJ Holowaychuk <tj@vision-media.ca> Highest Vendor package.json description Flexible ascii progress bar Highest Vendor package.json name progress Highest Vendor package.json name progress_project Highest Product package.json name progress Highest Version package.json version 2.0.3 Highest
Related Dependencies progress:2.0.3File Path: /var/simplicite/simplicite-5.2/package-lock.json?npm-check-updates:16.14.14/progress:^2.0.3 pkg:npm/progress@2.0.3 promise-inflight:1.0.1Description:
One promise for multiple requests in flight to avoid async duplication License:
ISC File Path: /var/simplicite/simplicite-5.2/package-lock.json?/promise-inflight:1.0.1
Referenced In Projects/Scopes: simplicite-js:5.2.54 simplicite-js:5.2.54/@npmcli/git:4.1.0 Evidence Type Source Name Value Confidence Vendor package.json author Rebecca Turner <me@re-becca.org> (http://re-becca.org/) Highest Vendor package.json bugs.url https://github.com/iarna/promise-inflight/issues Highest Vendor package.json description One promise for multiple requests in flight to avoid async duplication Highest Vendor package.json homepage https://github.com/iarna/promise-inflight#readme Highest Vendor package.json name promise-inflight Highest Vendor package.json name promise-inflight_project Highest Product package.json name promise-inflight Highest Version package.json version 1.0.1 Highest
Related Dependencies promise-inflight:1.0.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?@npmcli/git:4.1.0/promise-inflight:^1.0.1 pkg:npm/promise-inflight@1.0.1 promise-retry:2.0.1Description:
Retries a function that returns a promise, leveraging the power of the retry module. License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/promise-retry:2.0.1
Referenced In Projects/Scopes: simplicite-js:5.2.54/make-fetch-happen:11.1.1 simplicite-js:5.2.54/pacote:15.2.0 simplicite-js:5.2.54 simplicite-js:5.2.54/@npmcli/git:4.1.0 Evidence Type Source Name Value Confidence Vendor package.json author IndigoUnited <hello@indigounited.com> (http://indigounited.com) Highest Vendor package.json bugs.url https://github.com/IndigoUnited/node-promise-retry/issues/ Highest Vendor package.json description Retries a function that returns a promise, leveraging the power of the retry module. Highest Vendor package.json name promise-retry Highest Vendor package.json name promise-retry_project Highest Product package.json name promise-retry Highest Version package.json version 2.0.1 Highest
Related Dependencies promise-retry:2.0.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?@npmcli/git:4.1.0/promise-retry:^2.0.1 pkg:npm/promise-retry@2.0.1 promise-retry:2.0.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?make-fetch-happen:11.1.1/promise-retry:^2.0.1 pkg:npm/promise-retry@2.0.1 promise-retry:2.0.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?pacote:15.2.0/promise-retry:^2.0.1 pkg:npm/promise-retry@2.0.1 prompts-ncu:3.0.0Description:
Lightweight, beautiful and user-friendly prompts License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/prompts-ncu:3.0.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/npm-check-updates:16.14.14 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author.email terkel@terkel.com Highest Vendor package.json author.name Terkel Gjervig Highest Vendor package.json author.url https://terkel.com Highest Vendor package.json description Lightweight, beautiful and user-friendly prompts Highest Vendor package.json name prompts-ncu Highest Vendor package.json name prompts-ncu_project Highest Product package.json name prompts-ncu Highest Version package.json version 3.0.0 Highest
Related Dependencies prompts-ncu:3.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?npm-check-updates:16.14.14/prompts-ncu:^3.0.0 pkg:npm/prompts-ncu@3.0.0 proto-google-cloud-firestore-bundle-v1-2.6.1.jarDescription:
PROTO library for proto-google-cloud-firestore-bundle-v1 License:
Apache-2.0: https://www.apache.org/licenses/LICENSE-2.0.txt File Path: /var/simplicite/.m2/repository/com/google/cloud/proto-google-cloud-firestore-bundle-v1/2.6.1/proto-google-cloud-firestore-bundle-v1-2.6.1.jar
MD5: 4a591fdc3bcf11a83dfa5bfc65226ee2
SHA1: 006216edf565c63f10a84c24da880c05ab7de176
SHA256: d2fb95180c4a310b5f99c2fb4da35d093a5570fe6ad027a25f8f062ffef9b28a
Referenced In Project/Scope: Simplicite Platform:compile
proto-google-cloud-firestore-bundle-v1-2.6.1.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.google.firebase/firebase-admin@8.0.1
Evidence Type Source Name Value Confidence Vendor file name proto-google-cloud-firestore-bundle-v1 High Vendor jar package name bundle Highest Vendor jar package name firestore Highest Vendor jar package name google Highest Vendor Manifest artifactid proto-google-cloud-firestore-bundle-v1 Low Vendor Manifest build-jdk-spec 1.8 Low Vendor Manifest Implementation-Vendor Google LLC High Vendor Manifest specification-vendor Google LLC Low Vendor pom artifactid proto-google-cloud-firestore-bundle-v1 Highest Vendor pom artifactid proto-google-cloud-firestore-bundle-v1 Low Vendor pom developer email andrealin@google.com Low Vendor pom developer email garrettjones@google.com Low Vendor pom developer email hzyi@google.com Low Vendor pom developer email lesv@google.com Low Vendor pom developer email michaelbausor@google.com Low Vendor pom developer email mrschmidt@google.com Low Vendor pom developer email neowu@google.com Low Vendor pom developer email pongad@google.com Low Vendor pom developer email shinfan@google.com Low Vendor pom developer email tswast@google.com Low Vendor pom developer email vam@google.com Low Vendor pom developer id andreamlin Medium Vendor pom developer id garrettjonesgoogle Medium Vendor pom developer id hzyi-google Medium Vendor pom developer id lesv Medium Vendor pom developer id michaelbausor Medium Vendor pom developer id neozwu Medium Vendor pom developer id pongad Medium Vendor pom developer id schmidt_sebastian Medium Vendor pom developer id shinfan Medium Vendor pom developer id tswast Medium Vendor pom developer id vam-google Medium Vendor pom developer name Andrea Lin Medium Vendor pom developer name Garrett Jones Medium Vendor pom developer name Hanzhen Yi Medium Vendor pom developer name Les Vogel Medium Vendor pom developer name Michael Darakananda Medium Vendor pom developer name Micheal Bausor Medium Vendor pom developer name Neo Wu Medium Vendor pom developer name Sebastian Schmidt Medium Vendor pom developer name Shin Fan Medium Vendor pom developer name Tim Swast Medium Vendor pom developer name Vadym Matsishevskyi Medium Vendor pom developer org Google Medium Vendor pom groupid com.google.cloud Highest Vendor pom name proto-google-cloud-firestore-bundle-v1 High Vendor pom organization name Google LLC High Vendor pom url googleapis/java-firestore/proto-google-cloud-firestore-bundle-v1 Highest Product file name proto-google-cloud-firestore-bundle-v1 High Product jar package name bundle Highest Product jar package name firestore Highest Product jar package name google Highest Product Manifest artifactid proto-google-cloud-firestore-bundle-v1 Low Product Manifest build-jdk-spec 1.8 Low Product Manifest Implementation-Title proto-google-cloud-firestore-bundle-v1 High Product Manifest specification-title proto-google-cloud-firestore-bundle-v1 Medium Product pom artifactid proto-google-cloud-firestore-bundle-v1 Highest Product pom developer email andrealin@google.com Low Product pom developer email garrettjones@google.com Low Product pom developer email hzyi@google.com Low Product pom developer email lesv@google.com Low Product pom developer email michaelbausor@google.com Low Product pom developer email mrschmidt@google.com Low Product pom developer email neowu@google.com Low Product pom developer email pongad@google.com Low Product pom developer email shinfan@google.com Low Product pom developer email tswast@google.com Low Product pom developer email vam@google.com Low Product pom developer id andreamlin Low Product pom developer id garrettjonesgoogle Low Product pom developer id hzyi-google Low Product pom developer id lesv Low Product pom developer id michaelbausor Low Product pom developer id neozwu Low Product pom developer id pongad Low Product pom developer id schmidt_sebastian Low Product pom developer id shinfan Low Product pom developer id tswast Low Product pom developer id vam-google Low Product pom developer name Andrea Lin Low Product pom developer name Garrett Jones Low Product pom developer name Hanzhen Yi Low Product pom developer name Les Vogel Low Product pom developer name Michael Darakananda Low Product pom developer name Micheal Bausor Low Product pom developer name Neo Wu Low Product pom developer name Sebastian Schmidt Low Product pom developer name Shin Fan Low Product pom developer name Tim Swast Low Product pom developer name Vadym Matsishevskyi Low Product pom developer org Google Low Product pom groupid com.google.cloud Highest Product pom name proto-google-cloud-firestore-bundle-v1 High Product pom organization name Google LLC Low Product pom url googleapis/java-firestore/proto-google-cloud-firestore-bundle-v1 High Version file version 2.6.1 High Version Manifest Implementation-Version 2.6.1 High Version Manifest version 2.6.1 Medium Version pom version 2.6.1 Highest
proto-google-cloud-firestore-v1-2.6.1.jarDescription:
PROTO library for proto-google-cloud-firestore-v1 License:
Apache-2.0: https://www.apache.org/licenses/LICENSE-2.0.txt File Path: /var/simplicite/.m2/repository/com/google/api/grpc/proto-google-cloud-firestore-v1/2.6.1/proto-google-cloud-firestore-v1-2.6.1.jar
MD5: 571f1da3a245ddae2d5c196f6ae90152
SHA1: dd2336241c125e9247e133eb322a49d0cd29a35d
SHA256: 908bc1b9b565c67a6dd80afcb57d9d4926fc240aa31b2a800e1337fbd72d8b66
Referenced In Project/Scope: Simplicite Platform:compile
proto-google-cloud-firestore-v1-2.6.1.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.google.firebase/firebase-admin@8.0.1
Evidence Type Source Name Value Confidence Vendor file name proto-google-cloud-firestore-v1 High Vendor jar package name firestore Highest Vendor jar package name google Highest Vendor jar package name v1 Highest Vendor Manifest artifactid proto-google-cloud-firestore-v1 Low Vendor Manifest build-jdk-spec 1.8 Low Vendor Manifest Implementation-Vendor Google LLC High Vendor Manifest specification-vendor Google LLC Low Vendor pom artifactid proto-google-cloud-firestore-v1 Highest Vendor pom artifactid proto-google-cloud-firestore-v1 Low Vendor pom developer email andrealin@google.com Low Vendor pom developer email garrettjones@google.com Low Vendor pom developer email hzyi@google.com Low Vendor pom developer email lesv@google.com Low Vendor pom developer email michaelbausor@google.com Low Vendor pom developer email mrschmidt@google.com Low Vendor pom developer email neowu@google.com Low Vendor pom developer email pongad@google.com Low Vendor pom developer email shinfan@google.com Low Vendor pom developer email tswast@google.com Low Vendor pom developer email vam@google.com Low Vendor pom developer id andreamlin Medium Vendor pom developer id garrettjonesgoogle Medium Vendor pom developer id hzyi-google Medium Vendor pom developer id lesv Medium Vendor pom developer id michaelbausor Medium Vendor pom developer id neozwu Medium Vendor pom developer id pongad Medium Vendor pom developer id schmidt_sebastian Medium Vendor pom developer id shinfan Medium Vendor pom developer id tswast Medium Vendor pom developer id vam-google Medium Vendor pom developer name Andrea Lin Medium Vendor pom developer name Garrett Jones Medium Vendor pom developer name Hanzhen Yi Medium Vendor pom developer name Les Vogel Medium Vendor pom developer name Michael Darakananda Medium Vendor pom developer name Micheal Bausor Medium Vendor pom developer name Neo Wu Medium Vendor pom developer name Sebastian Schmidt Medium Vendor pom developer name Shin Fan Medium Vendor pom developer name Tim Swast Medium Vendor pom developer name Vadym Matsishevskyi Medium Vendor pom developer org Google Medium Vendor pom groupid com.google.api.grpc Highest Vendor pom name proto-google-cloud-firestore-v1 High Vendor pom organization name Google LLC High Vendor pom url googleapis/java-firestore/proto-google-cloud-firestore-v1 Highest Product file name proto-google-cloud-firestore-v1 High Product jar package name firestore Highest Product jar package name google Highest Product jar package name v1 Highest Product Manifest artifactid proto-google-cloud-firestore-v1 Low Product Manifest build-jdk-spec 1.8 Low Product Manifest Implementation-Title proto-google-cloud-firestore-v1 High Product Manifest specification-title proto-google-cloud-firestore-v1 Medium Product pom artifactid proto-google-cloud-firestore-v1 Highest Product pom developer email andrealin@google.com Low Product pom developer email garrettjones@google.com Low Product pom developer email hzyi@google.com Low Product pom developer email lesv@google.com Low Product pom developer email michaelbausor@google.com Low Product pom developer email mrschmidt@google.com Low Product pom developer email neowu@google.com Low Product pom developer email pongad@google.com Low Product pom developer email shinfan@google.com Low Product pom developer email tswast@google.com Low Product pom developer email vam@google.com Low Product pom developer id andreamlin Low Product pom developer id garrettjonesgoogle Low Product pom developer id hzyi-google Low Product pom developer id lesv Low Product pom developer id michaelbausor Low Product pom developer id neozwu Low Product pom developer id pongad Low Product pom developer id schmidt_sebastian Low Product pom developer id shinfan Low Product pom developer id tswast Low Product pom developer id vam-google Low Product pom developer name Andrea Lin Low Product pom developer name Garrett Jones Low Product pom developer name Hanzhen Yi Low Product pom developer name Les Vogel Low Product pom developer name Michael Darakananda Low Product pom developer name Micheal Bausor Low Product pom developer name Neo Wu Low Product pom developer name Sebastian Schmidt Low Product pom developer name Shin Fan Low Product pom developer name Tim Swast Low Product pom developer name Vadym Matsishevskyi Low Product pom developer org Google Low Product pom groupid com.google.api.grpc Highest Product pom name proto-google-cloud-firestore-v1 High Product pom organization name Google LLC Low Product pom url googleapis/java-firestore/proto-google-cloud-firestore-v1 High Version file version 2.6.1 High Version Manifest Implementation-Version 2.6.1 High Version Manifest version 2.6.1 Medium Version pom version 2.6.1 Highest
proto-google-cloud-pubsub-v1-1.96.4.jarDescription:
PROTO library for proto-google-cloud-pubsub-v1 License:
Apache-2.0: https://www.apache.org/licenses/LICENSE-2.0.txt File Path: /var/simplicite/.m2/repository/com/google/api/grpc/proto-google-cloud-pubsub-v1/1.96.4/proto-google-cloud-pubsub-v1-1.96.4.jar
MD5: d90d48721db6e741e96df250f86c1e75
SHA1: b61eabc42d47233958d567de7fdd16af14312e1d
SHA256: 63e2b79053dc99c60ab740e3a896de7ceb8decb087ab81a2f3a892d589272d66
Referenced In Project/Scope: Simplicite Platform:compile
proto-google-cloud-pubsub-v1-1.96.4.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.google.cloud/google-cloud-pubsub@1.114.4
Evidence Type Source Name Value Confidence Vendor file name proto-google-cloud-pubsub-v1 High Vendor jar package name google Highest Vendor jar package name pubsub Highest Vendor jar package name v1 Highest Vendor Manifest artifactid proto-google-cloud-pubsub-v1 Low Vendor Manifest build-jdk-spec 1.8 Low Vendor Manifest Implementation-Vendor Google LLC High Vendor Manifest specification-vendor Google LLC Low Vendor pom artifactid proto-google-cloud-pubsub-v1 Highest Vendor pom artifactid proto-google-cloud-pubsub-v1 Low Vendor pom developer email chingor@google.com Low Vendor pom developer id chingor Medium Vendor pom developer name Jeff Ching Medium Vendor pom developer org Google Medium Vendor pom groupid com.google.api.grpc Highest Vendor pom name proto-google-cloud-pubsub-v1 High Vendor pom organization name Google LLC High Vendor pom url googleapis/java-pubsub/proto-google-cloud-pubsub-v1 Highest Product file name proto-google-cloud-pubsub-v1 High Product jar package name google Highest Product jar package name pubsub Highest Product jar package name v1 Highest Product Manifest artifactid proto-google-cloud-pubsub-v1 Low Product Manifest build-jdk-spec 1.8 Low Product Manifest Implementation-Title proto-google-cloud-pubsub-v1 High Product Manifest specification-title proto-google-cloud-pubsub-v1 Medium Product pom artifactid proto-google-cloud-pubsub-v1 Highest Product pom developer email chingor@google.com Low Product pom developer id chingor Low Product pom developer name Jeff Ching Low Product pom developer org Google Low Product pom groupid com.google.api.grpc Highest Product pom name proto-google-cloud-pubsub-v1 High Product pom organization name Google LLC Low Product pom url googleapis/java-pubsub/proto-google-cloud-pubsub-v1 High Version file version 1.96.4 High Version Manifest Implementation-Version 1.96.4 High Version Manifest version 1.96.4 Medium Version pom version 1.96.4 Highest
proto-google-common-protos-2.5.0.jarDescription:
PROTO library for proto-google-common-protos License:
Apache-2.0: https://www.apache.org/licenses/LICENSE-2.0.txt File Path: /var/simplicite/.m2/repository/com/google/api/grpc/proto-google-common-protos/2.5.0/proto-google-common-protos-2.5.0.jar
MD5: bbe9eacf64a3147bf79bdf1b11cd7e5a
SHA1: 2cd33848b8444b961be71b29245d749ed8fa01bb
SHA256: f539166a810a83bea91ef86e7d0208bf9b0bf477ebe937eacdd59e8e3e6bc74e
Referenced In Project/Scope: Simplicite Platform:compile
proto-google-common-protos-2.5.0.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.google.cloud/google-cloud-storage@2.1.4
Evidence Type Source Name Value Confidence Vendor file name proto-google-common-protos High Vendor jar package name api Highest Vendor jar package name google Highest Vendor Manifest artifactid proto-google-common-protos Low Vendor Manifest build-jdk-spec 1.8 Low Vendor Manifest Implementation-Vendor Google LLC High Vendor Manifest specification-vendor Google LLC Low Vendor pom artifactid proto-google-common-protos Highest Vendor pom artifactid proto-google-common-protos Low Vendor pom developer email chingor@google.com Low Vendor pom developer id chingor Medium Vendor pom developer name Jeff Ching Medium Vendor pom developer org Google Medium Vendor pom groupid com.google.api.grpc Highest Vendor pom name proto-google-common-protos High Vendor pom organization name Google LLC High Vendor pom url googleapis/java-iam/proto-google-common-protos Highest Product file name proto-google-common-protos High Product jar package name api Highest Product jar package name google Highest Product Manifest artifactid proto-google-common-protos Low Product Manifest build-jdk-spec 1.8 Low Product Manifest Implementation-Title proto-google-common-protos High Product Manifest specification-title proto-google-common-protos Medium Product pom artifactid proto-google-common-protos Highest Product pom developer email chingor@google.com Low Product pom developer id chingor Low Product pom developer name Jeff Ching Low Product pom developer org Google Low Product pom groupid com.google.api.grpc Highest Product pom name proto-google-common-protos High Product pom organization name Google LLC Low Product pom url googleapis/java-iam/proto-google-common-protos High Version file version 2.5.0 High Version Manifest Implementation-Version 2.5.0 High Version Manifest version 2.5.0 Medium Version pom version 2.5.0 Highest
proto-google-iam-v1-1.1.0.jarDescription:
PROTO library for proto-google-iam-v1 License:
Apache-2.0: https://www.apache.org/licenses/LICENSE-2.0.txt File Path: /var/simplicite/.m2/repository/com/google/api/grpc/proto-google-iam-v1/1.1.0/proto-google-iam-v1-1.1.0.jar
MD5: da3a64253808e46deb8d780deae8f721
SHA1: 2d661d95041e27cec26235c51f63117dd9bf4dbc
SHA256: 2ca9b9891ceb013ad5e300e6c57226593f41116799abd50d13006e0f846ab49c
Referenced In Project/Scope: Simplicite Platform:compile
proto-google-iam-v1-1.1.0.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.google.cloud/google-cloud-storage@2.1.4
Evidence Type Source Name Value Confidence Vendor file name proto-google-iam-v1 High Vendor jar package name google Highest Vendor jar package name iam Highest Vendor jar package name v1 Highest Vendor Manifest artifactid proto-google-iam-v1 Low Vendor Manifest build-jdk-spec 1.8 Low Vendor Manifest Implementation-Vendor Google LLC High Vendor Manifest specification-vendor Google LLC Low Vendor pom artifactid proto-google-iam-v1 Highest Vendor pom artifactid proto-google-iam-v1 Low Vendor pom developer email chingor@google.com Low Vendor pom developer id chingor Medium Vendor pom developer name Jeff Ching Medium Vendor pom developer org Google Medium Vendor pom groupid com.google.api.grpc Highest Vendor pom name proto-google-iam-v1 High Vendor pom organization name Google LLC High Vendor pom url googleapis/java-iam/proto-google-iam-v1 Highest Product file name proto-google-iam-v1 High Product jar package name google Highest Product jar package name iam Highest Product jar package name v1 Highest Product Manifest artifactid proto-google-iam-v1 Low Product Manifest build-jdk-spec 1.8 Low Product Manifest Implementation-Title proto-google-iam-v1 High Product Manifest specification-title proto-google-iam-v1 Medium Product pom artifactid proto-google-iam-v1 Highest Product pom developer email chingor@google.com Low Product pom developer id chingor Low Product pom developer name Jeff Ching Low Product pom developer org Google Low Product pom groupid com.google.api.grpc Highest Product pom name proto-google-iam-v1 High Product pom organization name Google LLC Low Product pom url googleapis/java-iam/proto-google-iam-v1 High Version file version 1.1.0 High Version Manifest Implementation-Version 1.1.0 High Version Manifest version 1.1.0 Medium Version pom version 1.1.0 Highest
proto-list:1.2.4Description:
A utility for managing a prototype chain License:
ISC File Path: /var/simplicite/simplicite-5.2/package-lock.json?/proto-list:1.2.4
Referenced In Projects/Scopes: simplicite-js:5.2.54/config-chain:1.1.13 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author Isaac Z. Schlueter <i@izs.me> (http://blog.izs.me/) Highest Vendor package.json description A utility for managing a prototype chain Highest Vendor package.json name proto-list Highest Vendor package.json name proto-list_project Highest Product package.json name proto-list Highest Version package.json version 1.2.4 Highest
Related Dependencies proto-list:1.2.4File Path: /var/simplicite/simplicite-5.2/package-lock.json?config-chain:1.1.13/proto-list:~1.2.1 pkg:npm/proto-list@1.2.4 protobuf-java-3.17.3.jarDescription:
Core Protocol Buffers library. Protocol Buffers are a way of encoding structured data in an
efficient yet extensible format.
License:
https://opensource.org/licenses/BSD-3-Clause File Path: /var/simplicite/.m2/repository/com/google/protobuf/protobuf-java/3.17.3/protobuf-java-3.17.3.jar
MD5: cd233934a824c6eb401aef8ff4e4448b
SHA1: 313b1861fa9312dd71e1033a77c2e64fb1a94dd3
SHA256: 4ac549b192694141958049f060a1c826a33342f619e108ced8c17d9877f5e3ed
Referenced In Project/Scope: Simplicite Platform:compile
protobuf-java-3.17.3.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.simplicite/simplicite@5.2.54
Evidence Type Source Name Value Confidence Vendor file name protobuf-java High Vendor jar package name google Highest Vendor jar package name protobuf Highest Vendor Manifest automatic-module-name com.google.protobuf Medium Vendor Manifest bundle-docurl https://developers.google.com/protocol-buffers/ Low Vendor Manifest bundle-symbolicname com.google.protobuf Medium Vendor pom artifactid protobuf-java Highest Vendor pom artifactid protobuf-java Low Vendor pom groupid com.google.protobuf Highest Vendor pom name Protocol Buffers [Core] High Vendor pom parent-artifactid protobuf-parent Low Product file name protobuf-java High Product jar package name google Highest Product jar package name protobuf Highest Product Manifest automatic-module-name com.google.protobuf Medium Product Manifest bundle-docurl https://developers.google.com/protocol-buffers/ Low Product Manifest Bundle-Name Protocol Buffers [Core] Medium Product Manifest bundle-symbolicname com.google.protobuf Medium Product pom artifactid protobuf-java Highest Product pom groupid com.google.protobuf Highest Product pom name Protocol Buffers [Core] High Product pom parent-artifactid protobuf-parent Medium Version file version 3.17.3 High Version Manifest Bundle-Version 3.17.3 High Version pom version 3.17.3 Highest
CVE-2022-3171 suppress
A parsing issue with binary data in protobuf-java core and lite versions prior to 3.21.7, 3.20.3, 3.19.6 and 3.16.3 can lead to a denial of service attack. Inputs containing multiple instances of non-repeated embedded messages with repeated or unknown fields causes objects to be converted back-n-forth between mutable and immutable forms, resulting in potentially long garbage collection pauses. We recommend updating to the versions mentioned above. NVD-CWE-noinfo
CVSSv3:
Base Score: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H References:
Vulnerable Software & Versions: (show all )
CVE-2022-3509 (OSSINDEX) suppress
A parsing issue similar to CVE-2022-3171, but with textformat in protobuf-java core and lite versions prior to 3.21.7, 3.20.3, 3.19.6 and 3.16.3 can lead to a denial of service attack. Inputs containing multiple instances of non-repeated embedded messages with repeated or unknown fields causes objects to be converted back-n-forth between mutable and immutable forms, resulting in potentially long garbage collection pauses. We recommend updating to the versions mentioned above. CWE-20 Improper Input Validation
CVSSv2:
Base Score: HIGH (7.5) Vector: /AV:N/AC:L/Au:/C:N/I:N/A:H References:
Vulnerable Software & Versions (OSSINDEX):
cpe:2.3:a:com.google.protobuf:protobuf-java:3.17.3:*:*:*:*:*:*:* CVE-2021-22569 (OSSINDEX) suppress
An issue in protobuf-java allowed the interleaving of com.google.protobuf.UnknownFieldSet fields in such a way that would be processed out of order. A small malicious payload can occupy the parser for several minutes by creating large numbers of short-lived objects that cause frequent, repeated pauses. We recommend upgrading libraries beyond the vulnerable versions.
Sonatype's research suggests that this CVE's details differ from those defined at NVD. See https://ossindex.sonatype.org/vulnerability/CVE-2021-22569 for details CWE-noinfo
CVSSv2:
Base Score: MEDIUM (5.5) Vector: /AV:L/AC:L/Au:/C:N/I:N/A:H References:
Vulnerable Software & Versions (OSSINDEX):
cpe:2.3:a:com.google.protobuf:protobuf-java:3.17.3:*:*:*:*:*:*:* protobuf-java-util-3.17.3.jarDescription:
Utilities for Protocol Buffers License:
https://opensource.org/licenses/BSD-3-Clause File Path: /var/simplicite/.m2/repository/com/google/protobuf/protobuf-java-util/3.17.3/protobuf-java-util-3.17.3.jar
MD5: 2622e6f183581d74e6e89cac23d7e44a
SHA1: 4340f06a346f46eab1b38feb066e4a2d30aed3b7
SHA256: bf320ed076000e1d8c7cbf7601b056acaecab80f75b9a659b9f6398d0d7e3f79
Referenced In Project/Scope: Simplicite Platform:compile
protobuf-java-util-3.17.3.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.simplicite/simplicite@5.2.54
Evidence Type Source Name Value Confidence Vendor file name protobuf-java-util High Vendor jar package name google Highest Vendor jar package name protobuf Highest Vendor jar package name util Highest Vendor Manifest automatic-module-name com.google.protobuf.util Medium Vendor Manifest bundle-docurl https://developers.google.com/protocol-buffers/ Low Vendor Manifest bundle-symbolicname com.google.protobuf.util Medium Vendor pom artifactid protobuf-java-util Highest Vendor pom artifactid protobuf-java-util Low Vendor pom groupid com.google.protobuf Highest Vendor pom name Protocol Buffers [Util] High Vendor pom parent-artifactid protobuf-parent Low Product file name protobuf-java-util High Product jar package name google Highest Product jar package name protobuf Highest Product jar package name util Highest Product Manifest automatic-module-name com.google.protobuf.util Medium Product Manifest bundle-docurl https://developers.google.com/protocol-buffers/ Low Product Manifest Bundle-Name Protocol Buffers [Util] Medium Product Manifest bundle-symbolicname com.google.protobuf.util Medium Product pom artifactid protobuf-java-util Highest Product pom groupid com.google.protobuf Highest Product pom name Protocol Buffers [Util] High Product pom parent-artifactid protobuf-parent Medium Version file version 3.17.3 High Version Manifest Bundle-Version 3.17.3 High Version pom version 3.17.3 Highest
CVE-2022-3171 suppress
A parsing issue with binary data in protobuf-java core and lite versions prior to 3.21.7, 3.20.3, 3.19.6 and 3.16.3 can lead to a denial of service attack. Inputs containing multiple instances of non-repeated embedded messages with repeated or unknown fields causes objects to be converted back-n-forth between mutable and immutable forms, resulting in potentially long garbage collection pauses. We recommend updating to the versions mentioned above. NVD-CWE-noinfo
CVSSv3:
Base Score: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H References:
Vulnerable Software & Versions: (show all )
proton-j-0.33.8.jarDescription:
Proton is a library for speaking AMQP. License:
https://www.apache.org/licenses/LICENSE-2.0.txt File Path: /var/simplicite/.m2/repository/org/apache/qpid/proton-j/0.33.8/proton-j-0.33.8.jar
MD5: cd1f6987b69e8f5bfc2847fe8695fd79
SHA1: f7e503d4505d73c604c3a4a8e190d461136c9797
SHA256: 2181e51532fcd1d5fcc7bddea8bf1b4e69cc028346777780011b30faea8d70cb
Referenced In Project/Scope: Simplicite Platform:compile
proton-j-0.33.8.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.apache.qpid/qpid-jms-client@1.1.0
Evidence Type Source Name Value Confidence Vendor file name proton-j High Vendor jar package name apache Highest Vendor jar package name proton Highest Vendor jar package name qpid Highest Vendor Manifest automatic-module-name org.apache.qpid.proton.j Medium Vendor Manifest build-jdk-spec 1.8 Low Vendor Manifest bundle-docurl https://www.apache.org/ Low Vendor Manifest bundle-symbolicname org.apache.qpid.proton-j Medium Vendor pom artifactid proton-j Highest Vendor pom artifactid proton-j Low Vendor pom groupid org.apache.qpid Highest Vendor pom name Proton-J High Vendor pom parent-artifactid proton-j-parent Low Product file name proton-j High Product jar package name amqp Highest Product jar package name apache Highest Product jar package name proton Highest Product jar package name qpid Highest Product Manifest automatic-module-name org.apache.qpid.proton.j Medium Product Manifest build-jdk-spec 1.8 Low Product Manifest bundle-docurl https://www.apache.org/ Low Product Manifest Bundle-Name Proton-J Medium Product Manifest bundle-symbolicname org.apache.qpid.proton-j Medium Product pom artifactid proton-j Highest Product pom groupid org.apache.qpid Highest Product pom name Proton-J High Product pom parent-artifactid proton-j-parent Medium Version file version 0.33.8 High Version Manifest Bundle-Version 0.33.8 High Version pom version 0.33.8 Highest
pseudomap:1.0.2Description:
A thing that is a lot like ES6 `Map`, but without iterators, for use in environments where `for..of` syntax and `Map` are not available. License:
ISC File Path: /var/simplicite/simplicite-5.2/package-lock.json?/pseudomap:1.0.2
Referenced In Projects/Scopes: simplicite-js:5.2.54/lru-cache:4.1.5 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author Isaac Z. Schlueter <i@izs.me> (http://blog.izs.me/) Highest Vendor package.json bugs.url https://github.com/isaacs/pseudomap/issues Highest Vendor package.json description A thing that is a lot like ES6 `Map`, but without iterators, for use in environments where `for..of` syntax and `Map` are not available. Highest Vendor package.json homepage https://github.com/isaacs/pseudomap#readme Highest Vendor package.json name pseudomap Highest Vendor package.json name pseudomap_project Highest Product package.json name pseudomap Highest Version package.json version 1.0.2 Highest
Related Dependencies pseudomap:1.0.2File Path: /var/simplicite/simplicite-5.2/package-lock.json?lru-cache:4.1.5/pseudomap:^1.0.2 pkg:npm/pseudomap@1.0.2 pump:3.0.0Description:
pipe streams together and close all of them if one of them closes License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/pump:3.0.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/get-stream:5.2.0 simplicite-js:5.2.54/get-stream:4.1.0 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author Mathias Buus Madsen <mathiasbuus@gmail.com> Highest Vendor package.json description pipe streams together and close all of them if one of them closes Highest Vendor package.json name pump Highest Vendor package.json name pump_project Highest Product package.json name pump Highest Version package.json version 3.0.0 Highest
Related Dependencies pump:3.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?get-stream:4.1.0/pump:^3.0.0 pkg:npm/pump@3.0.0 pump:3.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?get-stream:5.2.0/pump:^3.0.0 pkg:npm/pump@3.0.0 punycode:2.3.0Description:
A robust Punycode converter that fully complies to RFC 3492 and RFC 5891, and works on nearly all JavaScript platforms. License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?uri-js:4.4.1/punycode:^2.1.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/uri-js:4.4.1 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author.name Mathias Bynens Highest Vendor package.json author.url https://mathiasbynens.be/ Highest Vendor package.json bugs https://github.com/mathiasbynens/punycode.js/issues Highest Vendor package.json description A robust Punycode converter that fully complies to RFC 3492 and RFC 5891, and works on nearly all JavaScript platforms. Highest Vendor package.json homepage https://mths.be/punycode Highest Vendor package.json name punycode Highest Vendor package.json name punycode_project Highest Product package.json name punycode Highest Version package.json version 2.3.0 Highest
Related Dependencies punycode:2.3.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?/punycode:2.3.0 pkg:npm/punycode@2.3.0 pupa:2.1.1Description:
Simple micro templating License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?update-notifier:4.1.3/pupa:^2.0.1
Referenced In Projects/Scopes: simplicite-js:5.2.54/update-notifier:6.0.2 simplicite-js:5.2.54/update-notifier:4.1.3 simplicite-js:5.2.54/update-notifier:5.1.0 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author.email sindresorhus@gmail.com Highest Vendor package.json author.name Sindre Sorhus Highest Vendor package.json author.url https://sindresorhus.com Highest Vendor package.json author.url sindresorhus.com Highest Vendor package.json description Simple micro templating Highest Vendor package.json name pupa Highest Vendor package.json name pupa_project Highest Product package.json name pupa Highest Version package.json version 2.1.1 Highest
Related Dependencies pupa:2.1.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?/pupa:2.1.1 pkg:npm/pupa@2.1.1 pupa:2.1.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?update-notifier:5.1.0/pupa:^2.1.1 pkg:npm/pupa@2.1.1 pupa:2.1.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?update-notifier:6.0.2/pupa:^3.1.0 pkg:npm/pupa@2.1.1 pupa:3.1.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?/pupa:3.1.0 pkg:npm/pupa@3.1.0 qpid-jms-client-1.1.0.jarDescription:
The core JMS Client implementation License:
https://www.apache.org/licenses/LICENSE-2.0.txt File Path: /var/simplicite/.m2/repository/org/apache/qpid/qpid-jms-client/1.1.0/qpid-jms-client-1.1.0.jar
MD5: 50603ba8c2efa1fc9ba66259af3293ae
SHA1: 7b0201557bb76108f43282aeac523f8c3b11f7e8
SHA256: 84523481e3374b53b1a45b6de5835c09975a10b29f446a7e83cb14124bdf1872
Referenced In Project/Scope: Simplicite Platform:compile
qpid-jms-client-1.1.0.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.simplicite/simplicite@5.2.54
Evidence Type Source Name Value Confidence Vendor file name qpid-jms-client High Vendor jar package name apache Highest Vendor jar package name jms Highest Vendor jar package name qpid Highest Vendor Manifest bundle-docurl https://www.apache.org/ Low Vendor Manifest bundle-symbolicname org.apache.qpid.jms.client Medium Vendor pom artifactid qpid-jms-client Highest Vendor pom artifactid qpid-jms-client Low Vendor pom groupid org.apache.qpid Highest Vendor pom name QpidJMS Client High Vendor pom parent-artifactid qpid-jms-parent Low Product file name qpid-jms-client High Product jar package name apache Highest Product jar package name jms Highest Product jar package name qpid Highest Product Manifest bundle-docurl https://www.apache.org/ Low Product Manifest Bundle-Name QpidJMS Client Medium Product Manifest bundle-symbolicname org.apache.qpid.jms.client Medium Product pom artifactid qpid-jms-client Highest Product pom groupid org.apache.qpid Highest Product pom name QpidJMS Client High Product pom parent-artifactid qpid-jms-parent Medium Version file version 1.1.0 High Version Manifest Bundle-Version 1.1.0 High Version pom version 1.1.0 Highest
qrgen-1.4.jarDescription:
a simple QRCode generation api for java built on top ZXING License:
Apache License v2: http://www.apache.org/licenses/LICENSE-2.0.html File Path: /var/simplicite/.m2/repository/net/glxn/qrgen/1.4/qrgen-1.4.jar
MD5: 22aedd5cea2b5d4edc650ab1e08a1ff9
SHA1: fbb2465ec16db786a164e66f2a1e67e2e9254303
SHA256: 4985f423c0ced38a1b60ac0f2b76e9a260fe54a276ed313c362ae85fdbe39c35
Referenced In Project/Scope: Simplicite Platform:compile
qrgen-1.4.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.simplicite/simplicite@5.2.54
Evidence Type Source Name Value Confidence Vendor file name qrgen High Vendor jar package name glxn Highest Vendor jar package name glxn Low Vendor jar package name net Highest Vendor jar package name net Low Vendor jar package name qrcode Highest Vendor jar package name qrgen Highest Vendor jar package name qrgen Low Vendor pom artifactid qrgen Highest Vendor pom artifactid qrgen Low Vendor pom developer email ken@glxn.net Low Vendor pom developer name Ken Gullaksen Medium Vendor pom groupid net.glxn Highest Vendor pom name QRGen High Vendor pom url http://kenglxn.github.io/QRGen/ Highest Product file name qrgen High Product jar package name glxn Highest Product jar package name glxn Low Product jar package name net Highest Product jar package name qrcode Highest Product jar package name qrgen Highest Product jar package name qrgen Low Product pom artifactid qrgen Highest Product pom developer email ken@glxn.net Low Product pom developer name Ken Gullaksen Low Product pom groupid net.glxn Highest Product pom name QRGen High Product pom url http://kenglxn.github.io/QRGen/ Medium Version file version 1.4 High Version pom version 1.4 Highest
quartz-2.3.2.jarDescription:
Enterprise Job Scheduler License:
http://www.apache.org/licenses/LICENSE-2.0.txt
Apache Software License, Version 2.0 File Path: /var/simplicite/.m2/repository/org/quartz-scheduler/quartz/2.3.2/quartz-2.3.2.jar
MD5: d7299dbaec0e0ed7af281b07cc40c8c1
SHA1: 18a6d6b5a40b77bd060b34cb9f2acadc4bae7c8a
SHA256: 639c6a675bc472e1568df9d8c954ff702da6f83ed27da0ff9a7bd12ed73b8bf0
Referenced In Project/Scope: Simplicite Platform:compile
quartz-2.3.2.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.simplicite/simplicite@5.2.54
Evidence Type Source Name Value Confidence Vendor file name quartz High Vendor hint analyzer vendor softwareag Highest Vendor jar package name job Highest Vendor jar package name quartz Highest Vendor jar package name scheduler Highest Vendor Manifest bundle-docurl http://www.terracotta.org Low Vendor Manifest bundle-requiredexecutionenvironment JavaSE-1.6 Low Vendor Manifest bundle-symbolicname org.quartz-scheduler.quartz Medium Vendor Manifest terracotta-name quartz Medium Vendor Manifest terracotta-projectstatus Supported Low Vendor pom artifactid quartz Highest Vendor pom artifactid quartz Low Vendor pom groupid org.quartz-scheduler Highest Vendor pom name quartz High Vendor pom parent-artifactid quartz-parent Low Product file name quartz High Product jar package name job Highest Product jar package name quartz Highest Product jar package name scheduler Highest Product jar package name terracotta Highest Product Manifest bundle-docurl http://www.terracotta.org Low Product Manifest Bundle-Name quartz Medium Product Manifest bundle-requiredexecutionenvironment JavaSE-1.6 Low Product Manifest bundle-symbolicname org.quartz-scheduler.quartz Medium Product Manifest terracotta-name quartz Medium Product Manifest terracotta-projectstatus Supported Low Product pom artifactid quartz Highest Product pom groupid org.quartz-scheduler Highest Product pom name quartz High Product pom parent-artifactid quartz-parent Medium Version file version 2.3.2 High Version Manifest Bundle-Version 2.3.2 High Version pom version 2.3.2 Highest
CVE-2023-39017 suppress
quartz-jobs 2.3.2 and below was discovered to contain a code injection vulnerability in the component org.quartz.jobs.ee.jms.SendQueueMessageJob.execute. This vulnerability is exploited via passing an unchecked argument. NOTE: this is disputed by multiple parties because it is not plausible that untrusted user input would reach the code location where injection must occur. CWE-94 Improper Control of Generation of Code ('Code Injection')
CVSSv3:
Base Score: CRITICAL (9.8) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H References:
Vulnerable Software & Versions:
query-ast:1.0.5Description:
A library to traverse/modify an AST License:
BSD-3-Clause File Path: /var/simplicite/simplicite-5.2/package-lock.json?/query-ast:1.0.5
Referenced In Projects/Scopes: simplicite-js:5.2.54 simplicite-js:5.2.54/depcheck:1.4.3 Evidence Type Source Name Value Confidence Vendor package.json bugs.url https://github.com/salesforce-ux/query-ast/issues Highest Vendor package.json description A library to traverse/modify an AST Highest Vendor package.json homepage https://github.com/salesforce-ux/query-ast Highest Vendor package.json name query-ast Highest Vendor package.json name query-ast_project Highest Product package.json name query-ast Highest Version package.json version 1.0.5 Highest
Related Dependencies query-ast:1.0.5File Path: /var/simplicite/simplicite-5.2/package-lock.json?depcheck:1.4.3/query-ast:^1.0.3 pkg:npm/query-ast@1.0.5 queue-microtask:1.2.3Description:
fast, tiny `queueMicrotask` shim for modern engines License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?run-parallel:1.2.0/queue-microtask:^1.2.2
Referenced In Projects/Scopes: simplicite-js:5.2.54/run-parallel:1.2.0 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author.email feross@feross.org Highest Vendor package.json author.name Feross Aboukhadijeh Highest Vendor package.json author.url https://feross.org Highest Vendor package.json bugs.url https://github.com/feross/queue-microtask/issues Highest Vendor package.json description fast, tiny `queueMicrotask` shim for modern engines Highest Vendor package.json homepage https://github.com/feross/queue-microtask Highest Vendor package.json name queue-microtask Highest Vendor package.json name queue-microtask_project Highest Product package.json name queue-microtask Highest Version package.json version 1.2.3 Highest
Related Dependencies queue-microtask:1.2.3File Path: /var/simplicite/simplicite-5.2/package-lock.json?/queue-microtask:1.2.3 pkg:npm/queue-microtask@1.2.3 quick-lru:4.0.1Description:
Simple "Least Recently Used" (LRU) cache License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/quick-lru:4.0.1
Referenced In Projects/Scopes: simplicite-js:5.2.54/camelcase-keys:6.2.2 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author.email sindresorhus@gmail.com Highest Vendor package.json author.name Sindre Sorhus Highest Vendor package.json author.url sindresorhus.com Highest Vendor package.json description Simple "Least Recently Used" (LRU) cache Highest Vendor package.json name quick-lru Highest Vendor package.json name quick-lru_project Highest Product package.json name quick-lru Highest Version package.json version 4.0.1 Highest
Related Dependencies quick-lru:4.0.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?camelcase-keys:6.2.2/quick-lru:^4.0.1 pkg:npm/quick-lru@4.0.1 quick-lru:5.1.1Description:
Simple “Least Recently Used” (LRU) cache License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/quick-lru:5.1.1
Referenced In Projects/Scopes: simplicite-js:5.2.54/http2-wrapper:2.2.0 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author.email sindresorhus@gmail.com Highest Vendor package.json author.name Sindre Sorhus Highest Vendor package.json author.url https://sindresorhus.com Highest Vendor package.json description Simple “Least Recently Used” (LRU) cache Highest Vendor package.json name quick-lru Highest Vendor package.json name quick-lru_project Highest Product package.json name quick-lru Highest Version package.json version 5.1.1 Highest
Related Dependencies quick-lru:5.1.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?http2-wrapper:2.2.0/quick-lru:^5.1.1 pkg:npm/quick-lru@5.1.1 rc-config-loader:4.1.3Description:
load config file from .{product}rc.{json,yml,js} License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/rc-config-loader:4.1.3
Referenced In Projects/Scopes: simplicite-js:5.2.54/npm-check:6.0.1 simplicite-js:5.2.54/npm-check-updates:16.14.14 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author azu Highest Vendor package.json bugs.url https://github.com/azu/rc-config-loader/issues Highest Vendor package.json description load config file from .{product}rc.{json,yml,js} Highest Vendor package.json homepage https://github.com/azu/rc-config-loader Highest Vendor package.json name rc-config-loader Highest Vendor package.json name rc-config-loader_project Highest Product package.json name rc-config-loader Highest Version package.json version 4.1.3 Highest
Related Dependencies rc-config-loader:4.1.3File Path: /var/simplicite/simplicite-5.2/package-lock.json?npm-check-updates:16.14.14/rc-config-loader:^4.1.3 pkg:npm/rc-config-loader@4.1.3 rc-config-loader:4.1.3File Path: /var/simplicite/simplicite-5.2/package-lock.json?npm-check:6.0.1/rc-config-loader:^4.0.0 pkg:npm/rc-config-loader@4.1.3 rc:1.2.8Description:
hardwired configuration loader License:
(BSD-2-Clause OR MIT OR Apache-2.0) File Path: /var/simplicite/simplicite-5.2/package-lock.json?registry-url:5.1.0/rc:^1.2.8
Referenced In Projects/Scopes: simplicite-js:5.2.54/registry-url:5.1.0 simplicite-js:5.2.54/registry-auth-token:4.2.2 simplicite-js:5.2.54/license-report:6.5.0 simplicite-js:5.2.54 simplicite-js:5.2.54/registry-url:6.0.1 Evidence Type Source Name Value Confidence Vendor package.json author Dominic Tarr <dominic.tarr@gmail.com> (dominictarr.com) Highest Vendor package.json description hardwired configuration loader Highest Vendor package.json name rc Highest Vendor package.json name rc_project Highest Product package.json name rc Highest Version package.json version 1.2.8 Highest
Related Dependencies rc:1.2.8File Path: /var/simplicite/simplicite-5.2/package-lock.json?/rc:1.2.8 pkg:npm/rc@1.2.8 rc:1.2.8File Path: /var/simplicite/simplicite-5.2/package-lock.json?license-report:6.5.0/rc:^1.2.8 pkg:npm/rc@1.2.8 rc:1.2.8File Path: /var/simplicite/simplicite-5.2/package-lock.json?registry-auth-token:4.2.2/rc:1.2.8 pkg:npm/rc@1.2.8 rc:1.2.8File Path: /var/simplicite/simplicite-5.2/package-lock.json?registry-url:6.0.1/rc:1.2.8 pkg:npm/rc@1.2.8 read-package-json-fast:3.0.2Description:
Like read-package-json, but faster License:
ISC File Path: /var/simplicite/simplicite-5.2/package-lock.json?/read-package-json-fast:3.0.2
Referenced In Projects/Scopes: simplicite-js:5.2.54/@npmcli/run-script:6.0.2 simplicite-js:5.2.54/pacote:15.2.0 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author GitHub Inc. Highest Vendor package.json description Like read-package-json, but faster Highest Vendor package.json name read-package-json-fast Highest Vendor package.json name read-package-json-fast_project Highest Product package.json name read-package-json-fast Highest Version package.json version 3.0.2 Highest
Related Dependencies read-package-json-fast:3.0.2File Path: /var/simplicite/simplicite-5.2/package-lock.json?@npmcli/run-script:6.0.2/read-package-json-fast:^3.0.0 pkg:npm/read-package-json-fast@3.0.2 read-package-json-fast:3.0.2File Path: /var/simplicite/simplicite-5.2/package-lock.json?pacote:15.2.0/read-package-json-fast:^3.0.0 pkg:npm/read-package-json-fast@3.0.2 read-package-json:6.0.4Description:
The thing npm uses to read package.json files with semantics and defaults and validation License:
ISC File Path: /var/simplicite/simplicite-5.2/package-lock.json?/read-package-json:6.0.4
Referenced In Projects/Scopes: simplicite-js:5.2.54/pacote:15.2.0 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author GitHub Inc. Highest Vendor package.json description The thing npm uses to read package.json files with semantics and defaults and validation Highest Vendor package.json name read-package-json Highest Vendor package.json name read-package-json_project Highest Product package.json name read-package-json Highest Version package.json version 6.0.4 Highest
Related Dependencies read-package-json:6.0.4File Path: /var/simplicite/simplicite-5.2/package-lock.json?pacote:15.2.0/read-package-json:^6.0.0 pkg:npm/read-package-json@6.0.4 read-pkg-up:7.0.1Description:
Read the closest package.json file License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/read-pkg-up:7.0.1
Referenced In Projects/Scopes: simplicite-js:5.2.54/meow:9.0.0 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author.email sindresorhus@gmail.com Highest Vendor package.json author.name Sindre Sorhus Highest Vendor package.json author.url sindresorhus.com Highest Vendor package.json description Read the closest package.json file Highest Vendor package.json name read-pkg-up Highest Vendor package.json name read-pkg-up_project Highest Product package.json name read-pkg-up Highest Version package.json version 7.0.1 Highest
Related Dependencies read-pkg-up:7.0.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?meow:9.0.0/read-pkg-up:^7.0.1 pkg:npm/read-pkg-up@7.0.1 read-pkg:5.2.0Description:
Read a package.json file License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?read-pkg-up:7.0.1/read-pkg:^5.2.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/read-pkg-up:7.0.1 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author.email sindresorhus@gmail.com Highest Vendor package.json author.name Sindre Sorhus Highest Vendor package.json author.url sindresorhus.com Highest Vendor package.json description Read a package.json file Highest Vendor package.json name read-pkg Highest Vendor package.json name read-pkg_project Highest Product package.json name read-pkg Highest Version package.json version 5.2.0 Highest
Related Dependencies read-pkg:5.2.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?/read-pkg:5.2.0 pkg:npm/read-pkg@5.2.0 readable-stream:1.1.14Description:
Streams3, a user-land copy of the stream library from Node.js v0.11.x License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/readable-stream:1.1.14
Referenced In Projects/Scopes: simplicite-js:5.2.54/htmlparser2:3.8.3 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author Isaac Z. Schlueter <i@izs.me> (http://blog.izs.me/) Highest Vendor package.json description Streams3, a user-land copy of the stream library from Node.js v0.11.x Highest Vendor package.json name readable-stream Highest Vendor package.json name readable-stream_project Highest Product package.json name readable-stream Highest Version package.json version 1.1.14 Highest
Related Dependencies readable-stream:1.1.14File Path: /var/simplicite/simplicite-5.2/package-lock.json?htmlparser2:3.8.3/readable-stream:1.1 pkg:npm/readable-stream@1.1.14 readable-stream:2.3.8Description:
Streams3, a user-land copy of the stream library from Node.js License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/readable-stream:2.3.8
Referenced In Projects/Scopes: simplicite-js:5.2.54 simplicite-js:5.2.54/jszip:3.7.1 Evidence Type Source Name Value Confidence Vendor package.json description Streams3, a user-land copy of the stream library from Node.js Highest Vendor package.json name readable-stream Highest Vendor package.json name readable-stream_project Highest Product package.json name readable-stream Highest Version package.json version 2.3.8 Highest
Related Dependencies readable-stream:2.3.8File Path: /var/simplicite/simplicite-5.2/package-lock.json?jszip:3.7.1/readable-stream:~2.3.6 pkg:npm/readable-stream@2.3.8 readable-stream:3.6.2Description:
Streams3, a user-land copy of the stream library from Node.js License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/readable-stream:3.6.2
Referenced In Projects/Scopes: simplicite-js:5.2.54/bl:4.1.0 simplicite-js:5.2.54/are-we-there-yet:3.0.1 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json description Streams3, a user-land copy of the stream library from Node.js Highest Vendor package.json name readable-stream Highest Vendor package.json name readable-stream_project Highest Product package.json name readable-stream Highest Version package.json version 3.6.2 Highest
Related Dependencies readable-stream:3.6.2File Path: /var/simplicite/simplicite-5.2/package-lock.json?are-we-there-yet:3.0.1/readable-stream:^3.6.0 pkg:npm/readable-stream@3.6.2 readable-stream:3.6.2File Path: /var/simplicite/simplicite-5.2/package-lock.json?bl:4.1.0/readable-stream:^3.4.0 pkg:npm/readable-stream@3.6.2 readdirp:3.6.0Description:
Recursive version of fs.readdir with streaming API. License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/readdirp:3.6.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/chokidar:3.5.3 simplicite-js:5.2.54 simplicite-js:5.2.54/depcheck:1.4.3 Evidence Type Source Name Value Confidence Vendor package.json author Thorsten Lorenz <thlorenz@gmx.de> (thlorenz.com) Highest Vendor package.json bugs.url https://github.com/paulmillr/readdirp/issues Highest Vendor package.json description Recursive version of fs.readdir with streaming API. Highest Vendor package.json homepage https://github.com/paulmillr/readdirp Highest Vendor package.json name readdirp Highest Vendor package.json name readdirp_project Highest Product package.json name readdirp Highest Version package.json version 3.6.0 Highest
Related Dependencies readdirp:3.6.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?chokidar:3.5.3/readdirp:~3.6.0 pkg:npm/readdirp@3.6.0 readdirp:3.6.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?depcheck:1.4.3/readdirp:^3.5.0 pkg:npm/readdirp@3.6.0 redent:3.0.0Description:
Strip redundant indentation and indent the string License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/redent:3.0.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/meow:9.0.0 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author.email sindresorhus@gmail.com Highest Vendor package.json author.name Sindre Sorhus Highest Vendor package.json author.url sindresorhus.com Highest Vendor package.json description Strip redundant indentation and indent the string Highest Vendor package.json name redent Highest Vendor package.json name redent_project Highest Product package.json name redent Highest Version package.json version 3.0.0 Highest
Related Dependencies redent:3.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?meow:9.0.0/redent:^3.0.0 pkg:npm/redent@3.0.0 regenerate-unicode-properties:10.1.0Description:
Regenerate sets for Unicode properties and values. License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?regexpu-core:5.3.2/regenerate-unicode-properties:^10.1.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/regexpu-core:5.3.2 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author.name Mathias Bynens Highest Vendor package.json author.url https://mathiasbynens.be/ Highest Vendor package.json bugs https://github.com/mathiasbynens/regenerate-unicode-properties/issues Highest Vendor package.json description Regenerate sets for Unicode properties and values. Highest Vendor package.json homepage https://github.com/mathiasbynens/regenerate-unicode-properties Highest Vendor package.json name regenerate-unicode-properties Highest Vendor package.json name regenerate-unicode-properties_project Highest Product package.json name regenerate-unicode-properties Highest Version package.json version 10.1.0 Highest
Related Dependencies regenerate-unicode-properties:10.1.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?/regenerate-unicode-properties:10.1.0 pkg:npm/regenerate-unicode-properties@10.1.0 regenerate:1.4.2Description:
Generate JavaScript-compatible regular expressions based on a given set of Unicode symbols or code points. License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?regexpu-core:5.3.2/regenerate:^1.4.2
Referenced In Projects/Scopes: simplicite-js:5.2.54/regexpu-core:5.3.2 simplicite-js:5.2.54 simplicite-js:5.2.54/regenerate-unicode-properties:10.1.0 Evidence Type Source Name Value Confidence Vendor package.json author.name Mathias Bynens Highest Vendor package.json author.url https://mathiasbynens.be/ Highest Vendor package.json bugs https://github.com/mathiasbynens/regenerate/issues Highest Vendor package.json description Generate JavaScript-compatible regular expressions based on a given set of Unicode symbols or code points. Highest Vendor package.json homepage https://mths.be/regenerate Highest Vendor package.json name regenerate Highest Vendor package.json name regenerate_project Highest Product package.json name regenerate Highest Version package.json version 1.4.2 Highest
Related Dependencies regenerate:1.4.2File Path: /var/simplicite/simplicite-5.2/package-lock.json?/regenerate:1.4.2 pkg:npm/regenerate@1.4.2 regenerate:1.4.2File Path: /var/simplicite/simplicite-5.2/package-lock.json?regenerate-unicode-properties:10.1.0/regenerate:^1.4.2 pkg:npm/regenerate@1.4.2 regenerator-runtime:0.14.0Description:
Runtime for Regenerator-compiled generator and async functions. License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/regenerator-runtime:0.14.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/@babel/node:7.23.9 simplicite-js:5.2.54/@babel/runtime:7.23.9 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author Ben Newman <bn@cs.stanford.edu> Highest Vendor package.json description Runtime for Regenerator-compiled generator and async functions. Highest Vendor package.json name regenerator-runtime Highest Vendor package.json name regenerator-runtime_project Highest Product package.json name regenerator-runtime Highest Version package.json version 0.14.0 Highest
Related Dependencies regenerator-runtime:0.14.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/node:7.23.9/regenerator-runtime:^0.14.0 pkg:npm/regenerator-runtime@0.14.0 regenerator-runtime:0.14.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/runtime:7.23.9/regenerator-runtime:^0.14.0 pkg:npm/regenerator-runtime@0.14.0 regenerator-transform:0.15.2Description:
Explode async and generator functions into a state machine. License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/regenerator-transform:0.15.2
Referenced In Projects/Scopes: simplicite-js:5.2.54/@babel/plugin-transform-regenerator:7.23.3 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author Ben Newman <bn@cs.stanford.edu> Highest Vendor package.json description Explode async and generator functions into a state machine. Highest Vendor package.json name regenerator-transform Highest Vendor package.json name regenerator-transform_project Highest Product package.json name regenerator-transform Highest Version package.json version 0.15.2 Highest
Related Dependencies regenerator-transform:0.15.2File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/plugin-transform-regenerator:7.23.3/regenerator-transform:^0.15.2 pkg:npm/regenerator-transform@0.15.2 regexp.prototype.flags:1.5.0Description:
ES6 spec-compliant RegExp.prototype.flags shim. License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/regexp.prototype.flags:1.5.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/es-abstract:1.21.2 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author Jordan Harband <ljharb@gmail.com> Highest Vendor package.json description ES6 spec-compliant RegExp.prototype.flags shim. Highest Vendor package.json name regexp.prototype.flags Highest Vendor package.json name regexp.prototype.flags_project Highest Product package.json name regexp.prototype.flags Highest Version package.json version 1.5.0 Highest
Related Dependencies regexp.prototype.flags:1.5.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?es-abstract:1.21.2/regexp.prototype.flags:^1.4.3 pkg:npm/regexp.prototype.flags@1.5.0 regexpu-core:5.3.2Description:
regexpu’s core functionality (i.e. `rewritePattern(pattern, flag)`), capable of translating ES6 Unicode regular expressions to ES5. License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/regexpu-core:5.3.2
Referenced In Projects/Scopes: simplicite-js:5.2.54/@babel/helper-create-regexp-features-plugin:7.22.15 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author.name Mathias Bynens Highest Vendor package.json author.url https://mathiasbynens.be/ Highest Vendor package.json bugs https://github.com/mathiasbynens/regexpu-core/issues Highest Vendor package.json description regexpu’s core functionality (i.e. `rewritePattern(pattern, flag)`), capable of translating ES6 Unicode regular expressions to ES5. Highest Vendor package.json homepage https://mths.be/regexpu Highest Vendor package.json name regexpu-core Highest Vendor package.json name regexpu-core_project Highest Product package.json name regexpu-core Highest Version package.json version 5.3.2 Highest
Related Dependencies regexpu-core:5.3.2File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/helper-create-regexp-features-plugin:7.22.15/regexpu-core:^5.3.1 pkg:npm/regexpu-core@5.3.2 registry-auth-token:4.2.2Description:
Get the auth token set for an npm registry (if any) License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/registry-auth-token:4.2.2
Referenced In Projects/Scopes: simplicite-js:5.2.54/package-json:8.1.1 simplicite-js:5.2.54 simplicite-js:5.2.54/package-json:6.5.0 Evidence Type Source Name Value Confidence Vendor package.json author Espen Hovlandsdal <espen@hovlandsdal.com> Highest Vendor package.json bugs.url https://github.com/rexxars/registry-auth-token/issues Highest Vendor package.json description Get the auth token set for an npm registry (if any) Highest Vendor package.json homepage https://github.com/rexxars/registry-auth-token#readme Highest Vendor package.json name registry-auth-token Highest Vendor package.json name registry-auth-token_project Highest Product package.json name registry-auth-token Highest Version package.json version 4.2.2 Highest
Related Dependencies registry-auth-token:4.2.2File Path: /var/simplicite/simplicite-5.2/package-lock.json?package-json:6.5.0/registry-auth-token:^4.0.0 pkg:npm/registry-auth-token@4.2.2 registry-auth-token:4.2.2File Path: /var/simplicite/simplicite-5.2/package-lock.json?package-json:8.1.1/registry-auth-token:^5.0.1 pkg:npm/registry-auth-token@4.2.2 registry-auth-token:5.0.2Description:
Get the auth token set for an npm registry (if any) License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/registry-auth-token:5.0.2
Referenced In Project/Scope: simplicite-js:5.2.54
Evidence Type Source Name Value Confidence Vendor package.json author Espen Hovlandsdal <espen@hovlandsdal.com> Highest Vendor package.json bugs.url https://github.com/rexxars/registry-auth-token/issues Highest Vendor package.json description Get the auth token set for an npm registry (if any) Highest Vendor package.json homepage https://github.com/rexxars/registry-auth-token#readme Highest Vendor package.json name registry-auth-token Highest Vendor package.json name registry-auth-token_project Highest Product package.json name registry-auth-token Highest Version package.json version 5.0.2 Highest
registry-url:5.1.0Description:
Get the set npm registry URL License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/registry-url:5.1.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/package-json:8.1.1 simplicite-js:5.2.54 simplicite-js:5.2.54/package-json:6.5.0 Evidence Type Source Name Value Confidence Vendor package.json author.email sindresorhus@gmail.com Highest Vendor package.json author.name Sindre Sorhus Highest Vendor package.json author.url sindresorhus.com Highest Vendor package.json description Get the set npm registry URL Highest Vendor package.json name registry-url Highest Vendor package.json name registry-url_project Highest Product package.json name registry-url Highest Version package.json version 5.1.0 Highest
Related Dependencies registry-url:5.1.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?package-json:6.5.0/registry-url:^5.0.0 pkg:npm/registry-url@5.1.0 registry-url:5.1.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?package-json:8.1.1/registry-url:^6.0.0 pkg:npm/registry-url@5.1.0 registry-url:6.0.1Description:
Get the set npm registry URL License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/registry-url:6.0.1
Referenced In Project/Scope: simplicite-js:5.2.54
Evidence Type Source Name Value Confidence Vendor package.json author.email sindresorhus@gmail.com Highest Vendor package.json author.name Sindre Sorhus Highest Vendor package.json author.url https://sindresorhus.com Highest Vendor package.json description Get the set npm registry URL Highest Vendor package.json name registry-url Highest Vendor package.json name registry-url_project Highest Product package.json name registry-url Highest Version package.json version 6.0.1 Highest
regjsparser:0.9.1License:
BSD-2-Clause File Path: /var/simplicite/simplicite-5.2/package-lock.json?/regjsparser:0.9.1
Referenced In Projects/Scopes: simplicite-js:5.2.54/regexpu-core:5.3.2 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author 'Julian Viereck' <julian.viereck@gmail.com> Highest Vendor package.json homepage https://github.com/jviereck/regjsparser Highest Vendor package.json name regjsparser Highest Vendor package.json name regjsparser_project Highest Product package.json name regjsparser Highest Version package.json version 0.9.1 Highest
Related Dependencies regjsparser:0.9.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?regexpu-core:5.3.2/regjsparser:^0.9.1 pkg:npm/regjsparser@0.9.1 relaxng-datatype-2.3.4.jarDescription:
RelaxNG Datatype library. License:
http://www.eclipse.org/org/documents/edl-v10.php File Path: /var/simplicite/.m2/repository/com/sun/xml/bind/external/relaxng-datatype/2.3.4/relaxng-datatype-2.3.4.jar
MD5: 16bc84c029a2ea1350d86be887178615
SHA1: 5b2712a7a9fc1947640a45bb7b519d8d13196854
SHA256: 8b8819d440a5fb1e6b3d5fe525128f15ddf8ee35414bd7ceda28981e1f3ffed4
Referenced In Project/Scope: Simplicite Platform:compile
relaxng-datatype-2.3.4.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.glassfish.jaxb/jaxb-xjc@2.3.4
Evidence Type Source Name Value Confidence Vendor file name relaxng-datatype High Vendor jar package name datatype Highest Vendor jar package name sun Highest Vendor jar (hint) package name oracle Highest Vendor Manifest build-jdk-spec 11 Low Vendor Manifest bundle-docurl https://www.eclipse.org Low Vendor Manifest bundle-symbolicname com.sun.xml.bind.external.relaxng-datatype Medium Vendor Manifest implementation-build-id 2.3.4 - 2a16b4e Low Vendor Manifest Implementation-Vendor Eclipse Foundation High Vendor pom artifactid relaxng-datatype Highest Vendor pom artifactid relaxng-datatype Low Vendor pom groupid com.sun.xml.bind.external Highest Vendor pom name RelaxNG Datatype High Vendor pom parent-artifactid jaxb-external-parent Low Vendor pom parent-groupid com.sun.xml.bind.mvn Medium Product file name relaxng-datatype High Product jar package name datatype Highest Product jar package name sun Highest Product Manifest build-jdk-spec 11 Low Product Manifest bundle-docurl https://www.eclipse.org Low Product Manifest Bundle-Name RelaxNG Datatype Medium Product Manifest bundle-symbolicname com.sun.xml.bind.external.relaxng-datatype Medium Product Manifest implementation-build-id 2.3.4 - 2a16b4e Low Product Manifest Implementation-Title RelaxNG Datatype High Product pom artifactid relaxng-datatype Highest Product pom groupid com.sun.xml.bind.external Highest Product pom name RelaxNG Datatype High Product pom parent-artifactid jaxb-external-parent Medium Product pom parent-groupid com.sun.xml.bind.mvn Medium Version file version 2.3.4 High Version Manifest Bundle-Version 2.3.4 High Version Manifest implementation-build-id 2.3.4 Low Version Manifest Implementation-Version 2.3.4 High Version pom version 2.3.4 Highest
remote-git-tags:3.0.0Description:
Get tags from a remote Git repo License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/remote-git-tags:3.0.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/npm-check-updates:16.14.14 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author.email sindresorhus@gmail.com Highest Vendor package.json author.name Sindre Sorhus Highest Vendor package.json author.url sindresorhus.com Highest Vendor package.json description Get tags from a remote Git repo Highest Vendor package.json name remote-git-tags Highest Vendor package.json name remote-git-tags_project Highest Product package.json name remote-git-tags Highest Version package.json version 3.0.0 Highest
Related Dependencies remote-git-tags:3.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?npm-check-updates:16.14.14/remote-git-tags:^3.0.0 pkg:npm/remote-git-tags@3.0.0 require-directory:2.1.1Description:
Recursively iterates over specified directory, require()'ing each file, and returning a nested hash structure containing those modules. License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?yargs:16.2.0/require-directory:^2.1.1
Referenced In Projects/Scopes: simplicite-js:5.2.54/yargs:16.2.0 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author Troy Goode <troygoode@gmail.com> (http://github.com/troygoode/) Highest Vendor package.json bugs.url http://github.com/troygoode/node-require-directory/issues/ Highest Vendor package.json description Recursively iterates over specified directory, require()'ing each file, and returning a nested hash structure containing those modules. Highest Vendor package.json homepage https://github.com/troygoode/node-require-directory/ Highest Vendor package.json name require-directory Highest Vendor package.json name require-directory_project Highest Product package.json name require-directory Highest Version package.json version 2.1.1 Highest
Related Dependencies require-directory:2.1.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?/require-directory:2.1.1 pkg:npm/require-directory@2.1.1 require-from-string:2.0.2Description:
Require module from string License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?ajv:8.12.0/require-from-string:^2.0.2
Referenced In Projects/Scopes: simplicite-js:5.2.54/rc-config-loader:4.1.3 simplicite-js:5.2.54/ajv:8.12.0 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author.email floatdrop@gmail.com Highest Vendor package.json author.name Vsevolod Strukchinsky Highest Vendor package.json author.url github.com/floatdrop Highest Vendor package.json description Require module from string Highest Vendor package.json name require-from-string Highest Vendor package.json name require-from-string_project Highest Product package.json name require-from-string Highest Version package.json version 2.0.2 Highest
Related Dependencies require-from-string:2.0.2File Path: /var/simplicite/simplicite-5.2/package-lock.json?/require-from-string:2.0.2 pkg:npm/require-from-string@2.0.2 require-from-string:2.0.2File Path: /var/simplicite/simplicite-5.2/package-lock.json?rc-config-loader:4.1.3/require-from-string:^2.0.2 pkg:npm/require-from-string@2.0.2 require-package-name:2.0.1Description:
gets the package name for a require statement License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/require-package-name:2.0.1
Referenced In Projects/Scopes: simplicite-js:5.2.54 simplicite-js:5.2.54/depcheck:1.4.3 Evidence Type Source Name Value Confidence Vendor package.json author.email dave.des@gmail.com Highest Vendor package.json author.name Matt DesLauriers Highest Vendor package.json author.url https://github.com/mattdesl Highest Vendor package.json bugs.url https://github.com/mattdesl/require-package-name/issues Highest Vendor package.json description gets the package name for a require statement Highest Vendor package.json homepage https://github.com/mattdesl/require-package-name Highest Vendor package.json name require-package-name Highest Vendor package.json name require-package-name_project Highest Product package.json name require-package-name Highest Version package.json version 2.0.1 Highest
Related Dependencies require-package-name:2.0.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?depcheck:1.4.3/require-package-name:^2.0.1 pkg:npm/require-package-name@2.0.1 requizzle:0.2.4Description:
Swizzle a little something into your require() calls. License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/requizzle:0.2.4
Referenced In Projects/Scopes: simplicite-js:5.2.54/jsdoc:4.0.2 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author Jeff Williams <jeffrey.l.williams@gmail.com> Highest Vendor package.json bugs.url https://github.com/hegemonic/requizzle/issues Highest Vendor package.json description Swizzle a little something into your require() calls. Highest Vendor package.json homepage https://github.com/hegemonic/requizzle Highest Vendor package.json name requizzle Highest Vendor package.json name requizzle_project Highest Product package.json name requizzle Highest Version package.json version 0.2.4 Highest
Related Dependencies requizzle:0.2.4File Path: /var/simplicite/simplicite-5.2/package-lock.json?jsdoc:4.0.2/requizzle:^0.2.3 pkg:npm/requizzle@0.2.4 resolve-alpn:1.2.1Description:
Detects the ALPN protocol License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/resolve-alpn:1.2.1
Referenced In Projects/Scopes: simplicite-js:5.2.54/http2-wrapper:2.2.0 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author Szymon Marczak Highest Vendor package.json bugs.url https://github.com/szmarczak/resolve-alpn/issues Highest Vendor package.json description Detects the ALPN protocol Highest Vendor package.json homepage https://github.com/szmarczak/resolve-alpn#readme Highest Vendor package.json name resolve-alpn Highest Vendor package.json name resolve-alpn_project Highest Product package.json name resolve-alpn Highest Version package.json version 1.2.1 Highest
Related Dependencies resolve-alpn:1.2.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?http2-wrapper:2.2.0/resolve-alpn:^1.2.0 pkg:npm/resolve-alpn@1.2.1 resolve-from:4.0.0Description:
Resolve the path of a module like `require.resolve()` but from a given path License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/resolve-from:4.0.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/import-fresh:3.3.0 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author.email sindresorhus@gmail.com Highest Vendor package.json author.name Sindre Sorhus Highest Vendor package.json author.url sindresorhus.com Highest Vendor package.json description Resolve the path of a module like `require.resolve()` but from a given path Highest Vendor package.json name resolve-from Highest Vendor package.json name resolve-from_project Highest Product package.json name resolve-from Highest Version package.json version 4.0.0 Highest
Related Dependencies resolve-from:4.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?import-fresh:3.3.0/resolve-from:^4.0.0 pkg:npm/resolve-from@4.0.0 resolve-from:5.0.0Description:
Resolve the path of a module like `require.resolve()` but from a given path License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/resolve-from:5.0.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/stylelint:14.16.1 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author.email sindresorhus@gmail.com Highest Vendor package.json author.name Sindre Sorhus Highest Vendor package.json author.url sindresorhus.com Highest Vendor package.json description Resolve the path of a module like `require.resolve()` but from a given path Highest Vendor package.json name resolve-from Highest Vendor package.json name resolve-from_project Highest Product package.json name resolve-from Highest Version package.json version 5.0.0 Highest
Related Dependencies resolve-from:5.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?stylelint:14.16.1/resolve-from:^5.0.0 pkg:npm/resolve-from@5.0.0 resolve:1.22.2Description:
resolve like require.resolve() on behalf of files asynchronously and synchronously License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/resolve:1.22.2
Referenced In Projects/Scopes: simplicite-js:5.2.54/normalize-package-data:2.5.0 simplicite-js:5.2.54/@babel/helper-define-polyfill-provider:0.5.0 simplicite-js:5.2.54 simplicite-js:5.2.54/depcheck:1.4.3 Evidence Type Source Name Value Confidence Vendor package.json author.email mail@substack.net Highest Vendor package.json author.name James Halliday Highest Vendor package.json author.url http://substack.net Highest Vendor package.json description resolve like require.resolve() on behalf of files asynchronously and synchronously Highest Vendor package.json name resolve Highest Vendor package.json name resolve_project Highest Product package.json name resolve Highest Version package.json version 1.22.2 Highest
Related Dependencies resolve:1.22.2File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/helper-define-polyfill-provider:0.5.0/resolve:^1.14.2 pkg:npm/resolve@1.22.2 resolve:1.22.2File Path: /var/simplicite/simplicite-5.2/package-lock.json?depcheck:1.4.3/resolve:^1.18.1 pkg:npm/resolve@1.22.2 resolve:1.22.2File Path: /var/simplicite/simplicite-5.2/package-lock.json?normalize-package-data:2.5.0/resolve:^1.10.0 pkg:npm/resolve@1.22.2 responselike:1.0.2Description:
A response-like object for mocking a Node.js HTTP response stream License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/responselike:1.0.2
Referenced In Project/Scope: simplicite-js:5.2.54
Evidence Type Source Name Value Confidence Vendor package.json author lukechilds Highest Vendor package.json description A response-like object for mocking a Node.js HTTP response stream Highest Vendor package.json name responselike Highest Vendor package.json name responselike_project Highest Product package.json name responselike Highest Version package.json version 1.0.2 Highest
responselike:3.0.0Description:
A response-like object for mocking a Node.js HTTP response stream License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/responselike:3.0.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/cacheable-request:6.1.0 simplicite-js:5.2.54/cacheable-request:10.2.12 simplicite-js:5.2.54/got:12.6.1 simplicite-js:5.2.54 simplicite-js:5.2.54/got:13.0.0 Evidence Type Source Name Value Confidence Vendor package.json author Luke Childs <lukechilds123@gmail.com> (https://lukechilds.co.uk) Highest Vendor package.json description A response-like object for mocking a Node.js HTTP response stream Highest Vendor package.json name responselike Highest Vendor package.json name responselike_project Highest Product package.json name responselike Highest Version package.json version 3.0.0 Highest
Related Dependencies responselike:3.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?cacheable-request:10.2.12/responselike:^3.0.0 pkg:npm/responselike@3.0.0 responselike:3.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?cacheable-request:6.1.0/responselike:^1.0.2 pkg:npm/responselike@3.0.0 responselike:3.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?got:12.6.1/responselike:^3.0.0 pkg:npm/responselike@3.0.0 responselike:3.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?got:13.0.0/responselike:^3.0.0 pkg:npm/responselike@3.0.0 restore-cursor:3.1.0Description:
Gracefully restore the CLI cursor on exit License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/restore-cursor:3.1.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/cli-cursor:3.1.0 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author.email sindresorhus@gmail.com Highest Vendor package.json author.name Sindre Sorhus Highest Vendor package.json author.url sindresorhus.com Highest Vendor package.json description Gracefully restore the CLI cursor on exit Highest Vendor package.json name restore-cursor Highest Vendor package.json name restore-cursor_project Highest Product package.json name restore-cursor Highest Version package.json version 3.1.0 Highest
Related Dependencies restore-cursor:3.1.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?cli-cursor:3.1.0/restore-cursor:^3.1.0 pkg:npm/restore-cursor@3.1.0 retry:0.12.0Description:
Abstraction for exponential and custom retry strategies for failed operations. License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/retry:0.12.0
Referenced In Projects/Scopes: simplicite-js:5.2.54 simplicite-js:5.2.54/promise-retry:2.0.1 Evidence Type Source Name Value Confidence Vendor package.json author Tim Koschützki <tim@debuggable.com> (http://debuggable.com/) Highest Vendor package.json description Abstraction for exponential and custom retry strategies for failed operations. Highest Vendor package.json homepage https://github.com/tim-kos/node-retry Highest Vendor package.json name retry Highest Vendor package.json name retry_project Highest Product package.json name retry Highest Version package.json version 0.12.0 Highest
Related Dependencies retry:0.12.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?promise-retry:2.0.1/retry:^0.12.0 pkg:npm/retry@0.12.0 reusify:1.0.4Description:
Reuse objects and functions with style License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/reusify:1.0.4
Referenced In Projects/Scopes: simplicite-js:5.2.54/fastq:1.15.0 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author Matteo Collina <hello@matteocollina.com> Highest Vendor package.json bugs.url https://github.com/mcollina/reusify/issues Highest Vendor package.json description Reuse objects and functions with style Highest Vendor package.json homepage https://github.com/mcollina/reusify#readme Highest Vendor package.json name reusify Highest Vendor package.json name reusify_project Highest Product package.json name reusify Highest Version package.json version 1.0.4 Highest
Related Dependencies reusify:1.0.4File Path: /var/simplicite/simplicite-5.2/package-lock.json?fastq:1.15.0/reusify:^1.0.4 pkg:npm/reusify@1.0.4 rhino-1.7.13.jarDescription:
Rhino is an open-source implementation of JavaScript written entirely in Java.
It is typically embedded into Java applications to provide scripting to end users.
License:
Mozilla Public License, Version 2.0: http://www.mozilla.org/MPL/2.0/index.txt File Path: /var/simplicite/.m2/repository/org/mozilla/rhino/1.7.13/rhino-1.7.13.jar
MD5: 17d7bed97d9c03a77578ec16e26bfc2f
SHA1: e6b2e12dc79fbdc58d8bf62a583705a551ec37d6
SHA256: 931dda33789d8e004ff5b5478ee3d6d224305de330c48266df7c3e49d52fc606
Referenced In Project/Scope: Simplicite Platform:compile
rhino-1.7.13.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.simplicite/simplicite@5.2.54
Evidence Type Source Name Value Confidence Vendor file name rhino High Vendor jar package name javascript Highest Vendor jar package name mozilla Highest Vendor Manifest built-date 2020-09-02 Low Vendor Manifest built-time 11:53:29 Low Vendor Manifest bundle-symbolicname org.mozilla.rhino Medium Vendor Manifest implementation-url http://www.mozilla.org/rhino Low Vendor Manifest Implementation-Vendor Mozilla Foundation High Vendor pom artifactid rhino Highest Vendor pom artifactid rhino Low Vendor pom groupid org.mozilla Highest Vendor pom organization name The Mozilla Foundation High Vendor pom organization url http://www.mozilla.org Medium Vendor pom url https://developer.mozilla.org/en/Rhino Highest Product file name rhino High Product jar package name javascript Highest Product jar package name mozilla Highest Product Manifest built-date 2020-09-02 Low Product Manifest built-time 11:53:29 Low Product Manifest bundle-symbolicname org.mozilla.rhino Medium Product Manifest Implementation-Title Mozilla Rhino High Product Manifest implementation-url http://www.mozilla.org/rhino Low Product pom artifactid rhino Highest Product pom groupid org.mozilla Highest Product pom organization name The Mozilla Foundation Low Product pom organization url http://www.mozilla.org Low Product pom url https://developer.mozilla.org/en/Rhino Medium Version file version 1.7.13 High Version Manifest Bundle-Version 1.7.13 High Version Manifest Implementation-Version 1.7.13 High Version pom version 1.7.13 Highest
rhino-1.7.13.jar: test.jsFile Path: /var/simplicite/.m2/repository/org/mozilla/rhino/1.7.13/rhino-1.7.13.jar/org/mozilla/javascript/tools/debugger/test.jsMD5: 3f4137118304ccd25816067cf8d1edd6SHA1: d3c7ae4c10cb6c7ac191cb65a39e53ba6a4e6cfbSHA256: 950d2db0a646488500b58ba76a02c33501a048708c083e3b743b73b16e105331Referenced In Project/Scope: Simplicite Platform:compile
Evidence Type Source Name Value Confidence
rhino-js-engine-1.7.10.jarDescription:
A js-engine.jar that provides a script engine "rhino" with old Rhino JavaScript.
The source code for js-engine comes from https://java.net/projects/Scripting.
The Rhino engine itself is pulled by maven. Its source is at https://github.com/mozilla/rhino.
License:
The BSD 3-Clause License: https://opensource.org/licenses/BSD-3-Clause File Path: /var/simplicite/.m2/repository/cat/inspiracio/rhino-js-engine/1.7.10/rhino-js-engine-1.7.10.jar
MD5: 5543d39bea21e5c9515e8d967a61e1b1
SHA1: 09cc9336acf7bd2f370ae812d5713e90463edc33
SHA256: b47d73c223c86fd3f70470a9a8269626dbb6e9cb0195d062ba53171a2df7ff44
Referenced In Project/Scope: Simplicite Platform:compile
rhino-js-engine-1.7.10.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.simplicite/simplicite@5.2.54
Evidence Type Source Name Value Confidence Vendor file name rhino-js-engine High Vendor jar package name javascript Highest Vendor jar package name phobos Low Vendor jar package name script Highest Vendor jar package name script Low Vendor jar package name sun Low Vendor jar (hint) package name oracle Low Vendor pom artifactid rhino-js-engine Highest Vendor pom artifactid rhino-js-engine Low Vendor pom developer email alex@inspiracio.cat Low Vendor pom developer name Alexander Bunkenburg Medium Vendor pom developer org inspiració.cat Medium Vendor pom developer org URL http://www.inspiracio.cat Medium Vendor pom groupid cat.inspiracio Highest Vendor pom name rhino-js-engine High Vendor pom url http://www.inspiracio.cat Highest Product file name rhino-js-engine High Product jar package name javascript Highest Product jar package name phobos Low Product jar package name script Highest Product jar package name script Low Product jar package name util Low Product pom artifactid rhino-js-engine Highest Product pom developer email alex@inspiracio.cat Low Product pom developer name Alexander Bunkenburg Low Product pom developer org inspiració.cat Low Product pom developer org URL http://www.inspiracio.cat Low Product pom groupid cat.inspiracio Highest Product pom name rhino-js-engine High Product pom url http://www.inspiracio.cat Medium Version file version 1.7.10 High Version pom version 1.7.10 Highest
rhino-js-engine-1.7.10.jar: toplevel.jsFile Path: /var/simplicite/.m2/repository/cat/inspiracio/rhino-js-engine/1.7.10/rhino-js-engine-1.7.10.jar/META-INF/toplevel.jsMD5: 491854ddbf3787e63aec2d77d4aad938SHA1: 0cc36fe5c5269749b8d94252d7490d2d82bda8edSHA256: 511041250766b0811a7767801a1bec1be89a5bddbbe9e455ad7ea2057ba473f7Referenced In Project/Scope: Simplicite Platform:compile
Evidence Type Source Name Value Confidence
rimraf:3.0.2Description:
A deep deletion module for node (like `rm -rf`) License:
ISC File Path: /var/simplicite/simplicite-5.2/package-lock.json?/rimraf:3.0.2
Referenced In Projects/Scopes: simplicite-js:5.2.54/flat-cache:3.0.4 simplicite-js:5.2.54/node-gyp:9.4.0 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author Isaac Z. Schlueter <i@izs.me> (http://blog.izs.me/) Highest Vendor package.json description A deep deletion module for node (like `rm -rf`) Highest Vendor package.json name rimraf Highest Vendor package.json name rimraf_project Highest Product package.json name rimraf Highest Version package.json version 3.0.2 Highest
Related Dependencies rimraf:3.0.2File Path: /var/simplicite/simplicite-5.2/package-lock.json?flat-cache:3.0.4/rimraf:^3.0.2 pkg:npm/rimraf@3.0.2 rimraf:3.0.2File Path: /var/simplicite/simplicite-5.2/package-lock.json?node-gyp:9.4.0/rimraf:^3.0.2 pkg:npm/rimraf@3.0.2 rimraf:5.0.5Description:
A deep deletion module for node (like `rm -rf`) License:
ISC File Path: /var/simplicite/simplicite-5.2/package-lock.json?/rimraf:5.0.5
Referenced In Projects/Scopes: simplicite-js:5.2.54/npm-check-updates:16.14.14 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author Isaac Z. Schlueter <i@izs.me> (http://blog.izs.me/) Highest Vendor package.json description A deep deletion module for node (like `rm -rf`) Highest Vendor package.json name rimraf Highest Vendor package.json name rimraf_project Highest Product package.json name rimraf Highest Version package.json version 5.0.5 Highest
Related Dependencies rimraf:5.0.5File Path: /var/simplicite/simplicite-5.2/package-lock.json?npm-check-updates:16.14.14/rimraf:^5.0.5 pkg:npm/rimraf@5.0.5 rngom-2.3.4.jarDescription:
RNGOM is a RelaxNG Object model library (XSOM for RelaxNG).
License:
http://www.eclipse.org/org/documents/edl-v10.php File Path: /var/simplicite/.m2/repository/com/sun/xml/bind/external/rngom/2.3.4/rngom-2.3.4.jar
MD5: 42f6df97140d71c05db8d17f22bedfb7
SHA1: 3ccfeb42b0ec2432f6a940cc32163d4479685093
SHA256: 4630528cc9361a1ad9b8208dfd157b3d0d9c3f5d5edda4245f705e081e1498c5
Referenced In Project/Scope: Simplicite Platform:compile
rngom-2.3.4.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.glassfish.jaxb/jaxb-xjc@2.3.4
Evidence Type Source Name Value Confidence Vendor file name rngom High Vendor jar package name rngom Highest Vendor jar package name sun Highest Vendor jar package name xml Highest Vendor jar (hint) package name oracle Highest Vendor Manifest build-jdk-spec 11 Low Vendor Manifest bundle-docurl https://www.eclipse.org Low Vendor Manifest bundle-symbolicname com.sun.xml.bind.external.rngom Medium Vendor Manifest implementation-build-id 2.3.4 - 2a16b4e Low Vendor Manifest Implementation-Vendor Eclipse Foundation High Vendor pom artifactid rngom Highest Vendor pom artifactid rngom Low Vendor pom groupid com.sun.xml.bind.external Highest Vendor pom name RNGOM High Vendor pom parent-artifactid jaxb-external-parent Low Vendor pom parent-groupid com.sun.xml.bind.mvn Medium Product file name rngom High Product jar package name rngom Highest Product jar package name sun Highest Product jar package name xml Highest Product Manifest build-jdk-spec 11 Low Product Manifest bundle-docurl https://www.eclipse.org Low Product Manifest Bundle-Name RNGOM Medium Product Manifest bundle-symbolicname com.sun.xml.bind.external.rngom Medium Product Manifest implementation-build-id 2.3.4 - 2a16b4e Low Product Manifest Implementation-Title RNGOM High Product pom artifactid rngom Highest Product pom groupid com.sun.xml.bind.external Highest Product pom name RNGOM High Product pom parent-artifactid jaxb-external-parent Medium Product pom parent-groupid com.sun.xml.bind.mvn Medium Version file version 2.3.4 High Version Manifest Bundle-Version 2.3.4 High Version Manifest implementation-build-id 2.3.4 Low Version Manifest Implementation-Version 2.3.4 High Version pom version 2.3.4 Highest
rome-1.15.0.jarDescription:
All Roads Lead to ROME. ROME is a set of Atom/RSS Java utilities that make it
easy to work in Java with most syndication formats. Today it accepts all flavors of RSS
(0.90, 0.91, 0.92, 0.93, 0.94, 1.0 and 2.0), Atom 0.3 and Atom 1.0 feeds. Rome includes
a set of parsers and generators for the various flavors of feeds, as well as converters
to convert from one format to another. The parsers can give you back Java objects that
are either specific for the format you want to work with, or a generic normalized
SyndFeed object that lets you work on with the data without bothering about the
underlying format.
License:
http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /var/simplicite/.m2/repository/com/rometools/rome/1.15.0/rome-1.15.0.jar
MD5: fb19e4055bbf68e833bc627a0c28b0ef
SHA1: d3614542b857eccc0555d1ee8dfc36d2043d9c1f
SHA256: 51cbcedae56ee0c32f25f3a367a6a9dadeef0f591d2f23d03486aec272e4d3f9
Referenced In Project/Scope: Simplicite Platform:compile
rome-1.15.0.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.apache.tika/tika-parsers@1.27
Evidence Type Source Name Value Confidence Vendor file name rome High Vendor jar package name atom Highest Vendor jar package name rome Highest Vendor jar package name rometools Highest Vendor jar package name rss Highest Vendor Manifest automatic-module-name com.rometools.rome Medium Vendor Manifest bundle-symbolicname com.rometools.rome Medium Vendor Manifest implementation-url http://rometools.com/rome Low Vendor Manifest Implementation-Vendor-Id com.rometools Medium Vendor pom artifactid rome Highest Vendor pom artifactid rome Low Vendor pom groupid com.rometools Highest Vendor pom name rome High Vendor pom parent-artifactid rome-parent Low Product file name rome High Product jar package name atom Highest Product jar package name rome Highest Product jar package name rometools Highest Product jar package name rss Highest Product Manifest automatic-module-name com.rometools.rome Medium Product Manifest Bundle-Name rome Medium Product Manifest bundle-symbolicname com.rometools.rome Medium Product Manifest Implementation-Title rome High Product Manifest implementation-url http://rometools.com/rome Low Product Manifest specification-title rome Medium Product pom artifactid rome Highest Product pom groupid com.rometools Highest Product pom name rome High Product pom parent-artifactid rome-parent Medium Version file version 1.15.0 High Version Manifest Bundle-Version 1.15.0 High Version Manifest Implementation-Version 1.15.0 High Version pom version 1.15.0 Highest
rome-utils-1.15.0.jarDescription:
Utility classes for ROME projects File Path: /var/simplicite/.m2/repository/com/rometools/rome-utils/1.15.0/rome-utils-1.15.0.jarMD5: 0caa762286674758448753c9a8f46803SHA1: ab1cb95382bf9a8dec81165d328bcbbf1acfb3aeSHA256: 2aaa1e95e0630ba5f4c183201f5ca6af8cecebcbf3494e7d11b903c9d1277cb8Referenced In Project/Scope: Simplicite Platform:compilerome-utils-1.15.0.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.apache.tika/tika-parsers@1.27
Evidence Type Source Name Value Confidence Vendor file name rome-utils High Vendor jar package name rometools Highest Vendor jar package name utils Highest Vendor Manifest automatic-module-name com.rometools.rome.utils Medium Vendor pom artifactid rome-utils Highest Vendor pom artifactid rome-utils Low Vendor pom groupid com.rometools Highest Vendor pom name rome-utils High Vendor pom parent-artifactid rome-parent Low Product file name rome-utils High Product jar package name rometools Highest Product jar package name utils Highest Product Manifest automatic-module-name com.rometools.rome.utils Medium Product pom artifactid rome-utils Highest Product pom groupid com.rometools Highest Product pom name rome-utils High Product pom parent-artifactid rome-parent Medium Version file version 1.15.0 High Version pom version 1.15.0 Highest
Related Dependencies rome-1.15.0.jar: rome-utils-1.15.0.jarFile Path: /var/simplicite/.m2/repository/com/rometools/rome/1.15.0/rome-1.15.0.jar/rome-utils-1.15.0.jar MD5: 0caa762286674758448753c9a8f46803 SHA1: ab1cb95382bf9a8dec81165d328bcbbf1acfb3ae SHA256: 2aaa1e95e0630ba5f4c183201f5ca6af8cecebcbf3494e7d11b903c9d1277cb8 pkg:maven/com.rometools/rome-utils@1.15.0 rrule:2.8.1Description:
JavaScript library for working with recurrence rules for calendar dates. License:
BSD-3-Clause File Path: /var/simplicite/simplicite-5.2/package-lock.json?/rrule:2.8.1
Referenced In Project/Scope: simplicite-js:5.2.54
Evidence Type Source Name Value Confidence Vendor package.json author Jakub Roztocil, Lars Schöning, and David Golightly Highest Vendor package.json description JavaScript library for working with recurrence rules for calendar dates. Highest Vendor package.json homepage http://jakubroztocil.github.io/rrule/ Highest Vendor package.json name rrule Highest Vendor package.json name rrule_project Highest Product package.json name rrule Highest Version package.json version 2.8.1 Highest
run-async:2.4.1Description:
Utility method to run function either synchronously or asynchronously using the common `this.async()` style. License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/run-async:2.4.1
Referenced In Projects/Scopes: simplicite-js:5.2.54/inquirer:7.3.3 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author Simon Boudrias <admin@simonboudrias.com> Highest Vendor package.json description Utility method to run function either synchronously or asynchronously using the common `this.async()` style. Highest Vendor package.json name run-async Highest Vendor package.json name run-async_project Highest Product package.json name run-async Highest Version package.json version 2.4.1 Highest
Related Dependencies run-async:2.4.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?inquirer:7.3.3/run-async:^2.4.0 pkg:npm/run-async@2.4.1 run-parallel:1.2.0Description:
Run an array of functions in parallel License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/run-parallel:1.2.0
Referenced In Projects/Scopes: simplicite-js:5.2.54 simplicite-js:5.2.54/@nodelib/fs.scandir:2.1.5 Evidence Type Source Name Value Confidence Vendor package.json author.email feross@feross.org Highest Vendor package.json author.name Feross Aboukhadijeh Highest Vendor package.json author.url https://feross.org Highest Vendor package.json bugs.url https://github.com/feross/run-parallel/issues Highest Vendor package.json description Run an array of functions in parallel Highest Vendor package.json homepage https://github.com/feross/run-parallel Highest Vendor package.json name run-parallel Highest Vendor package.json name run-parallel_project Highest Product package.json name run-parallel Highest Version package.json version 1.2.0 Highest
Related Dependencies run-parallel:1.2.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?@nodelib/fs.scandir:2.1.5/run-parallel:^1.1.9 pkg:npm/run-parallel@1.2.0 rxjs:6.6.7Description:
Reactive Extensions for modern JavaScript License:
Apache-2.0 File Path: /var/simplicite/simplicite-5.2/package-lock.json?/rxjs:6.6.7
Referenced In Projects/Scopes: simplicite-js:5.2.54/inquirer:7.3.3 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author Ben Lesh <ben@benlesh.com> Highest Vendor package.json bugs.url https://github.com/ReactiveX/RxJS/issues Highest Vendor package.json description Reactive Extensions for modern JavaScript Highest Vendor package.json homepage https://github.com/ReactiveX/RxJS Highest Vendor package.json name rxjs Highest Vendor package.json name rxjs_project Highest Product package.json name rxjs Highest Version package.json version 6.6.7 Highest
Related Dependencies rxjs:6.6.7File Path: /var/simplicite/simplicite-5.2/package-lock.json?inquirer:7.3.3/rxjs:^6.6.0 pkg:npm/rxjs@6.6.7 s3-2.4.0.jarDescription:
jclouds components to access an implementation of S3 File Path: /var/simplicite/.m2/repository/org/apache/jclouds/api/s3/2.4.0/s3-2.4.0.jarMD5: 329947d3abf02bebca800c333a9bd7f9SHA1: ec47a6df763be88ac6867581fca08c044e808ef7SHA256: a0e06a346fe16d84629f10e5f285a56c90b98b6b15df9d1f32d1d581093acccaReferenced In Project/Scope: Simplicite Platform:compiles3-2.4.0.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.apache.jclouds.provider/aws-s3@2.4.0
Evidence Type Source Name Value Confidence Vendor file name s3 High Vendor jar package name jclouds Highest Vendor jar package name s3 Highest Vendor Manifest bundle-symbolicname s3 Medium Vendor Manifest implementation-url https://jclouds.apache.org/s3/ Low Vendor Manifest Implementation-Vendor jclouds High Vendor Manifest Implementation-Vendor-Id org.apache.jclouds Medium Vendor Manifest specification-vendor jclouds Low Vendor pom artifactid s3 Highest Vendor pom artifactid s3 Low Vendor pom groupid org.apache.jclouds.api Highest Vendor pom name jclouds s3 api High Vendor pom parent-artifactid jclouds-project Low Vendor pom parent-groupid org.apache.jclouds Medium Product file name s3 High Product jar package name jclouds Highest Product jar package name s3 Highest Product Manifest Bundle-Name jclouds s3 api Medium Product Manifest bundle-symbolicname s3 Medium Product Manifest Implementation-Title jclouds s3 api High Product Manifest implementation-url https://jclouds.apache.org/s3/ Low Product Manifest specification-title jclouds jclouds s3 api Medium Product pom artifactid s3 Highest Product pom groupid org.apache.jclouds.api Highest Product pom name jclouds s3 api High Product pom parent-artifactid jclouds-project Medium Product pom parent-groupid org.apache.jclouds Medium Version file version 2.4.0 High Version Manifest Bundle-Version 2.4.0 High Version Manifest Implementation-Version 2.4.0 High Version pom version 2.4.0 Highest
safe-array-concat:1.0.0Description:
`Array.prototype.concat`, but made safe by ignoring Symbol.isConcatSpreadable License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/safe-array-concat:1.0.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/object.getownpropertydescriptors:2.1.6 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author Jordan Harband <ljharb@gmail.com> Highest Vendor package.json bugs.url https://github.com/ljharb/safe-array-concat/issues Highest Vendor package.json description `Array.prototype.concat`, but made safe by ignoring Symbol.isConcatSpreadable Highest Vendor package.json homepage https://github.com/ljharb/safe-array-concat#readme Highest Vendor package.json name safe-array-concat Highest Vendor package.json name safe-array-concat_project Highest Product package.json name safe-array-concat Highest Version package.json version 1.0.0 Highest
Related Dependencies safe-array-concat:1.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?object.getownpropertydescriptors:2.1.6/safe-array-concat:^1.0.0 pkg:npm/safe-array-concat@1.0.0 safe-buffer:5.2.1Description:
Safer Node.js Buffer API License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/safe-buffer:5.2.1
Referenced In Projects/Scopes: simplicite-js:5.2.54/readable-stream:2.3.8 simplicite-js:5.2.54/string_decoder:1.3.0 simplicite-js:5.2.54/string_decoder:1.1.1 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author.email feross@feross.org Highest Vendor package.json author.name Feross Aboukhadijeh Highest Vendor package.json author.url https://feross.org Highest Vendor package.json bugs.url https://github.com/feross/safe-buffer/issues Highest Vendor package.json description Safer Node.js Buffer API Highest Vendor package.json homepage https://github.com/feross/safe-buffer Highest Vendor package.json name safe-buffer Highest Vendor package.json name safe-buffer_project Highest Product package.json name safe-buffer Highest Version package.json version 5.2.1 Highest
Related Dependencies safe-buffer:5.1.2File Path: /var/simplicite/simplicite-5.2/package-lock.json?/safe-buffer:5.1.2 pkg:npm/safe-buffer@5.1.2 safe-buffer:5.2.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?readable-stream:2.3.8/safe-buffer:~5.1.1 pkg:npm/safe-buffer@5.2.1 safe-buffer:5.2.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?string_decoder:1.1.1/safe-buffer:~5.1.0 pkg:npm/safe-buffer@5.2.1 safe-buffer:5.2.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?string_decoder:1.3.0/safe-buffer:~5.2.0 pkg:npm/safe-buffer@5.2.1 safe-regex-test:1.0.0Description:
Give a regex, get a robust predicate function that tests it against a string. License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/safe-regex-test:1.0.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/es-abstract:1.21.2 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author Jordan Harband <ljharb@gmail.com> Highest Vendor package.json bugs.url https://github.com/ljharb/safe-regex-test/issues Highest Vendor package.json description Give a regex, get a robust predicate function that tests it against a string. Highest Vendor package.json homepage https://github.com/ljharb/safe-regex-test#readme Highest Vendor package.json name safe-regex-test Highest Vendor package.json name safe-regex-test_project Highest Product package.json name safe-regex-test Highest Version package.json version 1.0.0 Highest
Related Dependencies safe-regex-test:1.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?es-abstract:1.21.2/safe-regex-test:^1.0.0 pkg:npm/safe-regex-test@1.0.0 safer-buffer:2.1.2Description:
Modern Buffer API polyfill without footguns License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/safer-buffer:2.1.2
Referenced In Projects/Scopes: simplicite-js:5.2.54/iconv-lite:0.6.3 simplicite-js:5.2.54 simplicite-js:5.2.54/iconv-lite:0.4.24 Evidence Type Source Name Value Confidence Vendor package.json author.email chalkerx@gmail.com Highest Vendor package.json author.name Nikita Skovoroda Highest Vendor package.json author.url https://github.com/ChALkeR Highest Vendor package.json bugs.url https://github.com/ChALkeR/safer-buffer/issues Highest Vendor package.json description Modern Buffer API polyfill without footguns Highest Vendor package.json name safer-buffer Highest Vendor package.json name safer-buffer_project Highest Product package.json name safer-buffer Highest Version package.json version 2.1.2 Highest
Related Dependencies safer-buffer:2.1.2File Path: /var/simplicite/simplicite-5.2/package-lock.json?iconv-lite:0.4.24/safer-buffer:>= 2.1.2 < 3 pkg:npm/safer-buffer@2.1.2 safer-buffer:2.1.2File Path: /var/simplicite/simplicite-5.2/package-lock.json?iconv-lite:0.6.3/safer-buffer:>= 2.1.2 < 3.0.0 pkg:npm/safer-buffer@2.1.2 sass:1.63.6Description:
A pure JavaScript implementation of Sass. License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/sass:1.63.6
Referenced In Projects/Scopes: simplicite-js:5.2.54 simplicite-js:5.2.54/depcheck:1.4.3 Evidence Type Source Name Value Confidence Vendor package.json author.email nweiz@google.com Highest Vendor package.json author.name Natalie Weizenbaum Highest Vendor package.json author.url https://github.com/nex3 Highest Vendor package.json bugs https://github.com/sass/dart-sass/issues Highest Vendor package.json description A pure JavaScript implementation of Sass. Highest Vendor package.json homepage https://github.com/sass/dart-sass Highest Vendor package.json name sass Highest Vendor package.json name sass_project Highest Product package.json name sass Highest Version package.json version 1.63.6 Highest
Related Dependencies sass:1.63.6File Path: /var/simplicite/simplicite-5.2/package-lock.json?depcheck:1.4.3/sass:^1.29.0 pkg:npm/sass@1.63.6 scss-parser:1.0.6Description:
A library to parse/stringify SCSS License:
SEE LICENSE IN README File Path: /var/simplicite/simplicite-5.2/package-lock.json?/scss-parser:1.0.6
Referenced In Projects/Scopes: simplicite-js:5.2.54 simplicite-js:5.2.54/depcheck:1.4.3 Evidence Type Source Name Value Confidence Vendor package.json bugs.url https://github.com/salesforce-ux/scss-parser/issues Highest Vendor package.json description A library to parse/stringify SCSS Highest Vendor package.json name scss-parser Highest Vendor package.json name scss-parser_project Highest Product package.json name scss-parser Highest Version package.json version 1.0.6 Highest
Related Dependencies scss-parser:1.0.6File Path: /var/simplicite/simplicite-5.2/package-lock.json?depcheck:1.4.3/scss-parser:^1.0.4 pkg:npm/scss-parser@1.0.6 select2-theme-bootstrap4:1.0.0Description:
A theme for Select2 v4 and Bootstrap 4. License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/select2-theme-bootstrap4:1.0.0
Referenced In Project/Scope: simplicite-js:5.2.54
Evidence Type Source Name Value Confidence Vendor package.json author Florian Kissling Highest Vendor package.json bugs.url https://github.com/angel-vladov/select2-theme-bootstrap4/issues Highest Vendor package.json description A theme for Select2 v4 and Bootstrap 4. Highest Vendor package.json homepage https://angel-vladov.github.io/select2-theme-bootstrap4 Highest Vendor package.json name select2-theme-bootstrap4 Highest Vendor package.json name select2-theme-bootstrap4_project Highest Product package.json name select2-theme-bootstrap4 Highest Version package.json version 1.0.0 Highest
select2:4.0.13Description:
Select2 is a jQuery based replacement for select boxes. It supports searching, remote data sets, and infinite scrolling of results. License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/select2:4.0.13
Referenced In Project/Scope: simplicite-js:5.2.54
Evidence Type Source Name Value Confidence Vendor package.json author.name Kevin Brown Highest Vendor package.json author.url https://github.com/kevin-brown Highest Vendor package.json bugs.url https://github.com/select2/select2/issues Highest Vendor package.json description Select2 is a jQuery based replacement for select boxes. It supports searching, remote data sets, and infinite scrolling of results. Highest Vendor package.json homepage https://select2.org Highest Vendor package.json name select2 Highest Vendor package.json name select2_project Highest Product package.json name select2 Highest Version package.json version 4.0.13 Highest
semver-compare:1.0.0Description:
compare two semver version strings, returning -1, 0, or 1 License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/semver-compare:1.0.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/please-upgrade-node:3.2.0 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author.email mail@substack.net Highest Vendor package.json author.name James Halliday Highest Vendor package.json author.url http://substack.net Highest Vendor package.json description compare two semver version strings, returning -1, 0, or 1 Highest Vendor package.json homepage https://github.com/substack/semver-compare Highest Vendor package.json name semver-compare Highest Vendor package.json name semver-compare_project Highest Product package.json name semver-compare Highest Version package.json version 1.0.0 Highest
Related Dependencies semver-compare:1.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?please-upgrade-node:3.2.0/semver-compare:^1.0.0 pkg:npm/semver-compare@1.0.0 semver-diff:3.1.1Description:
Get the diff type of two semver versions: 0.0.1 0.0.2 → patch License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?update-notifier:4.1.3/semver-diff:^3.1.1
Referenced In Projects/Scopes: simplicite-js:5.2.54/npm-check:6.0.1 simplicite-js:5.2.54/update-notifier:6.0.2 simplicite-js:5.2.54/update-notifier:4.1.3 simplicite-js:5.2.54/update-notifier:5.1.0 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author.email sindresorhus@gmail.com Highest Vendor package.json author.name Sindre Sorhus Highest Vendor package.json author.url sindresorhus.com Highest Vendor package.json description Get the diff type of two semver versions: 0.0.1 0.0.2 → patch Highest Vendor package.json name semver-diff Highest Vendor package.json name semver-diff_project Highest Product package.json name semver-diff Highest Version package.json version 3.1.1 Highest
Related Dependencies semver-diff:3.1.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?/semver-diff:3.1.1 pkg:npm/semver-diff@3.1.1 semver-diff:3.1.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?npm-check:6.0.1/semver-diff:^3.1.1 pkg:npm/semver-diff@3.1.1 semver-diff:3.1.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?update-notifier:5.1.0/semver-diff:^3.1.1 pkg:npm/semver-diff@3.1.1 semver-diff:3.1.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?update-notifier:6.0.2/semver-diff:^4.0.0 pkg:npm/semver-diff@3.1.1 semver-diff:4.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?/semver-diff:4.0.0 pkg:npm/semver-diff@4.0.0 semver-utils:1.1.4Description:
Tools for manipulating semver strings and objects License:
APACHEv2 File Path: /var/simplicite/simplicite-5.2/package-lock.json?/semver-utils:1.1.4
Referenced In Projects/Scopes: simplicite-js:5.2.54/npm-check-updates:16.14.14 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author AJ ONeal Highest Vendor package.json description Tools for manipulating semver strings and objects Highest Vendor package.json homepage https://git.coolaj86.com/coolaj86/semver-utils.js Highest Vendor package.json name semver-utils Highest Vendor package.json name semver-utils_project Highest Product package.json name semver-utils Highest Version package.json version 1.1.4 Highest
Related Dependencies semver-utils:1.1.4File Path: /var/simplicite/simplicite-5.2/package-lock.json?npm-check-updates:16.14.14/semver-utils:^1.1.4 pkg:npm/semver-utils@1.1.4 semver:5.7.1Description:
The semantic version parser used by npm. License:
ISC File Path: /var/simplicite/simplicite-5.2/package-lock.json?/semver:5.7.1
Referenced In Project/Scope: simplicite-js:5.2.54
Evidence Type Source Name Value Confidence Vendor package.json description The semantic version parser used by npm. Highest Vendor package.json name semver Highest Vendor package.json name semver_project Highest Product package.json name semver Highest Version package.json version 5.7.1 Highest
CVE-2022-25883 (OSSINDEX) suppress
Versions of the package semver before 7.5.2 are vulnerable to Regular Expression Denial of Service (ReDoS) via the function new Range, when untrusted user data is provided as a range.
Sonatype's research suggests that this CVE's details differ from those defined at NVD. See https://ossindex.sonatype.org/vulnerability/CVE-2022-25883 for details CWE-1333 Inefficient Regular Expression Complexity
CVSSv2:
Base Score: HIGH (7.5) Vector: /AV:N/AC:L/Au:/C:N/I:N/A:H References:
Vulnerable Software & Versions (OSSINDEX):
cpe:2.3:a:*:semver:5.7.1:*:*:*:*:*:*:* semver:6.3.1Description:
The semantic version parser used by npm. License:
ISC File Path: /var/simplicite/simplicite-5.2/package-lock.json?semver-diff:3.1.1/semver:^6.3.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/normalize-package-data:3.0.3 simplicite-js:5.2.54/babel-plugin-polyfill-corejs2:0.4.8 simplicite-js:5.2.54/npm-install-checks:6.1.1 simplicite-js:5.2.54/semver-diff:4.0.0 simplicite-js:5.2.54/@babel/helper-create-class-features-plugin:7.23.10 simplicite-js:5.2.54/node-gyp:9.4.0 simplicite-js:5.2.54/editorconfig:0.15.3 simplicite-js:5.2.54/license-report:6.5.0 simplicite-js:5.2.54/npm-check-updates:16.14.14 simplicite-js:5.2.54/make-dir:3.1.0 simplicite-js:5.2.54/depcheck:1.4.3 simplicite-js:5.2.54/normalize-package-data:2.5.0 simplicite-js:5.2.54/builtins:5.0.1 simplicite-js:5.2.54/semver-diff:3.1.1 simplicite-js:5.2.54/eslint-plugin-jsdoc:48.0.4 simplicite-js:5.2.54/npm-package-arg:10.1.0 simplicite-js:5.2.54/@babel/preset-env:7.23.9 simplicite-js:5.2.54/npm-pick-manifest:8.0.2 simplicite-js:5.2.54/make-dir:2.1.0 simplicite-js:5.2.54/npm-check:6.0.1 simplicite-js:5.2.54/package-json:8.1.1 simplicite-js:5.2.54/@babel/helper-create-regexp-features-plugin:7.22.15 simplicite-js:5.2.54/update-notifier:5.1.0 simplicite-js:5.2.54/@npmcli/fs:3.1.0 simplicite-js:5.2.54/@babel/core:7.23.9 simplicite-js:5.2.54 simplicite-js:5.2.54/normalize-package-data:5.0.0 simplicite-js:5.2.54/node-environment-flags:1.0.6 simplicite-js:5.2.54/@babel/helper-compilation-targets:7.23.6 simplicite-js:5.2.54/update-notifier:6.0.2 simplicite-js:5.2.54/package-json:6.5.0 simplicite-js:5.2.54/@npmcli/git:4.1.0 Evidence Type Source Name Value Confidence Vendor package.json author GitHub Inc. Highest Vendor package.json description The semantic version parser used by npm. Highest Vendor package.json name semver Highest Vendor package.json name semver_project Highest Product package.json name semver Highest Version package.json version 6.3.1 Highest
Related Dependencies semver:7.5.4Description:
The semantic version parser used by npm. License:
ISC File Path: /var/simplicite/simplicite-5.2/package-lock.json?/semver:7.5.4
Referenced In Project/Scope: simplicite-js:5.2.54
Evidence Type Source Name Value Confidence Vendor package.json author GitHub Inc. Highest Vendor package.json description The semantic version parser used by npm. Highest Vendor package.json name semver Highest Vendor package.json name semver_project Highest Product package.json name semver Highest Version package.json version 7.5.4 Highest
sentence-case:3.0.4Description:
Transform into a lower case with spaces between words, then capitalize the string License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?tablemark:3.0.0/sentence-case:^3.0.4
Referenced In Projects/Scopes: simplicite-js:5.2.54/tablemark:3.0.0 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author.email hello@blakeembrey.com Highest Vendor package.json author.name Blake Embrey Highest Vendor package.json author.url http://blakeembrey.me Highest Vendor package.json bugs.url https://github.com/blakeembrey/change-case/issues Highest Vendor package.json description Transform into a lower case with spaces between words, then capitalize the string Highest Vendor package.json homepage https://github.com/blakeembrey/change-case/tree/master/packages/sentence-case#readme Highest Vendor package.json name sentence-case Highest Vendor package.json name sentence-case_project Highest Product package.json name sentence-case Highest Version package.json version 3.0.4 Highest
Related Dependencies sentence-case:3.0.4File Path: /var/simplicite/simplicite-5.2/package-lock.json?/sentence-case:3.0.4 pkg:npm/sentence-case@3.0.4 sentiment-analysis-parser-0.1.jarDescription:
Combines Apache OpenNLP and Apache Tika and provides facilities for automatically deriving sentiment from text. License:
The Apache License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /var/simplicite/.m2/repository/edu/usc/ir/sentiment-analysis-parser/0.1/sentiment-analysis-parser-0.1.jar
MD5: 69727e01cb8165e2e5d637e527ea82d4
SHA1: 20d1524a1270c1d26e3314d2ee71a12e6a29a27d
SHA256: 035a28b4d65993b405ddcc98b4bb67cd038d4617e5c8e5c2f4d16d34c8f49e2b
Referenced In Project/Scope: Simplicite Platform:compile
sentiment-analysis-parser-0.1.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.apache.tika/tika-parsers@1.27
Evidence Type Source Name Value Confidence Vendor file name sentiment-analysis-parser High Vendor jar package name apache Highest Vendor jar package name edu Highest Vendor jar package name ir Highest Vendor jar package name opennlp Highest Vendor jar package name opennlp Low Vendor jar package name parser Highest Vendor jar package name sentiment Highest Vendor jar package name sentiment Low Vendor jar package name tika Highest Vendor jar package name tools Low Vendor jar package name usc Highest Vendor pom artifactid sentiment-analysis-parser Highest Vendor pom artifactid sentiment-analysis-parser Low Vendor pom developer name Anastasija Mensikova Medium Vendor pom developer org Trinity Medium Vendor pom groupid edu.usc.ir Highest Vendor pom name SentimentAnalysisParser High Vendor pom url USCDataScience/SentimentAnalysisParser Highest Product file name sentiment-analysis-parser High Product jar package name apache Highest Product jar package name edu Highest Product jar package name ir Highest Product jar package name opennlp Highest Product jar package name parser Highest Product jar package name sentiment Highest Product jar package name sentiment Low Product jar package name tika Highest Product jar package name tools Low Product jar package name usc Highest Product pom artifactid sentiment-analysis-parser Highest Product pom developer name Anastasija Mensikova Low Product pom developer org Trinity Low Product pom groupid edu.usc.ir Highest Product pom name SentimentAnalysisParser High Product pom url USCDataScience/SentimentAnalysisParser High Version file version 0.1 High Version pom version 0.1 Highest
serializer-2.7.2.jarDescription:
Serializer to write out XML, HTML etc. as a stream of characters from an input DOM or from input
SAX events.
File Path: /var/simplicite/.m2/repository/xalan/serializer/2.7.2/serializer-2.7.2.jarMD5: e8325763fd4235f174ab7b72ed815db1SHA1: 24247f3bb052ee068971393bdb83e04512bb1c3cSHA256: e8f5b4340d3b12a0cfa44ac2db4be4e0639e479ae847df04c4ed8b521734bb4aReferenced In Project/Scope: Simplicite Platform:compileserializer-2.7.2.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/xalan/xalan@2.7.2
Evidence Type Source Name Value Confidence Vendor file name serializer High Vendor jar package name apache Highest Vendor jar package name serializer Highest Vendor jar package name xml Highest Vendor manifest: org/apache/xml/serializer/ Implementation-Vendor Apache Software Foundation Medium Vendor manifest: org/apache/xml/serializer/utils/ Implementation-Vendor Apache Software Foundation Medium Vendor pom artifactid serializer Highest Vendor pom artifactid serializer Low Vendor pom groupid xalan Highest Vendor pom name Xalan Java Serializer High Vendor pom parent-artifactid apache Low Vendor pom parent-groupid org.apache Medium Vendor pom url http://xml.apache.org/xalan-j/ Highest Product file name serializer High Product jar package name apache Highest Product jar package name serializer Highest Product jar package name utils Highest Product jar package name xml Highest Product manifest: org/apache/xml/serializer/ Implementation-Title org.apache.xml.serializer Medium Product manifest: org/apache/xml/serializer/ Specification-Title XSL Transformations (XSLT), at http://www.w3.org/TR/xslt Medium Product manifest: org/apache/xml/serializer/utils/ Implementation-Title org.apache.xml.serializer.utils Medium Product pom artifactid serializer Highest Product pom groupid xalan Highest Product pom name Xalan Java Serializer High Product pom parent-artifactid apache Medium Product pom parent-groupid org.apache Medium Product pom url http://xml.apache.org/xalan-j/ Medium Version file version 2.7.2 High Version manifest: org/apache/xml/serializer/ Implementation-Version 2.7.2 Medium Version manifest: org/apache/xml/serializer/utils/ Implementation-Version 2.7.2 Medium Version pom parent-version 2.7.2 Low Version pom version 2.7.2 Highest
CVE-2022-34169 suppress
The Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets. This can be used to corrupt Java class files generated by the internal XSLTC compiler and execute arbitrary Java bytecode. Users are recommended to update to version 2.7.3 or later. Note: Java runtimes (such as OpenJDK) include repackaged copies of Xalan. CWE-681 Incorrect Conversion between Numeric Types
CVSSv3:
Base Score: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N References:
Vulnerable Software & Versions: (show all )
set-blocking:2.0.0Description:
set blocking stdio and stderr ensuring that terminal output does not truncate License:
ISC File Path: /var/simplicite/simplicite-5.2/package-lock.json?/set-blocking:2.0.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/npmlog:6.0.2 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author Ben Coe <ben@npmjs.com> Highest Vendor package.json bugs.url https://github.com/yargs/set-blocking/issues Highest Vendor package.json description set blocking stdio and stderr ensuring that terminal output does not truncate Highest Vendor package.json homepage https://github.com/yargs/set-blocking#readme Highest Vendor package.json name set-blocking Highest Vendor package.json name set-blocking_project Highest Product package.json name set-blocking Highest Version package.json version 2.0.0 Highest
Related Dependencies set-blocking:2.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?npmlog:6.0.2/set-blocking:^2.0.0 pkg:npm/set-blocking@2.0.0 set-immediate-shim:1.0.1Description:
Simple setImmediate shim License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/set-immediate-shim:1.0.1
Referenced In Projects/Scopes: simplicite-js:5.2.54 simplicite-js:5.2.54/jszip:3.7.1 Evidence Type Source Name Value Confidence Vendor package.json author.email sindresorhus@gmail.com Highest Vendor package.json author.name Sindre Sorhus Highest Vendor package.json author.url sindresorhus.com Highest Vendor package.json description Simple setImmediate shim Highest Vendor package.json name set-immediate-shim Highest Vendor package.json name set-immediate-shim_project Highest Product package.json name set-immediate-shim Highest Version package.json version 1.0.1 Highest
Related Dependencies set-immediate-shim:1.0.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?jszip:3.7.1/set-immediate-shim:~1.0.1 pkg:npm/set-immediate-shim@1.0.1 shallow-clone:3.0.1Description:
Creates a shallow clone of any JavaScript value. License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/shallow-clone:3.0.1
Referenced In Projects/Scopes: simplicite-js:5.2.54 simplicite-js:5.2.54/clone-deep:4.0.1 Evidence Type Source Name Value Confidence Vendor package.json author Jon Schlinkert (https://github.com/jonschlinkert) Highest Vendor package.json bugs.url https://github.com/jonschlinkert/shallow-clone/issues Highest Vendor package.json description Creates a shallow clone of any JavaScript value. Highest Vendor package.json homepage https://github.com/jonschlinkert/shallow-clone Highest Vendor package.json name shallow-clone Highest Vendor package.json name shallow-clone_project Highest Product package.json name shallow-clone Highest Version package.json version 3.0.1 Highest
Related Dependencies shallow-clone:3.0.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?clone-deep:4.0.1/shallow-clone:^3.0.0 pkg:npm/shallow-clone@3.0.1 shebang-command:2.0.0Description:
Get the command from a shebang License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/shebang-command:2.0.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/cross-spawn:7.0.3 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author.email kevinmartensson@gmail.com Highest Vendor package.json author.name Kevin Mårtensson Highest Vendor package.json author.url github.com/kevva Highest Vendor package.json description Get the command from a shebang Highest Vendor package.json name shebang-command Highest Vendor package.json name shebang-command_project Highest Product package.json name shebang-command Highest Version package.json version 2.0.0 Highest
Related Dependencies shebang-command:2.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?cross-spawn:7.0.3/shebang-command:^2.0.0 pkg:npm/shebang-command@2.0.0 shebang-regex:3.0.0Description:
Regular expression for matching a shebang line License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/shebang-regex:3.0.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/shebang-command:2.0.0 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author.email sindresorhus@gmail.com Highest Vendor package.json author.name Sindre Sorhus Highest Vendor package.json author.url sindresorhus.com Highest Vendor package.json description Regular expression for matching a shebang line Highest Vendor package.json name shebang-regex Highest Vendor package.json name shebang-regex_project Highest Product package.json name shebang-regex Highest Version package.json version 3.0.0 Highest
Related Dependencies shebang-regex:3.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?shebang-command:2.0.0/shebang-regex:^3.0.0 pkg:npm/shebang-regex@3.0.0 shelljs:0.3.0Description:
Portable Unix shell commands for Node.js License:
BSD* File Path: /var/simplicite/simplicite-5.2/package-lock.json?/shelljs:0.3.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/jshint:2.13.1 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author Artur Adib <aadib@mozilla.com> Highest Vendor package.json description Portable Unix shell commands for Node.js Highest Vendor package.json homepage http://github.com/arturadib/shelljs Highest Vendor package.json name shelljs Highest Vendor package.json name shelljs_project Highest Product package.json name shelljs Highest Version package.json version 0.3.0 Highest
Related Dependencies shelljs:0.3.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?jshint:2.13.1/shelljs:0.3.x pkg:npm/shelljs@0.3.0 CVE-2022-0144 suppress
shelljs is vulnerable to Improper Privilege Management CWE-269 Improper Privilege Management
CVSSv2:
Base Score: LOW (3.6) Vector: /AV:L/AC:L/Au:N/C:P/I:N/A:P CVSSv3:
Base Score: HIGH (7.1) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H References:
Vulnerable Software & Versions:
side-channel:1.0.4Description:
Store information about any JS value in a side channel. Uses WeakMap if available. License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/side-channel:1.0.4
Referenced In Projects/Scopes: simplicite-js:5.2.54/internal-slot:1.0.5 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author Jordan Harband <ljharb@gmail.com> Highest Vendor package.json bugs.url https://github.com/ljharb/side-channel/issues Highest Vendor package.json description Store information about any JS value in a side channel. Uses WeakMap if available. Highest Vendor package.json homepage https://github.com/ljharb/side-channel#readme Highest Vendor package.json name side-channel Highest Vendor package.json name side-channel_project Highest Product package.json name side-channel Highest Version package.json version 1.0.4 Highest
Related Dependencies side-channel:1.0.4File Path: /var/simplicite/simplicite-5.2/package-lock.json?internal-slot:1.0.5/side-channel:^1.0.4 pkg:npm/side-channel@1.0.4 sigmund:1.0.1Description:
Quick and dirty signatures for Objects. License:
ISC File Path: /var/simplicite/simplicite-5.2/package-lock.json?/sigmund:1.0.1
Referenced In Projects/Scopes: simplicite-js:5.2.54/editorconfig:0.15.3 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author Isaac Z. Schlueter <i@izs.me> (http://blog.izs.me/) Highest Vendor package.json description Quick and dirty signatures for Objects. Highest Vendor package.json name sigmund Highest Vendor package.json name sigmund_project Highest Product package.json name sigmund Highest Version package.json version 1.0.1 Highest
Related Dependencies sigmund:1.0.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?editorconfig:0.15.3/sigmund:^1.0.1 pkg:npm/sigmund@1.0.1 signal-exit:3.0.7Description:
when you want to fire an event no matter how a process exits. License:
ISC File Path: /var/simplicite/simplicite-5.2/package-lock.json?write-file-atomic:4.0.2/signal-exit:^3.0.7
Referenced In Projects/Scopes: simplicite-js:5.2.54/restore-cursor:3.1.0 simplicite-js:5.2.54/gauge:4.0.4 simplicite-js:5.2.54/execa:5.1.1 simplicite-js:5.2.54/write-file-atomic:4.0.2 simplicite-js:5.2.54 simplicite-js:5.2.54/write-file-atomic:3.0.3 Evidence Type Source Name Value Confidence Vendor package.json author Ben Coe <ben@npmjs.com> Highest Vendor package.json bugs.url https://github.com/tapjs/signal-exit/issues Highest Vendor package.json description when you want to fire an event no matter how a process exits. Highest Vendor package.json homepage https://github.com/tapjs/signal-exit Highest Vendor package.json name signal-exit Highest Vendor package.json name signal-exit_project Highest Product package.json name signal-exit Highest Version package.json version 3.0.7 Highest
Related Dependencies signal-exit:3.0.7File Path: /var/simplicite/simplicite-5.2/package-lock.json?/signal-exit:3.0.7 pkg:npm/signal-exit@3.0.7 signal-exit:3.0.7File Path: /var/simplicite/simplicite-5.2/package-lock.json?execa:5.1.1/signal-exit:^3.0.3 pkg:npm/signal-exit@3.0.7 signal-exit:3.0.7File Path: /var/simplicite/simplicite-5.2/package-lock.json?gauge:4.0.4/signal-exit:^3.0.7 pkg:npm/signal-exit@3.0.7 signal-exit:3.0.7File Path: /var/simplicite/simplicite-5.2/package-lock.json?restore-cursor:3.1.0/signal-exit:^3.0.2 pkg:npm/signal-exit@3.0.7 signal-exit:3.0.7File Path: /var/simplicite/simplicite-5.2/package-lock.json?write-file-atomic:3.0.3/signal-exit:^3.0.2 pkg:npm/signal-exit@3.0.7 signal-exit:4.0.2Description:
when you want to fire an event no matter how a process exits. License:
ISC File Path: /var/simplicite/simplicite-5.2/package-lock.json?/signal-exit:4.0.2
Referenced In Projects/Scopes: simplicite-js:5.2.54/foreground-child:3.1.1 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author Ben Coe <ben@npmjs.com> Highest Vendor package.json description when you want to fire an event no matter how a process exits. Highest Vendor package.json name signal-exit Highest Vendor package.json name signal-exit_project Highest Product package.json name signal-exit Highest Version package.json version 4.0.2 Highest
Related Dependencies signal-exit:4.0.2File Path: /var/simplicite/simplicite-5.2/package-lock.json?foreground-child:3.1.1/signal-exit:^4.0.1 pkg:npm/signal-exit@4.0.2 signature_pad:2.3.2Description:
Library for drawing smooth signatures. License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/signature_pad:2.3.2
Referenced In Project/Scope: simplicite-js:5.2.54
Evidence Type Source Name Value Confidence Vendor package.json author.email szimek@gmail.com Highest Vendor package.json author.name Szymon Nowak Highest Vendor package.json author.url https://github.com/szimek Highest Vendor package.json description Library for drawing smooth signatures. Highest Vendor package.json homepage https://github.com/szimek/signature_pad Highest Vendor package.json name signature_pad Highest Vendor package.json name signature_pad_project Highest Product package.json name signature_pad Highest Version package.json version 2.3.2 Highest
sigstore:1.8.0Description:
code-signing for npm packages License:
Apache-2.0 File Path: /var/simplicite/simplicite-5.2/package-lock.json?/sigstore:1.8.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/pacote:15.2.0 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author bdehamer@github.com Highest Vendor package.json bugs.url https://github.com/sigstore/sigstore-js/issues Highest Vendor package.json description code-signing for npm packages Highest Vendor package.json homepage https://github.com/sigstore/sigstore-js/tree/main/packages/client#readme Highest Vendor package.json name sigstore Highest Vendor package.json name sigstore_project Highest Product package.json name sigstore Highest Version package.json version 1.8.0 Highest
Related Dependencies sigstore:1.8.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?pacote:15.2.0/sigstore:^1.3.0 pkg:npm/sigstore@1.8.0 simplicite-bootstrap-datetimepicker:1.0.6Description:
Bootstrap date and time picker adapted and refactored for Bootstrap 4 from archived https://github.com/smalot/bootstrap-datetimepicker License:
Apache-2.0 File Path: /var/simplicite/simplicite-5.2/package-lock.json?/simplicite-bootstrap-datetimepicker:1.0.6
Referenced In Project/Scope: simplicite-js:5.2.54
Evidence Type Source Name Value Confidence Vendor package.json author Simplicite Software Highest Vendor package.json description Bootstrap date and time picker adapted and refactored for Bootstrap 4 from archived https://github.com/smalot/bootstrap-datetimepicker Highest Vendor package.json homepage https://github.com/simplicitesoftware/bootstrap-datetimepicker Highest Vendor package.json name simplicite-bootstrap-datetimepicker Highest Vendor package.json name simplicite-bootstrap-datetimepicker_project Highest Product package.json name simplicite-bootstrap-datetimepicker Highest Version package.json version 1.0.6 Highest
simplicite:3.0.1Description:
Simplicite(R) platform Javascript API (for node.js and browser) License:
Apache-2.0 File Path: /var/simplicite/simplicite-5.2/package-lock.json?/simplicite:3.0.1
Referenced In Project/Scope: simplicite-js:5.2.54
Evidence Type Source Name Value Confidence Vendor package.json author Simplicite Software <contact@simplicitesoftware.com> (https://www.simplicitesoftware.com/) Highest Vendor package.json bugs.url https://github.com/simplicitesoftware/javascript-api/issues Highest Vendor package.json description Simplicite(R) platform Javascript API (for node.js and browser) Highest Vendor package.json homepage https://github.com/simplicitesoftware/javascript-api Highest Vendor package.json name simplicite Highest Vendor package.json name simplicite_project Highest Product package.json name simplicite Highest Version package.json version 3.0.1 Highest
sis-feature-1.0.jarDescription:
Representations of geographic features.
Includes access to both vector and raster data.
File Path: /var/simplicite/.m2/repository/org/apache/sis/core/sis-feature/1.0/sis-feature-1.0.jarMD5: 9dd6c6f6054d25b499d449c3c5643cacSHA1: 4178a349ce0c14bc442d97ed43c13a9f6b6b53e8SHA256: 3049c514fc9bc815781b0c7d0b56e2c61e6d4d680cf14ec1adb7da6f591440c6Referenced In Project/Scope: Simplicite Platform:compilesis-feature-1.0.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.apache.tika/tika-parsers@1.27
Evidence Type Source Name Value Confidence Vendor file name sis-feature High Vendor jar package name apache Highest Vendor jar package name feature Highest Vendor jar package name features Highest Vendor jar package name sis Highest Vendor Manifest automatic-module-name org.apache.sis.feature Medium Vendor Manifest build-jdk-spec 11 Low Vendor Manifest built-on 2019-09-20T13:51:53Z Low Vendor Manifest implementation-url http://sis.apache.org/ Low Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor Manifest specification-vendor Open Geospatial Consortium Low Vendor pom artifactid sis-feature Highest Vendor pom artifactid sis-feature Low Vendor pom developer email desruisseaux@apache.org Low Vendor pom developer email johann.sorel@geomatys.com Low Vendor pom developer email rmarechal@apache.org Low Vendor pom developer email travis.pinney@gmail.com Low Vendor pom developer id desruisseaux Medium Vendor pom developer id jsorel Medium Vendor pom developer id rmarechal Medium Vendor pom developer id tlpinney Medium Vendor pom developer name Johann Sorel Medium Vendor pom developer name Martin Desruisseaux Medium Vendor pom developer name Rémi Maréchal Medium Vendor pom developer name Travis L. Pinney Medium Vendor pom developer org Geomatys Medium Vendor pom developer org URL http://www.geomatys.com Medium Vendor pom groupid org.apache.sis.core Highest Vendor pom name Apache SIS features High Vendor pom parent-artifactid core Low Vendor pom parent-groupid org.apache.sis Medium Product file name sis-feature High Product jar package name apache Highest Product jar package name feature Highest Product jar package name features Highest Product jar package name sis Highest Product Manifest automatic-module-name org.apache.sis.feature Medium Product Manifest build-jdk-spec 11 Low Product Manifest built-on 2019-09-20T13:51:53Z Low Product Manifest Implementation-Title Apache SIS features High Product Manifest implementation-url http://sis.apache.org/ Low Product Manifest specification-title GeoAPI Medium Product pom artifactid sis-feature Highest Product pom developer email desruisseaux@apache.org Low Product pom developer email johann.sorel@geomatys.com Low Product pom developer email rmarechal@apache.org Low Product pom developer email travis.pinney@gmail.com Low Product pom developer id desruisseaux Low Product pom developer id jsorel Low Product pom developer id rmarechal Low Product pom developer id tlpinney Low Product pom developer name Johann Sorel Low Product pom developer name Martin Desruisseaux Low Product pom developer name Rémi Maréchal Low Product pom developer name Travis L. Pinney Low Product pom developer org Geomatys Low Product pom developer org URL http://www.geomatys.com Low Product pom groupid org.apache.sis.core Highest Product pom name Apache SIS features High Product pom parent-artifactid core Medium Product pom parent-groupid org.apache.sis Medium Version file version 1.0 High Version Manifest Implementation-Version 1.0 High Version pom version 1.0 Highest
sis-metadata-1.0.jarDescription:
Implementations of metadata derived from ISO 19115. This module provides both an implementation
of the metadata interfaces defined in GeoAPI, and a framework for handling those metadata through
Java reflection.
File Path: /var/simplicite/.m2/repository/org/apache/sis/core/sis-metadata/1.0/sis-metadata-1.0.jarMD5: 289e5e47d5045d0bbb788d001aaefb27SHA1: 8a31d969f98a539cc35ef86b1b7f28d364792393SHA256: 382ac1d5d53a363f7aab26121ce5093b2a1db9d359b7f3409ec95dc131968b6aReferenced In Project/Scope: Simplicite Platform:compilesis-metadata-1.0.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.apache.tika/tika-parsers@1.27
Evidence Type Source Name Value Confidence Vendor file name sis-metadata High Vendor jar package name apache Highest Vendor jar package name geoapi Highest Vendor jar package name iso Highest Vendor jar package name metadata Highest Vendor jar package name sis Highest Vendor Manifest automatic-module-name org.apache.sis.metadata Medium Vendor Manifest build-jdk-spec 11 Low Vendor Manifest built-on 2019-09-20T13:51:53Z Low Vendor Manifest implementation-url http://sis.apache.org/ Low Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor Manifest specification-vendor Open Geospatial Consortium Low Vendor pom artifactid sis-metadata Highest Vendor pom artifactid sis-metadata Low Vendor pom developer email desruisseaux@apache.org Low Vendor pom developer id desruisseaux Medium Vendor pom developer name Martin Desruisseaux Medium Vendor pom developer org Geomatys Medium Vendor pom developer org URL http://www.geomatys.com Medium Vendor pom groupid org.apache.sis.core Highest Vendor pom name Apache SIS metadata High Vendor pom parent-artifactid core Low Vendor pom parent-groupid org.apache.sis Medium Product file name sis-metadata High Product jar package name apache Highest Product jar package name geoapi Highest Product jar package name iso Highest Product jar package name metadata Highest Product jar package name sis Highest Product Manifest automatic-module-name org.apache.sis.metadata Medium Product Manifest build-jdk-spec 11 Low Product Manifest built-on 2019-09-20T13:51:53Z Low Product Manifest Implementation-Title Apache SIS metadata High Product Manifest implementation-url http://sis.apache.org/ Low Product Manifest specification-title GeoAPI Medium Product pom artifactid sis-metadata Highest Product pom developer email desruisseaux@apache.org Low Product pom developer id desruisseaux Low Product pom developer name Martin Desruisseaux Low Product pom developer org Geomatys Low Product pom developer org URL http://www.geomatys.com Low Product pom groupid org.apache.sis.core Highest Product pom name Apache SIS metadata High Product pom parent-artifactid core Medium Product pom parent-groupid org.apache.sis Medium Version file version 1.0 High Version Manifest Implementation-Version 1.0 High Version pom version 1.0 Highest
sis-netcdf-1.0.jarDescription:
Bridge between netCDF Climate and Forecast (CF) convention and ISO 19115 metadata.
File Path: /var/simplicite/.m2/repository/org/apache/sis/storage/sis-netcdf/1.0/sis-netcdf-1.0.jarMD5: 9582d3b6db23ee114dca7fb1137bbf93SHA1: aa181ec5975feaebb38bfaeef295550bdec48bdeSHA256: acfb71b94a5df80cf8e66389dc41a2ee347bcd2078f86320ffaf2c11f4ca87a0Referenced In Project/Scope: Simplicite Platform:compilesis-netcdf-1.0.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.apache.tika/tika-parsers@1.27
Evidence Type Source Name Value Confidence Vendor file name sis-netcdf High Vendor jar package name apache Highest Vendor jar package name netcdf Highest Vendor jar package name sis Highest Vendor jar package name storage Highest Vendor Manifest automatic-module-name org.apache.sis.storage.netcdf Medium Vendor Manifest build-jdk-spec 11 Low Vendor Manifest built-on 2019-09-20T13:51:53Z Low Vendor Manifest implementation-url http://sis.apache.org/ Low Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor Manifest specification-vendor Open Geospatial Consortium Low Vendor pom artifactid sis-netcdf Highest Vendor pom artifactid sis-netcdf Low Vendor pom developer email desruisseaux@apache.org Low Vendor pom developer email johann.sorel@geomatys.com Low Vendor pom developer id desruisseaux Medium Vendor pom developer id jsorel Medium Vendor pom developer name Johann Sorel Medium Vendor pom developer name Martin Desruisseaux Medium Vendor pom developer org Geomatys Medium Vendor pom developer org URL http://www.geomatys.com Medium Vendor pom groupid org.apache.sis.storage Highest Vendor pom name Apache SIS netCDF storage High Vendor pom parent-artifactid storage Low Vendor pom parent-groupid org.apache.sis Medium Product file name sis-netcdf High Product jar package name apache Highest Product jar package name netcdf Highest Product jar package name sis Highest Product jar package name storage Highest Product Manifest automatic-module-name org.apache.sis.storage.netcdf Medium Product Manifest build-jdk-spec 11 Low Product Manifest built-on 2019-09-20T13:51:53Z Low Product Manifest Implementation-Title Apache SIS netCDF storage High Product Manifest implementation-url http://sis.apache.org/ Low Product Manifest specification-title GeoAPI Medium Product pom artifactid sis-netcdf Highest Product pom developer email desruisseaux@apache.org Low Product pom developer email johann.sorel@geomatys.com Low Product pom developer id desruisseaux Low Product pom developer id jsorel Low Product pom developer name Johann Sorel Low Product pom developer name Martin Desruisseaux Low Product pom developer org Geomatys Low Product pom developer org URL http://www.geomatys.com Low Product pom groupid org.apache.sis.storage Highest Product pom name Apache SIS netCDF storage High Product pom parent-artifactid storage Medium Product pom parent-groupid org.apache.sis Medium Version file version 1.0 High Version Manifest Implementation-Version 1.0 High Version pom version 1.0 Highest
sis-referencing-1.0.jarDescription:
Implementations of Coordinate Reference Systems (CRS),
conversion and transformation services derived from ISO 19111.
File Path: /var/simplicite/.m2/repository/org/apache/sis/core/sis-referencing/1.0/sis-referencing-1.0.jarMD5: f2db942fea46bd4b3aa1f17f63066030SHA1: cc09bc1cc25222a47660e3a217762fa8b4c66f36SHA256: 2225d3c5989f53d696b9c60958c7c181e3b5f493e0bd5ed54b829cbf6fbeb442Referenced In Project/Scope: Simplicite Platform:compilesis-referencing-1.0.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.apache.tika/tika-parsers@1.27
Evidence Type Source Name Value Confidence Vendor file name sis-referencing High Vendor jar package name apache Highest Vendor jar package name crs Highest Vendor jar package name iso Highest Vendor jar package name referencing Highest Vendor jar package name sis Highest Vendor Manifest automatic-module-name org.apache.sis.referencing Medium Vendor Manifest build-jdk-spec 11 Low Vendor Manifest built-on 2019-09-20T13:51:53Z Low Vendor Manifest implementation-url http://sis.apache.org/ Low Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor Manifest specification-vendor Open Geospatial Consortium Low Vendor pom artifactid sis-referencing Highest Vendor pom artifactid sis-referencing Low Vendor pom developer email desruisseaux@apache.org Low Vendor pom developer email mattmann@apache.org Low Vendor pom developer email remi.marechal@geomatys.com Low Vendor pom developer id desruisseaux Medium Vendor pom developer id mattmann Medium Vendor pom developer id rmarechal Medium Vendor pom developer name Chris A. Mattmann Medium Vendor pom developer name Martin Desruisseaux Medium Vendor pom developer name Rémi Maréchal Medium Vendor pom developer org Geomatys Medium Vendor pom developer org NASA Jet Propulsion Laboratory Medium Vendor pom developer org URL http://www.geomatys.com Medium Vendor pom developer org URL http://www.jpl.nasa.gov Medium Vendor pom groupid org.apache.sis.core Highest Vendor pom name Apache SIS referencing High Vendor pom parent-artifactid core Low Vendor pom parent-groupid org.apache.sis Medium Product file name sis-referencing High Product jar package name apache Highest Product jar package name crs Highest Product jar package name iso Highest Product jar package name referencing Highest Product jar package name sis Highest Product Manifest automatic-module-name org.apache.sis.referencing Medium Product Manifest build-jdk-spec 11 Low Product Manifest built-on 2019-09-20T13:51:53Z Low Product Manifest Implementation-Title Apache SIS referencing High Product Manifest implementation-url http://sis.apache.org/ Low Product Manifest specification-title GeoAPI Medium Product pom artifactid sis-referencing Highest Product pom developer email desruisseaux@apache.org Low Product pom developer email mattmann@apache.org Low Product pom developer email remi.marechal@geomatys.com Low Product pom developer id desruisseaux Low Product pom developer id mattmann Low Product pom developer id rmarechal Low Product pom developer name Chris A. Mattmann Low Product pom developer name Martin Desruisseaux Low Product pom developer name Rémi Maréchal Low Product pom developer org Geomatys Low Product pom developer org NASA Jet Propulsion Laboratory Low Product pom developer org URL http://www.geomatys.com Low Product pom developer org URL http://www.jpl.nasa.gov Low Product pom groupid org.apache.sis.core Highest Product pom name Apache SIS referencing High Product pom parent-artifactid core Medium Product pom parent-groupid org.apache.sis Medium Version file version 1.0 High Version Manifest Implementation-Version 1.0 High Version pom version 1.0 Highest
sis-storage-1.0.jarDescription:
Provides the interfaces and base classes to be implemented by various storage formats.
File Path: /var/simplicite/.m2/repository/org/apache/sis/storage/sis-storage/1.0/sis-storage-1.0.jarMD5: 7a78861b4d4fe256a344cfecacbec7d0SHA1: 7604108ad33b9c0d70b90518a265b9bacc37c4c6SHA256: f4563d827db841163707ec0d772cbfbb70c6973237498309975d8e732cffc4f2Referenced In Project/Scope: Simplicite Platform:compilesis-storage-1.0.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.apache.tika/tika-parsers@1.27
Evidence Type Source Name Value Confidence Vendor file name sis-storage High Vendor jar package name apache Highest Vendor jar package name sis Highest Vendor jar package name storage Highest Vendor Manifest automatic-module-name org.apache.sis.storage Medium Vendor Manifest build-jdk-spec 11 Low Vendor Manifest built-on 2019-09-20T13:51:53Z Low Vendor Manifest implementation-url http://sis.apache.org/ Low Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor Manifest specification-vendor Open Geospatial Consortium Low Vendor pom artifactid sis-storage Highest Vendor pom artifactid sis-storage Low Vendor pom developer email desruisseaux@apache.org Low Vendor pom developer email johann.sorel@geomatys.com Low Vendor pom developer email mattmann@apache.org Low Vendor pom developer email remi.marechal@geomatys.com Low Vendor pom developer id desruisseaux Medium Vendor pom developer id jsorel Medium Vendor pom developer id mattmann Medium Vendor pom developer id rmarechal Medium Vendor pom developer name Chris A. Mattmann Medium Vendor pom developer name Johann Sorel Medium Vendor pom developer name Martin Desruisseaux Medium Vendor pom developer name Rémi Maréchal Medium Vendor pom developer org Geomatys Medium Vendor pom developer org NASA Jet Propulsion Laboratory Medium Vendor pom developer org URL http://www.geomatys.com Medium Vendor pom developer org URL http://www.jpl.nasa.gov Medium Vendor pom groupid org.apache.sis.storage Highest Vendor pom name Apache SIS common storage High Vendor pom parent-artifactid storage Low Vendor pom parent-groupid org.apache.sis Medium Product file name sis-storage High Product jar package name apache Highest Product jar package name sis Highest Product jar package name storage Highest Product Manifest automatic-module-name org.apache.sis.storage Medium Product Manifest build-jdk-spec 11 Low Product Manifest built-on 2019-09-20T13:51:53Z Low Product Manifest Implementation-Title Apache SIS common storage High Product Manifest implementation-url http://sis.apache.org/ Low Product Manifest specification-title GeoAPI Medium Product pom artifactid sis-storage Highest Product pom developer email desruisseaux@apache.org Low Product pom developer email johann.sorel@geomatys.com Low Product pom developer email mattmann@apache.org Low Product pom developer email remi.marechal@geomatys.com Low Product pom developer id desruisseaux Low Product pom developer id jsorel Low Product pom developer id mattmann Low Product pom developer id rmarechal Low Product pom developer name Chris A. Mattmann Low Product pom developer name Johann Sorel Low Product pom developer name Martin Desruisseaux Low Product pom developer name Rémi Maréchal Low Product pom developer org Geomatys Low Product pom developer org NASA Jet Propulsion Laboratory Low Product pom developer org URL http://www.geomatys.com Low Product pom developer org URL http://www.jpl.nasa.gov Low Product pom groupid org.apache.sis.storage Highest Product pom name Apache SIS common storage High Product pom parent-artifactid storage Medium Product pom parent-groupid org.apache.sis Medium Version file version 1.0 High Version Manifest Implementation-Version 1.0 High Version pom version 1.0 Highest
sis-utility-1.0.jarDescription:
Miscellaneous utilities.
File Path: /var/simplicite/.m2/repository/org/apache/sis/core/sis-utility/1.0/sis-utility-1.0.jarMD5: a19ef6fcc5f530ad8c6d7dcbb75b0289SHA1: 37f59318fa1e5093f5131abf6e5ee8be0ebdb214SHA256: 2b082d4e6f5e723141d541787a7bd096b0d4e489a3cca906a473632eee217732Referenced In Project/Scope: Simplicite Platform:compilesis-utility-1.0.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.apache.tika/tika-parsers@1.27
Evidence Type Source Name Value Confidence Vendor file name sis-utility High Vendor jar package name apache Highest Vendor jar package name sis Highest Vendor jar package name util Highest Vendor jar package name utilities Highest Vendor Manifest automatic-module-name org.apache.sis.util Medium Vendor Manifest build-jdk-spec 11 Low Vendor Manifest built-on 2019-09-20T13:51:53Z Low Vendor Manifest implementation-url http://sis.apache.org/ Low Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor Manifest specification-vendor Open Geospatial Consortium Low Vendor pom artifactid sis-utility Highest Vendor pom artifactid sis-utility Low Vendor pom developer email desruisseaux@apache.org Low Vendor pom developer id desruisseaux Medium Vendor pom developer id jwhite Medium Vendor pom developer name Joseph F. White Medium Vendor pom developer name Martin Desruisseaux Medium Vendor pom developer org Geomatys Medium Vendor pom developer org URL http://www.geomatys.com Medium Vendor pom groupid org.apache.sis.core Highest Vendor pom name Apache SIS utilities High Vendor pom parent-artifactid core Low Vendor pom parent-groupid org.apache.sis Medium Product file name sis-utility High Product jar package name apache Highest Product jar package name geoapi Highest Product jar package name sis Highest Product jar package name util Highest Product jar package name utilities Highest Product Manifest automatic-module-name org.apache.sis.util Medium Product Manifest build-jdk-spec 11 Low Product Manifest built-on 2019-09-20T13:51:53Z Low Product Manifest Implementation-Title Apache SIS utilities High Product Manifest implementation-url http://sis.apache.org/ Low Product Manifest specification-title GeoAPI Medium Product pom artifactid sis-utility Highest Product pom developer email desruisseaux@apache.org Low Product pom developer id desruisseaux Low Product pom developer id jwhite Low Product pom developer name Joseph F. White Low Product pom developer name Martin Desruisseaux Low Product pom developer org Geomatys Low Product pom developer org URL http://www.geomatys.com Low Product pom groupid org.apache.sis.core Highest Product pom name Apache SIS utilities High Product pom parent-artifactid core Medium Product pom parent-groupid org.apache.sis Medium Version file version 1.0 High Version Manifest Implementation-Version 1.0 High Version pom version 1.0 Highest
sisteransi:1.0.5Description:
ANSI escape codes for some terminal swag License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/sisteransi:1.0.5
Referenced In Projects/Scopes: simplicite-js:5.2.54 simplicite-js:5.2.54/prompts-ncu:3.0.0 Evidence Type Source Name Value Confidence Vendor package.json author.email terkel@terkel.com Highest Vendor package.json author.name Terkel Gjervig Highest Vendor package.json author.url https://terkel.com Highest Vendor package.json description ANSI escape codes for some terminal swag Highest Vendor package.json name sisteransi Highest Vendor package.json name sisteransi_project Highest Product package.json name sisteransi Highest Version package.json version 1.0.5 Highest
Related Dependencies sisteransi:1.0.5File Path: /var/simplicite/simplicite-5.2/package-lock.json?prompts-ncu:3.0.0/sisteransi:^1.0.5 pkg:npm/sisteransi@1.0.5 slash:2.0.0Description:
Convert Windows backslash paths to slash paths License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/slash:2.0.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/@babel/cli:7.23.9 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author.email sindresorhus@gmail.com Highest Vendor package.json author.name Sindre Sorhus Highest Vendor package.json author.url sindresorhus.com Highest Vendor package.json description Convert Windows backslash paths to slash paths Highest Vendor package.json name slash Highest Vendor package.json name slash_project Highest Product package.json name slash Highest Version package.json version 2.0.0 Highest
Related Dependencies slash:2.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/cli:7.23.9/slash:^2.0.0 pkg:npm/slash@2.0.0 slash:3.0.0Description:
Convert Windows backslash paths to slash paths License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/slash:3.0.0
Referenced In Projects/Scopes: simplicite-js:5.2.54 simplicite-js:5.2.54/globby:11.1.0 Evidence Type Source Name Value Confidence Vendor package.json author.email sindresorhus@gmail.com Highest Vendor package.json author.name Sindre Sorhus Highest Vendor package.json author.url sindresorhus.com Highest Vendor package.json description Convert Windows backslash paths to slash paths Highest Vendor package.json name slash Highest Vendor package.json name slash_project Highest Product package.json name slash Highest Version package.json version 3.0.0 Highest
Related Dependencies slash:3.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?globby:11.1.0/slash:^3.0.0 pkg:npm/slash@3.0.0 slf4j-api-1.7.32.jarDescription:
The slf4j API File Path: /var/simplicite/.m2/repository/org/slf4j/slf4j-api/1.7.32/slf4j-api-1.7.32.jarMD5: fbcf58513bc25b80f075d812aad3e3cfSHA1: cdcff33940d9f2de763bc41ea05a0be5941176c3SHA256: 3624f8474c1af46d75f98bc097d7864a323c81b3808aa43689a6e1c601c027beReferenced In Project/Scope: Simplicite Platform:compileslf4j-api-1.7.32.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.simplicite/simplicite@5.2.54
Evidence Type Source Name Value Confidence Vendor file name slf4j-api High Vendor jar package name slf4j Highest Vendor Manifest automatic-module-name org.slf4j Medium Vendor Manifest bundle-requiredexecutionenvironment J2SE-1.5 Low Vendor Manifest bundle-symbolicname slf4j.api Medium Vendor pom artifactid slf4j-api Highest Vendor pom artifactid slf4j-api Low Vendor pom groupid org.slf4j Highest Vendor pom name SLF4J API Module High Vendor pom parent-artifactid slf4j-parent Low Vendor pom url http://www.slf4j.org Highest Product file name slf4j-api High Product jar package name slf4j Highest Product Manifest automatic-module-name org.slf4j Medium Product Manifest Bundle-Name slf4j-api Medium Product Manifest bundle-requiredexecutionenvironment J2SE-1.5 Low Product Manifest bundle-symbolicname slf4j.api Medium Product Manifest Implementation-Title slf4j-api High Product pom artifactid slf4j-api Highest Product pom groupid org.slf4j Highest Product pom name SLF4J API Module High Product pom parent-artifactid slf4j-parent Medium Product pom url http://www.slf4j.org Medium Version file version 1.7.32 High Version Manifest Bundle-Version 1.7.32 High Version Manifest Implementation-Version 1.7.32 High Version pom version 1.7.32 Highest
slice-ansi:4.0.0Description:
Slice a string with ANSI escape codes License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?table:6.8.1/slice-ansi:^4.0.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/table:6.8.1 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json description Slice a string with ANSI escape codes Highest Vendor package.json name slice-ansi Highest Vendor package.json name slice-ansi_project Highest Product package.json name slice-ansi Highest Version package.json version 4.0.0 Highest
Related Dependencies slice-ansi:4.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?/slice-ansi:4.0.0 pkg:npm/slice-ansi@4.0.0 smart-buffer:4.2.0Description:
smart-buffer is a Buffer wrapper that adds automatic read & write offset tracking, string operations, data insertions, and more. License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?socks:2.7.1/smart-buffer:^4.2.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/socks:2.7.1 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author Josh Glazebrook Highest Vendor package.json bugs.url https://github.com/JoshGlazebrook/smart-buffer/issues Highest Vendor package.json description smart-buffer is a Buffer wrapper that adds automatic read & write offset tracking, string operations, data insertions, and more. Highest Vendor package.json homepage https://github.com/JoshGlazebrook/smart-buffer/ Highest Vendor package.json name smart-buffer Highest Vendor package.json name smart-buffer_project Highest Product package.json name smart-buffer Highest Version package.json version 4.2.0 Highest
Related Dependencies smart-buffer:4.2.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?/smart-buffer:4.2.0 pkg:npm/smart-buffer@4.2.0 snakeyaml-1.29.jarDescription:
YAML 1.1 parser and emitter for Java License:
Apache License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /var/simplicite/.m2/repository/org/yaml/snakeyaml/1.29/snakeyaml-1.29.jar
MD5: 5bdf841bc5abda0507fa5ce91c44cc86
SHA1: 6d0cdafb2010f1297e574656551d7145240f6e25
SHA256: 89c5f029811b08c878f0b81dbb05e9626624c1fda4087a26871101e499a217ab
Referenced In Project/Scope: Simplicite Platform:compile
snakeyaml-1.29.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.simplicite/simplicite@5.2.54
Evidence Type Source Name Value Confidence Vendor file name snakeyaml High Vendor jar package name emitter Highest Vendor jar package name parser Highest Vendor jar package name snakeyaml Highest Vendor jar package name yaml Highest Vendor Manifest automatic-module-name org.yaml.snakeyaml Medium Vendor Manifest bundle-symbolicname org.yaml.snakeyaml Medium Vendor pom artifactid snakeyaml Highest Vendor pom artifactid snakeyaml Low Vendor pom developer email alexander.maslov@gmail.com Low Vendor pom developer email jordanangold@gmail.com Low Vendor pom developer email public.somov@gmail.com Low Vendor pom developer id asomov Medium Vendor pom developer id Jordan Medium Vendor pom developer id maslovalex Medium Vendor pom developer name Alexander Maslov Medium Vendor pom developer name Andrey Somov Medium Vendor pom developer name Jordan Angold Medium Vendor pom groupid org.yaml Highest Vendor pom name SnakeYAML High Vendor pom url http://www.snakeyaml.org Highest Product file name snakeyaml High Product jar package name emitter Highest Product jar package name parser Highest Product jar package name snakeyaml Highest Product jar package name yaml Highest Product Manifest automatic-module-name org.yaml.snakeyaml Medium Product Manifest Bundle-Name SnakeYAML Medium Product Manifest bundle-symbolicname org.yaml.snakeyaml Medium Product pom artifactid snakeyaml Highest Product pom developer email alexander.maslov@gmail.com Low Product pom developer email jordanangold@gmail.com Low Product pom developer email public.somov@gmail.com Low Product pom developer id asomov Low Product pom developer id Jordan Low Product pom developer id maslovalex Low Product pom developer name Alexander Maslov Low Product pom developer name Andrey Somov Low Product pom developer name Jordan Angold Low Product pom groupid org.yaml Highest Product pom name SnakeYAML High Product pom url http://www.snakeyaml.org Medium Version file version 1.29 High Version pom version 1.29 Highest
CVE-2022-1471 suppress
SnakeYaml's Constructor() class does not restrict types which can be instantiated during deserialization. Deserializing yaml content provided by an attacker can lead to remote code execution. We recommend using SnakeYaml's SafeConsturctor when parsing untrusted content to restrict deserialization. We recommend upgrading to version 2.0 and beyond.
CWE-502 Deserialization of Untrusted Data
CVSSv3:
Base Score: CRITICAL (9.8) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H References:
Vulnerable Software & Versions:
CVE-2022-25857 suppress
The package org.yaml:snakeyaml from 0 and before 1.31 are vulnerable to Denial of Service (DoS) due missing to nested depth limitation for collections. CWE-776 Improper Restriction of Recursive Entity References in DTDs ('XML Entity Expansion')
CVSSv3:
Base Score: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H References:
Vulnerable Software & Versions:
CVE-2022-38749 suppress
Using snakeYAML to parse untrusted YAML files may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stackoverflow. CWE-787 Out-of-bounds Write
CVSSv3:
Base Score: MEDIUM (6.5) Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H References:
Vulnerable Software & Versions:
CVE-2022-38751 suppress
Using snakeYAML to parse untrusted YAML files may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stackoverflow. CWE-787 Out-of-bounds Write
CVSSv3:
Base Score: MEDIUM (6.5) Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H References:
Vulnerable Software & Versions:
CVE-2022-38752 suppress
Using snakeYAML to parse untrusted YAML files may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stack-overflow. CWE-787 Out-of-bounds Write
CVSSv3:
Base Score: MEDIUM (6.5) Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H References:
Vulnerable Software & Versions:
CVE-2022-41854 suppress
Those using Snakeyaml to parse untrusted YAML files may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stack overflow. This effect may support a denial of service attack. CWE-787 Out-of-bounds Write
CVSSv3:
Base Score: MEDIUM (6.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H References:
Vulnerable Software & Versions:
CVE-2022-38750 suppress
Using snakeYAML to parse untrusted YAML files may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stackoverflow. CWE-787 Out-of-bounds Write
CVSSv3:
Base Score: MEDIUM (5.5) Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H References:
Vulnerable Software & Versions:
snappy-java-1.1.8.4.jarDescription:
snappy-java: A fast compression/decompression library License:
Apache-2.0: https://www.apache.org/licenses/LICENSE-2.0.html File Path: /var/simplicite/.m2/repository/org/xerial/snappy/snappy-java/1.1.8.4/snappy-java-1.1.8.4.jar
MD5: 3aca6cae2cada8442809bc79be3df269
SHA1: 66f0d56454509f6e36175f2331572e250e04a6cc
SHA256: 24c4d1fc1e89e078331ab8f401a99cad68599bde4a2e4516042cb548c51b1c3e
Referenced In Project/Scope: Simplicite Platform:runtime
snappy-java-1.1.8.4.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.apache.kafka/kafka-clients@3.3.1
Evidence Type Source Name Value Confidence Vendor file name snappy-java High Vendor jar package name snappy Highest Vendor jar package name xerial Highest Vendor Manifest bundle-activationpolicy lazy Low Vendor Manifest bundle-docurl http://www.xerial.org/ Low Vendor Manifest bundle-nativecode org/xerial/snappy/native/Windows/x86_64/snappyjava.dll;osname=win32;processor=x86-64,org/xerial/snappy/native/Windows/x86_64/snappyjava.dll;osname=win32;processor=x64,org/xerial/snappy/native/Windows/x86_64/snappyjava.dll;osname=win32;processor=amd64,org/xerial/snappy/native/Windows/x86/snappyjava.dll;osname=win32;processor=x86,org/xerial/snappy/native/Mac/x86/libsnappyjava.dylib;osname=macosx;processor=x86,org/xerial/snappy/native/Mac/x86_64/libsnappyjava.dylib;osname=macosx;processor=x86-64,org/xerial/snappy/native/Linux/x86_64/libsnappyjava.so;osname=linux;processor=x86-64,org/xerial/snappy/native/Linux/x86_64/libsnappyjava.so;osname=linux;processor=x64,org/xerial/snappy/native/Linux/x86_64/libsnappyjava.so;osname=linux;processor=amd64,org/xerial/snappy/native/Linux/x86/libsnappyjava.so;osname=linux;processor=x86,org/xerial/snappy/native/Linux/aarch64/libsnappyjava.so;osname=linux;processor=aarch64,org/xerial/snappy/native/Linux/arm/libsnappyjava.so;osname=linux;processor=arm,org/xerial/snappy/native/Linux/armv7/libsnappyjava.so;osname=linux;processor=arm_le,org/xerial/snappy/native/Linux/ppc64/libsnappyjava.so;osname=linux;processor=ppc64le,org/xerial/snappy/native/Linux/s390x/libsnappyjava.so;osname=linux;processor=s390x,org/xerial/snappy/native/AIX/ppc/libsnappyjava.a;osname=aix;processor=ppc,org/xerial/snappy/native/AIX/ppc64/libsnappyjava.a;osname=aix;processor=ppc64,org/xerial/snappy/native/SunOS/x86/libsnappyjava.so;osname=sunos;processor=x86,org/xerial/snappy/native/SunOS/x86_64/libsnappyjava.so;osname=sunos;processor=x86-64,org/xerial/snappy/native/SunOS/sparc/libsnappyjava.so;osname=sunos;processor=sparc Low Vendor Manifest bundle-symbolicname org.xerial.snappy.snappy-java Medium Vendor Manifest implementation-url https://github.com/xerial/snappy-java Low Vendor Manifest Implementation-Vendor xerial.org High Vendor Manifest Implementation-Vendor-Id org.xerial.snappy Medium Vendor Manifest specification-vendor xerial.org Low Vendor Manifest vcs-release-hash a795d6b84c8d37b242345cdaf2ae32d0f9ec9b78 Low Vendor Manifest vcs-release-tag 1.1.8.4 Low Vendor pom artifactid snappy-java Highest Vendor pom artifactid snappy-java Low Vendor pom developer email leo@xerial.org Low Vendor pom developer id leo Medium Vendor pom developer name Taro L. Saito Medium Vendor pom groupid org.xerial.snappy Highest Vendor pom name snappy-java High Vendor pom organization name xerial.org High Vendor pom organization url xerial/snappy-java Medium Vendor pom url xerial/snappy-java Highest Product file name snappy-java High Product jar package name snappy Highest Product jar package name xerial Highest Product Manifest bundle-activationpolicy lazy Low Product Manifest bundle-docurl http://www.xerial.org/ Low Product Manifest Bundle-Name snappy-java: A fast compression/decompression library Medium Product Manifest bundle-nativecode org/xerial/snappy/native/Windows/x86_64/snappyjava.dll;osname=win32;processor=x86-64,org/xerial/snappy/native/Windows/x86_64/snappyjava.dll;osname=win32;processor=x64,org/xerial/snappy/native/Windows/x86_64/snappyjava.dll;osname=win32;processor=amd64,org/xerial/snappy/native/Windows/x86/snappyjava.dll;osname=win32;processor=x86,org/xerial/snappy/native/Mac/x86/libsnappyjava.dylib;osname=macosx;processor=x86,org/xerial/snappy/native/Mac/x86_64/libsnappyjava.dylib;osname=macosx;processor=x86-64,org/xerial/snappy/native/Linux/x86_64/libsnappyjava.so;osname=linux;processor=x86-64,org/xerial/snappy/native/Linux/x86_64/libsnappyjava.so;osname=linux;processor=x64,org/xerial/snappy/native/Linux/x86_64/libsnappyjava.so;osname=linux;processor=amd64,org/xerial/snappy/native/Linux/x86/libsnappyjava.so;osname=linux;processor=x86,org/xerial/snappy/native/Linux/aarch64/libsnappyjava.so;osname=linux;processor=aarch64,org/xerial/snappy/native/Linux/arm/libsnappyjava.so;osname=linux;processor=arm,org/xerial/snappy/native/Linux/armv7/libsnappyjava.so;osname=linux;processor=arm_le,org/xerial/snappy/native/Linux/ppc64/libsnappyjava.so;osname=linux;processor=ppc64le,org/xerial/snappy/native/Linux/s390x/libsnappyjava.so;osname=linux;processor=s390x,org/xerial/snappy/native/AIX/ppc/libsnappyjava.a;osname=aix;processor=ppc,org/xerial/snappy/native/AIX/ppc64/libsnappyjava.a;osname=aix;processor=ppc64,org/xerial/snappy/native/SunOS/x86/libsnappyjava.so;osname=sunos;processor=x86,org/xerial/snappy/native/SunOS/x86_64/libsnappyjava.so;osname=sunos;processor=x86-64,org/xerial/snappy/native/SunOS/sparc/libsnappyjava.so;osname=sunos;processor=sparc Low Product Manifest bundle-symbolicname org.xerial.snappy.snappy-java Medium Product Manifest Implementation-Title snappy-java High Product Manifest implementation-url https://github.com/xerial/snappy-java Low Product Manifest specification-title snappy-java Medium Product Manifest vcs-release-hash a795d6b84c8d37b242345cdaf2ae32d0f9ec9b78 Low Product Manifest vcs-release-tag 1.1.8.4 Low Product pom artifactid snappy-java Highest Product pom developer email leo@xerial.org Low Product pom developer id leo Low Product pom developer name Taro L. Saito Low Product pom groupid org.xerial.snappy Highest Product pom name snappy-java High Product pom organization name xerial.org Low Product pom url xerial/snappy-java High Version file version 1.1.8.4 High Version Manifest Bundle-Version 1.1.8.4 High Version Manifest Implementation-Version 1.1.8.4 High Version Manifest vcs-release-tag 1.1.8.4 Low Version pom version 1.1.8.4 Highest
CVE-2023-34453 suppress
snappy-java is a fast compressor/decompressor for Java. Due to unchecked multiplications, an integer overflow may occur in versions prior to 1.1.10.1, causing a fatal error.
The function `shuffle(int[] input)` in the file `BitShuffle.java` receives an array of integers and applies a bit shuffle on it. It does so by multiplying the length by 4 and passing it to the natively compiled shuffle function. Since the length is not tested, the multiplication by four can cause an integer overflow and become a smaller value than the true size, or even zero or negative. In the case of a negative value, a `java.lang.NegativeArraySizeException` exception will raise, which can crash the program. In a case of a value that is zero or too small, the code that afterwards references the shuffled array will assume a bigger size of the array, which might cause exceptions such as `java.lang.ArrayIndexOutOfBoundsException`.
The same issue exists also when using the `shuffle` functions that receive a double, float, long and short, each using a different multiplier that may cause the same issue.
Version 1.1.10.1 contains a patch for this vulnerability. CWE-190 Integer Overflow or Wraparound
CVSSv3:
Base Score: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H References:
Vulnerable Software & Versions:
CVE-2023-34454 suppress
snappy-java is a fast compressor/decompressor for Java. Due to unchecked multiplications, an integer overflow may occur in versions prior to 1.1.10.1, causing an unrecoverable fatal error.
The function `compress(char[] input)` in the file `Snappy.java` receives an array of characters and compresses it. It does so by multiplying the length by 2 and passing it to the rawCompress` function.
Since the length is not tested, the multiplication by two can cause an integer overflow and become negative. The rawCompress function then uses the received length and passes it to the natively compiled maxCompressedLength function, using the returned value to allocate a byte array.
Since the maxCompressedLength function treats the length as an unsigned integer, it doesn’t care that it is negative, and it returns a valid value, which is casted to a signed integer by the Java engine. If the result is negative, a `java.lang.NegativeArraySizeException` exception will be raised while trying to allocate the array `buf`. On the other side, if the result is positive, the `buf` array will successfully be allocated, but its size might be too small to use for the compression, causing a fatal Access Violation error.
The same issue exists also when using the `compress` functions that receive double, float, int, long and short, each using a different multiplier that may cause the same issue. The issue most likely won’t occur when using a byte array, since creating a byte array of size 0x80000000 (or any other negative value) is impossible in the first place.
Version 1.1.10.1 contains a patch for this issue. CWE-190 Integer Overflow or Wraparound
CVSSv3:
Base Score: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H References:
Vulnerable Software & Versions:
CVE-2023-34455 suppress
snappy-java is a fast compressor/decompressor for Java. Due to use of an unchecked chunk length, an unrecoverable fatal error can occur in versions prior to 1.1.10.1.
The code in the function hasNextChunk in the fileSnappyInputStream.java checks if a given stream has more chunks to read. It does that by attempting to read 4 bytes. If it wasn’t possible to read the 4 bytes, the function returns false. Otherwise, if 4 bytes were available, the code treats them as the length of the next chunk.
In the case that the `compressed` variable is null, a byte array is allocated with the size given by the input data. Since the code doesn’t test the legality of the `chunkSize` variable, it is possible to pass a negative number (such as 0xFFFFFFFF which is -1), which will cause the code to raise a `java.lang.NegativeArraySizeException` exception. A worse case would happen when passing a huge positive value (such as 0x7FFFFFFF), which would raise the fatal `java.lang.OutOfMemoryError` error.
Version 1.1.10.1 contains a patch for this issue. CWE-770 Allocation of Resources Without Limits or Throttling
CVSSv3:
Base Score: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H References:
Vulnerable Software & Versions:
CVE-2023-43642 suppress
snappy-java is a Java port of the snappy, a fast C++ compresser/decompresser developed by Google. The SnappyInputStream was found to be vulnerable to Denial of Service (DoS) attacks when decompressing data with a too large chunk size. Due to missing upper bound check on chunk length, an unrecoverable fatal error can occur. All versions of snappy-java including the latest released version 1.1.10.3 are vulnerable to this issue. A fix has been introduced in commit `9f8c3cf74` which will be included in the 1.1.10.4 release. Users are advised to upgrade. Users unable to upgrade should only accept compressed data from trusted sources. CWE-770 Allocation of Resources Without Limits or Throttling
CVSSv3:
Base Score: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H References:
Vulnerable Software & Versions:
snappy-java-1.1.8.4.jar: snappyjava.dllFile Path: /var/simplicite/.m2/repository/org/xerial/snappy/snappy-java/1.1.8.4/snappy-java-1.1.8.4.jar/org/xerial/snappy/native/Windows/x86/snappyjava.dllMD5: 10d5fed1e53436b1eaebd5af74411ab9SHA1: a7e426427985ed03e37b7e2198cecbe0be95b92dSHA256: d2d922984b4487a4d9117137db6072bebd37b82a33adee02d0d57bcd8c723da8Referenced In Project/Scope: Simplicite Platform:runtime
Evidence Type Source Name Value Confidence Vendor file name snappyjava High Product file name snappyjava High
snappy-java-1.1.8.4.jar: snappyjava.dllFile Path: /var/simplicite/.m2/repository/org/xerial/snappy/snappy-java/1.1.8.4/snappy-java-1.1.8.4.jar/org/xerial/snappy/native/Windows/x86_64/snappyjava.dllMD5: 9c14838fdac91cc0666eab07bfc21bc8SHA1: 1a439f0d589c48cfb3e3e17499e4961cdcda7bb9SHA256: ba2eb1fc7d6b209bae559f0091dd85a899db422b8824b6bd25ff147b725a4ae3Referenced In Project/Scope: Simplicite Platform:runtime
Evidence Type Source Name Value Confidence Vendor file name snappyjava High Product file name snappyjava High
socks-proxy-agent:7.0.0Description:
A SOCKS proxy `http.Agent` implementation for HTTP and HTTPS License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/socks-proxy-agent:7.0.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/make-fetch-happen:11.1.1 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author.email nathan@tootallnate.net Highest Vendor package.json author.name Nathan Rajlich Highest Vendor package.json author.url http://n8.io/ Highest Vendor package.json bugs.url https://github.com/TooTallNate/node-socks-proxy-agent/issues Highest Vendor package.json description A SOCKS proxy `http.Agent` implementation for HTTP and HTTPS Highest Vendor package.json homepage https://github.com/TooTallNate/node-socks-proxy-agent#readme Highest Vendor package.json name socks-proxy-agent Highest Vendor package.json name socks-proxy-agent_project Highest Product package.json name socks-proxy-agent Highest Version package.json version 7.0.0 Highest
Related Dependencies socks-proxy-agent:7.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?make-fetch-happen:11.1.1/socks-proxy-agent:^7.0.0 pkg:npm/socks-proxy-agent@7.0.0 socks:2.7.1Description:
Fully featured SOCKS proxy client supporting SOCKSv4, SOCKSv4a, and SOCKSv5. Includes Bind and Associate functionality. License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?socks-proxy-agent:7.0.0/socks:^2.6.2
Referenced In Projects/Scopes: simplicite-js:5.2.54/socks-proxy-agent:7.0.0 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author Josh Glazebrook Highest Vendor package.json bugs.url https://github.com/JoshGlazebrook/socks/issues Highest Vendor package.json description Fully featured SOCKS proxy client supporting SOCKSv4, SOCKSv4a, and SOCKSv5. Includes Bind and Associate functionality. Highest Vendor package.json homepage https://github.com/JoshGlazebrook/socks/ Highest Vendor package.json name socks Highest Vendor package.json name socks_project Highest Product package.json name socks Highest Version package.json version 2.7.1 Highest
Related Dependencies socks:2.7.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?/socks:2.7.1 pkg:npm/socks@2.7.1 source-map-js:1.0.2Description:
Generates and consumes source maps License:
BSD-3-Clause File Path: /var/simplicite/simplicite-5.2/package-lock.json?/source-map-js:1.0.2
Referenced In Projects/Scopes: simplicite-js:5.2.54/postcss:8.4.24 simplicite-js:5.2.54/@vue/compiler-sfc:3.3.4 simplicite-js:5.2.54/@vue/compiler-core:3.3.4 simplicite-js:5.2.54 simplicite-js:5.2.54/sass:1.63.6 Evidence Type Source Name Value Confidence Vendor package.json author Valentin 7rulnik Semirulnik <v7rulnik@gmail.com> Highest Vendor package.json description Generates and consumes source maps Highest Vendor package.json homepage https://github.com/7rulnik/source-map-js Highest Vendor package.json name source-map-js Highest Vendor package.json name source-map-js_project Highest Product package.json name source-map-js Highest Version package.json version 1.0.2 Highest
Related Dependencies source-map-js:1.0.2File Path: /var/simplicite/simplicite-5.2/package-lock.json?@vue/compiler-core:3.3.4/source-map-js:^1.0.2 pkg:npm/source-map-js@1.0.2 source-map-js:1.0.2File Path: /var/simplicite/simplicite-5.2/package-lock.json?@vue/compiler-sfc:3.3.4/source-map-js:^1.0.2 pkg:npm/source-map-js@1.0.2 source-map-js:1.0.2File Path: /var/simplicite/simplicite-5.2/package-lock.json?postcss:8.4.24/source-map-js:^1.0.2 pkg:npm/source-map-js@1.0.2 source-map-js:1.0.2File Path: /var/simplicite/simplicite-5.2/package-lock.json?sass:1.63.6/source-map-js:>=0.6.2 <2.0.0 pkg:npm/source-map-js@1.0.2 source-map-support:0.5.21Description:
Fixes stack traces for files with source maps License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/source-map-support:0.5.21
Referenced In Projects/Scopes: simplicite-js:5.2.54/npm-check-updates:16.14.14 simplicite-js:5.2.54 simplicite-js:5.2.54/@babel/register:7.23.7 Evidence Type Source Name Value Confidence Vendor package.json bugs.url https://github.com/evanw/node-source-map-support/issues Highest Vendor package.json description Fixes stack traces for files with source maps Highest Vendor package.json name source-map-support Highest Vendor package.json name source-map-support_project Highest Product package.json name source-map-support Highest Version package.json version 0.5.21 Highest
Related Dependencies source-map-support:0.5.21File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/register:7.23.7/source-map-support:^0.5.16 pkg:npm/source-map-support@0.5.21 source-map-support:0.5.21File Path: /var/simplicite/simplicite-5.2/package-lock.json?npm-check-updates:16.14.14/source-map-support:^0.5.21 pkg:npm/source-map-support@0.5.21 source-map:0.6.1Description:
Generates and consumes source maps License:
BSD-3-Clause File Path: /var/simplicite/simplicite-5.2/package-lock.json?source-map-support:0.5.21/source-map:^0.6.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/handlebars:4.7.7 simplicite-js:5.2.54/source-map-support:0.5.21 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author Nick Fitzgerald <nfitzgerald@mozilla.com> Highest Vendor package.json description Generates and consumes source maps Highest Vendor package.json homepage https://github.com/mozilla/source-map Highest Vendor package.json name source-map Highest Vendor package.json name source-map_project Highest Product package.json name source-map Highest Version package.json version 0.6.1 Highest
Related Dependencies source-map:0.6.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?/source-map:0.6.1 pkg:npm/source-map@0.6.1 source-map:0.6.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?handlebars:4.7.7/source-map:^0.6.1 pkg:npm/source-map@0.6.1 spawn-please:2.0.2Description:
Promisified child_process.spawn. *Supports stdin* *Rejects on stderr* License:
ISC File Path: /var/simplicite/simplicite-5.2/package-lock.json?/spawn-please:2.0.2
Referenced In Projects/Scopes: simplicite-js:5.2.54/npm-check-updates:16.14.14 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author.name Raine Revere Highest Vendor package.json author.url https://github.com/raineorshine Highest Vendor package.json description Promisified child_process.spawn. *Supports stdin* *Rejects on stderr* Highest Vendor package.json name spawn-please Highest Vendor package.json name spawn-please_project Highest Product package.json name spawn-please Highest Version package.json version 2.0.2 Highest
Related Dependencies spawn-please:2.0.2File Path: /var/simplicite/simplicite-5.2/package-lock.json?npm-check-updates:16.14.14/spawn-please:^2.0.2 pkg:npm/spawn-please@2.0.2 spdx-correct:3.2.0Description:
correct invalid SPDX expressions License:
Apache-2.0 File Path: /var/simplicite/simplicite-5.2/package-lock.json?validate-npm-package-license:3.0.4/spdx-correct:^3.0.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/validate-npm-package-license:3.0.4 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json description correct invalid SPDX expressions Highest Vendor package.json name spdx-correct Highest Vendor package.json name spdx-correct_project Highest Product package.json name spdx-correct Highest Version package.json version 3.2.0 Highest
Related Dependencies spdx-correct:3.2.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?/spdx-correct:3.2.0 pkg:npm/spdx-correct@3.2.0 spdx-exceptions:2.3.0Description:
list of SPDX standard license exceptions License:
CC-BY-3.0 File Path: /var/simplicite/simplicite-5.2/package-lock.json?spdx-expression-parse:3.0.1/spdx-exceptions:^2.1.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/spdx-expression-parse:3.0.1 simplicite-js:5.2.54/spdx-expression-parse:4.0.0 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author The Linux Foundation Highest Vendor package.json description list of SPDX standard license exceptions Highest Vendor package.json name spdx-exceptions Highest Vendor package.json name spdx-exceptions_project Highest Product package.json name spdx-exceptions Highest Version package.json version 2.3.0 Highest
Related Dependencies spdx-exceptions:2.3.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?/spdx-exceptions:2.3.0 pkg:npm/spdx-exceptions@2.3.0 spdx-exceptions:2.3.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?spdx-expression-parse:4.0.0/spdx-exceptions:^2.1.0 pkg:npm/spdx-exceptions@2.3.0 spdx-expression-parse:3.0.1Description:
parse SPDX license expressions License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?validate-npm-package-license:3.0.4/spdx-expression-parse:^3.0.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/spdx-correct:3.2.0 simplicite-js:5.2.54/validate-npm-package-license:3.0.4 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author Kyle E. Mitchell <kyle@kemitchell.com> (https://kemitchell.com) Highest Vendor package.json description parse SPDX license expressions Highest Vendor package.json name spdx-expression-parse Highest Vendor package.json name spdx-expression-parse_project Highest Product package.json name spdx-expression-parse Highest Version package.json version 3.0.1 Highest
Related Dependencies spdx-expression-parse:3.0.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?/spdx-expression-parse:3.0.1 pkg:npm/spdx-expression-parse@3.0.1 spdx-expression-parse:3.0.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?spdx-correct:3.2.0/spdx-expression-parse:^3.0.0 pkg:npm/spdx-expression-parse@3.0.1 spdx-expression-parse:4.0.0Description:
parse SPDX license expressions License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/spdx-expression-parse:4.0.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/eslint-plugin-jsdoc:48.0.4 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author Kyle E. Mitchell <kyle@kemitchell.com> (https://kemitchell.com) Highest Vendor package.json description parse SPDX license expressions Highest Vendor package.json name spdx-expression-parse Highest Vendor package.json name spdx-expression-parse_project Highest Product package.json name spdx-expression-parse Highest Version package.json version 4.0.0 Highest
Related Dependencies spdx-expression-parse:4.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?eslint-plugin-jsdoc:48.0.4/spdx-expression-parse:^4.0.0 pkg:npm/spdx-expression-parse@4.0.0 spdx-license-ids:3.0.13Description:
A list of SPDX license identifiers License:
CC0-1.0 File Path: /var/simplicite/simplicite-5.2/package-lock.json?/spdx-license-ids:3.0.13
Referenced In Projects/Scopes: simplicite-js:5.2.54/spdx-correct:3.2.0 simplicite-js:5.2.54/spdx-expression-parse:3.0.1 simplicite-js:5.2.54/spdx-expression-parse:4.0.0 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author Shinnosuke Watanabe (https://github.com/shinnn) Highest Vendor package.json description A list of SPDX license identifiers Highest Vendor package.json name spdx-license-ids Highest Vendor package.json name spdx-license-ids_project Highest Product package.json name spdx-license-ids Highest Version package.json version 3.0.13 Highest
Related Dependencies spdx-license-ids:3.0.13File Path: /var/simplicite/simplicite-5.2/package-lock.json?spdx-correct:3.2.0/spdx-license-ids:^3.0.0 pkg:npm/spdx-license-ids@3.0.13 spdx-license-ids:3.0.13File Path: /var/simplicite/simplicite-5.2/package-lock.json?spdx-expression-parse:3.0.1/spdx-license-ids:^3.0.0 pkg:npm/spdx-license-ids@3.0.13 spdx-license-ids:3.0.13File Path: /var/simplicite/simplicite-5.2/package-lock.json?spdx-expression-parse:4.0.0/spdx-license-ids:^3.0.0 pkg:npm/spdx-license-ids@3.0.13 spectrum-colorpicker:1.8.1Description:
Spectrum: the no hassle jQuery colorpicker License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/spectrum-colorpicker:1.8.1
Referenced In Project/Scope: simplicite-js:5.2.54
Evidence Type Source Name Value Confidence Vendor package.json author.email briangrinstead@gmail.com Highest Vendor package.json author.name Brian Grinstead Highest Vendor package.json author.url http://briangrinstead.com/ Highest Vendor package.json description Spectrum: the no hassle jQuery colorpicker Highest Vendor package.json homepage http://bgrins.github.com/spectrum Highest Vendor package.json name spectrum-colorpicker Highest Vendor package.json name spectrum-colorpicker_project Highest Product package.json name spectrum-colorpicker Highest Version package.json version 1.8.1 Highest
split-text-to-chunks:1.0.0Description:
Split a text string to chunks for e.g. word wrapping License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?tablemark:3.0.0/split-text-to-chunks:^1.0.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/tablemark:3.0.0 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json description Split a text string to chunks for e.g. word wrapping Highest Vendor package.json name split-text-to-chunks Highest Vendor package.json name split-text-to-chunks_project Highest Product package.json name split-text-to-chunks Highest Version package.json version 1.0.0 Highest
Related Dependencies split-text-to-chunks:1.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?/split-text-to-chunks:1.0.0 pkg:npm/split-text-to-chunks@1.0.0 sprintf-js:1.0.3Description:
JavaScript sprintf implementation License:
BSD-3-Clause File Path: /var/simplicite/simplicite-5.2/package-lock.json?/sprintf-js:1.0.3
Referenced In Projects/Scopes: simplicite-js:5.2.54/argparse:1.0.10 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author Alexandru Marasteanu <hello@alexei.ro> (http://alexei.ro/) Highest Vendor package.json description JavaScript sprintf implementation Highest Vendor package.json name sprintf-js Highest Vendor package.json name sprintf-js_project Highest Product package.json name sprintf-js Highest Version package.json version 1.0.3 Highest
Related Dependencies sprintf-js:1.0.3File Path: /var/simplicite/simplicite-5.2/package-lock.json?argparse:1.0.10/sprintf-js:~1.0.2 pkg:npm/sprintf-js@1.0.3 sshd-osgi-2.8.0.jarDescription:
The Apache Software Foundation provides support for the Apache community of open-source software projects. The Apache projects are characterized by a collaborative, consensus based development process, an open and pragmatic software license, and a desire to create high quality software that leads the way in its field. We consider ourselves not simply a group of projects sharing a server, but rather a community of developers and users. License:
https://www.apache.org/licenses/LICENSE-2.0 File Path: /var/simplicite/.m2/repository/org/apache/sshd/sshd-osgi/2.8.0/sshd-osgi-2.8.0.jar
MD5: 15b16cddad3c6d3bc9d45a74585e2f6e
SHA1: b2a59b73c045f40d5722b9160d4f909a646d86c9
SHA256: 734ee51c6babaf0fdfebfc9f38c148a38b8a1d8bce03d0bad26b3fba21a48463
Referenced In Project/Scope: Simplicite Platform:compile
sshd-osgi-2.8.0.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.eclipse.jgit/org.eclipse.jgit.ssh.apache@6.1.0.202203080745-r
Evidence Type Source Name Value Confidence Vendor file name sshd-osgi High Vendor jar package name apache Highest Vendor jar package name sshd Highest Vendor Manifest build-jdk-spec 1.8 Low Vendor Manifest bundle-docurl https://www.apache.org/ Low Vendor Manifest bundle-symbolicname org.apache.sshd.osgi Medium Vendor Manifest implementation-url https://www.apache.org/sshd/sshd-osgi/ Low Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor Manifest Implementation-Vendor-Id org.apache.sshd Medium Vendor Manifest originally-created-by Apache Maven Bundle Plugin Low Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor pom artifactid sshd-osgi Highest Vendor pom artifactid sshd-osgi Low Vendor pom groupid org.apache.sshd Highest Vendor pom name Apache Mina SSHD :: OSGi High Vendor pom parent-artifactid sshd Low Product file name sshd-osgi High Product jar package name apache Highest Product jar package name server Highest Product jar package name sshd Highest Product Manifest build-jdk-spec 1.8 Low Product Manifest bundle-docurl https://www.apache.org/ Low Product Manifest Bundle-Name Apache Mina SSHD :: OSGi Medium Product Manifest bundle-symbolicname org.apache.sshd.osgi Medium Product Manifest Implementation-Title Apache Mina SSHD :: OSGi High Product Manifest implementation-url https://www.apache.org/sshd/sshd-osgi/ Low Product Manifest originally-created-by Apache Maven Bundle Plugin Low Product Manifest specification-title Apache Mina SSHD :: OSGi Medium Product pom artifactid sshd-osgi Highest Product pom groupid org.apache.sshd Highest Product pom name Apache Mina SSHD :: OSGi High Product pom parent-artifactid sshd Medium Version file version 2.8.0 High Version Manifest Bundle-Version 2.8.0 High Version Manifest Implementation-Version 2.8.0 High Version pom version 2.8.0 Highest
Related Dependencies sshd-sftp-2.8.0.jarFile Path: /var/simplicite/.m2/repository/org/apache/sshd/sshd-sftp/2.8.0/sshd-sftp-2.8.0.jar MD5: d4bcc5b494436d6a16e0b32a50cb4c4e SHA1: d3cd9bc8d335b3ed1a86d2965deb4d202de27442 SHA256: bb18aa1a9e9e1e49bfd47b4e1bce23580215eac73f1bf18b9d7d90f06d59d220 pkg:maven/org.apache.sshd/sshd-sftp@2.8.0 CVE-2022-45047 suppress
Class org.apache.sshd.server.keyprovider.SimpleGeneratorHostKeyProvider in Apache MINA SSHD <= 2.9.1 uses Java deserialization to load a serialized java.security.PrivateKey. The class is one of several implementations that an implementor using Apache MINA SSHD can choose for loading the host keys of an SSH server. CWE-502 Deserialization of Untrusted Data
CVSSv3:
Base Score: CRITICAL (9.8) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H References:
Vulnerable Software & Versions:
CVE-2023-48795 suppress
The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets are omitted (from the extension negotiation message), and a client and server may consequently end up with a connection for which some security features have been downgraded or disabled, aka a Terrapin attack. This occurs because the SSH Binary Packet Protocol (BPP), implemented by these extensions, mishandles the handshake phase and mishandles use of sequence numbers. For example, there is an effective attack against SSH's use of ChaCha20-Poly1305 (and CBC with Encrypt-then-MAC). The bypass occurs in chacha20-poly1305@openssh.com and (if CBC is used) the -etm@openssh.com MAC algorithms. This also affects Maverick Synergy Java SSH API before 3.1.0-SNAPSHOT, Dropbear through 2022.83, Ssh before 5.1.1 in Erlang/OTP, PuTTY before 0.80, AsyncSSH before 2.14.2, golang.org/x/crypto before 0.17.0, libssh before 0.10.6, libssh2 through 1.11.0, Thorn Tech SFTP Gateway before 3.4.6, Tera Term before 5.1, Paramiko before 3.4.0, jsch before 0.2.15, SFTPGo before 2.5.6, Netgate pfSense Plus through 23.09.1, Netgate pfSense CE through 2.7.2, HPN-SSH through 18.2.0, ProFTPD before 1.3.8b (and before 1.3.9rc2), ORYX CycloneSSH before 2.3.4, NetSarang XShell 7 before Build 0144, CrushFTP before 10.6.0, ConnectBot SSH library before 2.2.22, Apache MINA sshd through 2.11.0, sshj through 0.37.0, TinySSH through 20230101, trilead-ssh2 6401, LANCOM LCOS and LANconfig, FileZilla before 3.66.4, Nova before 11.8, PKIX-SSH before 14.4, SecureCRT before 9.4.3, Transmit5 before 5.10.4, Win32-OpenSSH before 9.5.0.0p1-Beta, WinSCP before 6.2.2, Bitvise SSH Server before 9.32, Bitvise SSH Client before 9.33, KiTTY through 0.76.1.13, the net-ssh gem 7.2.0 for Ruby, the mscdex ssh2 module before 1.15.0 for Node.js, the thrussh library before 0.35.1 for Rust, and the Russh crate before 0.40.2 for Rust. CWE-354 Improper Validation of Integrity Check Value
CVSSv3:
Base Score: MEDIUM (5.9) Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N References:
Vulnerable Software & Versions: (show all )
CVE-2023-35887 suppress
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache Software Foundation Apache MINA.
In SFTP servers implemented using Apache MINA SSHD that use a RootedFileSystem, logged users may be able to discover "exists/does not exist" information about items outside the rooted tree via paths including parent navigation ("..") beyond the root, or involving symlinks.
This issue affects Apache MINA: from 1.0 before 2.10. Users are recommended to upgrade to 2.10
CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVSSv3:
Base Score: MEDIUM (4.3) Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N References:
Vulnerable Software & Versions:
ssri:10.0.4Description:
Standard Subresource Integrity library -- parses, serializes, generates, and verifies integrity metadata according to the SRI spec. License:
ISC File Path: /var/simplicite/simplicite-5.2/package-lock.json?/ssri:10.0.4
Referenced In Projects/Scopes: simplicite-js:5.2.54/make-fetch-happen:11.1.1 simplicite-js:5.2.54/cacache:17.1.3 simplicite-js:5.2.54/pacote:15.2.0 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author GitHub Inc. Highest Vendor package.json description Standard Subresource Integrity library -- parses, serializes, generates, and verifies integrity metadata according to the SRI spec. Highest Vendor package.json name ssri Highest Vendor package.json name ssri_project Highest Product package.json name ssri Highest Version package.json version 10.0.4 Highest
Related Dependencies ssri:10.0.4File Path: /var/simplicite/simplicite-5.2/package-lock.json?cacache:17.1.3/ssri:^10.0.0 pkg:npm/ssri@10.0.4 ssri:10.0.4File Path: /var/simplicite/simplicite-5.2/package-lock.json?make-fetch-happen:11.1.1/ssri:^10.0.0 pkg:npm/ssri@10.0.4 ssri:10.0.4File Path: /var/simplicite/simplicite-5.2/package-lock.json?pacote:15.2.0/ssri:^10.0.0 pkg:npm/ssri@10.0.4 stackframe:1.3.4Description:
JS Object representation of a stack frame License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/stackframe:1.3.4
Referenced In Projects/Scopes: simplicite-js:5.2.54/@devexpress/error-stack-parser:2.0.6 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json bugs.url https://github.com/stacktracejs/stackframe/issues Highest Vendor package.json description JS Object representation of a stack frame Highest Vendor package.json homepage https://www.stacktracejs.com Highest Vendor package.json name stackframe Highest Vendor package.json name stackframe_project Highest Product package.json name stackframe Highest Version package.json version 1.3.4 Highest
Related Dependencies stackframe:1.3.4File Path: /var/simplicite/simplicite-5.2/package-lock.json?@devexpress/error-stack-parser:2.0.6/stackframe:^1.1.1 pkg:npm/stackframe@1.3.4 stax2-api-4.2.jarDescription:
tax2 API is an extension to basic Stax 1.0 API that adds significant new functionality, such as full-featured bi-direction validation interface and high-performance Typed Access API.
License:
The BSD License: http://www.opensource.org/licenses/bsd-license.php File Path: /var/simplicite/.m2/repository/org/codehaus/woodstox/stax2-api/4.2/stax2-api-4.2.jar
MD5: 5d22fe6dbb276d1fd6dab40c386a4f0a
SHA1: 13c2b30926bca0429c704c4b4ca0b5d0432b69cd
SHA256: badf6081a0bb526fd2c01951dfefad91b6846b6dd0eb0048587e30d1dd334e68
Referenced In Project/Scope: Simplicite Platform:compile
stax2-api-4.2.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.fasterxml.jackson.jaxrs/jackson-jaxrs-xml-provider@2.12.4
Evidence Type Source Name Value Confidence Vendor file name stax2-api High Vendor jar package name codehaus Highest Vendor jar package name stax2 Highest Vendor jar package name typed Highest Vendor jar package name validation Highest Vendor Manifest automatic-module-name org.codehaus.stax2 Medium Vendor Manifest bundle-docurl http://github.com/FasterXML/stax2-api Low Vendor Manifest bundle-symbolicname stax2-api Medium Vendor Manifest implementation-build-date 2019-03-13 04:03:16+0000 Low Vendor Manifest Implementation-Vendor fasterxml.com High Vendor Manifest Implementation-Vendor-Id org.codehaus.woodstox Medium Vendor Manifest specification-vendor fasterxml.com Low Vendor pom artifactid stax2-api Highest Vendor pom artifactid stax2-api Low Vendor pom developer email tatu@fasterxml.com Low Vendor pom developer id tatu Medium Vendor pom developer name Tatu Saloranta Medium Vendor pom groupid org.codehaus.woodstox Highest Vendor pom name Stax2 API High Vendor pom organization name fasterxml.com High Vendor pom organization url http://fasterxml.com Medium Vendor pom parent-artifactid oss-parent Low Vendor pom parent-groupid com.fasterxml Medium Vendor pom url http://github.com/FasterXML/stax2-api Highest Product file name stax2-api High Product jar package name codehaus Highest Product jar package name stax2 Highest Product jar package name typed Highest Product jar package name validation Highest Product Manifest automatic-module-name org.codehaus.stax2 Medium Product Manifest bundle-docurl http://github.com/FasterXML/stax2-api Low Product Manifest Bundle-Name Stax2 API Medium Product Manifest bundle-symbolicname stax2-api Medium Product Manifest implementation-build-date 2019-03-13 04:03:16+0000 Low Product Manifest Implementation-Title Stax2 API High Product Manifest specification-title Stax2 API Medium Product pom artifactid stax2-api Highest Product pom developer email tatu@fasterxml.com Low Product pom developer id tatu Low Product pom developer name Tatu Saloranta Low Product pom groupid org.codehaus.woodstox Highest Product pom name Stax2 API High Product pom organization name fasterxml.com Low Product pom organization url http://fasterxml.com Low Product pom parent-artifactid oss-parent Medium Product pom parent-groupid com.fasterxml Medium Product pom url http://github.com/FasterXML/stax2-api Medium Version file version 4.2 High Version Manifest Implementation-Version 4.2 High Version pom parent-version 4.2 Low Version pom version 4.2 Highest
string-width:4.2.3Description:
Get the visual width of a string - the number of columns required to display it License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?yargs:16.2.0/string-width:^4.2.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/cliui:7.0.4 simplicite-js:5.2.54/widest-line:3.1.0 simplicite-js:5.2.54/gauge:4.0.4 simplicite-js:5.2.54/cli-table3:0.6.3 simplicite-js:5.2.54/wrap-ansi:8.1.0 simplicite-js:5.2.54/table:6.8.1 simplicite-js:5.2.54/boxen:4.2.0 simplicite-js:5.2.54 simplicite-js:5.2.54/ansi-align:3.0.1 simplicite-js:5.2.54/@isaacs/cliui:8.0.2 simplicite-js:5.2.54/wrap-ansi:7.0.0 simplicite-js:5.2.54/stylelint:14.16.1 simplicite-js:5.2.54/inquirer:7.3.3 simplicite-js:5.2.54/widest-line:4.0.1 simplicite-js:5.2.54/wrap-ansi-cjs:7.0.0 simplicite-js:5.2.54/boxen:5.1.2 simplicite-js:5.2.54/wide-align:1.1.5 simplicite-js:5.2.54/yargs:16.2.0 simplicite-js:5.2.54/boxen:7.1.0 Evidence Type Source Name Value Confidence Vendor package.json author.email sindresorhus@gmail.com Highest Vendor package.json author.name Sindre Sorhus Highest Vendor package.json author.url https://sindresorhus.com Highest Vendor package.json author.url sindresorhus.com Highest Vendor package.json description Get the visual width of a string - the number of columns required to display it Highest Vendor package.json name string-width Highest Vendor package.json name string-width_project Highest Product package.json name string-width Highest Version package.json version 4.2.3 Highest
Related Dependencies string-width:4.2.3File Path: /var/simplicite/simplicite-5.2/package-lock.json?/string-width-cjs:4.2.3 pkg:npm/string-width@4.2.3 string-width:4.2.3File Path: /var/simplicite/simplicite-5.2/package-lock.json?/string-width:4.2.3 pkg:npm/string-width@4.2.3 string-width:4.2.3File Path: /var/simplicite/simplicite-5.2/package-lock.json?ansi-align:3.0.1/string-width:^4.1.0 pkg:npm/string-width@4.2.3 string-width:4.2.3File Path: /var/simplicite/simplicite-5.2/package-lock.json?boxen:4.2.0/string-width:^4.1.0 pkg:npm/string-width@4.2.3 string-width:4.2.3File Path: /var/simplicite/simplicite-5.2/package-lock.json?boxen:5.1.2/string-width:^4.2.2 pkg:npm/string-width@4.2.3 string-width:4.2.3File Path: /var/simplicite/simplicite-5.2/package-lock.json?boxen:7.1.0/string-width:^5.1.2 pkg:npm/string-width@4.2.3 string-width:4.2.3File Path: /var/simplicite/simplicite-5.2/package-lock.json?cli-table3:0.6.3/string-width:^4.2.0 pkg:npm/string-width@4.2.3 string-width:4.2.3File Path: /var/simplicite/simplicite-5.2/package-lock.json?cliui:7.0.4/string-width:^4.2.0 pkg:npm/string-width@4.2.3 string-width:4.2.3File Path: /var/simplicite/simplicite-5.2/package-lock.json?gauge:4.0.4/string-width:^4.2.3 pkg:npm/string-width@4.2.3 string-width:4.2.3File Path: /var/simplicite/simplicite-5.2/package-lock.json?inquirer:7.3.3/string-width:^4.1.0 pkg:npm/string-width@4.2.3 string-width:4.2.3File Path: /var/simplicite/simplicite-5.2/package-lock.json?stylelint:14.16.1/string-width:^4.2.3 pkg:npm/string-width@4.2.3 string-width:4.2.3File Path: /var/simplicite/simplicite-5.2/package-lock.json?table:6.8.1/string-width:^4.2.3 pkg:npm/string-width@4.2.3 string-width:4.2.3File Path: /var/simplicite/simplicite-5.2/package-lock.json?wide-align:1.1.5/string-width:^1.0.2 || 2 || 3 || 4 pkg:npm/string-width@4.2.3 string-width:4.2.3File Path: /var/simplicite/simplicite-5.2/package-lock.json?widest-line:3.1.0/string-width:^4.0.0 pkg:npm/string-width@4.2.3 string-width:4.2.3File Path: /var/simplicite/simplicite-5.2/package-lock.json?widest-line:4.0.1/string-width:^5.0.1 pkg:npm/string-width@4.2.3 string-width:4.2.3File Path: /var/simplicite/simplicite-5.2/package-lock.json?wrap-ansi-cjs:7.0.0/string-width:^4.1.0 pkg:npm/string-width@4.2.3 string-width:4.2.3File Path: /var/simplicite/simplicite-5.2/package-lock.json?wrap-ansi:7.0.0/string-width:^4.1.0 pkg:npm/string-width@4.2.3 string-width:4.2.3File Path: /var/simplicite/simplicite-5.2/package-lock.json?wrap-ansi:8.1.0/string-width:^5.0.1 pkg:npm/string-width@4.2.3 string-width:5.1.2File Path: /var/simplicite/simplicite-5.2/package-lock.json?/string-width:5.1.2 pkg:npm/string-width@5.1.2 string-width:5.1.2File Path: /var/simplicite/simplicite-5.2/package-lock.json?@isaacs/cliui:8.0.2/string-width:^5.1.2 pkg:npm/string-width@5.1.2 string.prototype.trim:1.2.7Description:
ES5 spec-compliant shim for String.prototype.trim License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/string.prototype.trim:1.2.7
Referenced In Projects/Scopes: simplicite-js:5.2.54/es-abstract:1.21.2 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author.email ljharb@gmail.com Highest Vendor package.json author.name Jordan Harband Highest Vendor package.json author.url http://ljharb.codes Highest Vendor package.json description ES5 spec-compliant shim for String.prototype.trim Highest Vendor package.json name string.prototype.trim Highest Vendor package.json name string.prototype.trim_project Highest Product package.json name string.prototype.trim Highest Version package.json version 1.2.7 Highest
Related Dependencies string.prototype.trim:1.2.7File Path: /var/simplicite/simplicite-5.2/package-lock.json?es-abstract:1.21.2/string.prototype.trim:^1.2.7 pkg:npm/string.prototype.trim@1.2.7 string.prototype.trimend:1.0.6Description:
ES2019 spec-compliant String.prototype.trimEnd shim. License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/string.prototype.trimend:1.0.6
Referenced In Projects/Scopes: simplicite-js:5.2.54/es-abstract:1.21.2 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author Jordan Harband <ljharb@gmail.com> Highest Vendor package.json description ES2019 spec-compliant String.prototype.trimEnd shim. Highest Vendor package.json name string.prototype.trimend Highest Vendor package.json name string.prototype.trimend_project Highest Product package.json name string.prototype.trimend Highest Version package.json version 1.0.6 Highest
Related Dependencies string.prototype.trimend:1.0.6File Path: /var/simplicite/simplicite-5.2/package-lock.json?es-abstract:1.21.2/string.prototype.trimend:^1.0.6 pkg:npm/string.prototype.trimend@1.0.6 string.prototype.trimstart:1.0.6Description:
ES2019 spec-compliant String.prototype.trimStart shim. License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/string.prototype.trimstart:1.0.6
Referenced In Projects/Scopes: simplicite-js:5.2.54/es-abstract:1.21.2 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author Jordan Harband <ljharb@gmail.com> Highest Vendor package.json description ES2019 spec-compliant String.prototype.trimStart shim. Highest Vendor package.json name string.prototype.trimstart Highest Vendor package.json name string.prototype.trimstart_project Highest Product package.json name string.prototype.trimstart Highest Version package.json version 1.0.6 Highest
Related Dependencies string.prototype.trimstart:1.0.6File Path: /var/simplicite/simplicite-5.2/package-lock.json?es-abstract:1.21.2/string.prototype.trimstart:^1.0.6 pkg:npm/string.prototype.trimstart@1.0.6 string_decoder:0.10.31Description:
The string_decoder module from Node core License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/string_decoder:0.10.31
Referenced In Projects/Scopes: simplicite-js:5.2.54/readable-stream:3.6.2 simplicite-js:5.2.54/readable-stream:2.3.8 simplicite-js:5.2.54/readable-stream:1.1.14 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json description The string_decoder module from Node core Highest Vendor package.json homepage https://github.com/rvagg/string_decoder Highest Vendor package.json name string_decoder Highest Vendor package.json name string_decoder_project Highest Product package.json name string_decoder Highest Version package.json version 0.10.31 Highest
Related Dependencies string_decoder:0.10.31File Path: /var/simplicite/simplicite-5.2/package-lock.json?readable-stream:1.1.14/string_decoder:~0.10.x pkg:npm/string_decoder@0.10.31 string_decoder:0.10.31File Path: /var/simplicite/simplicite-5.2/package-lock.json?readable-stream:2.3.8/string_decoder:~1.1.1 pkg:npm/string_decoder@0.10.31 string_decoder:0.10.31File Path: /var/simplicite/simplicite-5.2/package-lock.json?readable-stream:3.6.2/string_decoder:^1.1.1 pkg:npm/string_decoder@0.10.31 string_decoder:1.3.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?/string_decoder:1.3.0 pkg:npm/string_decoder@1.3.0 string_decoder:1.1.1Description:
The string_decoder module from Node core License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/string_decoder:1.1.1
Referenced In Project/Scope: simplicite-js:5.2.54
Evidence Type Source Name Value Confidence Vendor package.json description The string_decoder module from Node core Highest Vendor package.json homepage https://github.com/nodejs/string_decoder Highest Vendor package.json name string_decoder Highest Vendor package.json name string_decoder_project Highest Product package.json name string_decoder Highest Version package.json version 1.1.1 Highest
string_decoder:1.3.0Description:
The string_decoder module from Node core License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/string_decoder:1.3.0
Referenced In Project/Scope: simplicite-js:5.2.54
Evidence Type Source Name Value Confidence Vendor package.json description The string_decoder module from Node core Highest Vendor package.json homepage https://github.com/nodejs/string_decoder Highest Vendor package.json name string_decoder Highest Vendor package.json name string_decoder_project Highest Product package.json name string_decoder Highest Version package.json version 1.3.0 Highest
stringtemplate-3.2.1.jarDescription:
StringTemplate is a java template engine for generating source code,
web pages, emails, or any other formatted text output.
StringTemplate is particularly good at multi-targeted code generators,
multiple site skins, and internationalization/localization.
It evolved over years of effort developing jGuru.com.
StringTemplate also generates the stringtemplate website: http://www.stringtemplate.org
and powers the ANTLR v3 code generator. Its distinguishing characteristic
is that unlike other engines, it strictly enforces model-view separation.
Strict separation makes websites and code generators more flexible
and maintainable; it also provides an excellent defense against malicious
template authors.
There are currently about 600 StringTemplate source downloads a month.
License:
BSD licence: http://antlr.org/license.html File Path: /var/simplicite/.m2/repository/org/antlr/stringtemplate/3.2.1/stringtemplate-3.2.1.jar
MD5: b58ca53e518a92a1991eb63b61917582
SHA1: 59ec8083721eae215c6f3caee944c410d2be34de
SHA256: f66ce72e965e5301cb0f020e54d2ba6ad76feb91b3cbfc30dbbf00c06a6df6d7
Referenced In Project/Scope: Simplicite Platform:compile
stringtemplate-3.2.1.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.docx4j/docx4j-core@11.2.9
Evidence Type Source Name Value Confidence Vendor file name stringtemplate High Vendor jar package name antlr Highest Vendor jar package name antlr Low Vendor jar package name language Low Vendor jar package name stringtemplate Highest Vendor jar package name stringtemplate Low Vendor pom artifactid stringtemplate Highest Vendor pom artifactid stringtemplate Low Vendor pom developer email jimi@temporal-wave.com Low Vendor pom developer email parrt@antlr.org Low Vendor pom developer name Jim Idle Medium Vendor pom developer name Terence Parr Medium Vendor pom developer org Temporal Wave LLC Medium Vendor pom developer org USFCA Medium Vendor pom developer org URL http://www.cs.usfca.edu Medium Vendor pom developer org URL http://www.temporal-wave.com Medium Vendor pom groupid org.antlr Highest Vendor pom name ANTLR StringTemplate High Vendor pom url http://www.stringtemplate.org Highest Product file name stringtemplate High Product jar package name antlr Highest Product jar package name language Low Product jar package name stringtemplate Highest Product jar package name stringtemplate Low Product pom artifactid stringtemplate Highest Product pom developer email jimi@temporal-wave.com Low Product pom developer email parrt@antlr.org Low Product pom developer name Jim Idle Low Product pom developer name Terence Parr Low Product pom developer org Temporal Wave LLC Low Product pom developer org USFCA Low Product pom developer org URL http://www.cs.usfca.edu Low Product pom developer org URL http://www.temporal-wave.com Low Product pom groupid org.antlr Highest Product pom name ANTLR StringTemplate High Product pom url http://www.stringtemplate.org Medium Version file version 3.2.1 High Version pom version 3.2.1 Highest
strip-ansi:6.0.1Description:
Strip ANSI escape codes from a string License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?wrap-ansi-cjs:7.0.0/strip-ansi:^6.0.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/npm-check:6.0.1 simplicite-js:5.2.54/string-width-cjs:4.2.3 simplicite-js:5.2.54/cliui:7.0.4 simplicite-js:5.2.54/gauge:4.0.4 simplicite-js:5.2.54/string-width:5.1.2 simplicite-js:5.2.54/wrap-ansi:8.1.0 simplicite-js:5.2.54/table:6.8.1 simplicite-js:5.2.54/npm-check-updates:16.14.14 simplicite-js:5.2.54 simplicite-js:5.2.54/@isaacs/cliui:8.0.2 simplicite-js:5.2.54/string-width:4.2.3 simplicite-js:5.2.54/eslint:8.56.0 simplicite-js:5.2.54/wrap-ansi:7.0.0 simplicite-js:5.2.54/stylelint:14.16.1 simplicite-js:5.2.54/inquirer:7.3.3 simplicite-js:5.2.54/ora:5.4.1 simplicite-js:5.2.54/wrap-ansi-cjs:7.0.0 Evidence Type Source Name Value Confidence Vendor package.json author.email sindresorhus@gmail.com Highest Vendor package.json author.name Sindre Sorhus Highest Vendor package.json author.url https://sindresorhus.com Highest Vendor package.json author.url sindresorhus.com Highest Vendor package.json description Strip ANSI escape codes from a string Highest Vendor package.json name strip-ansi Highest Vendor package.json name strip-ansi_project Highest Product package.json name strip-ansi Highest Version package.json version 6.0.1 Highest
Related Dependencies strip-ansi:6.0.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?/strip-ansi-cjs:6.0.1 pkg:npm/strip-ansi@6.0.1 strip-ansi:6.0.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?/strip-ansi:6.0.1 pkg:npm/strip-ansi@6.0.1 strip-ansi:6.0.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?cliui:7.0.4/strip-ansi:^6.0.0 pkg:npm/strip-ansi@6.0.1 strip-ansi:6.0.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?eslint:8.56.0/strip-ansi:^6.0.1 pkg:npm/strip-ansi@6.0.1 strip-ansi:6.0.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?gauge:4.0.4/strip-ansi:^6.0.1 pkg:npm/strip-ansi@6.0.1 strip-ansi:6.0.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?inquirer:7.3.3/strip-ansi:^6.0.0 pkg:npm/strip-ansi@6.0.1 strip-ansi:6.0.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?npm-check:6.0.1/strip-ansi:^6.0.0 pkg:npm/strip-ansi@6.0.1 strip-ansi:6.0.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?ora:5.4.1/strip-ansi:^6.0.0 pkg:npm/strip-ansi@6.0.1 strip-ansi:6.0.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?string-width-cjs:4.2.3/strip-ansi:^6.0.1 pkg:npm/strip-ansi@6.0.1 strip-ansi:6.0.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?string-width:4.2.3/strip-ansi:^6.0.1 pkg:npm/strip-ansi@6.0.1 strip-ansi:6.0.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?string-width:5.1.2/strip-ansi:^7.0.1 pkg:npm/strip-ansi@6.0.1 strip-ansi:6.0.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?stylelint:14.16.1/strip-ansi:^6.0.1 pkg:npm/strip-ansi@6.0.1 strip-ansi:6.0.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?table:6.8.1/strip-ansi:^6.0.1 pkg:npm/strip-ansi@6.0.1 strip-ansi:6.0.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?wrap-ansi:7.0.0/strip-ansi:^6.0.0 pkg:npm/strip-ansi@6.0.1 strip-ansi:6.0.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?wrap-ansi:8.1.0/strip-ansi:^7.0.1 pkg:npm/strip-ansi@6.0.1 strip-ansi:7.1.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?/strip-ansi:7.1.0 pkg:npm/strip-ansi@7.1.0 strip-ansi:7.1.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?@isaacs/cliui:8.0.2/strip-ansi:^7.0.1 pkg:npm/strip-ansi@7.1.0 strip-ansi:7.1.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?npm-check-updates:16.14.14/strip-ansi:^7.1.0 pkg:npm/strip-ansi@7.1.0 strip-bom:3.0.0Description:
Strip UTF-8 byte order mark (BOM) from a string License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/strip-bom:3.0.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/load-yaml-file:0.2.0 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author.email sindresorhus@gmail.com Highest Vendor package.json author.name Sindre Sorhus Highest Vendor package.json author.url sindresorhus.com Highest Vendor package.json description Strip UTF-8 byte order mark (BOM) from a string Highest Vendor package.json name strip-bom Highest Vendor package.json name strip-bom_project Highest Product package.json name strip-bom Highest Version package.json version 3.0.0 Highest
Related Dependencies strip-bom:3.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?load-yaml-file:0.2.0/strip-bom:^3.0.0 pkg:npm/strip-bom@3.0.0 strip-final-newline:2.0.0Description:
Strip the final newline character from a string/buffer License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/strip-final-newline:2.0.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/execa:5.1.1 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author.email sindresorhus@gmail.com Highest Vendor package.json author.name Sindre Sorhus Highest Vendor package.json author.url sindresorhus.com Highest Vendor package.json description Strip the final newline character from a string/buffer Highest Vendor package.json name strip-final-newline Highest Vendor package.json name strip-final-newline_project Highest Product package.json name strip-final-newline Highest Version package.json version 2.0.0 Highest
Related Dependencies strip-final-newline:2.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?execa:5.1.1/strip-final-newline:^2.0.0 pkg:npm/strip-final-newline@2.0.0 strip-indent:3.0.0Description:
Strip leading whitespace from each line in a string License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/strip-indent:3.0.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/redent:3.0.0 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author.email sindresorhus@gmail.com Highest Vendor package.json author.name Sindre Sorhus Highest Vendor package.json author.url sindresorhus.com Highest Vendor package.json description Strip leading whitespace from each line in a string Highest Vendor package.json name strip-indent Highest Vendor package.json name strip-indent_project Highest Product package.json name strip-indent Highest Version package.json version 3.0.0 Highest
Related Dependencies strip-indent:3.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?redent:3.0.0/strip-indent:^3.0.0 pkg:npm/strip-indent@3.0.0 strip-json-comments:1.0.4Description:
Strip comments from JSON. Lets you use comments in your JSON files! License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/strip-json-comments:1.0.4
Referenced In Projects/Scopes: simplicite-js:5.2.54/jshint:2.13.1 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author.email sindresorhus@gmail.com Highest Vendor package.json author.name Sindre Sorhus Highest Vendor package.json author.url sindresorhus.com Highest Vendor package.json description Strip comments from JSON. Lets you use comments in your JSON files! Highest Vendor package.json name strip-json-comments Highest Vendor package.json name strip-json-comments_project Highest Product package.json name strip-json-comments Highest Version package.json version 1.0.4 Highest
Related Dependencies strip-json-comments:1.0.4File Path: /var/simplicite/simplicite-5.2/package-lock.json?jshint:2.13.1/strip-json-comments:1.0.x pkg:npm/strip-json-comments@1.0.4 strip-json-comments:2.0.1Description:
Strip comments from JSON. Lets you use comments in your JSON files! License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/strip-json-comments:2.0.1
Referenced In Projects/Scopes: simplicite-js:5.2.54/rc:1.2.8 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author.email sindresorhus@gmail.com Highest Vendor package.json author.name Sindre Sorhus Highest Vendor package.json author.url sindresorhus.com Highest Vendor package.json description Strip comments from JSON. Lets you use comments in your JSON files! Highest Vendor package.json name strip-json-comments Highest Vendor package.json name strip-json-comments_project Highest Product package.json name strip-json-comments Highest Version package.json version 2.0.1 Highest
Related Dependencies strip-json-comments:2.0.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?rc:1.2.8/strip-json-comments:~2.0.1 pkg:npm/strip-json-comments@2.0.1 strip-json-comments:3.1.1Description:
Strip comments from JSON. Lets you use comments in your JSON files! License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/strip-json-comments:3.1.1
Referenced In Projects/Scopes: simplicite-js:5.2.54/jsdoc:4.0.2 simplicite-js:5.2.54/@eslint/eslintrc:2.1.4 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author.email sindresorhus@gmail.com Highest Vendor package.json author.name Sindre Sorhus Highest Vendor package.json author.url https://sindresorhus.com Highest Vendor package.json description Strip comments from JSON. Lets you use comments in your JSON files! Highest Vendor package.json name strip-json-comments Highest Vendor package.json name strip-json-comments_project Highest Product package.json name strip-json-comments Highest Version package.json version 3.1.1 Highest
Related Dependencies strip-json-comments:3.1.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?@eslint/eslintrc:2.1.4/strip-json-comments:^3.1.1 pkg:npm/strip-json-comments@3.1.1 strip-json-comments:3.1.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?jsdoc:4.0.2/strip-json-comments:^3.1.0 pkg:npm/strip-json-comments@3.1.1 strip-json-comments:5.0.1Description:
Strip comments from JSON. Lets you use comments in your JSON files! License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/strip-json-comments:5.0.1
Referenced In Projects/Scopes: simplicite-js:5.2.54/npm-check-updates:16.14.14 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author.email sindresorhus@gmail.com Highest Vendor package.json author.name Sindre Sorhus Highest Vendor package.json author.url https://sindresorhus.com Highest Vendor package.json description Strip comments from JSON. Lets you use comments in your JSON files! Highest Vendor package.json name strip-json-comments Highest Vendor package.json name strip-json-comments_project Highest Product package.json name strip-json-comments Highest Version package.json version 5.0.1 Highest
Related Dependencies strip-json-comments:5.0.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?npm-check-updates:16.14.14/strip-json-comments:^5.0.1 pkg:npm/strip-json-comments@5.0.1 stripe-java-20.77.0.jarDescription:
Stripe Java Bindings License:
The MIT License: https://opensource.org/licenses/MIT File Path: /var/simplicite/.m2/repository/com/stripe/stripe-java/20.77.0/stripe-java-20.77.0.jar
MD5: 451c6c665a7d62d3203413f826853ccc
SHA1: c75cb3f6af633ac2b96cf275ef03cf83c9b024a4
SHA256: b9da3e5df1aec5cee6c7521954831832b2c819d17cd255e3a42a865ff9df5f1f
Referenced In Project/Scope: Simplicite Platform:compile
stripe-java-20.77.0.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.simplicite/simplicite@5.2.54
Evidence Type Source Name Value Confidence Vendor file name stripe-java High Vendor jar package name stripe Highest Vendor Manifest bundle-symbolicname stripe-java Medium Vendor Manifest Implementation-Vendor Stripe, Inc. (https://stripe.com) High Vendor pom artifactid stripe-java Highest Vendor pom artifactid stripe-java Low Vendor pom developer email support+java@stripe.com Low Vendor pom developer id stripe Medium Vendor pom developer name Stripe Medium Vendor pom groupid com.stripe Highest Vendor pom name stripe-java High Vendor pom organization name Stripe High Vendor pom organization url https://stripe.com Medium Vendor pom url stripe/stripe-java Highest Product file name stripe-java High Product jar package name stripe Highest Product Manifest Bundle-Name stripe-java Medium Product Manifest bundle-symbolicname stripe-java Medium Product Manifest Implementation-Title stripe-java High Product pom artifactid stripe-java Highest Product pom developer email support+java@stripe.com Low Product pom developer id stripe Low Product pom developer name Stripe Low Product pom groupid com.stripe Highest Product pom name stripe-java High Product pom organization name Stripe Low Product pom organization url https://stripe.com Low Product pom url stripe/stripe-java High Version file version 20.77.0 High Version Manifest Bundle-Version 20.77.0 High Version Manifest Implementation-Version 20.77.0 High Version pom version 20.77.0 Highest
sts-2.4.0.jarDescription:
jclouds components to access an implementation of Security Token Service (STS) File Path: /var/simplicite/.m2/repository/org/apache/jclouds/api/sts/2.4.0/sts-2.4.0.jarMD5: cd160b3f4654e43ca6a8069b52e4912aSHA1: babc630e955430a26665c1da8c640dd069317836SHA256: 8ba08920ca2ac51507bab5a6a32185011aaeaf5342f6dd23b2a8e136b476426aReferenced In Project/Scope: Simplicite Platform:compilests-2.4.0.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.apache.jclouds.provider/aws-s3@2.4.0
Evidence Type Source Name Value Confidence Vendor file name sts High Vendor jar package name jclouds Highest Vendor jar package name sts Highest Vendor Manifest bundle-symbolicname sts Medium Vendor Manifest implementation-url https://jclouds.apache.org/sts/ Low Vendor Manifest Implementation-Vendor jclouds High Vendor Manifest Implementation-Vendor-Id org.apache.jclouds Medium Vendor Manifest specification-vendor jclouds Low Vendor pom artifactid sts Highest Vendor pom artifactid sts Low Vendor pom groupid org.apache.jclouds.api Highest Vendor pom name jclouds sts api High Vendor pom parent-artifactid jclouds-project Low Vendor pom parent-groupid org.apache.jclouds Medium Product file name sts High Product jar package name jclouds Highest Product jar package name sts Highest Product Manifest Bundle-Name jclouds sts api Medium Product Manifest bundle-symbolicname sts Medium Product Manifest Implementation-Title jclouds sts api High Product Manifest implementation-url https://jclouds.apache.org/sts/ Low Product Manifest specification-title jclouds jclouds sts api Medium Product pom artifactid sts Highest Product pom groupid org.apache.jclouds.api Highest Product pom name jclouds sts api High Product pom parent-artifactid jclouds-project Medium Product pom parent-groupid org.apache.jclouds Medium Version file version 2.4.0 High Version Manifest Bundle-Version 2.4.0 High Version Manifest Implementation-Version 2.4.0 High Version pom version 2.4.0 Highest
style-search:0.1.0Description:
Search CSS(-like) strings License:
ISC File Path: /var/simplicite/simplicite-5.2/package-lock.json?stylelint:14.16.1/style-search:^0.1.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/stylelint:14.16.1 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author David Clark Highest Vendor package.json bugs.url https://github.com/davidtheclark/style-search/issues Highest Vendor package.json description Search CSS(-like) strings Highest Vendor package.json homepage https://github.com/davidtheclark/style-search#readme Highest Vendor package.json name style-search Highest Vendor package.json name style-search_project Highest Product package.json name style-search Highest Version package.json version 0.1.0 Highest
Related Dependencies style-search:0.1.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?/style-search:0.1.0 pkg:npm/style-search@0.1.0 stylelint-config-recommended:9.0.0Description:
Recommended shareable config for Stylelint License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?stylelint-config-standard:29.0.0/stylelint-config-recommended:^9.0.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/stylelint-config-standard:29.0.0 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author Stylelint Highest Vendor package.json description Recommended shareable config for Stylelint Highest Vendor package.json name stylelint-config-recommended Highest Vendor package.json name stylelint-config-recommended_project Highest Product package.json name stylelint-config-recommended Highest Version package.json version 9.0.0 Highest
Related Dependencies stylelint-config-recommended:9.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?/stylelint-config-recommended:9.0.0 pkg:npm/stylelint-config-recommended@9.0.0 stylelint-config-standard:29.0.0Description:
Standard shareable config for Stylelint License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/stylelint-config-standard:29.0.0
Referenced In Project/Scope: simplicite-js:5.2.54
Evidence Type Source Name Value Confidence Vendor package.json author Stylelint Highest Vendor package.json description Standard shareable config for Stylelint Highest Vendor package.json name stylelint-config-standard Highest Vendor package.json name stylelint-config-standard_project Highest Product package.json name stylelint-config-standard Highest Version package.json version 29.0.0 Highest
stylelint:14.16.1Description:
A mighty, modern CSS linter. License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/stylelint:14.16.1
Referenced In Project/Scope: simplicite-js:5.2.54
Evidence Type Source Name Value Confidence Vendor package.json author stylelint Highest Vendor package.json description A mighty, modern CSS linter. Highest Vendor package.json homepage https://stylelint.io Highest Vendor package.json name stylelint Highest Vendor package.json name stylelint_project Highest Product package.json name stylelint Highest Version package.json version 14.16.1 Highest
supports-color:5.5.0Description:
Detect whether a terminal supports color License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/supports-color:5.5.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/chalk:3.0.0 simplicite-js:5.2.54/chalk:4.1.2 simplicite-js:5.2.54/supports-hyperlinks:2.3.0 simplicite-js:5.2.54 simplicite-js:5.2.54/chalk:2.4.2 Evidence Type Source Name Value Confidence Vendor package.json author.email sindresorhus@gmail.com Highest Vendor package.json author.name Sindre Sorhus Highest Vendor package.json author.url sindresorhus.com Highest Vendor package.json description Detect whether a terminal supports color Highest Vendor package.json name supports-color Highest Vendor package.json name supports-color_project Highest Product package.json name supports-color Highest Version package.json version 5.5.0 Highest
Related Dependencies supports-color:5.5.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?chalk:2.4.2/supports-color:^5.3.0 pkg:npm/supports-color@5.5.0 supports-color:5.5.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?chalk:3.0.0/supports-color:^7.1.0 pkg:npm/supports-color@5.5.0 supports-color:5.5.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?chalk:4.1.2/supports-color:^7.1.0 pkg:npm/supports-color@5.5.0 supports-color:7.2.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?/supports-color:7.2.0 pkg:npm/supports-color@7.2.0 supports-color:7.2.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?supports-hyperlinks:2.3.0/supports-color:^7.0.0 pkg:npm/supports-color@7.2.0 supports-color:7.2.0Description:
Detect whether a terminal supports color License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/supports-color:7.2.0
Referenced In Project/Scope: simplicite-js:5.2.54
Evidence Type Source Name Value Confidence Vendor package.json author.email sindresorhus@gmail.com Highest Vendor package.json author.name Sindre Sorhus Highest Vendor package.json author.url sindresorhus.com Highest Vendor package.json description Detect whether a terminal supports color Highest Vendor package.json name supports-color Highest Vendor package.json name supports-color_project Highest Product package.json name supports-color Highest Version package.json version 7.2.0 Highest
supports-hyperlinks:2.3.0Description:
Detect if your terminal emulator supports hyperlinks License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?terminal-link:2.1.1/supports-hyperlinks:^2.0.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/terminal-link:2.1.1 simplicite-js:5.2.54/stylelint:14.16.1 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author.email james@talmage.io Highest Vendor package.json author.name James Talmage Highest Vendor package.json author.url github.com/jamestalmage Highest Vendor package.json description Detect if your terminal emulator supports hyperlinks Highest Vendor package.json name supports-hyperlinks Highest Vendor package.json name supports-hyperlinks_project Highest Product package.json name supports-hyperlinks Highest Version package.json version 2.3.0 Highest
Related Dependencies supports-hyperlinks:2.3.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?/supports-hyperlinks:2.3.0 pkg:npm/supports-hyperlinks@2.3.0 supports-hyperlinks:2.3.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?stylelint:14.16.1/supports-hyperlinks:^2.3.0 pkg:npm/supports-hyperlinks@2.3.0 supports-preserve-symlinks-flag:1.0.0Description:
Determine if the current node version supports the `--preserve-symlinks` flag. License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/supports-preserve-symlinks-flag:1.0.0
Referenced In Projects/Scopes: simplicite-js:5.2.54 simplicite-js:5.2.54/resolve:1.22.2 Evidence Type Source Name Value Confidence Vendor package.json author Jordan Harband <ljharb@gmail.com> Highest Vendor package.json bugs.url https://github.com/inspect-js/node-supports-preserve-symlinks-flag/issues Highest Vendor package.json description Determine if the current node version supports the `--preserve-symlinks` flag. Highest Vendor package.json homepage https://github.com/inspect-js/node-supports-preserve-symlinks-flag#readme Highest Vendor package.json name supports-preserve-symlinks-flag Highest Vendor package.json name supports-preserve-symlinks-flag_project Highest Product package.json name supports-preserve-symlinks-flag Highest Version package.json version 1.0.0 Highest
Related Dependencies supports-preserve-symlinks-flag:1.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?resolve:1.22.2/supports-preserve-symlinks-flag:^1.0.0 pkg:npm/supports-preserve-symlinks-flag@1.0.0 svg-tags:1.0.0Description:
List of standard SVG tags. File Path: /var/simplicite/simplicite-5.2/package-lock.json?/svg-tags:1.0.0Referenced In Projects/Scopes:
simplicite-js:5.2.54/stylelint:14.16.1 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author.email kgryte@gmail.com Highest Vendor package.json author.name Athan Reines Highest Vendor package.json bugs.url https://github.com/element-io/svg-tags/issues Highest Vendor package.json description List of standard SVG tags. Highest Vendor package.json name svg-tags Highest Vendor package.json name svg-tags_project Highest Product package.json name svg-tags Highest Version package.json version 1.0.0 Highest
Related Dependencies svg-tags:1.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?stylelint:14.16.1/svg-tags:^1.0.0 pkg:npm/svg-tags@1.0.0 swagger-annotations-1.5.18.jarLicense:
http://www.apache.org/licenses/LICENSE-2.0.html File Path: /var/simplicite/.m2/repository/io/swagger/swagger-annotations/1.5.18/swagger-annotations-1.5.18.jar
MD5: e55d57705e9f1a040015cf2fe2e8120b
SHA1: f386aa7dc018534e6e05c40fff292e6cd9b9d8f8
SHA256: 0f4ca703a5e26ca949aee8f9ee88b2aa7f12b45d6a2e7dd9d343407f97205157
Referenced In Project/Scope: Simplicite Platform:provided
swagger-annotations-1.5.18.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.docusign/docusign-esign-java@3.14.0
Evidence Type Source Name Value Confidence Vendor file name swagger-annotations High Vendor jar package name annotations Highest Vendor jar package name io Highest Vendor jar package name swagger Highest Vendor Manifest bundle-symbolicname io.swagger.annotations Medium Vendor Manifest mode development Low Vendor Manifest url https://github.com/swagger-api/swagger-core/modules/swagger-annotations Low Vendor pom artifactid swagger-annotations Highest Vendor pom artifactid swagger-annotations Low Vendor pom groupid io.swagger Highest Vendor pom name swagger-annotations High Vendor pom parent-artifactid swagger-project Low Product file name swagger-annotations High Product jar package name annotations Highest Product jar package name api Highest Product jar package name io Highest Product jar package name swagger Highest Product Manifest Bundle-Name swagger-annotations Medium Product Manifest bundle-symbolicname io.swagger.annotations Medium Product Manifest mode development Low Product Manifest url https://github.com/swagger-api/swagger-core/modules/swagger-annotations Low Product pom artifactid swagger-annotations Highest Product pom groupid io.swagger Highest Product pom name swagger-annotations High Product pom parent-artifactid swagger-project Medium Version file version 1.5.18 High Version Manifest Bundle-Version 1.5.18 High Version Manifest implementation-version 1.5.18 High Version pom version 1.5.18 Highest
swagger-ui-dist:4.15.5License:
Apache-2.0 File Path: /var/simplicite/simplicite-5.2/package-lock.json?/swagger-ui-dist:4.15.5
Referenced In Project/Scope: simplicite-js:5.2.54
Evidence Type Source Name Value Confidence Vendor package.json name swagger-ui-dist Highest Vendor package.json name swagger-ui-dist_project Highest Product package.json name swagger-ui-dist Highest Version package.json version 4.15.5 Highest
table:6.8.1Description:
Formats data into a string table. License:
BSD-3-Clause File Path: /var/simplicite/simplicite-5.2/package-lock.json?/table:6.8.1
Referenced In Projects/Scopes: simplicite-js:5.2.54/stylelint:14.16.1 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author.email gajus@gajus.com Highest Vendor package.json author.name Gajus Kuizinas Highest Vendor package.json author.url http://gajus.com Highest Vendor package.json description Formats data into a string table. Highest Vendor package.json name table Highest Vendor package.json name table_project Highest Product package.json name table Highest Version package.json version 6.8.1 Highest
Related Dependencies table:6.8.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?stylelint:14.16.1/table:^6.8.1 pkg:npm/table@6.8.1 tablemark:3.0.0Description:
Generate markdown tables from a list of objects or JSON data. License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/tablemark:3.0.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/license-report:6.5.0 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author Bo Lingen <lingenbw@gmail.com> (https://github.com/citycide) Highest Vendor package.json bugs https://github.com/citycide/tablemark/issues Highest Vendor package.json description Generate markdown tables from a list of objects or JSON data. Highest Vendor package.json homepage https://github.com/citycide/tablemark Highest Vendor package.json name tablemark Highest Vendor package.json name tablemark_project Highest Product package.json name tablemark Highest Version package.json version 3.0.0 Highest
Related Dependencies tablemark:3.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?license-report:6.5.0/tablemark:^3.0.0 pkg:npm/tablemark@3.0.0 tagsoup-1.2.1.jarDescription:
TagSoup is a SAX-compliant parser written in Java that, instead of parsing well-formed or valid XML, parses HTML as it is found in the wild: poor, nasty and brutish, though quite often far from short. TagSoup is designed for people who have to process this stuff using some semblance of a rational application design. By providing a SAX interface, it allows standard XML tools to be applied to even the worst HTML. TagSoup also includes a command-line processor that reads HTML files and can generate either clean HTML or well-formed XML that is a close approximation to XHTML. License:
Apache License 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /var/simplicite/.m2/repository/org/ccil/cowan/tagsoup/tagsoup/1.2.1/tagsoup-1.2.1.jar
MD5: ae73a52cdcbec10cd61d9ef22fab5936
SHA1: 5584627487e984c03456266d3f8802eb85a9ce97
SHA256: ac97f7b4b1d8e9337edfa0e34044f8d0efe7223f6ad8f3a85d54cc1018ea2e04
Referenced In Project/Scope: Simplicite Platform:compile
tagsoup-1.2.1.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.apache.tika/tika-parsers@1.27
Evidence Type Source Name Value Confidence Vendor file name tagsoup High Vendor jar package name ccil Highest Vendor jar package name cowan Highest Vendor jar package name parser Highest Vendor jar package name tagsoup Highest Vendor pom artifactid tagsoup Highest Vendor pom artifactid tagsoup Low Vendor pom developer name John Cowan Medium Vendor pom groupid org.ccil.cowan.tagsoup Highest Vendor pom name TagSoup High Vendor pom url http://home.ccil.org/~cowan/XML/tagsoup/ Highest Product file name tagsoup High Product jar package name ccil Highest Product jar package name cowan Highest Product jar package name parser Highest Product jar package name tagsoup Highest Product pom artifactid tagsoup Highest Product pom developer name John Cowan Low Product pom groupid org.ccil.cowan.tagsoup Highest Product pom name TagSoup High Product pom url http://home.ccil.org/~cowan/XML/tagsoup/ Medium Version file version 1.2.1 High Version Manifest version 1.2.1 Medium Version pom version 1.2.1 Highest
tar:6.1.15Description:
tar for node License:
ISC File Path: /var/simplicite/simplicite-5.2/package-lock.json?/tar:6.1.15
Referenced In Projects/Scopes: simplicite-js:5.2.54/cacache:17.1.3 simplicite-js:5.2.54/pacote:15.2.0 simplicite-js:5.2.54/node-gyp:9.4.0 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author GitHub Inc. Highest Vendor package.json description tar for node Highest Vendor package.json name tar Highest Vendor package.json name tar_project Highest Product package.json name tar Highest Version package.json version 6.1.15 Highest
Related Dependencies tar:6.1.15File Path: /var/simplicite/simplicite-5.2/package-lock.json?cacache:17.1.3/tar:^6.1.11 pkg:npm/tar@6.1.15 tar:6.1.15File Path: /var/simplicite/simplicite-5.2/package-lock.json?node-gyp:9.4.0/tar:^6.1.2 pkg:npm/tar@6.1.15 tar:6.1.15File Path: /var/simplicite/simplicite-5.2/package-lock.json?pacote:15.2.0/tar:^6.1.11 pkg:npm/tar@6.1.15 CVE-2024-28863 (OSSINDEX) suppress
node-tar is a Tar for Node.js. node-tar prior to version 6.2.1 has no limit on the number of sub-folders created in the folder creation process. An attacker who generates a large number of sub-folders can consume memory on the system running node-tar and even crash the Node.js client within few seconds of running it using a path with too many sub-folders inside. Version 6.2.1 fixes this issue by preventing extraction in excessively deep sub-folders. CWE-400 Uncontrolled Resource Consumption
CVSSv2:
Base Score: MEDIUM (6.5) Vector: /AV:N/AC:L/Au:/C:N/I:N/A:H References:
Vulnerable Software & Versions (OSSINDEX):
cpe:2.3:a:*:tar:6.1.15:*:*:*:*:*:*:* term-size:2.2.1Description:
Reliably get the terminal window size (columns & rows) License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/term-size:2.2.1
Referenced In Projects/Scopes: simplicite-js:5.2.54/boxen:4.2.0 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author.email sindresorhus@gmail.com Highest Vendor package.json author.name Sindre Sorhus Highest Vendor package.json author.url https://sindresorhus.com Highest Vendor package.json description Reliably get the terminal window size (columns & rows) Highest Vendor package.json name term-size Highest Vendor package.json name term-size_project Highest Product package.json name term-size Highest Version package.json version 2.2.1 Highest
Related Dependencies term-size:2.2.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?boxen:4.2.0/term-size:^2.1.0 pkg:npm/term-size@2.2.1 terminal-link:2.1.1Description:
Create clickable links in the terminal License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/terminal-link:2.1.1
Referenced In Projects/Scopes: simplicite-js:5.2.54/npm-audit-html:1.5.0 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author.email sindresorhus@gmail.com Highest Vendor package.json author.name Sindre Sorhus Highest Vendor package.json author.url sindresorhus.com Highest Vendor package.json description Create clickable links in the terminal Highest Vendor package.json name terminal-link Highest Vendor package.json name terminal-link_project Highest Product package.json name terminal-link Highest Version package.json version 2.1.1 Highest
Related Dependencies terminal-link:2.1.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?npm-audit-html:1.5.0/terminal-link:^2.1.1 pkg:npm/terminal-link@2.1.1 text-table:0.2.0Description:
borderless text tables with alignment License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/text-table:0.2.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/npm-check:6.0.1 simplicite-js:5.2.54/eslint:8.56.0 simplicite-js:5.2.54/license-report:6.5.0 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author.email mail@substack.net Highest Vendor package.json author.name James Halliday Highest Vendor package.json author.url http://substack.net Highest Vendor package.json description borderless text tables with alignment Highest Vendor package.json homepage https://github.com/substack/text-table Highest Vendor package.json name text-table Highest Vendor package.json name text-table_project Highest Product package.json name text-table Highest Version package.json version 0.2.0 Highest
Related Dependencies text-table:0.2.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?eslint:8.56.0/text-table:^0.2.0 pkg:npm/text-table@0.2.0 text-table:0.2.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?license-report:6.5.0/text-table:^0.2.0 pkg:npm/text-table@0.2.0 text-table:0.2.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?npm-check:6.0.1/text-table:^0.2.0 pkg:npm/text-table@0.2.0 threeten-extra-1.7.0.jarDescription:
Additional functionality that enhances JSR-310 dates and times in Java SE 8 and later License:
BSD 3-clause: https://raw.githubusercontent.com/ThreeTen/threeten-extra/master/LICENSE.txt File Path: /var/simplicite/.m2/repository/org/threeten/threeten-extra/1.7.0/threeten-extra-1.7.0.jar
MD5: 4550c6bca1ba7815ed84a5e09ad93d01
SHA1: 358940b345b7d09e9f7fcd11c7e24af898e580d3
SHA256: c6569098f8a28897872a3e3b85f65f594be9e7b906eecc4687183b24b0f05edc
Referenced In Project/Scope: Simplicite Platform:compile
threeten-extra-1.7.0.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.simplicite/simplicite@5.2.54
Evidence Type Source Name Value Confidence Vendor file name threeten-extra High Vendor jar package name extra Highest Vendor jar package name threeten Highest Vendor Manifest bundle-docurl https://www.threeten.org Low Vendor Manifest bundle-symbolicname org.threeten.extra Medium Vendor Manifest implementation-url https://www.threeten.org/threeten-extra Low Vendor Manifest Implementation-Vendor ThreeTen.org High Vendor Manifest Implementation-Vendor-Id org.threeten Medium Vendor Manifest specification-vendor ThreeTen.org Low Vendor pom artifactid threeten-extra Highest Vendor pom artifactid threeten-extra Low Vendor pom developer id jodastephen Medium Vendor pom developer name Stephen Colebourne Medium Vendor pom groupid org.threeten Highest Vendor pom name ThreeTen-Extra High Vendor pom organization name ThreeTen.org High Vendor pom organization url https://www.threeten.org Medium Vendor pom url https://www.threeten.org/threeten-extra Highest Product file name threeten-extra High Product jar package name extra Highest Product jar package name threeten Highest Product Manifest bundle-docurl https://www.threeten.org Low Product Manifest Bundle-Name ThreeTen-Extra Medium Product Manifest bundle-symbolicname org.threeten.extra Medium Product Manifest Implementation-Title ThreeTen-Extra High Product Manifest implementation-url https://www.threeten.org/threeten-extra Low Product Manifest specification-title ThreeTen-Extra Medium Product pom artifactid threeten-extra Highest Product pom developer id jodastephen Low Product pom developer name Stephen Colebourne Low Product pom groupid org.threeten Highest Product pom name ThreeTen-Extra High Product pom organization name ThreeTen.org Low Product pom organization url https://www.threeten.org Low Product pom url https://www.threeten.org/threeten-extra Medium Version file version 1.7.0 High Version Manifest Bundle-Version 1.7.0 High Version Manifest Implementation-Version 1.7.0 High Version pom version 1.7.0 Highest
threetenbp-1.5.1.jarDescription:
Backport of JSR-310 from JDK 8 to JDK 7 and JDK 6. NOT an implementation of the JSR. License:
BSD 3-clause: https://raw.githubusercontent.com/ThreeTen/threetenbp/master/LICENSE.txt File Path: /var/simplicite/.m2/repository/org/threeten/threetenbp/1.5.1/threetenbp-1.5.1.jar
MD5: f04e22e9d4e183b42c8555d584b9edd8
SHA1: 4307ad2fdd4ba8b5ecd3fdb88b932aa49fa25920
SHA256: 4342ee04d87040f71b0aa9188ee960780ef2da734e32a8d43a522a580b5e0f3b
Referenced In Project/Scope: Simplicite Platform:compile
threetenbp-1.5.1.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.simplicite/simplicite@5.2.54
Evidence Type Source Name Value Confidence Vendor file name threetenbp High Vendor jar package name bp Highest Vendor jar package name threeten Highest Vendor Manifest automatic-module-name org.threeten.bp Medium Vendor Manifest bundle-docurl https://www.threeten.org Low Vendor Manifest bundle-symbolicname org.threeten.bp Medium Vendor Manifest implementation-url https://www.threeten.org/threetenbp Low Vendor Manifest Implementation-Vendor ThreeTen.org High Vendor Manifest Implementation-Vendor-Id org.threeten Medium Vendor Manifest specification-vendor ThreeTen.org Low Vendor pom artifactid threetenbp Highest Vendor pom artifactid threetenbp Low Vendor pom developer id jodastephen Medium Vendor pom developer name Stephen Colebourne Medium Vendor pom groupid org.threeten Highest Vendor pom name ThreeTen backport High Vendor pom organization name ThreeTen.org High Vendor pom organization url https://www.threeten.org Medium Vendor pom url https://www.threeten.org/threetenbp Highest Product file name threetenbp High Product jar package name bp Highest Product jar package name threeten Highest Product Manifest automatic-module-name org.threeten.bp Medium Product Manifest bundle-docurl https://www.threeten.org Low Product Manifest Bundle-Name ThreeTen backport Medium Product Manifest bundle-symbolicname org.threeten.bp Medium Product Manifest Implementation-Title ThreeTen backport High Product Manifest implementation-url https://www.threeten.org/threetenbp Low Product Manifest specification-title ThreeTen backport Medium Product pom artifactid threetenbp Highest Product pom developer id jodastephen Low Product pom developer name Stephen Colebourne Low Product pom groupid org.threeten Highest Product pom name ThreeTen backport High Product pom organization name ThreeTen.org Low Product pom organization url https://www.threeten.org Low Product pom url https://www.threeten.org/threetenbp Medium Version file version 1.5.1 High Version Manifest Bundle-Version 1.5.1 High Version Manifest Implementation-Version 1.5.1 High Version pom version 1.5.1 Highest
throat:6.0.2Description:
Throttle the parallelism of an asynchronous (promise returning) function / functions License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/throat:6.0.2
Referenced In Projects/Scopes: simplicite-js:5.2.54/npm-check:6.0.1 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author ForbesLindesay Highest Vendor package.json description Throttle the parallelism of an asynchronous (promise returning) function / functions Highest Vendor package.json name throat Highest Vendor package.json name throat_project Highest Product package.json name throat Highest Version package.json version 6.0.2 Highest
Related Dependencies throat:6.0.2File Path: /var/simplicite/simplicite-5.2/package-lock.json?npm-check:6.0.1/throat:^6.0.1 pkg:npm/throat@6.0.2 through:2.3.8Description:
simplified stream construction License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/through:2.3.8
Referenced In Projects/Scopes: simplicite-js:5.2.54/inquirer:7.3.3 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author Dominic Tarr <dominic.tarr@gmail.com> (dominictarr.com) Highest Vendor package.json description simplified stream construction Highest Vendor package.json homepage https://github.com/dominictarr/through Highest Vendor package.json name through Highest Vendor package.json name through_project Highest Product package.json name through Highest Version package.json version 2.3.8 Highest
Related Dependencies through:2.3.8File Path: /var/simplicite/simplicite-5.2/package-lock.json?inquirer:7.3.3/through:^2.3.6 pkg:npm/through@2.3.8 tika-core-1.27.jarDescription:
This is the core Apache Tika™ toolkit library from which all other modules inherit functionality. It
also
includes the core facades for the Tika API.
License:
http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /var/simplicite/.m2/repository/org/apache/tika/tika-core/1.27/tika-core-1.27.jar
MD5: 0c76c02ebeaa3ab8e72979887d8c3d25
SHA1: 079ad0f72558b8fbce947147959e2faff8b7b70a
SHA256: 73e66926394d0afefa0e6a0c3d836912accc7e105f550db7a72f5f7a57a9b24c
Referenced In Project/Scope: Simplicite Platform:compile
tika-core-1.27.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.simplicite/simplicite@5.2.54
Evidence Type Source Name Value Confidence Vendor file name tika-core High Vendor jar package name apache Highest Vendor jar package name tika Highest Vendor Manifest build-jdk-spec 1.8 Low Vendor Manifest bundle-activationpolicy lazy Low Vendor Manifest bundle-docurl http://tika.apache.org/ Low Vendor Manifest bundle-symbolicname org.apache.tika.core Medium Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor pom artifactid tika-core Highest Vendor pom artifactid tika-core Low Vendor pom groupid org.apache.tika Highest Vendor pom name Apache Tika core High Vendor pom organization name The Apache Software Foundation High Vendor pom organization url http://www.apache.org Medium Vendor pom parent-artifactid tika-parent Low Vendor pom url http://tika.apache.org/ Highest Product file name tika-core High Product jar package name apache Highest Product jar package name tika Highest Product Manifest build-jdk-spec 1.8 Low Product Manifest bundle-activationpolicy lazy Low Product Manifest bundle-docurl http://tika.apache.org/ Low Product Manifest Bundle-Name Apache Tika core Medium Product Manifest bundle-symbolicname org.apache.tika.core Medium Product Manifest Implementation-Title Apache Tika core High Product Manifest specification-title Apache Tika core Medium Product pom artifactid tika-core Highest Product pom groupid org.apache.tika Highest Product pom name Apache Tika core High Product pom organization name The Apache Software Foundation Low Product pom organization url http://www.apache.org Low Product pom parent-artifactid tika-parent Medium Product pom url http://tika.apache.org/ Medium Version file version 1.27 High Version Manifest Implementation-Version 1.27 High Version pom version 1.27 Highest
Related Dependencies tika-parsers-1.27.jarFile Path: /var/simplicite/.m2/repository/org/apache/tika/tika-parsers/1.27/tika-parsers-1.27.jar MD5: 207caa0df68cabd14246497ccfafc3de SHA1: 269e021ed326239fd8f62e3ff85f4b4e8dbd6ec9 SHA256: 4853d76d66fec80d437c3855817b304aa51af9404c14c4354a642707f25ccd94 pkg:maven/org.apache.tika/tika-parsers@1.27 CVE-2022-25169 suppress
The BPG parser in versions of Apache Tika before 1.28.2 and 2.4.0 may allocate an unreasonable amount of memory on carefully crafted files. CWE-770 Allocation of Resources Without Limits or Throttling
CVSSv2:
Base Score: MEDIUM (4.3) Vector: /AV:N/AC:M/Au:N/C:N/I:N/A:P CVSSv3:
Base Score: MEDIUM (5.5) Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H References:
Vulnerable Software & Versions: (show all )
CVE-2022-30126 suppress
In Apache Tika, a regular expression in our StandardsText class, used by the StandardsExtractingContentHandler could lead to a denial of service caused by backtracking on a specially crafted file. This only affects users who are running the StandardsExtractingContentHandler, which is a non-standard handler. This is fixed in 1.28.2 and 2.4.0 NVD-CWE-Other
CVSSv2:
Base Score: MEDIUM (4.3) Vector: /AV:N/AC:M/Au:N/C:N/I:N/A:P CVSSv3:
Base Score: MEDIUM (5.5) Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H References:
Vulnerable Software & Versions: (show all )
CVE-2022-30973 suppress
We failed to apply the fix for CVE-2022-30126 to the 1.x branch in the 1.28.2 release. In Apache Tika, a regular expression in the StandardsText class, used by the StandardsExtractingContentHandler could lead to a denial of service caused by backtracking on a specially crafted file. This only affects users who are running the StandardsExtractingContentHandler, which is a non-standard handler. This is fixed in 1.28.3. NVD-CWE-Other
CVSSv2:
Base Score: LOW (2.6) Vector: /AV:N/AC:H/Au:N/C:N/I:N/A:P CVSSv3:
Base Score: MEDIUM (5.5) Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H References:
Vulnerable Software & Versions:
CVE-2022-33879 suppress
The initial fixes in CVE-2022-30126 and CVE-2022-30973 for regexes in the StandardsExtractingContentHandler were insufficient, and we found a separate, new regex DoS in a different regex in the StandardsExtractingContentHandler. These are now fixed in 1.28.4 and 2.4.1. NVD-CWE-Other
CVSSv2:
Base Score: LOW (2.6) Vector: /AV:N/AC:H/Au:N/C:N/I:N/A:P CVSSv3:
Base Score: LOW (3.3) Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L References:
Vulnerable Software & Versions: (show all )
tinymce-i18n:20.12.25Description:
Languages for TinyMCE 4 and 5 License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/tinymce-i18n:20.12.25
Referenced In Project/Scope: simplicite-js:5.2.54
Evidence Type Source Name Value Confidence Vendor package.json description Languages for TinyMCE 4 and 5 Highest Vendor package.json homepage https://github.com/mklkj/tinymce-i18n Highest Vendor package.json name tinymce-i18n Highest Vendor package.json name tinymce-i18n_project Highest Product package.json name tinymce-i18n Highest Version package.json version 20.12.25 Highest
tinymce:5.9.2Description:
Web based JavaScript HTML WYSIWYG editor control. License:
LGPL-2.1 File Path: /var/simplicite/simplicite-5.2/package-lock.json?/tinymce:5.9.2
Referenced In Project/Scope: simplicite-js:5.2.54
Evidence Type Source Name Value Confidence Vendor package.json author Tiny Technologies, Inc Highest Vendor package.json bugs.url https://github.com/tinymce/tinymce/issues Highest Vendor package.json description Web based JavaScript HTML WYSIWYG editor control. Highest Vendor package.json homepage https://www.tiny.cloud/ Highest Vendor package.json name tinymce Highest Vendor package.json name tinymce_project Highest Product package.json name tinymce Highest Version package.json version 5.9.2 Highest
CVE-2022-23494 suppress
tinymce is an open source rich text editor. A cross-site scripting (XSS) vulnerability was discovered in the alert and confirm dialogs when these dialogs were provided with malicious HTML content. This can occur in plugins that use the alert or confirm dialogs, such as in the `image` plugin, which presents these dialogs when certain errors occur. The vulnerability allowed arbitrary JavaScript execution when an alert presented in the TinyMCE UI for the current user. This vulnerability has been patched in TinyMCE 5.10.7 and TinyMCE 6.3.1 by ensuring HTML sanitization was still performed after unwrapping invalid elements. Users are advised to upgrade to either 5.10.7 or 6.3.1. Users unable to upgrade may ensure the the `images_upload_handler` returns a valid value as per the images_upload_handler documentation. CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVSSv3:
Base Score: MEDIUM (6.1) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N References:
Vulnerable Software & Versions: (show all )
CVE-2023-45818 suppress
TinyMCE is an open source rich text editor. A mutation cross-site scripting (mXSS) vulnerability was discovered in TinyMCE’s core undo and redo functionality. When a carefully-crafted HTML snippet passes the XSS sanitisation layer, it is manipulated as a string by internal trimming functions before being stored in the undo stack. If the HTML snippet is restored from the undo stack, the combination of the string manipulation and reparative parsing by either the browser's native [DOMParser API](https://developer.mozilla.org/en-US/docs/Web/API/DOMParser) (TinyMCE 6) or the SaxParser API (TinyMCE 5) mutates the HTML maliciously, allowing an XSS payload to be executed. This vulnerability has been patched in TinyMCE 5.10.8 and TinyMCE 6.7.1 by ensuring HTML is trimmed using node-level manipulation instead of string manipulation. Users are advised to upgrade. There are no known workarounds for this vulnerability. CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVSSv3:
Base Score: MEDIUM (6.1) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N References:
Vulnerable Software & Versions: (show all )
CVE-2023-45819 suppress
TinyMCE is an open source rich text editor. A cross-site scripting (XSS) vulnerability was discovered in TinyMCE’s Notification Manager API. The vulnerability exploits TinyMCE's unfiltered notification system, which is used in error handling. The conditions for this exploit requires carefully crafted malicious content to have been inserted into the editor and a notification to have been triggered. When a notification was opened, the HTML within the text argument was displayed unfiltered in the notification. The vulnerability allowed arbitrary JavaScript execution when an notification presented in the TinyMCE UI for the current user. This issue could also be exploited by any integration which uses a TinyMCE notification to display unfiltered HTML content. This vulnerability has been patched in TinyMCE 5.10.8 and TinyMCE 6.7.1 by ensuring that the HTML displayed in the notification is sanitized, preventing the exploit. Users are advised to upgrade. There are no known workarounds for this vulnerability.
CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVSSv3:
Base Score: MEDIUM (6.1) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N References:
Vulnerable Software & Versions: (show all )
CVE-2023-48219 suppress
TinyMCE is an open source rich text editor. A mutation cross-site scripting (mXSS) vulnerability was discovered in TinyMCE’s core undo/redo functionality and other APIs and plugins. Text nodes within specific parents are not escaped upon serialization according to the HTML standard. If such text nodes contain a special character reserved as an internal marker, they can be combined with other HTML patterns to form malicious snippets. These snippets pass the initial sanitisation layer when the content is parsed into the editor body, but can trigger XSS when the special internal marker is removed from the content and re-parsed. his vulnerability has been patched in TinyMCE versions 6.7.3 and 5.10.9. Users are advised to upgrade. There are no known workarounds for this vulnerability. CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVSSv3:
Base Score: MEDIUM (6.1) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N References:
Vulnerable Software & Versions: (show all )
CVE-2024-21910 suppress
TinyMCE versions before 5.10.0 are affected by a cross-site scripting vulnerability. A remote and unauthenticated attacker could introduce crafted image or link URLs that would result in the execution of arbitrary JavaScript in an editing user's browser.
CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVSSv3:
Base Score: MEDIUM (6.1) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N References:
Vulnerable Software & Versions:
GHSA-hgqx-r2hp-jr38 (NPM) suppress
### Impact
A [cross-site scripting (XSS)](https://owasp.org/www-community/attacks/xss/) vulnerability was discovered in TinyMCE’s Notification Manager API. The vulnerability exploits TinyMCE's unfiltered notification system, which is used in error handling. The conditions for this exploit requires carefully crafted malicious content to have been inserted into the editor and a notification to have been triggered.
When a notification was opened, the HTML within the text argument was displayed unfiltered in the notification. The vulnerability allowed arbitrary JavaScript execution when an notification presented in the TinyMCE UI for the current user. This issue could also be exploited by any integration which uses a TinyMCE notification to display unfiltered HTML content.
### Patches
This vulnerability has been patched in TinyMCE 5.10.8 and TinyMCE 6.7.1 by ensuring that the HTML displayed in the notification is sanitized, preventing the exploit.
### Fix
To avoid this vulnerability:
* Upgrade to TinyMCE 5.10.8 or higher for TinyMCE 5.x.
* Upgrade to TinyMCE 6.7.1 or higher for TinyMCE 6.x.
### References
* <https://tiny.cloud/docs/release-notes/release-notes5108/#securityfixes>
* <https://tiny.cloud/docs/tinymce/6/6.7.1-release-notes/#security-fixes>
### For more information
If you have any questions or comments about this advisory:
* Email us at <infosec@tiny.cloud>
* Open an issue in the [TinyMCE repo](https://github.com/tinymce/tinymce/issues?q=is%3Aissue+is%3Aopen+sort%3Aupdated-desc)
CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVSSv3:
Base Score: MEDIUM (6.1) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Unscored:
References:
Vulnerable Software & Versions (NPM):
cpe:2.3:a:*:tinymce:\<5.10.8:*:*:*:*:*:*:* GHSA-r8hm-w5f7-wj39 (NPM) suppress
### Impact
A cross-site scripting (XSS) vulnerability was discovered in the URL processing logic of the `image` and `link` plugins. The vulnerability allowed arbitrary JavaScript execution when updating an image or link using a specially crafted URL. This issue only impacted users while editing and the dangerous URLs were stripped in any content extracted from the editor. This impacts all users who are using TinyMCE 5.9.2 or lower.
### Patches
This vulnerability has been patched in TinyMCE 5.10.0 by improved sanitization logic when updating URLs in the relevant plugins.
### Workarounds
To work around this vulnerability, either:
- Upgrade to TinyMCE 5.10.0 or higher
- Disable the `image` and `link` plugins
### Acknowledgements
Tiny Technologies would like to thank Yakir6 for discovering this vulnerability.
### References
https://www.tiny.cloud/docs/release-notes/release-notes510/#securityfixes
### For more information
If you have any questions or comments about this advisory:
* Email us at [infosec@tiny.cloud](mailto:infosec@tiny.cloud)
* Open an issue in the [TinyMCE repo](https://github.com/tinymce/tinymce/issues) CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting'), CWE-64 Windows Shortcut Following (.LNK)
CVSSv3:
Base Score: MEDIUM (6.1) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Unscored:
References:
Vulnerable Software & Versions (NPM):
cpe:2.3:a:*:tinymce:\<5.10.0:*:*:*:*:*:*:* GHSA-v626-r774-j7f8 (NPM) suppress
### Impact
A [mutation cross-site scripting](https://researchgate.net/publication/266654651_mXSS_attacks_Attacking_well-secured_web-applications_by_using_innerHTML_mutations) (mXSS) vulnerability was discovered in TinyMCE’s core undo/redo functionality and other APIs and plugins. Text nodes within specific parents are not escaped upon serialization according to the [HTML standard](https://html.spec.whatwg.org/multipage/parsing.html#serialising-html-fragments). If such text nodes contain a special character reserved as an internal marker, they can be combined with other HTML patterns to form malicious snippets. These snippets pass the initial sanitisation layer when the content is parsed into the editor body, but can trigger XSS when the special internal marker is removed from the content and re-parsed. Such mutations occur when serialised HTML content is processed before being stored in the undo stack, or when the following APIs and plugins are used:
* [`tinymce.Editor.getContent({ format: 'raw' })`](https://tiny.cloud/docs/tinymce/6/apis/tinymce.editor/#getContent)
* [`tinymce.Editor.resetContent()`](https://tiny.cloud/docs/tinymce/6/apis/tinymce.editor/#resetContent)
* [Autosave Plugin](https://tiny.cloud/docs/tinymce/6/autosave/)
### Patches
This vulnerability has been patched in TinyMCE 6.7.3 by:
* ensuring that any unescaped text nodes which contain the special internal marker are emptied before removing the marker from the rest of the HTML, and
* removing the special internal marker from content strings passed to `Editor.setContent`, `Editor.insertContent`, and `Editor.resetContent` APIs to prevent them from being loaded into the editor as user-provided content.
### Fix
To avoid this vulnerability:
- Upgrade to TinyMCE 6.7.3 or higher for TinyMCE 6.x.
- Upgrade to TinyMCE 5.10.9 or higher for TinyMCE 5.x.
### Acknowledgements
Tiny Technologies would like to thank Masato Kinugawa of [Cure53](https://cure53.de/) for discovering this vulnerability.
### References
- [TinyMCE 5.10.9 Release Notes](https://tiny.cloud/docs/release-notes/release-notes5109/)
- [TinyMCE 6.7.3 Release Notes](https://tiny.cloud/docs/tinymce/6/6.7.3-release-notes/)
### For more information
Email us at [infosec@tiny.cloud](mailto:infosec@tiny.cloud)
Open an issue in the [TinyMCE repo](https://github.com/tinymce/tinymce/issues?q=is%3Aissue+is%3Aopen+sort%3Aupdated-desc) CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVSSv3:
Base Score: MEDIUM (6.1) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Unscored:
References:
Vulnerable Software & Versions (NPM):
cpe:2.3:a:*:tinymce:\<5.10.9:*:*:*:*:*:*:* GHSA-v65r-p3vv-jjfv (NPM) suppress
### Impact
A [mutation cross-site scripting](https://researchgate.net/publication/266654651_mXSS_attacks_Attacking_well-secured_web-applications_by_using_innerHTML_mutations) (mXSS) vulnerability was discovered in TinyMCE’s core undo and redo functionality. When a carefully-crafted HTML snippet passes the XSS sanitisation layer, it is manipulated as a string by internal trimming functions before being stored in the undo stack. If the HTML snippet is restored from the undo stack, the combination of the string manipulation and reparative parsing by either the browser's native [DOMParser API](https://developer.mozilla.org/en-US/docs/Web/API/DOMParser) (TinyMCE 6) or the [SaxParser API](https://www.tiny.cloud/docs/api/tinymce.html/tinymce.html.saxparser/) (TinyMCE 5) mutates the HTML maliciously, allowing an XSS payload to be executed.
​This vulnerability also impacts these related TinyMCE APIs and plugins:​
* [`tinymce.Editor.getContent({ format: 'raw' })`](https://tiny.cloud/docs/tinymce/6/apis/tinymce.editor/#getContent)
* [`tinymce.Editor.resetContent()`](https://tiny.cloud/docs/tinymce/6/apis/tinymce.editor/#resetContent)
* [Autosave Plugin](https://tiny.cloud/docs/tinymce/6/autosave/)
### Patches
This vulnerability has been patched in TinyMCE 5.10.8 and TinyMCE 6.7.1 by ensuring HTML is trimmed using node-level manipulation instead of string manipulation.
### Fix
To avoid this vulnerability:
* Upgrade to TinyMCE 5.10.8 or higher for TinyMCE 5.x.
* Upgrade to TinyMCE 6.7.1 or higher for TinyMCE 6.x.
### Acknowledgements
Tiny Technologies would like to thank Masato Kinugawa of [Cure53](https://cure53.de/) for discovering this vulnerability.
### References
* [TinyMCE 5.10.8 Release Notes](https://tiny.cloud/docs/release-notes/release-notes5108/)
* [TinyMCE 6.7.1 Release Notes](https://tiny.cloud/docs/tinymce/6/6.7.1-release-notes/)
### For more information
If you have any questions or comments about this advisory:
* Email us at <infosec@tiny.cloud>
* Open an issue in the [TinyMCE repo](https://github.com/tinymce/tinymce/issues?q=is%3Aissue+is%3Aopen+sort%3Aupdated-desc) CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVSSv3:
Base Score: MEDIUM (6.1) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Unscored:
References:
Vulnerable Software & Versions (NPM):
cpe:2.3:a:*:tinymce:\<5.10.8:*:*:*:*:*:*:* GHSA-gg8r-xjwq-4w92 (NPM) suppress
### Impact
A cross-site scripting (XSS) vulnerability was discovered in the alert and confirm dialogs when these dialogs were provided with malicious HTML content. This can occur in plugins that use the alert or confirm dialogs, such as in the `image` plugin, which presents these dialogs when certain errors occur. The vulnerability allowed arbitrary JavaScript execution when an alert presented in the TinyMCE UI for the current user.
### Patches
This vulnerability has been patched in TinyMCE 5.10.7 and TinyMCE 6.3.1 by ensuring HTML sanitization was still performed after unwrapping invalid elements.
### Fix
To avoid this vulnerability:
- Upgrade to TinyMCE 5.10.7 or higher for TinyMCE 5.x.
- Upgrade to TinyMCE 6.3.1 or higher for TinyMCE 6.x.
### Workaround
To reduce the impact of this vulnerability:
- Ensure the the `images_upload_handler` returns a valid value as per the images_upload_handler documentation.
### References
- https://www.tiny.cloud/docs/release-notes/release-notes5107/#securityfixes
- https://www.tiny.cloud/docs/tinymce/6/6.3-release-notes/#security-fixes
### For more information
If you have any questions or comments about this advisory:
* Email us at [infosec@tiny.cloud](mailto:infosec@tiny.cloud)
* Open an issue in the [TinyMCE repo](https://github.com/tinymce/tinymce/issues) CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVSSv3:
Base Score: MEDIUM (5.4) Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N Unscored:
References:
Vulnerable Software & Versions (NPM):
cpe:2.3:a:*:tinymce:\<5.10.7:*:*:*:*:*:*:* CVE-2024-29203 (OSSINDEX) suppress
TinyMCE is an open source rich text editor. A cross-site scripting (XSS) vulnerability was discovered in TinyMCE’s content insertion code. This allowed `iframe` elements containing malicious code to execute when inserted into the editor. These `iframe` elements are restricted in their permissions by same-origin browser protections, but could still trigger operations such as downloading of malicious assets. This vulnerability is fixed in 6.8.1. CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVSSv2:
Base Score: MEDIUM (4.3) Vector: /AV:N/AC:L/Au:/C:L/I:N/A:N References:
Vulnerable Software & Versions (OSSINDEX):
cpe:2.3:a:*:tinymce:5.9.2:*:*:*:*:*:*:* CVE-2024-29881 (OSSINDEX) suppress
TinyMCE is an open source rich text editor. A cross-site scripting (XSS) vulnerability was discovered in TinyMCE’s content loading and content inserting code. A SVG image could be loaded though an `object` or `embed` element and that image could potentially contain a XSS payload. This vulnerability is fixed in 6.8.1 and 7.0.0. CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVSSv2:
Base Score: MEDIUM (4.3) Vector: /AV:N/AC:L/Au:/C:L/I:N/A:N References:
Vulnerable Software & Versions (OSSINDEX):
cpe:2.3:a:*:tinymce:5.9.2:*:*:*:*:*:*:* GHSA-438c-3975-5x3f (NPM) suppress
### Impact
A [cross-site scripting (XSS)](https://owasp.org/www-community/attacks/xss/) vulnerability was discovered in TinyMCE’s content insertion code. This allowed `iframe` elements containing malicious code to execute when inserted into the editor. These `iframe` elements are restricted in their permissions by same-origin browser protections, but could still trigger operations such as downloading of malicious assets.
### Fix
TinyMCE 6.8.1 introduced a new `sandbox_iframes` boolean option which adds the `sandbox=""` attribute to every `iframe` element by default when enabled. This will prevent cross-origin, and in special cases same-origin, XSS by embedded resources in `iframe` elements. From TinyMCE 7.0.0 onwards the default value of this option is `true`.
In TinyMCE 7.0.0 a new `sandbox_iframes_exclusions` option was also added, allowing a list of domains to be specified that should be excluded from having the `sandbox=""` attribute applied when the `sandbox_iframes` option is enabled. By default, this option is set to an array of domains that are provided in embed code by popular websites. To sandbox `iframe` elements from every domain, set this option to `[]`.
### Workarounds
The HTTP Content-Security-Policy (CSP) `frame-src` or `object-src` can be configured to restrict or block the loading of unauthorized URLS. Refer to the [TinyMCE Content Security Policy Guide](https://www.tiny.cloud/docs/tinymce/latest/tinymce-and-csp/).
### References
- [TinyMCE 6.8.1](https://www.tiny.cloud/docs/tinymce/6/6.8.1-release-notes/#new-convert_unsafe_embeds-option-that-controls-whether-object-and-embed-elements-will-be-converted-to-more-restrictive-alternatives-namely-img-for-image-mime-types-video-for-video-mime-types-audio-audio-mime-types-or-iframe-for-other-or-unspecified-mime-types)
- [TinyMCE 7.0.0](https://www.tiny.cloud/docs/tinymce/7/7.0-release-notes/#sandbox_iframes-editor-option-is-now-defaulted-to-true)
CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVSSv3:
Base Score: MEDIUM (4.3) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N Unscored:
References:
Vulnerable Software & Versions (NPM):
cpe:2.3:a:*:tinymce:\<6.8.1:*:*:*:*:*:*:* GHSA-5359-pvf2-pw78 (NPM) suppress
### Impact
A [cross-site scripting (XSS)](https://owasp.org/www-community/attacks/xss/) vulnerability was discovered in TinyMCE’s content loading and content inserting code. A SVG image could be loaded though an `object` or `embed` element and that image could potentially contain a XSS payload.
### Fix
TinyMCE 6.8.1 introduced a new `convert_unsafe_embeds` option to automatically convert `object` and `embed` elements respective of their `type` attribute. From TinyMCE 7.0.0 onwards, the `convert_unsafe_embeds` option is enabled by default.
### Workarounds
If you are using TinyMCE 6.8.1 or higher, set `convert_unsafe_embeds` to true. For any earlier versions, a custom NodeFilter is recommended to remove or modify any `object` or `embed` elements. This can be added using the `editor.parser.addNodeFilter` and `editor.serializer.addNodeFilter` APIs.
### Acknowledgements
Tiny Technologies would like to thank Toni Huttunen of [Fraktal Oy](https://www.fraktal.fi/) for discovering this vulnerability.
### References
- [TinyMCE 6.8.1](https://www.tiny.cloud/docs/tinymce/6/6.8.1-release-notes/#new-convert_unsafe_embeds-option-that-controls-whether-object-and-embed-elements-will-be-converted-to-more-restrictive-alternatives-namely-img-for-image-mime-types-video-for-video-mime-types-audio-audio-mime-types-or-iframe-for-other-or-unspecified-mime-types)
- [TinyMCE 7.0.0](https://www.tiny.cloud/docs/tinymce/7/7.0-release-notes/#convert_unsafe_embeds-editor-option-is-now-defaulted-to-true)
CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVSSv3:
Base Score: MEDIUM (4.3) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N Unscored:
References:
Vulnerable Software & Versions (NPM):
cpe:2.3:a:*:tinymce:\<7.0.0:*:*:*:*:*:*:* tmp:0.0.33Description:
Temporary file and directory creator License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/tmp:0.0.33
Referenced In Projects/Scopes: simplicite-js:5.2.54 simplicite-js:5.2.54/external-editor:3.1.0 Evidence Type Source Name Value Confidence Vendor package.json author KARASZI István <github@spam.raszi.hu> (http://raszi.hu/) Highest Vendor package.json bugs.url http://github.com/raszi/node-tmp/issues Highest Vendor package.json description Temporary file and directory creator Highest Vendor package.json homepage http://github.com/raszi/node-tmp Highest Vendor package.json name tmp Highest Vendor package.json name tmp_project Highest Product package.json name tmp Highest Version package.json version 0.0.33 Highest
Related Dependencies tmp:0.0.33File Path: /var/simplicite/simplicite-5.2/package-lock.json?external-editor:3.1.0/tmp:^0.0.33 pkg:npm/tmp@0.0.33 to-fast-properties:2.0.0Description:
Force V8 to use fast properties for an object License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/to-fast-properties:2.0.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/@babel/types:7.23.9 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author.email sindresorhus@gmail.com Highest Vendor package.json author.name Sindre Sorhus Highest Vendor package.json author.url sindresorhus.com Highest Vendor package.json description Force V8 to use fast properties for an object Highest Vendor package.json name to-fast-properties Highest Vendor package.json name to-fast-properties_project Highest Product package.json name to-fast-properties Highest Version package.json version 2.0.0 Highest
Related Dependencies to-fast-properties:2.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/types:7.23.9/to-fast-properties:^2.0.0 pkg:npm/to-fast-properties@2.0.0 to-readable-stream:1.0.0Description:
Convert a string/Buffer/Uint8Array to a readable stream License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/to-readable-stream:1.0.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/got:9.6.0 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author.email sindresorhus@gmail.com Highest Vendor package.json author.name Sindre Sorhus Highest Vendor package.json author.url sindresorhus.com Highest Vendor package.json description Convert a string/Buffer/Uint8Array to a readable stream Highest Vendor package.json name to-readable-stream Highest Vendor package.json name to-readable-stream_project Highest Product package.json name to-readable-stream Highest Version package.json version 1.0.0 Highest
Related Dependencies to-readable-stream:1.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?got:9.6.0/to-readable-stream:^1.0.0 pkg:npm/to-readable-stream@1.0.0 to-regex-range:5.0.1Description:
Pass two numbers, get a regex-compatible source string for matching ranges. Validated against more than 2.78 million test assertions. License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/to-regex-range:5.0.1
Referenced In Projects/Scopes: simplicite-js:5.2.54/fill-range:7.0.1 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author Jon Schlinkert (https://github.com/jonschlinkert) Highest Vendor package.json bugs.url https://github.com/micromatch/to-regex-range/issues Highest Vendor package.json description Pass two numbers, get a regex-compatible source string for matching ranges. Validated against more than 2.78 million test assertions. Highest Vendor package.json homepage https://github.com/micromatch/to-regex-range Highest Vendor package.json name to-regex-range Highest Vendor package.json name to-regex-range_project Highest Product package.json name to-regex-range Highest Version package.json version 5.0.1 Highest
Related Dependencies to-regex-range:5.0.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?fill-range:7.0.1/to-regex-range:^5.0.1 pkg:npm/to-regex-range@5.0.1 totp-1.7.1.jarDescription:
A library to help implement time-based one time passwords to enable MFA. File Path: /var/simplicite/.m2/repository/dev/samstevens/totp/totp/1.7.1/totp-1.7.1.jarMD5: ceaed46be1e655c451d11cc5cb33e4ffSHA1: c2bcced6c255d48223f5626c4db9af9aa9d43c35SHA256: f02b3fcab62298907d655acc54c0dc85f7103dc26cee95eed44ebe6fc2af3415Referenced In Project/Scope: Simplicite Platform:compiletotp-1.7.1.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.simplicite/simplicite@5.2.54
Evidence Type Source Name Value Confidence Vendor file name totp High Vendor jar package name dev Highest Vendor jar package name dev Low Vendor jar package name samstevens Highest Vendor jar package name samstevens Low Vendor jar package name time Highest Vendor jar package name totp Highest Vendor jar package name totp Low Vendor pom artifactid totp Highest Vendor pom artifactid totp Low Vendor pom groupid dev.samstevens.totp Highest Vendor pom name : High Vendor pom parent-artifactid totp-parent Low Product file name totp High Product jar package name dev Highest Product jar package name samstevens Highest Product jar package name samstevens Low Product jar package name time Highest Product jar package name totp Highest Product jar package name totp Low Product pom artifactid totp Highest Product pom groupid dev.samstevens.totp Highest Product pom name : High Product pom parent-artifactid totp-parent Medium Version file version 1.7.1 High Version pom version 1.7.1 Highest
trim-newlines:3.0.1Description:
Trim newlines from the start and/or end of a string License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/trim-newlines:3.0.1
Referenced In Projects/Scopes: simplicite-js:5.2.54/meow:9.0.0 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author.email sindresorhus@gmail.com Highest Vendor package.json author.name Sindre Sorhus Highest Vendor package.json author.url sindresorhus.com Highest Vendor package.json description Trim newlines from the start and/or end of a string Highest Vendor package.json name trim-newlines Highest Vendor package.json name trim-newlines_project Highest Product package.json name trim-newlines Highest Version package.json version 3.0.1 Highest
Related Dependencies trim-newlines:3.0.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?meow:9.0.0/trim-newlines:^3.0.0 pkg:npm/trim-newlines@3.0.1 tslib:1.14.1Description:
Runtime library for TypeScript helper functions License:
0BSD File Path: /var/simplicite/simplicite-5.2/package-lock.json?/tslib:1.14.1
Referenced In Projects/Scopes: simplicite-js:5.2.54/rxjs:6.6.7 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author Microsoft Corp. Highest Vendor package.json bugs.url https://github.com/Microsoft/TypeScript/issues Highest Vendor package.json description Runtime library for TypeScript helper functions Highest Vendor package.json homepage https://www.typescriptlang.org/ Highest Vendor package.json name tslib Highest Vendor package.json name tslib_project Highest Product package.json name tslib Highest Version package.json version 1.14.1 Highest
Related Dependencies tslib:1.14.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?rxjs:6.6.7/tslib:^1.9.0 pkg:npm/tslib@1.14.1 tslib:2.6.0Description:
Runtime library for TypeScript helper functions License:
0BSD File Path: /var/simplicite/simplicite-5.2/package-lock.json?upper-case-first:2.0.2/tslib:^2.0.3
Referenced In Projects/Scopes: simplicite-js:5.2.54/@fullcalendar/moment:5.11.0 simplicite-js:5.2.54/upper-case-first:2.0.2 simplicite-js:5.2.54/sentence-case:3.0.4 simplicite-js:5.2.54/@fullcalendar/moment-timezone:5.11.0 simplicite-js:5.2.54 simplicite-js:5.2.54/no-case:3.0.4 simplicite-js:5.2.54/@fullcalendar/interaction:5.11.0 simplicite-js:5.2.54/@fullcalendar/luxon:5.11.0 simplicite-js:5.2.54/@fullcalendar/google-calendar:5.11.0 simplicite-js:5.2.54/@fullcalendar/bootstrap:5.11.0 simplicite-js:5.2.54/@fullcalendar/daygrid:5.11.0 simplicite-js:5.2.54/@fullcalendar/common:5.11.5 simplicite-js:5.2.54/@fullcalendar/timegrid:5.11.0 simplicite-js:5.2.54/@fullcalendar/list:5.11.0 simplicite-js:5.2.54/@fullcalendar/rrule:5.11.0 simplicite-js:5.2.54/@fullcalendar/core:5.11.0 simplicite-js:5.2.54/rrule:2.8.1 simplicite-js:5.2.54/lower-case:2.0.2 Evidence Type Source Name Value Confidence Vendor package.json author Microsoft Corp. Highest Vendor package.json bugs.url https://github.com/Microsoft/TypeScript/issues Highest Vendor package.json description Runtime library for TypeScript helper functions Highest Vendor package.json homepage https://www.typescriptlang.org/ Highest Vendor package.json name tslib Highest Vendor package.json name tslib_project Highest Product package.json name tslib Highest Version package.json version 2.6.0 Highest
Related Dependencies tslib:2.6.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?/tslib:2.6.0 pkg:npm/tslib@2.6.0 tslib:2.6.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?@fullcalendar/bootstrap:5.11.0/tslib:^2.1.0 pkg:npm/tslib@2.6.0 tslib:2.6.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?@fullcalendar/common:5.11.5/tslib:^2.1.0 pkg:npm/tslib@2.6.0 tslib:2.6.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?@fullcalendar/core:5.11.0/tslib:^2.1.0 pkg:npm/tslib@2.6.0 tslib:2.6.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?@fullcalendar/daygrid:5.11.0/tslib:^2.1.0 pkg:npm/tslib@2.6.0 tslib:2.6.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?@fullcalendar/google-calendar:5.11.0/tslib:^2.1.0 pkg:npm/tslib@2.6.0 tslib:2.6.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?@fullcalendar/interaction:5.11.0/tslib:^2.1.0 pkg:npm/tslib@2.6.0 tslib:2.6.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?@fullcalendar/list:5.11.0/tslib:^2.1.0 pkg:npm/tslib@2.6.0 tslib:2.6.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?@fullcalendar/luxon:5.11.0/tslib:^2.1.0 pkg:npm/tslib@2.6.0 tslib:2.6.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?@fullcalendar/moment-timezone:5.11.0/tslib:^2.1.0 pkg:npm/tslib@2.6.0 tslib:2.6.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?@fullcalendar/moment:5.11.0/tslib:^2.1.0 pkg:npm/tslib@2.6.0 tslib:2.6.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?@fullcalendar/rrule:5.11.0/tslib:^2.1.0 pkg:npm/tslib@2.6.0 tslib:2.6.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?@fullcalendar/timegrid:5.11.0/tslib:^2.1.0 pkg:npm/tslib@2.6.0 tslib:2.6.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?lower-case:2.0.2/tslib:^2.0.3 pkg:npm/tslib@2.6.0 tslib:2.6.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?no-case:3.0.4/tslib:^2.0.3 pkg:npm/tslib@2.6.0 tslib:2.6.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?rrule:2.8.1/tslib:^2.4.0 pkg:npm/tslib@2.6.0 tslib:2.6.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?sentence-case:3.0.4/tslib:^2.0.3 pkg:npm/tslib@2.6.0 tuf-js:1.1.7Description:
JavaScript implementation of The Update Framework (TUF) License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/tuf-js:1.1.7
Referenced In Projects/Scopes: simplicite-js:5.2.54/@sigstore/tuf:1.0.3 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author bdehamer@github.com Highest Vendor package.json bugs.url https://github.com/theupdateframework/tuf-js/issues Highest Vendor package.json description JavaScript implementation of The Update Framework (TUF) Highest Vendor package.json homepage https://github.com/theupdateframework/tuf-js/tree/main/packages/client#readme Highest Vendor package.json name tuf-js Highest Vendor package.json name tuf-js_project Highest Product package.json name tuf-js Highest Version package.json version 1.1.7 Highest
Related Dependencies tuf-js:1.1.7File Path: /var/simplicite/simplicite-5.2/package-lock.json?@sigstore/tuf:1.0.3/tuf-js:^1.1.7 pkg:npm/tuf-js@1.1.7 twilio-8.19.1.jarDescription:
Twilio Java Helper Library License:
MIT License: http://www.opensource.org/licenses/mit-license.php File Path: /var/simplicite/.m2/repository/com/twilio/sdk/twilio/8.19.1/twilio-8.19.1.jar
MD5: 6d345a94feab55375544bc21fb2f0412
SHA1: e3c92a4dba7a385e0f1b2959972f029aa8222800
SHA256: 216b472933a11bd0b139dab44b3c47f80edcd7646e1e61d3fd9468b72aae2ae6
Referenced In Project/Scope: Simplicite Platform:compile
twilio-8.19.1.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.simplicite/simplicite@5.2.54
Evidence Type Source Name Value Confidence Vendor file name twilio High Vendor jar package name rest Low Vendor jar package name twilio Highest Vendor jar package name twilio Low Vendor pom artifactid twilio Highest Vendor pom artifactid twilio Low Vendor pom developer email api@twilio.com Low Vendor pom developer id api Medium Vendor pom developer name Twilio API Medium Vendor pom developer org Twilio, Inc. Medium Vendor pom developer org URL https://www.twilio.com Medium Vendor pom groupid com.twilio.sdk Highest Vendor pom name twilio High Vendor pom url https://www.twilio.com Highest Product file name twilio High Product jar package name rest Low Product jar package name twilio Highest Product pom artifactid twilio Highest Product pom developer email api@twilio.com Low Product pom developer id api Low Product pom developer name Twilio API Low Product pom developer org Twilio, Inc. Low Product pom developer org URL https://www.twilio.com Low Product pom groupid com.twilio.sdk Highest Product pom name twilio High Product pom url https://www.twilio.com Medium Version file version 8.19.1 High Version pom version 8.19.1 Highest
txw2-2.3.4.jarDescription:
TXW is a library that allows you to write XML documents.
File Path: /var/simplicite/.m2/repository/org/glassfish/jaxb/txw2/2.3.4/txw2-2.3.4.jarMD5: 0d2de5cab75137d954fe38fb6d10471bSHA1: 257fa649d3137a1060d222aefb96b7d1dd5f1286SHA256: 32c0c524624bd535d4e40b30afa2def7399cbb824fb3e74c73aea62872ad753bReferenced In Project/Scope: Simplicite Platform:compiletxw2-2.3.4.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.glassfish.jaxb/jaxb-runtime@2.3.4
Evidence Type Source Name Value Confidence Vendor file name txw2 High Vendor jar package name sun Highest Vendor jar package name txw Highest Vendor jar package name txw2 Highest Vendor jar package name xml Highest Vendor jar (hint) package name oracle Highest Vendor Manifest git-revision 2a16b4e Low Vendor Manifest Implementation-Vendor Eclipse Foundation High Vendor Manifest Implementation-Vendor-Id org.eclipse Medium Vendor pom artifactid txw2 Highest Vendor pom artifactid txw2 Low Vendor pom groupid org.glassfish.jaxb Highest Vendor pom name TXW2 Runtime High Vendor pom parent-artifactid jaxb-txw-parent Low Vendor pom parent-groupid com.sun.xml.bind.mvn Medium Product file name txw2 High Product jar package name sun Highest Product jar package name txw Highest Product jar package name txw2 Highest Product jar package name xml Highest Product Manifest git-revision 2a16b4e Low Product Manifest Implementation-Title Jakarta XML Binding Implementation High Product Manifest specification-title Jakarta XML Binding Medium Product pom artifactid txw2 Highest Product pom groupid org.glassfish.jaxb Highest Product pom name TXW2 Runtime High Product pom parent-artifactid jaxb-txw-parent Medium Product pom parent-groupid com.sun.xml.bind.mvn Medium Version file version 2.3.4 High Version Manifest build-id 2.3.4 Medium Version Manifest Implementation-Version 2.3.4 High Version Manifest major-version 2.3.4 Medium Version pom version 2.3.4 Highest
type-check:0.4.0Description:
type-check allows you to check the types of JavaScript values at runtime with a Haskell like type syntax. License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/type-check:0.4.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/levn:0.4.1 simplicite-js:5.2.54/optionator:0.9.3 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author George Zahariev <z@georgezahariev.com> Highest Vendor package.json bugs https://github.com/gkz/type-check/issues Highest Vendor package.json description type-check allows you to check the types of JavaScript values at runtime with a Haskell like type syntax. Highest Vendor package.json homepage https://github.com/gkz/type-check Highest Vendor package.json name type-check Highest Vendor package.json name type-check_project Highest Product package.json name type-check Highest Version package.json version 0.4.0 Highest
Related Dependencies type-check:0.4.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?levn:0.4.1/type-check:~0.4.0 pkg:npm/type-check@0.4.0 type-check:0.4.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?optionator:0.9.3/type-check:^0.4.0 pkg:npm/type-check@0.4.0 type-fest:0.18.1Description:
A collection of essential TypeScript types License:
(MIT OR CC0-1.0) File Path: /var/simplicite/simplicite-5.2/package-lock.json?/type-fest:0.18.1
Referenced In Projects/Scopes: simplicite-js:5.2.54/meow:9.0.0 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author.email sindresorhus@gmail.com Highest Vendor package.json author.name Sindre Sorhus Highest Vendor package.json author.url https://sindresorhus.com Highest Vendor package.json description A collection of essential TypeScript types Highest Vendor package.json name type-fest Highest Vendor package.json name type-fest_project Highest Product package.json name type-fest Highest Version package.json version 0.18.1 Highest
Related Dependencies type-fest:0.18.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?meow:9.0.0/type-fest:^0.18.0 pkg:npm/type-fest@0.18.1 type-fest:0.20.2Description:
A collection of essential TypeScript types License:
(MIT OR CC0-1.0) File Path: /var/simplicite/simplicite-5.2/package-lock.json?/type-fest:0.20.2
Referenced In Project/Scope: simplicite-js:5.2.54
Evidence Type Source Name Value Confidence Vendor package.json author.email sindresorhus@gmail.com Highest Vendor package.json author.name Sindre Sorhus Highest Vendor package.json author.url https://sindresorhus.com Highest Vendor package.json description A collection of essential TypeScript types Highest Vendor package.json name type-fest Highest Vendor package.json name type-fest_project Highest Product package.json name type-fest Highest Version package.json version 0.20.2 Highest
type-fest:0.21.3Description:
A collection of essential TypeScript types License:
(MIT OR CC0-1.0) File Path: /var/simplicite/simplicite-5.2/package-lock.json?/type-fest:0.21.3
Referenced In Projects/Scopes: simplicite-js:5.2.54/ansi-escapes:4.3.2 simplicite-js:5.2.54/boxen:5.1.2 simplicite-js:5.2.54/globals:13.24.0 simplicite-js:5.2.54/boxen:7.1.0 simplicite-js:5.2.54 simplicite-js:5.2.54/globals:13.20.0 Evidence Type Source Name Value Confidence Vendor package.json author.email sindresorhus@gmail.com Highest Vendor package.json author.name Sindre Sorhus Highest Vendor package.json author.url https://sindresorhus.com Highest Vendor package.json description A collection of essential TypeScript types Highest Vendor package.json name type-fest Highest Vendor package.json name type-fest_project Highest Product package.json name type-fest Highest Version package.json version 0.21.3 Highest
Related Dependencies type-fest:0.20.2File Path: /var/simplicite/simplicite-5.2/package-lock.json?/type-fest:0.20.2 pkg:npm/type-fest@0.20.2 type-fest:0.21.3File Path: /var/simplicite/simplicite-5.2/package-lock.json?ansi-escapes:4.3.2/type-fest:^0.21.3 pkg:npm/type-fest@0.21.3 type-fest:0.21.3File Path: /var/simplicite/simplicite-5.2/package-lock.json?boxen:5.1.2/type-fest:^0.20.2 pkg:npm/type-fest@0.21.3 type-fest:0.21.3File Path: /var/simplicite/simplicite-5.2/package-lock.json?boxen:7.1.0/type-fest:^2.13.0 pkg:npm/type-fest@0.21.3 type-fest:0.21.3File Path: /var/simplicite/simplicite-5.2/package-lock.json?globals:13.20.0/type-fest:^0.20.2 pkg:npm/type-fest@0.21.3 type-fest:0.21.3File Path: /var/simplicite/simplicite-5.2/package-lock.json?globals:13.24.0/type-fest:^0.20.2 pkg:npm/type-fest@0.21.3 type-fest:0.6.0Description:
A collection of essential TypeScript types License:
(MIT OR CC0-1.0) File Path: /var/simplicite/simplicite-5.2/package-lock.json?/type-fest:0.6.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/read-pkg:5.2.0 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author.email sindresorhus@gmail.com Highest Vendor package.json author.name Sindre Sorhus Highest Vendor package.json author.url sindresorhus.com Highest Vendor package.json description A collection of essential TypeScript types Highest Vendor package.json name type-fest Highest Vendor package.json name type-fest_project Highest Product package.json name type-fest Highest Version package.json version 0.6.0 Highest
Related Dependencies type-fest:0.6.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?read-pkg:5.2.0/type-fest:^0.6.0 pkg:npm/type-fest@0.6.0 type-fest:0.8.1Description:
A collection of essential TypeScript types License:
(MIT OR CC0-1.0) File Path: /var/simplicite/simplicite-5.2/package-lock.json?/type-fest:0.8.1
Referenced In Projects/Scopes: simplicite-js:5.2.54/read-pkg-up:7.0.1 simplicite-js:5.2.54/boxen:4.2.0 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author.email sindresorhus@gmail.com Highest Vendor package.json author.name Sindre Sorhus Highest Vendor package.json author.url sindresorhus.com Highest Vendor package.json description A collection of essential TypeScript types Highest Vendor package.json name type-fest Highest Vendor package.json name type-fest_project Highest Product package.json name type-fest Highest Version package.json version 0.8.1 Highest
Related Dependencies type-fest:0.8.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?boxen:4.2.0/type-fest:^0.8.1 pkg:npm/type-fest@0.8.1 type-fest:0.8.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?read-pkg-up:7.0.1/type-fest:^0.8.1 pkg:npm/type-fest@0.8.1 type-fest:1.4.0Description:
A collection of essential TypeScript types License:
(MIT OR CC0-1.0) File Path: /var/simplicite/simplicite-5.2/package-lock.json?/type-fest:1.4.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/crypto-random-string:4.0.0 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author.email sindresorhus@gmail.com Highest Vendor package.json author.name Sindre Sorhus Highest Vendor package.json author.url https://sindresorhus.com Highest Vendor package.json description A collection of essential TypeScript types Highest Vendor package.json name type-fest Highest Vendor package.json name type-fest_project Highest Product package.json name type-fest Highest Version package.json version 1.4.0 Highest
Related Dependencies type-fest:1.4.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?crypto-random-string:4.0.0/type-fest:^1.0.1 pkg:npm/type-fest@1.4.0 type-fest:2.19.0Description:
A collection of essential TypeScript types License:
(MIT OR CC0-1.0) File Path: /var/simplicite/simplicite-5.2/package-lock.json?/type-fest:2.19.0
Referenced In Project/Scope: simplicite-js:5.2.54
Evidence Type Source Name Value Confidence Vendor package.json author.email sindresorhus@gmail.com Highest Vendor package.json author.name Sindre Sorhus Highest Vendor package.json author.url https://sindresorhus.com Highest Vendor package.json description A collection of essential TypeScript types Highest Vendor package.json name type-fest Highest Vendor package.json name type-fest_project Highest Product package.json name type-fest Highest Version package.json version 2.19.0 Highest
typed-array-length:1.0.4Description:
Robustly get the length of a Typed Array License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/typed-array-length:1.0.4
Referenced In Projects/Scopes: simplicite-js:5.2.54/es-abstract:1.21.2 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author Jordan Harband <ljharb@gmail.com> Highest Vendor package.json bugs.url https://github.com/inspect-js/typed-array-length/issues Highest Vendor package.json description Robustly get the length of a Typed Array Highest Vendor package.json homepage https://github.com/inspect-js/typed-array-length#readme Highest Vendor package.json name typed-array-length Highest Vendor package.json name typed-array-length_project Highest Product package.json name typed-array-length Highest Version package.json version 1.0.4 Highest
Related Dependencies typed-array-length:1.0.4File Path: /var/simplicite/simplicite-5.2/package-lock.json?es-abstract:1.21.2/typed-array-length:^1.0.4 pkg:npm/typed-array-length@1.0.4 typedarray-to-buffer:3.1.5Description:
Convert a typed array to a Buffer without a copy License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/typedarray-to-buffer:3.1.5
Referenced In Projects/Scopes: simplicite-js:5.2.54 simplicite-js:5.2.54/write-file-atomic:3.0.3 Evidence Type Source Name Value Confidence Vendor package.json author.email feross@feross.org Highest Vendor package.json author.name Feross Aboukhadijeh Highest Vendor package.json author.url http://feross.org/ Highest Vendor package.json bugs.url https://github.com/feross/typedarray-to-buffer/issues Highest Vendor package.json description Convert a typed array to a Buffer without a copy Highest Vendor package.json homepage http://feross.org Highest Vendor package.json name typedarray-to-buffer Highest Vendor package.json name typedarray-to-buffer_project Highest Product package.json name typedarray-to-buffer Highest Version package.json version 3.1.5 Highest
Related Dependencies typedarray-to-buffer:3.1.5File Path: /var/simplicite/simplicite-5.2/package-lock.json?write-file-atomic:3.0.3/typedarray-to-buffer:^3.1.5 pkg:npm/typedarray-to-buffer@3.1.5 uc.micro:1.0.6Description:
Micro subset of unicode data files for markdown-it projects. License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/uc.micro:1.0.6
Referenced In Projects/Scopes: simplicite-js:5.2.54/linkify-it:3.0.3 simplicite-js:5.2.54 simplicite-js:5.2.54/markdown-it:12.3.2 Evidence Type Source Name Value Confidence Vendor package.json description Micro subset of unicode data files for markdown-it projects. Highest Vendor package.json name uc.micro Highest Vendor package.json name uc.micro_project Highest Product package.json name uc.micro Highest Version package.json version 1.0.6 Highest
Related Dependencies uc.micro:1.0.6File Path: /var/simplicite/simplicite-5.2/package-lock.json?linkify-it:3.0.3/uc.micro:^1.0.1 pkg:npm/uc.micro@1.0.6 uc.micro:1.0.6File Path: /var/simplicite/simplicite-5.2/package-lock.json?markdown-it:12.3.2/uc.micro:^1.0.5 pkg:npm/uc.micro@1.0.6 udunits-4.5.5.jarDescription:
The ucar.units Java package is for decoding and encoding
formatted unit specifications (e.g. "m/s"), converting numeric values
between compatible units (e.g. between "m/s" and "knot"), and for
performing arithmetic operations on units (e.g. dividing one unit by
another, raising a unit to a power). File Path: /var/simplicite/.m2/repository/edu/ucar/udunits/4.5.5/udunits-4.5.5.jarMD5: 025ffadf77de73601443c8262c995df0SHA1: d8c8d65ade13666eedcf764889c69321c247f153SHA256: fb641ad901d1526d53f2b13bc86baec703c57d58e6001cfa54ca7734c97fb30dReferenced In Project/Scope: Simplicite Platform:compileudunits-4.5.5.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.apache.tika/tika-parsers@1.27
Evidence Type Source Name Value Confidence Vendor file name udunits High Vendor jar package name ucar Highest Vendor jar package name units Highest Vendor Manifest built-on 20150306.1537 Low Vendor Manifest Implementation-Vendor UCAR/Unidata High Vendor Manifest Implementation-Vendor-Id edu.ucar Medium Vendor pom artifactid udunits Highest Vendor pom artifactid udunits Low Vendor pom developer id emmerson Medium Vendor pom developer name Steve Emmerson Medium Vendor pom groupid edu.ucar Highest Vendor pom name udunits High Vendor pom parent-artifactid thredds-parent Low Vendor pom url http://www.unidata.ucar.edu/software/udunits// Highest Product file name udunits High Product jar package name ucar Highest Product jar package name units Highest Product Manifest built-on 20150306.1537 Low Product Manifest Implementation-Title udunits High Product pom artifactid udunits Highest Product pom developer id emmerson Low Product pom developer name Steve Emmerson Low Product pom groupid edu.ucar Highest Product pom name udunits High Product pom parent-artifactid thredds-parent Medium Product pom url http://www.unidata.ucar.edu/software/udunits// Medium Version file version 4.5.5 High Version Manifest Implementation-Version 4.5.5 High Version pom version 4.5.5 Highest
uglify-js:3.17.4Description:
JavaScript parser, mangler/compressor and beautifier toolkit License:
BSD-2-Clause File Path: /var/simplicite/simplicite-5.2/package-lock.json?/uglify-js:3.17.4
Referenced In Project/Scope: simplicite-js:5.2.54
Evidence Type Source Name Value Confidence Vendor package.json author Mihai Bazon <mihai.bazon@gmail.com> (http://lisperator.net/) Highest Vendor package.json description JavaScript parser, mangler/compressor and beautifier toolkit Highest Vendor package.json name uglify-js Highest Vendor package.json name uglify-js_project Highest Product package.json name uglify-js Highest Version package.json version 3.17.4 Highest
pkg:npm/uglify-js@3.17.4 (Confidence :Highest)cpe:2.3:a:uglifyjs_project:uglifyjs:3.17.4:*:*:*:*:*:*:* (Confidence :Low) suppress unbox-primitive:1.0.2Description:
Unbox a boxed JS primitive value. License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/unbox-primitive:1.0.2
Referenced In Projects/Scopes: simplicite-js:5.2.54/es-abstract:1.21.2 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author Jordan Harband <ljharb@gmail.com> Highest Vendor package.json bugs.url https://github.com/ljharb/unbox-primitive/issues Highest Vendor package.json description Unbox a boxed JS primitive value. Highest Vendor package.json homepage https://github.com/ljharb/unbox-primitive#readme Highest Vendor package.json name unbox-primitive Highest Vendor package.json name unbox-primitive_project Highest Product package.json name unbox-primitive Highest Version package.json version 1.0.2 Highest
Related Dependencies unbox-primitive:1.0.2File Path: /var/simplicite/simplicite-5.2/package-lock.json?es-abstract:1.21.2/unbox-primitive:^1.0.2 pkg:npm/unbox-primitive@1.0.2 underscore:1.13.6Description:
JavaScript's functional programming helper library. License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/underscore:1.13.6
Referenced In Projects/Scopes: simplicite-js:5.2.54/jsdoc:4.0.2 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author Jeremy Ashkenas <jeremy@documentcloud.org> Highest Vendor package.json description JavaScript's functional programming helper library. Highest Vendor package.json homepage https://underscorejs.org Highest Vendor package.json name underscore Highest Vendor package.json name underscore_project Highest Product package.json name underscore Highest Version package.json version 1.13.6 Highest
Related Dependencies underscore:1.13.6File Path: /var/simplicite/simplicite-5.2/package-lock.json?jsdoc:4.0.2/underscore:~1.13.2 pkg:npm/underscore@1.13.6 unicode-canonical-property-names-ecmascript:2.0.0Description:
The set of canonical Unicode property names supported in ECMAScript RegExp property escapes. License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?unicode-match-property-ecmascript:2.0.0/unicode-canonical-property-names-ecmascript:^2.0.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/unicode-match-property-ecmascript:2.0.0 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author.name Mathias Bynens Highest Vendor package.json author.url https://mathiasbynens.be/ Highest Vendor package.json bugs https://github.com/mathiasbynens/unicode-canonical-property-names-ecmascript/issues Highest Vendor package.json description The set of canonical Unicode property names supported in ECMAScript RegExp property escapes. Highest Vendor package.json homepage https://github.com/mathiasbynens/unicode-canonical-property-names-ecmascript Highest Vendor package.json name unicode-canonical-property-names-ecmascript Highest Vendor package.json name unicode-canonical-property-names-ecmascript_project Highest Product package.json name unicode-canonical-property-names-ecmascript Highest Version package.json version 2.0.0 Highest
Related Dependencies unicode-canonical-property-names-ecmascript:2.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?/unicode-canonical-property-names-ecmascript:2.0.0 pkg:npm/unicode-canonical-property-names-ecmascript@2.0.0 unicode-match-property-ecmascript:2.0.0Description:
Match a Unicode property or property alias to its canonical property name per the algorithm used for RegExp Unicode property escapes in ECMAScript. License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/unicode-match-property-ecmascript:2.0.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/regexpu-core:5.3.2 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author.name Mathias Bynens Highest Vendor package.json author.url https://mathiasbynens.be/ Highest Vendor package.json bugs https://github.com/mathiasbynens/unicode-match-property-ecmascript/issues Highest Vendor package.json description Match a Unicode property or property alias to its canonical property name per the algorithm used for RegExp Unicode property escapes in ECMAScript. Highest Vendor package.json homepage https://github.com/mathiasbynens/unicode-match-property-ecmascript Highest Vendor package.json name unicode-match-property-ecmascript Highest Vendor package.json name unicode-match-property-ecmascript_project Highest Product package.json name unicode-match-property-ecmascript Highest Version package.json version 2.0.0 Highest
Related Dependencies unicode-match-property-ecmascript:2.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?regexpu-core:5.3.2/unicode-match-property-ecmascript:^2.0.0 pkg:npm/unicode-match-property-ecmascript@2.0.0 unicode-match-property-value-ecmascript:2.1.0Description:
Match a Unicode property or property alias to its canonical property name per the algorithm used for RegExp Unicode property escapes in ECMAScript. License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/unicode-match-property-value-ecmascript:2.1.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/regexpu-core:5.3.2 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author.name Mathias Bynens Highest Vendor package.json author.url https://mathiasbynens.be/ Highest Vendor package.json bugs https://github.com/mathiasbynens/unicode-match-property-value-ecmascript/issues Highest Vendor package.json description Match a Unicode property or property alias to its canonical property name per the algorithm used for RegExp Unicode property escapes in ECMAScript. Highest Vendor package.json homepage https://github.com/mathiasbynens/unicode-match-property-value-ecmascript Highest Vendor package.json name unicode-match-property-value-ecmascript Highest Vendor package.json name unicode-match-property-value-ecmascript_project Highest Product package.json name unicode-match-property-value-ecmascript Highest Version package.json version 2.1.0 Highest
Related Dependencies unicode-match-property-value-ecmascript:2.1.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?regexpu-core:5.3.2/unicode-match-property-value-ecmascript:^2.1.0 pkg:npm/unicode-match-property-value-ecmascript@2.1.0 unicode-property-aliases-ecmascript:2.1.0Description:
Unicode property alias mappings in JavaScript format for property names that are supported in ECMAScript RegExp property escapes. License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/unicode-property-aliases-ecmascript:2.1.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/unicode-match-property-ecmascript:2.0.0 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author.name Mathias Bynens Highest Vendor package.json author.url https://mathiasbynens.be/ Highest Vendor package.json bugs https://github.com/mathiasbynens/unicode-property-aliases-ecmascript/issues Highest Vendor package.json description Unicode property alias mappings in JavaScript format for property names that are supported in ECMAScript RegExp property escapes. Highest Vendor package.json homepage https://github.com/mathiasbynens/unicode-property-aliases-ecmascript Highest Vendor package.json name unicode-property-aliases-ecmascript Highest Vendor package.json name unicode-property-aliases-ecmascript_project Highest Product package.json name unicode-property-aliases-ecmascript Highest Version package.json version 2.1.0 Highest
Related Dependencies unicode-property-aliases-ecmascript:2.1.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?unicode-match-property-ecmascript:2.0.0/unicode-property-aliases-ecmascript:^2.0.0 pkg:npm/unicode-property-aliases-ecmascript@2.1.0 unique-filename:3.0.0Description:
Generate a unique filename for use in temporary directories or caches. License:
ISC File Path: /var/simplicite/simplicite-5.2/package-lock.json?/unique-filename:3.0.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/cacache:17.1.3 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author GitHub Inc. Highest Vendor package.json bugs.url https://github.com/iarna/unique-filename/issues Highest Vendor package.json description Generate a unique filename for use in temporary directories or caches. Highest Vendor package.json homepage https://github.com/iarna/unique-filename Highest Vendor package.json name unique-filename Highest Vendor package.json name unique-filename_project Highest Product package.json name unique-filename Highest Version package.json version 3.0.0 Highest
Related Dependencies unique-filename:3.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?cacache:17.1.3/unique-filename:^3.0.0 pkg:npm/unique-filename@3.0.0 unique-slug:4.0.0Description:
Generate a unique character string suitible for use in files and URLs. License:
ISC File Path: /var/simplicite/simplicite-5.2/package-lock.json?/unique-slug:4.0.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/unique-filename:3.0.0 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author GitHub Inc. Highest Vendor package.json description Generate a unique character string suitible for use in files and URLs. Highest Vendor package.json name unique-slug Highest Vendor package.json name unique-slug_project Highest Product package.json name unique-slug Highest Version package.json version 4.0.0 Highest
Related Dependencies unique-slug:4.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?unique-filename:3.0.0/unique-slug:^4.0.0 pkg:npm/unique-slug@4.0.0 unique-string:2.0.0Description:
Generate a unique random string License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/unique-string:2.0.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/configstore:6.0.0 simplicite-js:5.2.54 simplicite-js:5.2.54/configstore:5.0.1 Evidence Type Source Name Value Confidence Vendor package.json author.email sindresorhus@gmail.com Highest Vendor package.json author.name Sindre Sorhus Highest Vendor package.json author.url sindresorhus.com Highest Vendor package.json description Generate a unique random string Highest Vendor package.json name unique-string Highest Vendor package.json name unique-string_project Highest Product package.json name unique-string Highest Version package.json version 2.0.0 Highest
Related Dependencies unique-string:2.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?configstore:5.0.1/unique-string:^2.0.0 pkg:npm/unique-string@2.0.0 unique-string:2.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?configstore:6.0.0/unique-string:^3.0.0 pkg:npm/unique-string@2.0.0 unique-string:3.0.0Description:
Generate a unique random string License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/unique-string:3.0.0
Referenced In Project/Scope: simplicite-js:5.2.54
Evidence Type Source Name Value Confidence Vendor package.json author.email sindresorhus@gmail.com Highest Vendor package.json author.name Sindre Sorhus Highest Vendor package.json author.url https://sindresorhus.com Highest Vendor package.json description Generate a unique random string Highest Vendor package.json name unique-string Highest Vendor package.json name unique-string_project Highest Product package.json name unique-string Highest Version package.json version 3.0.0 Highest
unirest-java-3.14.2.jarDescription:
Simplified, lightweight HTTP client library. File Path: /var/simplicite/.m2/repository/com/konghq/unirest-java/3.14.2/unirest-java-3.14.2.jarMD5: 68e701e21ea22313fa93b506db1c57dfSHA1: 0e7693bc22f364014d9164519fb057a7d86af9a7SHA256: 1df56813f4410de105265f91cb37be4cc9c1dc32902b18b8b8b7bf069ef2f2a7Referenced In Project/Scope: Simplicite Platform:compileunirest-java-3.14.2.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.simplicite/simplicite@5.2.54
Evidence Type Source Name Value Confidence Vendor file name unirest-java High Vendor jar package name client Highest Vendor jar package name kong Low Vendor jar package name unirest Highest Vendor jar package name unirest Low Vendor pom artifactid unirest-java Highest Vendor pom artifactid unirest-java Low Vendor pom groupid com.konghq Highest Vendor pom parent-artifactid unirest-java-parent Low Product file name unirest-java High Product jar package name client Highest Product jar package name unirest Highest Product jar package name unirest Low Product pom artifactid unirest-java Highest Product pom groupid com.konghq Highest Product pom parent-artifactid unirest-java-parent Medium Version file version 3.14.2 High Version pom version 3.14.2 Highest
unit-api-1.0.jarDescription:
Units of Measurement Standard - This JSR specifies Java packages for modeling and working with measurement values, quantities and their corresponding units. License:
BSD: LICENSE.txt File Path: /var/simplicite/.m2/repository/javax/measure/unit-api/1.0/unit-api-1.0.jar
MD5: 0e62b80ee212b7bb9d3cd150ff988a93
SHA1: 6b960260278588d7ff02fe376e5aad39a9c7440b
SHA256: 35da65fdbd3f9c1fe79cfc8399db975fd97660d8a219febfda9fd1a5fc058f10
Referenced In Project/Scope: Simplicite Platform:compile
unit-api-1.0.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.apache.tika/tika-parsers@1.27
Evidence Type Source Name Value Confidence Vendor file name unit-api High Vendor jar package name javax Highest Vendor jar package name measure Highest Vendor jar package name unit Highest Vendor Manifest bundle-docurl http://unitsofmeasurement.github.io Low Vendor Manifest bundle-symbolicname javax.measure.unit-api Medium Vendor Manifest implementation-url http://unitsofmeasurement.github.io Low Vendor Manifest Implementation-Vendor Unit-API contributors High Vendor Manifest Implementation-Vendor-Id javax.measure Medium Vendor Manifest specification-vendor Jean-Marie Dautelle, Werner Keil, V2COM Low Vendor pom artifactid unit-api Highest Vendor pom artifactid unit-api Low Vendor pom developer email christopher.senior@gmail.com Low Vendor pom developer email eralmas7@yahoo.com Low Vendor pom developer email jean-marie@dautelle.com Low Vendor pom developer email karen.legrand@iem.com Low Vendor pom developer email llima@v2com.mobi Low Vendor pom developer email martin.desruisseaux@geomatys.com Low Vendor pom developer email mohamed.taman@gmail.com Low Vendor pom developer email otaviopolianasantana@gmail.com Low Vendor pom developer email rajmahendra@gmail.com Low Vendor pom developer email werner@uom.technology Low Vendor pom developer id dautelle Medium Vendor pom developer id desruisseaux Medium Vendor pom developer id duckasteroid Medium Vendor pom developer id eralmas7 Medium Vendor pom developer id karen_legrand Medium Vendor pom developer id leomrlima Medium Vendor pom developer id mohamed-taman Medium Vendor pom developer id otaviojava Medium Vendor pom developer id rajmahendra Medium Vendor pom developer id werner.keil Medium Vendor pom developer name Almas Shaikh Medium Vendor pom developer name Chris Senior Medium Vendor pom developer name Jean-Marie Dautelle Medium Vendor pom developer name Karen Legrand Medium Vendor pom developer name Leonardo de Moura Rocha Lima Medium Vendor pom developer name Martin Desruisseaux Medium Vendor pom developer name Mohamed Mahmoud Taman Medium Vendor pom developer name Otávio Gonçalves de Santana Medium Vendor pom developer name Rajmahendra Hegde Medium Vendor pom developer name Werner Keil Medium Vendor pom developer org Airbus Medium Vendor pom developer org Creative Arts & Technologies Medium Vendor pom developer org Geomatys Medium Vendor pom developer org Individual / JP Morgan Medium Vendor pom developer org Individual / Morocco JUG Medium Vendor pom developer org Individual / SouJava Medium Vendor pom developer org Innovation Emergency Management (IEM) Medium Vendor pom developer org JUG Chennai Medium Vendor pom developer org Snap-on Inc. Medium Vendor pom developer org V2COM Medium Vendor pom developer org URL http://www.airbus.com Medium Vendor pom developer org URL http://www.catmedia.us Medium Vendor pom developer org URL http://www.geomatys.com Medium Vendor pom developer org URL http://www.iem.com Medium Vendor pom developer org URL http://www.v2com.mobi/ Medium Vendor pom groupid javax.measure Highest Vendor pom name Units of Measurement API High Vendor pom organization name Jean-Marie Dautelle, Werner Keil, V2COM High Vendor pom organization url http://unitsofmeasurement.github.io Medium Vendor pom url http://unitsofmeasurement.github.io/ Highest Product file name unit-api High Product jar package name javax Highest Product jar package name measure Highest Product jar package name unit Highest Product Manifest bundle-docurl http://unitsofmeasurement.github.io Low Product Manifest Bundle-Name Units of Measurement API Medium Product Manifest bundle-symbolicname javax.measure.unit-api Medium Product Manifest Implementation-Title Units of Measurement API High Product Manifest implementation-url http://unitsofmeasurement.github.io Low Product Manifest specification-title Units of Measurement API Medium Product pom artifactid unit-api Highest Product pom developer email christopher.senior@gmail.com Low Product pom developer email eralmas7@yahoo.com Low Product pom developer email jean-marie@dautelle.com Low Product pom developer email karen.legrand@iem.com Low Product pom developer email llima@v2com.mobi Low Product pom developer email martin.desruisseaux@geomatys.com Low Product pom developer email mohamed.taman@gmail.com Low Product pom developer email otaviopolianasantana@gmail.com Low Product pom developer email rajmahendra@gmail.com Low Product pom developer email werner@uom.technology Low Product pom developer id dautelle Low Product pom developer id desruisseaux Low Product pom developer id duckasteroid Low Product pom developer id eralmas7 Low Product pom developer id karen_legrand Low Product pom developer id leomrlima Low Product pom developer id mohamed-taman Low Product pom developer id otaviojava Low Product pom developer id rajmahendra Low Product pom developer id werner.keil Low Product pom developer name Almas Shaikh Low Product pom developer name Chris Senior Low Product pom developer name Jean-Marie Dautelle Low Product pom developer name Karen Legrand Low Product pom developer name Leonardo de Moura Rocha Lima Low Product pom developer name Martin Desruisseaux Low Product pom developer name Mohamed Mahmoud Taman Low Product pom developer name Otávio Gonçalves de Santana Low Product pom developer name Rajmahendra Hegde Low Product pom developer name Werner Keil Low Product pom developer org Airbus Low Product pom developer org Creative Arts & Technologies Low Product pom developer org Geomatys Low Product pom developer org Individual / JP Morgan Low Product pom developer org Individual / Morocco JUG Low Product pom developer org Individual / SouJava Low Product pom developer org Innovation Emergency Management (IEM) Low Product pom developer org JUG Chennai Low Product pom developer org Snap-on Inc. Low Product pom developer org V2COM Low Product pom developer org URL http://www.airbus.com Low Product pom developer org URL http://www.catmedia.us Low Product pom developer org URL http://www.geomatys.com Low Product pom developer org URL http://www.iem.com Low Product pom developer org URL http://www.v2com.mobi/ Low Product pom groupid javax.measure Highest Product pom name Units of Measurement API High Product pom organization name Jean-Marie Dautelle, Werner Keil, V2COM Low Product pom organization url http://unitsofmeasurement.github.io Low Product pom url http://unitsofmeasurement.github.io/ Medium Version file version 1.0 High Version Manifest Implementation-Version 1.0 High Version pom version 1.0 Highest
universalify:0.1.2Description:
Make a callback- or promise-based function support both promises and callbacks. License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/universalify:0.1.2
Referenced In Projects/Scopes: simplicite-js:5.2.54/fs-extra:8.1.0 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author Ryan Zimmerman <opensrc@ryanzim.com> Highest Vendor package.json bugs https://github.com/RyanZim/universalify/issues Highest Vendor package.json description Make a callback- or promise-based function support both promises and callbacks. Highest Vendor package.json homepage https://github.com/RyanZim/universalify#readme Highest Vendor package.json name universalify Highest Vendor package.json name universalify_project Highest Product package.json name universalify Highest Version package.json version 0.1.2 Highest
Related Dependencies universalify:0.1.2File Path: /var/simplicite/simplicite-5.2/package-lock.json?fs-extra:8.1.0/universalify:^0.1.0 pkg:npm/universalify@0.1.2 untildify:4.0.0Description:
Convert a tilde path to an absolute path: `~/dev` → `/Users/sindresorhus/dev` License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/untildify:4.0.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/npm-check-updates:16.14.14 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author.email sindresorhus@gmail.com Highest Vendor package.json author.name Sindre Sorhus Highest Vendor package.json author.url sindresorhus.com Highest Vendor package.json description Convert a tilde path to an absolute path: `~/dev` → `/Users/sindresorhus/dev` Highest Vendor package.json name untildify Highest Vendor package.json name untildify_project Highest Product package.json name untildify Highest Version package.json version 4.0.0 Highest
Related Dependencies untildify:4.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?npm-check-updates:16.14.14/untildify:^4.0.0 pkg:npm/untildify@4.0.0 update-browserslist-db:1.0.13Description:
CLI tool to update caniuse-lite to refresh target browsers from Browserslist config License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/update-browserslist-db:1.0.13
Referenced In Projects/Scopes: simplicite-js:5.2.54/browserslist:4.22.3 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author Andrey Sitnik <andrey@sitnik.ru> Highest Vendor package.json description CLI tool to update caniuse-lite to refresh target browsers from Browserslist config Highest Vendor package.json name update-browserslist-db Highest Vendor package.json name update-browserslist-db_project Highest Product package.json name update-browserslist-db Highest Version package.json version 1.0.13 Highest
Related Dependencies update-browserslist-db:1.0.13File Path: /var/simplicite/simplicite-5.2/package-lock.json?browserslist:4.22.3/update-browserslist-db:^1.0.13 pkg:npm/update-browserslist-db@1.0.13 update-notifier:4.1.3Description:
Update notifications for your CLI app License:
BSD-2-Clause File Path: /var/simplicite/simplicite-5.2/package-lock.json?/update-notifier:4.1.3
Referenced In Projects/Scopes: simplicite-js:5.2.54/npm-audit-html:1.5.0 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author.email sindresorhus@gmail.com Highest Vendor package.json author.name Sindre Sorhus Highest Vendor package.json author.url https://sindresorhus.com Highest Vendor package.json description Update notifications for your CLI app Highest Vendor package.json name update-notifier Highest Vendor package.json name update-notifier_project Highest Product package.json name update-notifier Highest Version package.json version 4.1.3 Highest
Related Dependencies update-notifier:4.1.3File Path: /var/simplicite/simplicite-5.2/package-lock.json?npm-audit-html:1.5.0/update-notifier:^4.1.3 pkg:npm/update-notifier@4.1.3 update-notifier:5.1.0Description:
Update notifications for your CLI app License:
BSD-2-Clause File Path: /var/simplicite/simplicite-5.2/package-lock.json?/update-notifier:5.1.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/npm-check:6.0.1 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author.email sindresorhus@gmail.com Highest Vendor package.json author.name Sindre Sorhus Highest Vendor package.json author.url https://sindresorhus.com Highest Vendor package.json description Update notifications for your CLI app Highest Vendor package.json name update-notifier Highest Vendor package.json name update-notifier_project Highest Product package.json name update-notifier Highest Version package.json version 5.1.0 Highest
Related Dependencies update-notifier:5.1.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?npm-check:6.0.1/update-notifier:^5.1.0 pkg:npm/update-notifier@5.1.0 update-notifier:6.0.2Description:
Update notifications for your CLI app License:
BSD-2-Clause File Path: /var/simplicite/simplicite-5.2/package-lock.json?/update-notifier:6.0.2
Referenced In Projects/Scopes: simplicite-js:5.2.54/npm-check-updates:16.14.14 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author.email sindresorhus@gmail.com Highest Vendor package.json author.name Sindre Sorhus Highest Vendor package.json author.url https://sindresorhus.com Highest Vendor package.json description Update notifications for your CLI app Highest Vendor package.json name update-notifier Highest Vendor package.json name update-notifier_project Highest Product package.json name update-notifier Highest Version package.json version 6.0.2 Highest
Related Dependencies update-notifier:6.0.2File Path: /var/simplicite/simplicite-5.2/package-lock.json?npm-check-updates:16.14.14/update-notifier:^6.0.2 pkg:npm/update-notifier@6.0.2 upper-case-first:2.0.2Description:
Transforms the string with the first character in upper cased License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/upper-case-first:2.0.2
Referenced In Projects/Scopes: simplicite-js:5.2.54/sentence-case:3.0.4 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author.email hello@blakeembrey.com Highest Vendor package.json author.name Blake Embrey Highest Vendor package.json author.url http://blakeembrey.me Highest Vendor package.json bugs.url https://github.com/blakeembrey/change-case/issues Highest Vendor package.json description Transforms the string with the first character in upper cased Highest Vendor package.json homepage https://github.com/blakeembrey/change-case/tree/master/packages/upper-case-first#readme Highest Vendor package.json name upper-case-first Highest Vendor package.json name upper-case-first_project Highest Product package.json name upper-case-first Highest Version package.json version 2.0.2 Highest
Related Dependencies upper-case-first:2.0.2File Path: /var/simplicite/simplicite-5.2/package-lock.json?sentence-case:3.0.4/upper-case-first:^2.0.2 pkg:npm/upper-case-first@2.0.2 uri-js:4.4.1Description:
An RFC 3986/3987 compliant, scheme extendable URI/IRI parsing/validating/resolving library for JavaScript. License:
BSD-2-Clause File Path: /var/simplicite/simplicite-5.2/package-lock.json?/uri-js:4.4.1
Referenced In Projects/Scopes: simplicite-js:5.2.54/ajv:8.12.0 simplicite-js:5.2.54 simplicite-js:5.2.54/ajv:6.12.6 Evidence Type Source Name Value Confidence Vendor package.json author Gary Court <gary.court@gmail.com> Highest Vendor package.json bugs.url https://github.com/garycourt/uri-js/issues Highest Vendor package.json description An RFC 3986/3987 compliant, scheme extendable URI/IRI parsing/validating/resolving library for JavaScript. Highest Vendor package.json homepage https://github.com/garycourt/uri-js Highest Vendor package.json name uri-js Highest Vendor package.json name uri-js_project Highest Product package.json name uri-js Highest Version package.json version 4.4.1 Highest
Related Dependencies uri-js:4.4.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?ajv:6.12.6/uri-js:^4.2.2 pkg:npm/uri-js@4.4.1 uri-js:4.4.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?ajv:8.12.0/uri-js:^4.2.2 pkg:npm/uri-js@4.4.1 url-parse-lax:3.0.0Description:
Lax url.parse() with support for protocol-less URLs & IPs License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/url-parse-lax:3.0.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/got:9.6.0 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author.email sindresorhus@gmail.com Highest Vendor package.json author.name Sindre Sorhus Highest Vendor package.json author.url sindresorhus.com Highest Vendor package.json description Lax url.parse() with support for protocol-less URLs & IPs Highest Vendor package.json name url-parse-lax Highest Vendor package.json name url-parse-lax_project Highest Product package.json name url-parse-lax Highest Version package.json version 3.0.0 Highest
Related Dependencies url-parse-lax:3.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?got:9.6.0/url-parse-lax:^3.0.0 pkg:npm/url-parse-lax@3.0.0 util-deprecate:1.0.2Description:
The Node.js `util.deprecate()` function with browser support License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/util-deprecate:1.0.2
Referenced In Projects/Scopes: simplicite-js:5.2.54/postcss-selector-parser:6.0.13 simplicite-js:5.2.54/readable-stream:2.3.8 simplicite-js:5.2.54/readable-stream:3.6.2 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author Nathan Rajlich <nathan@tootallnate.net> (http://n8.io/) Highest Vendor package.json bugs.url https://github.com/TooTallNate/util-deprecate/issues Highest Vendor package.json description The Node.js `util.deprecate()` function with browser support Highest Vendor package.json homepage https://github.com/TooTallNate/util-deprecate Highest Vendor package.json name util-deprecate Highest Vendor package.json name util-deprecate_project Highest Product package.json name util-deprecate Highest Version package.json version 1.0.2 Highest
Related Dependencies util-deprecate:1.0.2File Path: /var/simplicite/simplicite-5.2/package-lock.json?postcss-selector-parser:6.0.13/util-deprecate:^1.0.2 pkg:npm/util-deprecate@1.0.2 util-deprecate:1.0.2File Path: /var/simplicite/simplicite-5.2/package-lock.json?readable-stream:2.3.8/util-deprecate:~1.0.1 pkg:npm/util-deprecate@1.0.2 util-deprecate:1.0.2File Path: /var/simplicite/simplicite-5.2/package-lock.json?readable-stream:3.6.2/util-deprecate:^1.0.1 pkg:npm/util-deprecate@1.0.2 v8-compile-cache:2.3.0Description:
Require hook for automatic V8 compile cache persistence License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/v8-compile-cache:2.3.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/stylelint:14.16.1 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author Andres Suarez <zertosh@gmail.com> Highest Vendor package.json description Require hook for automatic V8 compile cache persistence Highest Vendor package.json name v8-compile-cache Highest Vendor package.json name v8-compile-cache_project Highest Product package.json name v8-compile-cache Highest Version package.json version 2.3.0 Highest
Related Dependencies v8-compile-cache:2.3.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?stylelint:14.16.1/v8-compile-cache:^2.3.0 pkg:npm/v8-compile-cache@2.3.0 v8flags:3.2.0Description:
Get available v8 and Node.js flags. License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/v8flags:3.2.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/@babel/node:7.23.9 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author Gulp Team <team@gulpjs.com> (http://gulpjs.com/) Highest Vendor package.json description Get available v8 and Node.js flags. Highest Vendor package.json name v8flags Highest Vendor package.json name v8flags_project Highest Product package.json name v8flags Highest Version package.json version 3.2.0 Highest
Related Dependencies v8flags:3.2.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/node:7.23.9/v8flags:^3.1.1 pkg:npm/v8flags@3.2.0 validate-npm-package-license:3.0.4Description:
Give me a string and I'll tell you if it's a valid npm package license string License:
Apache-2.0 File Path: /var/simplicite/simplicite-5.2/package-lock.json?/validate-npm-package-license:3.0.4
Referenced In Projects/Scopes: simplicite-js:5.2.54/normalize-package-data:3.0.3 simplicite-js:5.2.54/normalize-package-data:2.5.0 simplicite-js:5.2.54 simplicite-js:5.2.54/normalize-package-data:5.0.0 Evidence Type Source Name Value Confidence Vendor package.json author Kyle E. Mitchell <kyle@kemitchell.com> (https://kemitchell.com) Highest Vendor package.json description Give me a string and I'll tell you if it's a valid npm package license string Highest Vendor package.json name validate-npm-package-license Highest Vendor package.json name validate-npm-package-license_project Highest Product package.json name validate-npm-package-license Highest Version package.json version 3.0.4 Highest
Related Dependencies validate-npm-package-license:3.0.4File Path: /var/simplicite/simplicite-5.2/package-lock.json?normalize-package-data:2.5.0/validate-npm-package-license:^3.0.1 pkg:npm/validate-npm-package-license@3.0.4 validate-npm-package-license:3.0.4File Path: /var/simplicite/simplicite-5.2/package-lock.json?normalize-package-data:3.0.3/validate-npm-package-license:^3.0.1 pkg:npm/validate-npm-package-license@3.0.4 validate-npm-package-license:3.0.4File Path: /var/simplicite/simplicite-5.2/package-lock.json?normalize-package-data:5.0.0/validate-npm-package-license:^3.0.4 pkg:npm/validate-npm-package-license@3.0.4 validate-npm-package-name:5.0.0Description:
Give me a string and I'll tell you if it's a valid npm package name License:
ISC File Path: /var/simplicite/simplicite-5.2/package-lock.json?/validate-npm-package-name:5.0.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/npm-package-arg:10.1.0 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author GitHub Inc. Highest Vendor package.json bugs.url https://github.com/npm/validate-npm-package-name/issues Highest Vendor package.json description Give me a string and I'll tell you if it's a valid npm package name Highest Vendor package.json homepage https://github.com/npm/validate-npm-package-name Highest Vendor package.json name validate-npm-package-name Highest Vendor package.json name validate-npm-package-name_project Highest Product package.json name validate-npm-package-name Highest Version package.json version 5.0.0 Highest
Related Dependencies validate-npm-package-name:5.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?npm-package-arg:10.1.0/validate-npm-package-name:^5.0.0 pkg:npm/validate-npm-package-name@5.0.0 visit-values:2.0.0Description:
visit all the children of a javascript object License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/visit-values:2.0.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/license-report:6.5.0 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author Yaniv Kessler Highest Vendor package.json bugs.url https://github.com/kessler/node-visit-values/issues Highest Vendor package.json description visit all the children of a javascript object Highest Vendor package.json homepage https://github.com/kessler/node-visit-values Highest Vendor package.json name visit-values Highest Vendor package.json name visit-values_project Highest Product package.json name visit-values Highest Version package.json version 2.0.0 Highest
Related Dependencies visit-values:2.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?license-report:6.5.0/visit-values:^2.0.0 pkg:npm/visit-values@2.0.0 vorbis-java-core-0.8.jarFile Path: /var/simplicite/.m2/repository/org/gagravarr/vorbis-java-core/0.8/vorbis-java-core-0.8.jarMD5: 71b623b57f56daf112bddb3337ee896dSHA1: 7e9937c2575cda2e3fc116415117c74f23e43fa6SHA256: 879bb0c8923fea686609e207fd9050ab246e001868341c725929405e755cf68eReferenced In Project/Scope: Simplicite Platform:compilevorbis-java-core-0.8.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.apache.tika/tika-parsers@1.27
Evidence Type Source Name Value Confidence Vendor file name vorbis-java-core High Vendor jar package name gagravarr Highest Vendor jar package name gagravarr Low Vendor jar package name ogg Highest Vendor jar package name vorbis Highest Vendor pom artifactid vorbis-java-core Highest Vendor pom artifactid vorbis-java-core Low Vendor pom groupid org.gagravarr Highest Vendor pom name Ogg and Vorbis for Java, Core High Vendor pom parent-artifactid vorbis-java-parent Low Vendor pom url Gagravarr/VorbisJava Highest Product file name vorbis-java-core High Product jar package name gagravarr Highest Product jar package name ogg Highest Product jar package name vorbis Highest Product pom artifactid vorbis-java-core Highest Product pom groupid org.gagravarr Highest Product pom name Ogg and Vorbis for Java, Core High Product pom parent-artifactid vorbis-java-parent Medium Product pom url Gagravarr/VorbisJava High Version file version 0.8 High Version pom version 0.8 Highest
vorbis-java-tika-0.8.jarFile Path: /var/simplicite/.m2/repository/org/gagravarr/vorbis-java-tika/0.8/vorbis-java-tika-0.8.jarMD5: 85c7b34d5f94e66bf0c79f5d673db750SHA1: 4ddbb27ac5884a0f0398a63d46a89d3bc87dc457SHA256: a1b62281a99aec10dc69db1d2f8250952dca5841eedf1167b6b6f9585e2d0d26Referenced In Project/Scope: Simplicite Platform:compilevorbis-java-tika-0.8.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.apache.tika/tika-parsers@1.27
Evidence Type Source Name Value Confidence Vendor file name vorbis-java-tika High Vendor jar package name gagravarr Highest Vendor jar package name gagravarr Low Vendor jar package name tika Highest Vendor jar package name tika Low Vendor pom artifactid vorbis-java-tika Highest Vendor pom artifactid vorbis-java-tika Low Vendor pom groupid org.gagravarr Highest Vendor pom name Apache Tika plugin for Ogg, Vorbis and FLAC High Vendor pom parent-artifactid vorbis-java-parent Low Vendor pom url Gagravarr/VorbisJava Highest Product file name vorbis-java-tika High Product jar package name gagravarr Highest Product jar package name tika Highest Product jar package name tika Low Product pom artifactid vorbis-java-tika Highest Product pom groupid org.gagravarr Highest Product pom name Apache Tika plugin for Ogg, Vorbis and FLAC High Product pom parent-artifactid vorbis-java-parent Medium Product pom url Gagravarr/VorbisJava High Version file version 0.8 High Version pom version 0.8 Highest
vue:2.6.14Description:
Reactive, component-oriented view layer for modern web interfaces. License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/vue:2.6.14
Referenced In Project/Scope: simplicite-js:5.2.54
Evidence Type Source Name Value Confidence Vendor package.json author Evan You Highest Vendor package.json bugs.url https://github.com/vuejs/vue/issues Highest Vendor package.json description Reactive, component-oriented view layer for modern web interfaces. Highest Vendor package.json homepage https://github.com/vuejs/vue#readme Highest Vendor package.json name vue Highest Vendor package.json name vue_project Highest Product package.json name vue Highest Version package.json version 2.6.14 Highest
wcwidth:1.0.1Description:
Port of C's wcwidth() and wcswidth() License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/wcwidth:1.0.1
Referenced In Projects/Scopes: simplicite-js:5.2.54/ora:5.4.1 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author Tim Oxley Highest Vendor package.json bugs.url https://github.com/timoxley/wcwidth/issues Highest Vendor package.json description Port of C's wcwidth() and wcswidth() Highest Vendor package.json homepage https://github.com/timoxley/wcwidth#readme Highest Vendor package.json name wcwidth Highest Vendor package.json name wcwidth_project Highest Product package.json name wcwidth Highest Version package.json version 1.0.1 Highest
Related Dependencies wcwidth:1.0.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?ora:5.4.1/wcwidth:^1.0.1 pkg:npm/wcwidth@1.0.1 which-boxed-primitive:1.0.2Description:
Which kind of boxed JS primitive is this? License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/which-boxed-primitive:1.0.2
Referenced In Projects/Scopes: simplicite-js:5.2.54/unbox-primitive:1.0.2 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author Jordan Harband <ljharb@gmail.com> Highest Vendor package.json bugs.url https://github.com/inspect-js/which-boxed-primitive/issues Highest Vendor package.json description Which kind of boxed JS primitive is this? Highest Vendor package.json homepage https://github.com/inspect-js/which-boxed-primitive#readme Highest Vendor package.json name which-boxed-primitive Highest Vendor package.json name which-boxed-primitive_project Highest Product package.json name which-boxed-primitive Highest Version package.json version 1.0.2 Highest
Related Dependencies which-boxed-primitive:1.0.2File Path: /var/simplicite/simplicite-5.2/package-lock.json?unbox-primitive:1.0.2/which-boxed-primitive:^1.0.2 pkg:npm/which-boxed-primitive@1.0.2 which-pm:2.0.0Description:
Detects what package manager was used for installation License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/which-pm:2.0.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/preferred-pm:3.0.3 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author Zoltan Kochan Highest Vendor package.json bugs.url https://github.com/zkochan/packages/labels/package%3A%20which-pm Highest Vendor package.json description Detects what package manager was used for installation Highest Vendor package.json name which-pm Highest Vendor package.json name which-pm_project Highest Product package.json name which-pm Highest Version package.json version 2.0.0 Highest
Related Dependencies which-pm:2.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?preferred-pm:3.0.3/which-pm:2.0.0 pkg:npm/which-pm@2.0.0 which-typed-array:1.1.9Description:
Which kind of Typed Array is this JavaScript value? Works cross-realm, without `instanceof`, and despite Symbol.toStringTag. License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/which-typed-array:1.1.9
Referenced In Projects/Scopes: simplicite-js:5.2.54/es-abstract:1.21.2 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author.email ljharb@gmail.com Highest Vendor package.json author.name Jordan Harband Highest Vendor package.json author.url http://ljharb.codes Highest Vendor package.json description Which kind of Typed Array is this JavaScript value? Works cross-realm, without `instanceof`, and despite Symbol.toStringTag. Highest Vendor package.json name which-typed-array Highest Vendor package.json name which-typed-array_project Highest Product package.json name which-typed-array Highest Version package.json version 1.1.9 Highest
Related Dependencies which-typed-array:1.1.9File Path: /var/simplicite/simplicite-5.2/package-lock.json?es-abstract:1.21.2/which-typed-array:^1.1.9 pkg:npm/which-typed-array@1.1.9 which:1.3.1Description:
Like which(1) unix command. Find the first instance of an executable in the PATH. License:
ISC File Path: /var/simplicite/simplicite-5.2/package-lock.json?/which:1.3.1
Referenced In Projects/Scopes: simplicite-js:5.2.54 simplicite-js:5.2.54/global-prefix:3.0.0 Evidence Type Source Name Value Confidence Vendor package.json author Isaac Z. Schlueter <i@izs.me> (http://blog.izs.me) Highest Vendor package.json description Like which(1) unix command. Find the first instance of an executable in the PATH. Highest Vendor package.json name which Highest Vendor package.json name which_project Highest Product package.json name which Highest Version package.json version 1.3.1 Highest
Related Dependencies which:1.3.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?global-prefix:3.0.0/which:^1.3.1 pkg:npm/which@1.3.1 which:2.0.2Description:
Like which(1) unix command. Find the first instance of an executable in the PATH. License:
ISC File Path: /var/simplicite/simplicite-5.2/package-lock.json?/which:2.0.2
Referenced In Projects/Scopes: simplicite-js:5.2.54/node-gyp:9.4.0 simplicite-js:5.2.54/cross-spawn:7.0.3 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author Isaac Z. Schlueter <i@izs.me> (http://blog.izs.me) Highest Vendor package.json description Like which(1) unix command. Find the first instance of an executable in the PATH. Highest Vendor package.json name which Highest Vendor package.json name which_project Highest Product package.json name which Highest Version package.json version 2.0.2 Highest
Related Dependencies which:2.0.2File Path: /var/simplicite/simplicite-5.2/package-lock.json?cross-spawn:7.0.3/which:^2.0.1 pkg:npm/which@2.0.2 which:2.0.2File Path: /var/simplicite/simplicite-5.2/package-lock.json?node-gyp:9.4.0/which:^2.0.2 pkg:npm/which@2.0.2 which:3.0.1Description:
Like which(1) unix command. Find the first instance of an executable in the PATH. License:
ISC File Path: /var/simplicite/simplicite-5.2/package-lock.json?/which:3.0.1
Referenced In Projects/Scopes: simplicite-js:5.2.54/@npmcli/run-script:6.0.2 simplicite-js:5.2.54 simplicite-js:5.2.54/@npmcli/promise-spawn:6.0.2 simplicite-js:5.2.54/@npmcli/git:4.1.0 Evidence Type Source Name Value Confidence Vendor package.json author GitHub Inc. Highest Vendor package.json description Like which(1) unix command. Find the first instance of an executable in the PATH. Highest Vendor package.json name which Highest Vendor package.json name which_project Highest Product package.json name which Highest Version package.json version 3.0.1 Highest
Related Dependencies which:3.0.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?@npmcli/git:4.1.0/which:^3.0.0 pkg:npm/which@3.0.1 which:3.0.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?@npmcli/promise-spawn:6.0.2/which:^3.0.0 pkg:npm/which@3.0.1 which:3.0.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?@npmcli/run-script:6.0.2/which:^3.0.0 pkg:npm/which@3.0.1 wide-align:1.1.5Description:
A wide-character aware text alignment function for use on the console or with fixed width fonts. License:
ISC File Path: /var/simplicite/simplicite-5.2/package-lock.json?/wide-align:1.1.5
Referenced In Projects/Scopes: simplicite-js:5.2.54/gauge:4.0.4 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author Rebecca Turner <me@re-becca.org> (http://re-becca.org/) Highest Vendor package.json description A wide-character aware text alignment function for use on the console or with fixed width fonts. Highest Vendor package.json name wide-align Highest Vendor package.json name wide-align_project Highest Product package.json name wide-align Highest Version package.json version 1.1.5 Highest
Related Dependencies wide-align:1.1.5File Path: /var/simplicite/simplicite-5.2/package-lock.json?gauge:4.0.4/wide-align:^1.1.5 pkg:npm/wide-align@1.1.5 widest-line:3.1.0Description:
Get the visual width of the widest line in a string - the number of columns required to display it License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/widest-line:3.1.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/boxen:5.1.2 simplicite-js:5.2.54/boxen:4.2.0 simplicite-js:5.2.54/boxen:7.1.0 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author.email sindresorhus@gmail.com Highest Vendor package.json author.name Sindre Sorhus Highest Vendor package.json author.url sindresorhus.com Highest Vendor package.json description Get the visual width of the widest line in a string - the number of columns required to display it Highest Vendor package.json name widest-line Highest Vendor package.json name widest-line_project Highest Product package.json name widest-line Highest Version package.json version 3.1.0 Highest
Related Dependencies widest-line:3.1.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?boxen:4.2.0/widest-line:^3.1.0 pkg:npm/widest-line@3.1.0 widest-line:3.1.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?boxen:5.1.2/widest-line:^3.1.0 pkg:npm/widest-line@3.1.0 widest-line:3.1.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?boxen:7.1.0/widest-line:^4.0.1 pkg:npm/widest-line@3.1.0 widest-line:4.0.1Description:
Get the visual width of the widest line in a string - the number of columns required to display it License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/widest-line:4.0.1
Referenced In Project/Scope: simplicite-js:5.2.54
Evidence Type Source Name Value Confidence Vendor package.json author.email sindresorhus@gmail.com Highest Vendor package.json author.name Sindre Sorhus Highest Vendor package.json author.url https://sindresorhus.com Highest Vendor package.json description Get the visual width of the widest line in a string - the number of columns required to display it Highest Vendor package.json name widest-line Highest Vendor package.json name widest-line_project Highest Product package.json name widest-line Highest Version package.json version 4.0.1 Highest
wmf2svg-0.9.8.jarDescription:
WMF to SVG Converting Tool & Library License:
The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /var/simplicite/.m2/repository/net/arnx/wmf2svg/0.9.8/wmf2svg-0.9.8.jar
MD5: 34b920f0aa840b1792702d253c2c58b7
SHA1: 365614a3ee72ec475d9032f906d37b753fbe2bfa
SHA256: c7f136558140c3fbe9410199ca509895faad4fa79bdc185e72a868f1c2819b4a
Referenced In Project/Scope: Simplicite Platform:compile
wmf2svg-0.9.8.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.docx4j/docx4j-core@11.2.9
Evidence Type Source Name Value Confidence Vendor file name wmf2svg High Vendor jar package name arnx Highest Vendor jar package name arnx Low Vendor jar package name net Highest Vendor jar package name net Low Vendor jar package name wmf2svg Highest Vendor jar package name wmf2svg Low Vendor pom artifactid wmf2svg Highest Vendor pom artifactid wmf2svg Low Vendor pom developer email hidekatsu.izuno@gmail.com Low Vendor pom developer id hidekatsu.izuno Medium Vendor pom developer name Hidekatsu Izuno Medium Vendor pom groupid net.arnx Highest Vendor pom name wmf2svg High Vendor pom url http://wmf2svg.sourceforge.jp/ Highest Product file name wmf2svg High Product jar package name arnx Highest Product jar package name arnx Low Product jar package name gdi Low Product jar package name net Highest Product jar package name wmf2svg Highest Product jar package name wmf2svg Low Product pom artifactid wmf2svg Highest Product pom developer email hidekatsu.izuno@gmail.com Low Product pom developer id hidekatsu.izuno Low Product pom developer name Hidekatsu Izuno Low Product pom groupid net.arnx Highest Product pom name wmf2svg High Product pom url http://wmf2svg.sourceforge.jp/ Medium Version file version 0.9.8 High Version pom version 0.9.8 Highest
woodstox-core-6.2.4.jar (shaded: com.sun.xml.bind.jaxb:isorelax:20090621)Description:
Unknown version of isorelax library used in JAXB project File Path: /var/simplicite/.m2/repository/com/fasterxml/woodstox/woodstox-core/6.2.4/woodstox-core-6.2.4.jar/META-INF/maven/com.sun.xml.bind.jaxb/isorelax/pom.xmlMD5: 6fbb4bc95fbf2072bc6e3b790553fe81SHA1: 314ec72948d5c1fc71d553cbbd7a130caa6f9f13SHA256: cda6451d0231a973352b592ff950e39224ba6ba1a2f35eeab66511b5c225dff1Referenced In Project/Scope: Simplicite Platform:compile
Evidence Type Source Name Value Confidence Vendor pom artifactid isorelax Low Vendor pom groupid com.sun.xml.bind.jaxb Highest Vendor pom name JAXB isorelax library High Vendor pom parent-artifactid jvnet-parent Low Vendor pom parent-groupid net.java Medium Product pom artifactid isorelax Highest Product pom groupid com.sun.xml.bind.jaxb Highest Product pom name JAXB isorelax library High Product pom parent-artifactid jvnet-parent Medium Product pom parent-groupid net.java Medium Version pom parent-version 20090621 Low Version pom version 20090621 Highest
woodstox-core-6.2.4.jar (shaded: net.java.dev.msv:xsdlib:2013.6.1)Description:
XML Schema datatypes library File Path: /var/simplicite/.m2/repository/com/fasterxml/woodstox/woodstox-core/6.2.4/woodstox-core-6.2.4.jar/META-INF/maven/net.java.dev.msv/xsdlib/pom.xmlMD5: aaf872ed9d1aabee25e03c2a132ffd8eSHA1: 47f218a999411ed028f089d59ebef8f14e0fe914SHA256: d6e83c124436049d83238fc532a26c5d8ccd7e4ab10eba6d96043c850ac82f3cReferenced In Project/Scope: Simplicite Platform:compile
Evidence Type Source Name Value Confidence Vendor pom artifactid xsdlib Low Vendor pom groupid net.java.dev.msv Highest Vendor pom name MSV XML Schema Library High Vendor pom parent-artifactid msv Low Product pom artifactid xsdlib Highest Product pom groupid net.java.dev.msv Highest Product pom name MSV XML Schema Library High Product pom parent-artifactid msv Medium Version pom version 2013.6.1 Highest
woodstox-core-6.2.4.jarDescription:
Woodstox is a high-performance XML processor that implements Stax (JSR-173),
SAX2 and Stax2 APIs
License:
The Apache License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /var/simplicite/.m2/repository/com/fasterxml/woodstox/woodstox-core/6.2.4/woodstox-core-6.2.4.jar
MD5: c72181f3fb82bda9aa724e6b0fed3395
SHA1: 16b9f8ab972e67eb21872ea2c40046249d543989
SHA256: 5fa734d5050f097405a801022d09377bbc81e811ef9a17cd0279ed3279f495a5
Referenced In Project/Scope: Simplicite Platform:compile
woodstox-core-6.2.4.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.fasterxml.jackson.jaxrs/jackson-jaxrs-xml-provider@2.12.4
Evidence Type Source Name Value Confidence Vendor file name woodstox-core High Vendor jar package name stax Highest Vendor Manifest build-jdk-spec 1.8 Low Vendor Manifest bundle-docurl https://github.com/FasterXML/woodstox Low Vendor Manifest bundle-symbolicname com.fasterxml.woodstox.woodstox-core Medium Vendor Manifest implementation-build-date 2021-02-11 23:00:41+0000 Low Vendor Manifest Implementation-Vendor FasterXML High Vendor Manifest Implementation-Vendor-Id com.fasterxml.woodstox Medium Vendor Manifest specification-vendor FasterXML Low Vendor pom artifactid woodstox-core Highest Vendor pom artifactid woodstox-core Low Vendor pom developer email tatu@fasterxml.com Low Vendor pom developer id cowtowncoder Medium Vendor pom developer name Tatu Saloranta Medium Vendor pom groupid com.fasterxml.woodstox Highest Vendor pom name Woodstox High Vendor pom organization name FasterXML High Vendor pom organization url http://fasterxml.com Medium Vendor pom parent-artifactid oss-parent Low Vendor pom parent-groupid com.fasterxml Medium Vendor pom url FasterXML/woodstox Highest Product file name woodstox-core High Product jar package name stax Highest Product Manifest build-jdk-spec 1.8 Low Product Manifest bundle-docurl https://github.com/FasterXML/woodstox Low Product Manifest Bundle-Name Woodstox Medium Product Manifest bundle-symbolicname com.fasterxml.woodstox.woodstox-core Medium Product Manifest implementation-build-date 2021-02-11 23:00:41+0000 Low Product Manifest Implementation-Title Woodstox High Product Manifest specification-title Woodstox Medium Product pom artifactid woodstox-core Highest Product pom developer email tatu@fasterxml.com Low Product pom developer id cowtowncoder Low Product pom developer name Tatu Saloranta Low Product pom groupid com.fasterxml.woodstox Highest Product pom name Woodstox High Product pom organization name FasterXML Low Product pom organization url http://fasterxml.com Low Product pom parent-artifactid oss-parent Medium Product pom parent-groupid com.fasterxml Medium Product pom url FasterXML/woodstox High Version file version 6.2.4 High Version Manifest Bundle-Version 6.2.4 High Version Manifest Implementation-Version 6.2.4 High Version pom parent-version 6.2.4 Low Version pom version 6.2.4 Highest
CVE-2022-40152 suppress
Those using Woodstox to parse XML data may be vulnerable to Denial of Service attacks (DOS) if DTD support is enabled. If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stackoverflow. This effect may support a denial of service attack. CWE-787 Out-of-bounds Write
CVSSv3:
Base Score: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H References:
Vulnerable Software & Versions: (show all )
wordwrap:1.0.0Description:
Wrap those words. Show them at what columns to start and stop. License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/wordwrap:1.0.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/handlebars:4.7.7 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author.email mail@substack.net Highest Vendor package.json author.name James Halliday Highest Vendor package.json author.url http://substack.net Highest Vendor package.json description Wrap those words. Show them at what columns to start and stop. Highest Vendor package.json name wordwrap Highest Vendor package.json name wordwrap_project Highest Product package.json name wordwrap Highest Version package.json version 1.0.0 Highest
Related Dependencies wordwrap:1.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?handlebars:4.7.7/wordwrap:^1.0.0 pkg:npm/wordwrap@1.0.0 wrap-ansi:7.0.0Description:
Wordwrap a string with ANSI escape codes License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/wrap-ansi:7.0.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/@isaacs/cliui:8.0.2 simplicite-js:5.2.54/cliui:7.0.4 simplicite-js:5.2.54/boxen:5.1.2 simplicite-js:5.2.54/boxen:7.1.0 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author.email sindresorhus@gmail.com Highest Vendor package.json author.name Sindre Sorhus Highest Vendor package.json author.url https://sindresorhus.com Highest Vendor package.json description Wordwrap a string with ANSI escape codes Highest Vendor package.json name wrap-ansi Highest Vendor package.json name wrap-ansi_project Highest Product package.json name wrap-ansi Highest Version package.json version 7.0.0 Highest
Related Dependencies wrap-ansi:7.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?/wrap-ansi-cjs:7.0.0 pkg:npm/wrap-ansi@7.0.0 wrap-ansi:7.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?boxen:5.1.2/wrap-ansi:^7.0.0 pkg:npm/wrap-ansi@7.0.0 wrap-ansi:7.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?boxen:7.1.0/wrap-ansi:^8.1.0 pkg:npm/wrap-ansi@7.0.0 wrap-ansi:7.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?cliui:7.0.4/wrap-ansi:^7.0.0 pkg:npm/wrap-ansi@7.0.0 wrap-ansi:8.1.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?/wrap-ansi:8.1.0 pkg:npm/wrap-ansi@8.1.0 wrap-ansi:8.1.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?@isaacs/cliui:8.0.2/wrap-ansi:^8.1.0 pkg:npm/wrap-ansi@8.1.0 wrap-ansi:8.1.0Description:
Wordwrap a string with ANSI escape codes License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/wrap-ansi:8.1.0
Referenced In Project/Scope: simplicite-js:5.2.54
Evidence Type Source Name Value Confidence Vendor package.json author.email sindresorhus@gmail.com Highest Vendor package.json author.name Sindre Sorhus Highest Vendor package.json author.url https://sindresorhus.com Highest Vendor package.json description Wordwrap a string with ANSI escape codes Highest Vendor package.json name wrap-ansi Highest Vendor package.json name wrap-ansi_project Highest Product package.json name wrap-ansi Highest Version package.json version 8.1.0 Highest
wrappy:1.0.2Description:
Callback wrapping utility License:
ISC File Path: /var/simplicite/simplicite-5.2/package-lock.json?/wrappy:1.0.2
Referenced In Projects/Scopes: simplicite-js:5.2.54/inflight:1.0.6 simplicite-js:5.2.54/once:1.4.0 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author Isaac Z. Schlueter <i@izs.me> (http://blog.izs.me/) Highest Vendor package.json bugs.url https://github.com/npm/wrappy/issues Highest Vendor package.json description Callback wrapping utility Highest Vendor package.json homepage https://github.com/npm/wrappy Highest Vendor package.json name wrappy Highest Vendor package.json name wrappy_project Highest Product package.json name wrappy Highest Version package.json version 1.0.2 Highest
Related Dependencies wrappy:1.0.2File Path: /var/simplicite/simplicite-5.2/package-lock.json?inflight:1.0.6/wrappy:1 pkg:npm/wrappy@1.0.2 wrappy:1.0.2File Path: /var/simplicite/simplicite-5.2/package-lock.json?once:1.4.0/wrappy:1 pkg:npm/wrappy@1.0.2 write-file-atomic:3.0.3Description:
Write files in an atomic fashion w/configurable ownership License:
ISC File Path: /var/simplicite/simplicite-5.2/package-lock.json?/write-file-atomic:3.0.3
Referenced In Project/Scope: simplicite-js:5.2.54
Evidence Type Source Name Value Confidence Vendor package.json author Rebecca Turner <me@re-becca.org> (http://re-becca.org) Highest Vendor package.json bugs.url https://github.com/npm/write-file-atomic/issues Highest Vendor package.json description Write files in an atomic fashion w/configurable ownership Highest Vendor package.json homepage https://github.com/npm/write-file-atomic Highest Vendor package.json name write-file-atomic Highest Vendor package.json name write-file-atomic_project Highest Product package.json name write-file-atomic Highest Version package.json version 3.0.3 Highest
write-file-atomic:4.0.2Description:
Write files in an atomic fashion w/configurable ownership License:
ISC File Path: /var/simplicite/simplicite-5.2/package-lock.json?/write-file-atomic:4.0.2
Referenced In Projects/Scopes: simplicite-js:5.2.54/configstore:6.0.0 simplicite-js:5.2.54/stylelint:14.16.1 simplicite-js:5.2.54 simplicite-js:5.2.54/configstore:5.0.1 Evidence Type Source Name Value Confidence Vendor package.json author GitHub Inc. Highest Vendor package.json author Rebecca Turner <me@re-becca.org> (http://re-becca.org) Highest Vendor package.json bugs.url https://github.com/npm/write-file-atomic/issues Highest Vendor package.json description Write files in an atomic fashion w/configurable ownership Highest Vendor package.json homepage https://github.com/npm/write-file-atomic Highest Vendor package.json name write-file-atomic Highest Vendor package.json name write-file-atomic_project Highest Product package.json name write-file-atomic Highest Version package.json version 4.0.2 Highest
Related Dependencies write-file-atomic:3.0.3File Path: /var/simplicite/simplicite-5.2/package-lock.json?/write-file-atomic:3.0.3 pkg:npm/write-file-atomic@3.0.3 write-file-atomic:3.0.3File Path: /var/simplicite/simplicite-5.2/package-lock.json?configstore:5.0.1/write-file-atomic:^3.0.0 pkg:npm/write-file-atomic@3.0.3 write-file-atomic:4.0.2File Path: /var/simplicite/simplicite-5.2/package-lock.json?configstore:6.0.0/write-file-atomic:^3.0.3 pkg:npm/write-file-atomic@4.0.2 write-file-atomic:4.0.2File Path: /var/simplicite/simplicite-5.2/package-lock.json?stylelint:14.16.1/write-file-atomic:^4.0.2 pkg:npm/write-file-atomic@4.0.2 xalan-2.7.2.jarDescription:
Xalan-Java is an XSLT processor for transforming XML documents into HTML,
text, or other XML document types. It implements XSL Transformations (XSLT)
Version 1.0 and XML Path Language (XPath) Version 1.0 and can be used from
the command line, in an applet or a servlet, or as a module in other program.
File Path: /var/simplicite/.m2/repository/xalan/xalan/2.7.2/xalan-2.7.2.jarMD5: 6aa6607802502c8016b676f25f8e4873SHA1: d55d3f02a56ec4c25695fe67e1334ff8c2ecea23SHA256: a44bd80e82cb0f4cfac0dac8575746223802514e3cec9dc75235bc0de646af14Referenced In Project/Scope: Simplicite Platform:compilexalan-2.7.2.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.simplicite/simplicite@5.2.54
Evidence Type Source Name Value Confidence Vendor file name xalan High Vendor jar package name and Highest Vendor jar package name apache Highest Vendor jar package name processor Highest Vendor jar package name version Highest Vendor jar package name xalan Highest Vendor jar package name xml Highest Vendor jar package name xpath Highest Vendor jar package name xslt Highest Vendor manifest: java_cup/runtime/ Implementation-Vendor Princeton University Medium Vendor manifest: org/apache/bcel/ Implementation-Vendor Apache Software Foundation Medium Vendor manifest: org/apache/regexp/ Implementation-Vendor Apache Software Foundation Medium Vendor manifest: org/apache/xalan/ Implementation-Vendor Apache Software Foundation Medium Vendor manifest: org/apache/xalan/xsltc/ Implementation-Vendor Apache Software Foundation Medium Vendor manifest: org/apache/xml/ Implementation-Vendor Apache Software Foundation Medium Vendor manifest: org/apache/xpath/ Implementation-Vendor Apache Software Foundation Medium Vendor pom artifactid xalan Highest Vendor pom artifactid xalan Low Vendor pom groupid xalan Highest Vendor pom name Xalan Java High Vendor pom parent-artifactid apache Low Vendor pom parent-groupid org.apache Medium Vendor pom url http://xml.apache.org/xalan-j/ Highest Product file name xalan High Product jar package name and Highest Product jar package name apache Highest Product jar package name bcel Highest Product jar package name code Highest Product jar package name expression Highest Product jar package name processor Highest Product jar package name regexp Highest Product jar package name runtime Highest Product jar package name version Highest Product jar package name xalan Highest Product jar package name xml Highest Product jar package name xpath Highest Product jar package name xslt Highest Product jar package name xsltc Highest Product manifest: java_cup/runtime/ Implementation-Title runtime Medium Product manifest: java_cup/runtime/ Specification-Title Runtime component of JCup Medium Product manifest: org/apache/bcel/ Implementation-Title org.apache.bcel Medium Product manifest: org/apache/bcel/ Specification-Title Byte Code Engineering Library Medium Product manifest: org/apache/regexp/ Implementation-Title org.apache.regexp Medium Product manifest: org/apache/regexp/ Specification-Title Java Regular Expression package Medium Product manifest: org/apache/xalan/ Implementation-Title org.apache.xalan Medium Product manifest: org/apache/xalan/ Specification-Title Java API for XML Processing Medium Product manifest: org/apache/xalan/xsltc/ Implementation-Title org.apache.xalan.xsltc Medium Product manifest: org/apache/xalan/xsltc/ Specification-Title Java API for XML Processing Medium Product manifest: org/apache/xml/ Implementation-Title org.apache.xml Medium Product manifest: org/apache/xpath/ Implementation-Title org.apache.xpath Medium Product pom artifactid xalan Highest Product pom groupid xalan Highest Product pom name Xalan Java High Product pom parent-artifactid apache Medium Product pom parent-groupid org.apache Medium Product pom url http://xml.apache.org/xalan-j/ Medium Version file version 2.7.2 High Version manifest: java_cup/runtime/ Implementation-Version 2.7.2 Medium Version manifest: org/apache/bcel/ Implementation-Version 2.7.2 Medium Version manifest: org/apache/regexp/ Implementation-Version 2.7.2 Medium Version manifest: org/apache/xalan/ Implementation-Version 2.7.2 Medium Version manifest: org/apache/xalan/xsltc/ Implementation-Version 2.7.2 Medium Version manifest: org/apache/xml/ Implementation-Version 2.7.2 Medium Version manifest: org/apache/xpath/ Implementation-Version 2.7.2 Medium Version pom parent-version 2.7.2 Low Version pom version 2.7.2 Highest
CVE-2022-34169 suppress
The Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets. This can be used to corrupt Java class files generated by the internal XSLTC compiler and execute arbitrary Java bytecode. Users are recommended to update to version 2.7.3 or later. Note: Java runtimes (such as OpenJDK) include repackaged copies of Xalan. CWE-681 Incorrect Conversion between Numeric Types
CVSSv3:
Base Score: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N References:
Vulnerable Software & Versions: (show all )
xalan-interpretive-11.0.0.jarDescription:
xalan-interpretive License:
Apache 2: http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /var/simplicite/.m2/repository/org/docx4j/org/apache/xalan-interpretive/11.0.0/xalan-interpretive-11.0.0.jar
MD5: fc5a8e36ca1cbe5eb05dbf328e058403
SHA1: 7494b62aced4c3d0ffa259e59c435dc9bd7f07b3
SHA256: badfeb922041262d667363e05bd1cea3947f2ad63dc0f586582ef20ab5a52456
Referenced In Project/Scope: Simplicite Platform:compile
xalan-interpretive-11.0.0.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.docx4j/docx4j-core@11.2.9
Evidence Type Source Name Value Confidence Vendor file name xalan-interpretive High Vendor jar package name apache Highest Vendor jar package name apache Low Vendor jar package name docx4j Highest Vendor jar package name docx4j Low Vendor jar package name org Highest Vendor jar package name org Low Vendor jar package name xalan Highest Vendor pom artifactid xalan-interpretive Highest Vendor pom artifactid xalan-interpretive Low Vendor pom developer email dev@xalan.apache.org Low Vendor pom developer email jason@plutext.org Low Vendor pom developer name Jason Harrop Medium Vendor pom developer name Xalan committers Medium Vendor pom developer org Apache Medium Vendor pom developer org Plutext Medium Vendor pom developer org URL http://people.apache.org/committers-by-project.html#xalan Medium Vendor pom developer org URL http://www.plutext.com Medium Vendor pom groupid org.docx4j.org.apache Highest Vendor pom name xalan-interpretive High Vendor pom url http://xml.apache.org/xalan-j/ Highest Product file name xalan-interpretive High Product jar package name apache Highest Product jar package name apache Low Product jar package name docx4j Highest Product jar package name org Highest Product jar package name org Low Product jar package name xalan Highest Product pom artifactid xalan-interpretive Highest Product pom developer email dev@xalan.apache.org Low Product pom developer email jason@plutext.org Low Product pom developer name Jason Harrop Low Product pom developer name Xalan committers Low Product pom developer org Apache Low Product pom developer org Plutext Low Product pom developer org URL http://people.apache.org/committers-by-project.html#xalan Low Product pom developer org URL http://www.plutext.com Low Product pom groupid org.docx4j.org.apache Highest Product pom name xalan-interpretive High Product pom url http://xml.apache.org/xalan-j/ Medium Version file version 11.0.0 High Version pom version 11.0.0 Highest
xalan-serializer-11.0.0.jarDescription:
xalan-serializer License:
Apache 2: http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /var/simplicite/.m2/repository/org/docx4j/org/apache/xalan-serializer/11.0.0/xalan-serializer-11.0.0.jar
MD5: f21112d50f8c5e067bcb388697cb6af1
SHA1: 7a6b5802bdba3d3b12e935b8a0ae2e020d839cfd
SHA256: ee20541b9180bbd4dc4d55b825e397aefc1545d11d819e4d488012fa76a4b6dc
Referenced In Project/Scope: Simplicite Platform:compile
xalan-serializer-11.0.0.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.docx4j/docx4j-core@11.2.9
Evidence Type Source Name Value Confidence Vendor file name xalan-serializer High Vendor jar package name apache Highest Vendor jar package name apache Low Vendor jar package name docx4j Highest Vendor jar package name docx4j Low Vendor jar package name org Highest Vendor jar package name org Low Vendor pom artifactid xalan-serializer Highest Vendor pom artifactid xalan-serializer Low Vendor pom developer email dev@xalan.apache.org Low Vendor pom developer email jason@plutext.org Low Vendor pom developer name Jason Harrop Medium Vendor pom developer name Xalan committers Medium Vendor pom developer org Apache Medium Vendor pom developer org Plutext Medium Vendor pom developer org URL http://people.apache.org/committers-by-project.html#xalan Medium Vendor pom developer org URL http://www.plutext.com Medium Vendor pom groupid org.docx4j.org.apache Highest Vendor pom name xalan-serializer High Vendor pom url http://xml.apache.org/xalan-j/ Highest Product file name xalan-serializer High Product jar package name apache Highest Product jar package name apache Low Product jar package name docx4j Highest Product jar package name org Highest Product jar package name org Low Product jar package name xml Low Product pom artifactid xalan-serializer Highest Product pom developer email dev@xalan.apache.org Low Product pom developer email jason@plutext.org Low Product pom developer name Jason Harrop Low Product pom developer name Xalan committers Low Product pom developer org Apache Low Product pom developer org Plutext Low Product pom developer org URL http://people.apache.org/committers-by-project.html#xalan Low Product pom developer org URL http://www.plutext.com Low Product pom groupid org.docx4j.org.apache Highest Product pom name xalan-serializer High Product pom url http://xml.apache.org/xalan-j/ Medium Version file version 11.0.0 High Version pom version 11.0.0 Highest
xdg-basedir:4.0.0Description:
Get XDG Base Directory paths License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/xdg-basedir:4.0.0
Referenced In Projects/Scopes: simplicite-js:5.2.54/configstore:6.0.0 simplicite-js:5.2.54/update-notifier:6.0.2 simplicite-js:5.2.54/update-notifier:4.1.3 simplicite-js:5.2.54/update-notifier:5.1.0 simplicite-js:5.2.54 simplicite-js:5.2.54/configstore:5.0.1 Evidence Type Source Name Value Confidence Vendor package.json author.email sindresorhus@gmail.com Highest Vendor package.json author.name Sindre Sorhus Highest Vendor package.json author.url sindresorhus.com Highest Vendor package.json description Get XDG Base Directory paths Highest Vendor package.json name xdg-basedir Highest Vendor package.json name xdg-basedir_project Highest Product package.json name xdg-basedir Highest Version package.json version 4.0.0 Highest
Related Dependencies xdg-basedir:4.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?configstore:5.0.1/xdg-basedir:^4.0.0 pkg:npm/xdg-basedir@4.0.0 xdg-basedir:4.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?configstore:6.0.0/xdg-basedir:^5.0.1 pkg:npm/xdg-basedir@4.0.0 xdg-basedir:4.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?update-notifier:4.1.3/xdg-basedir:^4.0.0 pkg:npm/xdg-basedir@4.0.0 xdg-basedir:4.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?update-notifier:5.1.0/xdg-basedir:^4.0.0 pkg:npm/xdg-basedir@4.0.0 xdg-basedir:4.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?update-notifier:6.0.2/xdg-basedir:^5.1.0 pkg:npm/xdg-basedir@4.0.0 xdg-basedir:5.1.0Description:
Get XDG Base Directory paths License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/xdg-basedir:5.1.0
Referenced In Project/Scope: simplicite-js:5.2.54
Evidence Type Source Name Value Confidence Vendor package.json author.email sindresorhus@gmail.com Highest Vendor package.json author.name Sindre Sorhus Highest Vendor package.json author.url https://sindresorhus.com Highest Vendor package.json description Get XDG Base Directory paths Highest Vendor package.json name xdg-basedir Highest Vendor package.json name xdg-basedir_project Highest Product package.json name xdg-basedir Highest Version package.json version 5.1.0 Highest
xercesImpl-2.12.2.jarDescription:
Xerces2 provides high performance, fully compliant XML parsers in the Apache Xerces family. This new version of Xerces continues to build upon the Xerces Native Interface (XNI), a complete framework for building parser components and configurations that is extremely modular and easy to program.
The Apache Xerces2 parser is the reference implementation of XNI but other parser components, configurations, and parsers can be written using the Xerces Native Interface. For complete design and implementation documents, refer to the XNI Manual.
Xerces2 provides fully conforming XML Schema 1.0 and 1.1 processors. An experimental implementation of the "XML Schema Definition Language (XSD): Component Designators (SCD) Candidate Recommendation (January 2010)" is also provided for evaluation. For more information, refer to the XML Schema page.
Xerces2 also provides a complete implementation of the Document Object Model Level 3 Core and Load/Save W3C Recommendations and provides a complete implementation of the XML Inclusions (XInclude) W3C Recommendation. It also provides support for OASIS XML Catalogs v1.1.
Xerces2 is able to parse documents written according to the XML 1.1 Recommendation, except that it does not yet provide an option to enable normalization checking as described in section 2.13 of this specification. It also handles namespaces according to the XML Namespaces 1.1 Recommendation, and will correctly serialize XML 1.1 documents if the DOM level 3 load/save APIs are in use.
License:
The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /var/simplicite/.m2/repository/xerces/xercesImpl/2.12.2/xercesImpl-2.12.2.jar
MD5: 40e4f2d5aacfbf51a9a1572d77a0e5e9
SHA1: f051f988aa2c9b4d25d05f95742ab0cc3ed789e2
SHA256: 6fc991829af1708d15aea50c66f0beadcd2cfeb6968e0b2f55c1b0909883fe16
Referenced In Project/Scope: Simplicite Platform:compile
xercesImpl-2.12.2.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.simplicite/simplicite@5.2.54
Evidence Type Source Name Value Confidence Vendor file name xercesImpl High Vendor jar package name apache Highest Vendor jar package name dom Highest Vendor jar package name parsers Highest Vendor jar package name serialize Highest Vendor jar package name version Highest Vendor jar package name w3c Highest Vendor jar package name xerces Highest Vendor jar package name xinclude Highest Vendor jar package name xml Highest Vendor jar package name xni Highest Vendor manifest: javax/xml/datatype/ Implementation-Vendor Apache Software Foundation Medium Vendor manifest: javax/xml/namespace/ Implementation-Vendor Apache Software Foundation Medium Vendor manifest: javax/xml/parsers/ Implementation-Vendor Apache Software Foundation Medium Vendor manifest: javax/xml/stream/ Implementation-Vendor Apache Software Foundation Medium Vendor manifest: javax/xml/transform/ Implementation-Vendor Apache Software Foundation Medium Vendor manifest: javax/xml/validation/ Implementation-Vendor Apache Software Foundation Medium Vendor manifest: javax/xml/xpath/ Implementation-Vendor Apache Software Foundation Medium Vendor manifest: org/apache/xerces/impl/ Implementation-Vendor Apache Software Foundation Medium Vendor manifest: org/apache/xerces/xni/ Implementation-Vendor Apache Software Foundation Medium Vendor manifest: org/w3c/dom/ Implementation-Vendor World Wide Web Consortium Medium Vendor manifest: org/w3c/dom/ls/ Implementation-Vendor World Wide Web Consortium Medium Vendor manifest: org/xml/sax/ Implementation-Vendor David Megginson Medium Vendor pom artifactid xercesImpl Highest Vendor pom artifactid xercesImpl Low Vendor pom developer email j-dev@xerces.apache.org Low Vendor pom developer id xerces Medium Vendor pom developer name Apache Software Foundation Medium Vendor pom developer org Apache Software Foundation Medium Vendor pom developer org URL http://www.apache.org Medium Vendor pom groupid xerces Highest Vendor pom name Xerces2-j High Vendor pom url https://xerces.apache.org/xerces2-j/ Highest Product file name xercesImpl High Product hint analyzer product xerces-j Highest Product jar package name apache Highest Product jar package name datatype Highest Product jar package name dom Highest Product jar package name impl Highest Product jar package name parsers Highest Product jar package name serialize Highest Product jar package name validation Highest Product jar package name version Highest Product jar package name w3c Highest Product jar package name xerces Highest Product jar package name xinclude Highest Product jar package name xml Highest Product jar package name xni Highest Product jar package name xpath Highest Product manifest: javax/xml/datatype/ Implementation-Title javax.xml.datatype Medium Product manifest: javax/xml/datatype/ Specification-Title Java API for XML Processing Medium Product manifest: javax/xml/namespace/ Implementation-Title javax.xml.namespace Medium Product manifest: javax/xml/namespace/ Specification-Title Java API for XML Processing Medium Product manifest: javax/xml/parsers/ Implementation-Title javax.xml.parsers Medium Product manifest: javax/xml/parsers/ Specification-Title Java API for XML Processing Medium Product manifest: javax/xml/stream/ Implementation-Title javax.xml.stream Medium Product manifest: javax/xml/stream/ Specification-Title Streaming API for XML Medium Product manifest: javax/xml/transform/ Implementation-Title javax.xml.transform Medium Product manifest: javax/xml/transform/ Specification-Title Java API for XML Processing Medium Product manifest: javax/xml/validation/ Implementation-Title javax.xml.validation Medium Product manifest: javax/xml/validation/ Specification-Title Java API for XML Processing Medium Product manifest: javax/xml/xpath/ Implementation-Title javax.xml.xpath Medium Product manifest: javax/xml/xpath/ Specification-Title Java API for XML Processing Medium Product manifest: org/apache/xerces/impl/ Implementation-Title org.apache.xerces.impl.Version Medium Product manifest: org/apache/xerces/xni/ Implementation-Title org.apache.xerces.xni Medium Product manifest: org/apache/xerces/xni/ Specification-Title Xerces Native Interface Medium Product manifest: org/w3c/dom/ Implementation-Title org.w3c.dom Medium Product manifest: org/w3c/dom/ Specification-Title Document Object Model, Level 3 Core Medium Product manifest: org/w3c/dom/ls/ Implementation-Title org.w3c.dom.ls Medium Product manifest: org/w3c/dom/ls/ Specification-Title Document Object Model, Level 3 Load and Save Medium Product manifest: org/xml/sax/ Implementation-Title org.xml.sax Medium Product manifest: org/xml/sax/ Specification-Title Simple API for XML Medium Product pom artifactid xercesImpl Highest Product pom developer email j-dev@xerces.apache.org Low Product pom developer id xerces Low Product pom developer name Apache Software Foundation Low Product pom developer org Apache Software Foundation Low Product pom developer org URL http://www.apache.org Low Product pom groupid xerces Highest Product pom name Xerces2-j High Product pom url https://xerces.apache.org/xerces2-j/ Medium Version file version 2.12.2 High Version manifest: org/apache/xerces/impl/ Implementation-Version 2.12.2 Medium Version pom version 2.12.2 Highest
pkg:maven/xerces/xercesImpl@2.12.2 (Confidence :High)cpe:2.3:a:apache:xerces-j:2.12.2:*:*:*:*:*:*:* (Confidence :Low) suppress cpe:2.3:a:apache:xerces2_java:2.12.2:*:*:*:*:*:*:* (Confidence :Low) suppress CVE-2017-10355 (OSSINDEX) suppress
sonatype-2017-0348 - xerces:xercesImpl - Denial of Service (DoS)
The software contains multiple threads or executable segments that are waiting for each other to release a necessary lock, resulting in deadlock. CWE-833 Deadlock
CVSSv3:
Base Score: MEDIUM (5.9) Vector: CVSS:/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H References:
Vulnerable Software & Versions (OSSINDEX):
cpe:2.3:a:xerces:xercesImpl:2.12.2:*:*:*:*:*:*:* xmlbeans-3.1.0.jarDescription:
XmlBeans main jar License:
The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /var/simplicite/.m2/repository/org/apache/xmlbeans/xmlbeans/3.1.0/xmlbeans-3.1.0.jar
MD5: 408902d943e5bd51a4813dae131681a3
SHA1: 6dac1f897dfb3e3f17fc79b18a3353b2e51c464e
SHA256: a19ea1ec835a101165f7aa3c55427e81b5f2b187bfe7689a19277c51402620b0
Referenced In Project/Scope: Simplicite Platform:compile
xmlbeans-3.1.0.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.apache.poi/poi-ooxml-schemas@4.1.2
Evidence Type Source Name Value Confidence Vendor file name xmlbeans High Vendor jar package name apache Highest Vendor jar package name xmlbeans Highest Vendor manifest: org/apache/xmlbeans/ Implementation-Vendor Apache Software Foundation Medium Vendor pom artifactid xmlbeans Highest Vendor pom artifactid xmlbeans Low Vendor pom developer email cezar.andrei@no#spam#!gma|l.com Low Vendor pom developer email jacob.danner@nos#pam.oracle.com Low Vendor pom developer email radu.preotiuc-pietro@nos#pam.bea.com Low Vendor pom developer email radupr@nos#pam.gm@il.com Low Vendor pom developer email user@poi.apache.org Low Vendor pom developer email wing-yew.poon@nos#pam.oracle.com Low Vendor pom developer id cezar Medium Vendor pom developer id jdanner Medium Vendor pom developer id poi Medium Vendor pom developer id radup Medium Vendor pom developer id wpoon Medium Vendor pom developer name Cezar Andrei Medium Vendor pom developer name Jacob Danner Medium Vendor pom developer name POI Team Medium Vendor pom developer name Radu Preotiuc Medium Vendor pom developer name Wing Yew Poon Medium Vendor pom developer org Apache POI Medium Vendor pom groupid org.apache.xmlbeans Highest Vendor pom name XmlBeans High Vendor pom organization name XmlBeans High Vendor pom organization url https://xmlbeans.apache.org/ Medium Vendor pom url https://xmlbeans.apache.org/ Highest Product file name xmlbeans High Product jar package name apache Highest Product jar package name xmlbeans Highest Product manifest: org/apache/xmlbeans/ Implementation-Title org.apache.xmlbeans Medium Product pom artifactid xmlbeans Highest Product pom developer email cezar.andrei@no#spam#!gma|l.com Low Product pom developer email jacob.danner@nos#pam.oracle.com Low Product pom developer email radu.preotiuc-pietro@nos#pam.bea.com Low Product pom developer email radupr@nos#pam.gm@il.com Low Product pom developer email user@poi.apache.org Low Product pom developer email wing-yew.poon@nos#pam.oracle.com Low Product pom developer id cezar Low Product pom developer id jdanner Low Product pom developer id poi Low Product pom developer id radup Low Product pom developer id wpoon Low Product pom developer name Cezar Andrei Low Product pom developer name Jacob Danner Low Product pom developer name POI Team Low Product pom developer name Radu Preotiuc Low Product pom developer name Wing Yew Poon Low Product pom developer org Apache POI Low Product pom groupid org.apache.xmlbeans Highest Product pom name XmlBeans High Product pom organization name XmlBeans Low Product pom organization url https://xmlbeans.apache.org/ Low Product pom url https://xmlbeans.apache.org/ Medium Version file version 3.1.0 High Version manifest: org/apache/xmlbeans/ Implementation-Version 3.1.0 Medium Version pom version 3.1.0 Highest
xmlcreate:2.0.4Description:
Simple XML builder for Node.js License:
Apache-2.0 File Path: /var/simplicite/simplicite-5.2/package-lock.json?/xmlcreate:2.0.4
Referenced In Projects/Scopes: simplicite-js:5.2.54 simplicite-js:5.2.54/js2xmlparser:4.0.2 Evidence Type Source Name Value Confidence Vendor package.json author.email michael@kourlas.com Highest Vendor package.json author.name Michael Kourlas Highest Vendor package.json description Simple XML builder for Node.js Highest Vendor package.json name xmlcreate Highest Vendor package.json name xmlcreate_project Highest Product package.json name xmlcreate Highest Version package.json version 2.0.4 Highest
Related Dependencies xmlcreate:2.0.4File Path: /var/simplicite/simplicite-5.2/package-lock.json?js2xmlparser:4.0.2/xmlcreate:^2.0.4 pkg:npm/xmlcreate@2.0.4 xmlgraphics-commons-2.3.jarDescription:
Apache XML Graphics Commons is a library that consists of several reusable
components used by Apache Batik and Apache FOP. Many of these components
can easily be used separately outside the domains of SVG and XSL-FO.
License:
The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /var/simplicite/.m2/repository/org/apache/xmlgraphics/xmlgraphics-commons/2.3/xmlgraphics-commons-2.3.jar
MD5: 3edc187a769f9ff50e53f095bccb20cd
SHA1: f0b77d80c4d8f02538512b4d505af0cf5286eb7f
SHA256: 1fb91bac2795f7a768a7665f40cde996023a489ecc43e5ee67ad40fbaa79e194
Referenced In Project/Scope: Simplicite Platform:compile
xmlgraphics-commons-2.3.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.docx4j/docx4j-core@11.2.9
Evidence Type Source Name Value Confidence Vendor file name xmlgraphics-commons High Vendor jar package name apache Highest Vendor jar package name xmlgraphics Highest Vendor Manifest Implementation-Vendor The Apache Software Foundation (http://xmlgraphics.apache.org/) High Vendor pom artifactid xmlgraphics-commons Highest Vendor pom artifactid xmlgraphics-commons Low Vendor pom groupid org.apache.xmlgraphics Highest Vendor pom name Apache XML Graphics Commons High Vendor pom organization name Apache Software Foundation High Vendor pom organization url http://www.apache.org/ Medium Vendor pom parent-artifactid apache Low Vendor pom parent-groupid org.apache Medium Vendor pom url http://xmlgraphics.apache.org/commons/ Highest Product file name xmlgraphics-commons High Product jar package name apache Highest Product jar package name xmlgraphics Highest Product Manifest Implementation-Title Apache XML Graphics Commons High Product pom artifactid xmlgraphics-commons Highest Product pom groupid org.apache.xmlgraphics Highest Product pom name Apache XML Graphics Commons High Product pom organization name Apache Software Foundation Low Product pom organization url http://www.apache.org/ Low Product pom parent-artifactid apache Medium Product pom parent-groupid org.apache Medium Product pom url http://xmlgraphics.apache.org/commons/ Medium Version file version 2.3 High Version Manifest Implementation-Version 2.3 High Version pom parent-version 2.3 Low Version pom version 2.3 Highest
CVE-2020-11988 suppress
Apache XmlGraphics Commons 2.4 and earlier is vulnerable to server-side request forgery, caused by improper input validation by the XMPParser. By using a specially-crafted argument, an attacker could exploit this vulnerability to cause the underlying server to make arbitrary GET requests. Users should upgrade to 2.6 or later. CWE-20 Improper Input Validation, CWE-918 Server-Side Request Forgery (SSRF)
CVSSv2:
Base Score: MEDIUM (6.4) Vector: /AV:N/AC:L/Au:N/C:P/I:P/A:N CVSSv3:
Base Score: HIGH (8.2) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N References:
Vulnerable Software & Versions:
xmlsec-2.2.3.jarDescription:
Apache XML Security for Java supports XML-Signature Syntax and Processing,
W3C Recommendation 12 February 2002, and XML Encryption Syntax and
Processing, W3C Recommendation 10 December 2002. As of version 1.4,
the library supports the standard Java API JSR-105: XML Digital Signature APIs.
License:
Apache License, Version 2.0: https://www.apache.org/licenses/LICENSE-2.0.txt File Path: /var/simplicite/.m2/repository/org/apache/santuario/xmlsec/2.2.3/xmlsec-2.2.3.jar
MD5: 3ce56109cd24b76243c3846e42b4a493
SHA1: 216237777d6371fa618d8b8a51a53a1c295291f5
SHA256: 7c42fee8eb82b24ef1c2b505026d3a44eb2b1edcdc728f0e4726bc2e79261053
Referenced In Project/Scope: Simplicite Platform:compile
xmlsec-2.2.3.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.simplicite/simplicite@5.2.54
Evidence Type Source Name Value Confidence Vendor file name xmlsec High Vendor jar package name apache Highest Vendor jar package name encryption Highest Vendor jar package name security Highest Vendor jar package name signature Highest Vendor jar package name xml Highest Vendor Manifest automatic-module-name org.apache.santuario.xmlsec Medium Vendor Manifest build-jdk-spec 1.8 Low Vendor Manifest bundle-docurl https://www.apache.org/ Low Vendor Manifest bundle-symbolicname org.apache.santuario.xmlsec Medium Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor Manifest Implementation-Vendor-Id org.apache Medium Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor pom artifactid xmlsec Highest Vendor pom artifactid xmlsec Low Vendor pom groupid org.apache.santuario Highest Vendor pom name Apache XML Security for Java High Vendor pom organization name The Apache Software Foundation High Vendor pom organization url https://www.apache.org/ Medium Vendor pom parent-artifactid apache Low Vendor pom parent-groupid org.apache Medium Vendor pom url https://santuario.apache.org/ Highest Product file name xmlsec High Product jar package name apache Highest Product jar package name encryption Highest Product jar package name security Highest Product jar package name signature Highest Product jar package name xml Highest Product Manifest automatic-module-name org.apache.santuario.xmlsec Medium Product Manifest build-jdk-spec 1.8 Low Product Manifest bundle-docurl https://www.apache.org/ Low Product Manifest Bundle-Name Apache XML Security for Java Medium Product Manifest bundle-symbolicname org.apache.santuario.xmlsec Medium Product Manifest Implementation-Title Apache XML Security for Java High Product Manifest specification-title Apache XML Security for Java Medium Product pom artifactid xmlsec Highest Product pom groupid org.apache.santuario Highest Product pom name Apache XML Security for Java High Product pom organization name The Apache Software Foundation Low Product pom organization url https://www.apache.org/ Low Product pom parent-artifactid apache Medium Product pom parent-groupid org.apache Medium Product pom url https://santuario.apache.org/ Medium Version file version 2.2.3 High Version Manifest Bundle-Version 2.2.3 High Version Manifest Implementation-Version 2.2.3 High Version pom parent-version 2.2.3 Low Version pom version 2.2.3 Highest
pkg:maven/org.apache.santuario/xmlsec@2.2.3 (Confidence :High)cpe:2.3:a:apache:santuario_xml_security_for_java:2.2.3:*:*:*:*:*:*:* (Confidence :Low) suppress cpe:2.3:a:apache:xml_security_for_java:2.2.3:*:*:*:*:*:*:* (Confidence :Low) suppress CVE-2023-44483 suppress
All versions of Apache Santuario - XML Security for Java prior to 2.2.6, 2.3.4, and 3.0.3, when using the JSR 105 API, are vulnerable to an issue where a private key may be disclosed in log files when generating an XML Signature and logging with debug level is enabled. Users are recommended to upgrade to version 2.2.6, 2.3.4, or 3.0.3, which fixes this issue.
CWE-532 Insertion of Sensitive Information into Log File
CVSSv3:
Base Score: MEDIUM (6.5) Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N References:
Vulnerable Software & Versions: (show all )
xmpbox-2.0.23.jarDescription:
The Apache XmpBox library is an open source Java tool that implements Adobe's XMP(TM)
specification. It can be used to parse, validate and create xmp contents.
It is mainly used by subproject preflight of Apache PDFBox.
XmpBox is a subproject of Apache PDFBox.
License:
https://www.apache.org/licenses/LICENSE-2.0.txt File Path: /var/simplicite/.m2/repository/org/apache/pdfbox/xmpbox/2.0.23/xmpbox-2.0.23.jar
MD5: d964e89c70c0a0e2606ab58cd307faae
SHA1: 929cb01b738f84798fcae7786e608af6735898da
SHA256: e52214fd41f23b2531197ce2186d123c577e2ee4ca466b0cf33b2df73a92a0f9
Referenced In Project/Scope: Simplicite Platform:compile
xmpbox-2.0.23.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.simplicite/simplicite@5.2.54
Evidence Type Source Name Value Confidence Vendor file name xmpbox High Vendor jar package name apache Highest Vendor jar package name xmpbox Highest Vendor Manifest automatic-module-name org.apache.xmpbox Medium Vendor Manifest bundle-docurl http://pdfbox.apache.org Low Vendor Manifest bundle-symbolicname org.apache.pdfbox.xmpbox Medium Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor Manifest Implementation-Vendor-Id org.apache.pdfbox Medium Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor pom artifactid xmpbox Highest Vendor pom artifactid xmpbox Low Vendor pom groupid org.apache.pdfbox Highest Vendor pom name Apache XmpBox High Vendor pom parent-artifactid pdfbox-parent Low Product file name xmpbox High Product jar package name apache Highest Product jar package name xmpbox Highest Product Manifest automatic-module-name org.apache.xmpbox Medium Product Manifest bundle-docurl http://pdfbox.apache.org Low Product Manifest Bundle-Name Apache XmpBox Medium Product Manifest bundle-symbolicname org.apache.pdfbox.xmpbox Medium Product Manifest Implementation-Title Apache XmpBox High Product Manifest specification-title Apache XmpBox Medium Product pom artifactid xmpbox Highest Product pom groupid org.apache.pdfbox Highest Product pom name Apache XmpBox High Product pom parent-artifactid pdfbox-parent Medium Version file version 2.0.23 High Version Manifest Bundle-Version 2.0.23 High Version Manifest Implementation-Version 2.0.23 High Version pom version 2.0.23 Highest
CVE-2021-31811 suppress
In Apache PDFBox, a carefully crafted PDF file can trigger an OutOfMemory-Exception while loading the file. This issue affects Apache PDFBox version 2.0.23 and prior 2.0.x versions. CWE-770 Allocation of Resources Without Limits or Throttling
CVSSv2:
Base Score: MEDIUM (4.3) Vector: /AV:N/AC:M/Au:N/C:N/I:N/A:P CVSSv3:
Base Score: MEDIUM (5.5) Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H References:
Vulnerable Software & Versions: (show all )
CVE-2021-31812 suppress
In Apache PDFBox, a carefully crafted PDF file can trigger an infinite loop while loading the file. This issue affects Apache PDFBox version 2.0.23 and prior 2.0.x versions. CWE-835 Loop with Unreachable Exit Condition ('Infinite Loop')
CVSSv2:
Base Score: MEDIUM (4.3) Vector: /AV:N/AC:M/Au:N/C:N/I:N/A:P CVSSv3:
Base Score: MEDIUM (5.5) Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H References:
Vulnerable Software & Versions: (show all )
xmpcore-shaded-6.1.11.jarDescription:
This project shades Adobe's xmpcore to remove the *.internal.* component from name spaces
to make recent versions backwards compatible
License:
BSD 3 Clause: https://opensource.org/licenses/BSD-3-Clause File Path: /var/simplicite/.m2/repository/org/tallison/xmp/xmpcore-shaded/6.1.11/xmpcore-shaded-6.1.11.jar
MD5: 368dca891b4d671acb556ddef9e2d180
SHA1: 90693147097d4c73fc983c327da478c141047d5a
SHA256: 1110b83a44c96e72e50be9adb82943b059d7f07d281d99483773512633c40cc7
Referenced In Project/Scope: Simplicite Platform:compile
xmpcore-shaded-6.1.11.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.apache.tika/tika-parsers@1.27
Evidence Type Source Name Value Confidence Vendor file name xmpcore-shaded High Vendor jar package name adobe Highest Vendor jar package name adobe Low Vendor jar package name impl Low Vendor jar package name tallison Highest Vendor jar package name xmp Highest Vendor jar package name xmp Low Vendor pom artifactid xmpcore-shaded Highest Vendor pom artifactid xmpcore-shaded Low Vendor pom developer name Tim Allison Medium Vendor pom groupid org.tallison.xmp Highest Vendor pom name XMPCore Shaded High Vendor pom url tballison Highest Product file name xmpcore-shaded High Product jar package name adobe Highest Product jar package name impl Low Product jar package name tallison Highest Product jar package name xmp Highest Product jar package name xmp Low Product pom artifactid xmpcore-shaded Highest Product pom developer name Tim Allison Low Product pom groupid org.tallison.xmp Highest Product pom name XMPCore Shaded High Product pom url tballison High Version file version 6.1.11 High Version pom version 6.1.11 Highest
xsom-2.3.4.jarDescription:
XML Schema Object Model (XSOM) is a Java library that allows applications to easily parse XML Schema
documents and inspect information in them. It is expected to be useful for applications that need to take XML
Schema as an input.
License:
Eclipse Distribution License - v 1.0: http://www.eclipse.org/org/documents/edl-v10.php File Path: /var/simplicite/.m2/repository/org/glassfish/jaxb/xsom/2.3.4/xsom-2.3.4.jar
MD5: c2e2614dca203d71067effe159721a80
SHA1: e538afe3b621b1bb90aad11eeef9db811f50b85a
SHA256: a668cb130d6f24b8a60f48c34987ac22f920b2c4f95932ace873f2258cf06ddf
Referenced In Project/Scope: Simplicite Platform:compile
xsom-2.3.4.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.glassfish.jaxb/jaxb-xjc@2.3.4
Evidence Type Source Name Value Confidence Vendor file name xsom High Vendor jar package name xml Highest Vendor jar package name xsom Highest Vendor Manifest build-jdk-spec 11 Low Vendor Manifest bundle-docurl https://www.eclipse.org Low Vendor Manifest bundle-symbolicname org.glassfish.jaxb.xsom Medium Vendor Manifest implementation-build-id 2.3.4 - 2a16b4e Low Vendor Manifest Implementation-Vendor Eclipse Foundation High Vendor pom artifactid xsom Highest Vendor pom artifactid xsom Low Vendor pom groupid org.glassfish.jaxb Highest Vendor pom name XSOM High Vendor pom parent-artifactid project Low Vendor pom parent-groupid org.eclipse.ee4j Medium Product file name xsom High Product jar package name xml Highest Product jar package name xsom Highest Product Manifest build-jdk-spec 11 Low Product Manifest bundle-docurl https://www.eclipse.org Low Product Manifest Bundle-Name XSOM Medium Product Manifest bundle-symbolicname org.glassfish.jaxb.xsom Medium Product Manifest implementation-build-id 2.3.4 - 2a16b4e Low Product Manifest Implementation-Title XSOM High Product pom artifactid xsom Highest Product pom groupid org.glassfish.jaxb Highest Product pom name XSOM High Product pom parent-artifactid project Medium Product pom parent-groupid org.eclipse.ee4j Medium Version file version 2.3.4 High Version Manifest Bundle-Version 2.3.4 High Version Manifest implementation-build-id 2.3.4 Low Version Manifest Implementation-Version 2.3.4 High Version pom parent-version 2.3.4 Low Version pom version 2.3.4 Highest
xtend:4.0.2Description:
extend like a boss License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/xtend:4.0.2
Referenced In Projects/Scopes: simplicite-js:5.2.54/npm-check:6.0.1 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author Raynos <raynos2@gmail.com> Highest Vendor package.json bugs.email raynos2@gmail.com Highest Vendor package.json bugs.url https://github.com/Raynos/xtend/issues Highest Vendor package.json description extend like a boss Highest Vendor package.json homepage https://github.com/Raynos/xtend Highest Vendor package.json name xtend Highest Vendor package.json name xtend_project Highest Product package.json name xtend Highest Version package.json version 4.0.2 Highest
Related Dependencies xtend:4.0.2File Path: /var/simplicite/simplicite-5.2/package-lock.json?npm-check:6.0.1/xtend:^4.0.2 pkg:npm/xtend@4.0.2 xterm-js:4.9.0Description:
Full xterm terminal, in your browser License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/xterm-js:4.9.0
Referenced In Project/Scope: simplicite-js:5.2.54
Evidence Type Source Name Value Confidence Vendor package.json description Full xterm terminal, in your browser Highest Vendor package.json name xterm-js Highest Vendor package.json name xterm-js_project Highest Product package.json name xterm-js Highest Version package.json version 4.9.0 Highest
CVE-2019-0542 suppress
A remote code execution vulnerability exists in Xterm.js when the component mishandles special characters, aka "Xterm Remote Code Execution Vulnerability." This affects xterm.js. CWE-94 Improper Control of Generation of Code ('Code Injection')
CVSSv2:
Base Score: MEDIUM (6.8) Vector: /AV:N/AC:M/Au:N/C:P/I:P/A:P CVSSv3:
Base Score: HIGH (8.8) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H References:
Vulnerable Software & Versions: (show all )
xz-1.9.jarDescription:
XZ data compression License:
Public Domain File Path: /var/simplicite/.m2/repository/org/tukaani/xz/1.9/xz-1.9.jar
MD5: 57c2fbfeb55e307ccae52e5322082e02
SHA1: 1ea4bec1a921180164852c65006d928617bd2caf
SHA256: 211b306cfc44f8f96df3a0a3ddaf75ba8c5289eed77d60d72f889bb855f535e5
Referenced In Project/Scope: Simplicite Platform:compile
xz-1.9.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.apache.tika/tika-parsers@1.27
Evidence Type Source Name Value Confidence Vendor file name xz High Vendor jar package name tukaani Highest Vendor jar package name xz Highest Vendor Manifest bundle-docurl https://tukaani.org/xz/java.html Low Vendor Manifest bundle-symbolicname org.tukaani.xz Medium Vendor Manifest implementation-url https://tukaani.org/xz/java.html Low Vendor Manifest multi-release true Low Vendor pom artifactid xz Highest Vendor pom artifactid xz Low Vendor pom developer email lasse.collin@tukaani.org Low Vendor pom developer name Lasse Collin Medium Vendor pom groupid org.tukaani Highest Vendor pom name XZ for Java High Vendor pom url https://tukaani.org/xz/java.html Highest Product file name xz High Product jar package name tukaani Highest Product jar package name xz Highest Product Manifest bundle-docurl https://tukaani.org/xz/java.html Low Product Manifest Bundle-Name XZ data compression Medium Product Manifest bundle-symbolicname org.tukaani.xz Medium Product Manifest Implementation-Title XZ data compression High Product Manifest implementation-url https://tukaani.org/xz/java.html Low Product Manifest multi-release true Low Product pom artifactid xz Highest Product pom developer email lasse.collin@tukaani.org Low Product pom developer name Lasse Collin Low Product pom groupid org.tukaani Highest Product pom name XZ for Java High Product pom url https://tukaani.org/xz/java.html Medium Version file version 1.9 High Version Manifest Bundle-Version 1.9 High Version Manifest Implementation-Version 1.9 High Version pom version 1.9 Highest
y18n:5.0.8Description:
the bare-bones internationalization library used by yargs License:
ISC File Path: /var/simplicite/simplicite-5.2/package-lock.json?yargs:16.2.0/y18n:^5.0.5
Referenced In Projects/Scopes: simplicite-js:5.2.54/yargs:16.2.0 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author Ben Coe <bencoe@gmail.com> Highest Vendor package.json bugs.url https://github.com/yargs/y18n/issues Highest Vendor package.json description the bare-bones internationalization library used by yargs Highest Vendor package.json homepage https://github.com/yargs/y18n Highest Vendor package.json name y18n Highest Vendor package.json name y18n_project Highest Product package.json name y18n Highest Version package.json version 5.0.8 Highest
Related Dependencies y18n:5.0.8File Path: /var/simplicite/simplicite-5.2/package-lock.json?/y18n:5.0.8 pkg:npm/y18n@5.0.8 yallist:2.1.2Description:
Yet Another Linked List License:
ISC File Path: /var/simplicite/simplicite-5.2/package-lock.json?/yallist:2.1.2
Referenced In Project/Scope: simplicite-js:5.2.54
Evidence Type Source Name Value Confidence Vendor package.json author Isaac Z. Schlueter <i@izs.me> (http://blog.izs.me/) Highest Vendor package.json description Yet Another Linked List Highest Vendor package.json name yallist Highest Vendor package.json name yallist_project Highest Product package.json name yallist Highest Version package.json version 2.1.2 Highest
yallist:3.1.1Description:
Yet Another Linked List License:
ISC File Path: /var/simplicite/simplicite-5.2/package-lock.json?/yallist:3.1.1
Referenced In Projects/Scopes: simplicite-js:5.2.54/tar:6.1.15 simplicite-js:5.2.54/lru-cache:5.1.1 simplicite-js:5.2.54/minizlib:2.1.2 simplicite-js:5.2.54/lru-cache:6.0.0 simplicite-js:5.2.54/lru-cache:4.1.5 simplicite-js:5.2.54 simplicite-js:5.2.54/minipass:3.3.6 Evidence Type Source Name Value Confidence Vendor package.json author Isaac Z. Schlueter <i@izs.me> (http://blog.izs.me/) Highest Vendor package.json description Yet Another Linked List Highest Vendor package.json name yallist Highest Vendor package.json name yallist_project Highest Product package.json name yallist Highest Version package.json version 3.1.1 Highest
Related Dependencies yallist:3.1.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?lru-cache:4.1.5/yallist:^2.1.2 pkg:npm/yallist@3.1.1 yallist:3.1.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?lru-cache:5.1.1/yallist:^3.0.2 pkg:npm/yallist@3.1.1 yallist:3.1.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?lru-cache:6.0.0/yallist:^4.0.0 pkg:npm/yallist@3.1.1 yallist:3.1.1File Path: /var/simplicite/simplicite-5.2/package-lock.json?minipass:3.3.6/yallist:^4.0.0 pkg:npm/yallist@3.1.1 yallist:4.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?/yallist:4.0.0 pkg:npm/yallist@4.0.0 yallist:4.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?minizlib:2.1.2/yallist:^4.0.0 pkg:npm/yallist@4.0.0 yallist:4.0.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?tar:6.1.15/yallist:^4.0.0 pkg:npm/yallist@4.0.0 yallist:4.0.0Description:
Yet Another Linked List License:
ISC File Path: /var/simplicite/simplicite-5.2/package-lock.json?/yallist:4.0.0
Referenced In Project/Scope: simplicite-js:5.2.54
Evidence Type Source Name Value Confidence Vendor package.json author Isaac Z. Schlueter <i@izs.me> (http://blog.izs.me/) Highest Vendor package.json description Yet Another Linked List Highest Vendor package.json name yallist Highest Vendor package.json name yallist_project Highest Product package.json name yallist Highest Version package.json version 4.0.0 Highest
yaml:1.10.2Description:
JavaScript parser and stringifier for YAML License:
ISC File Path: /var/simplicite/simplicite-5.2/package-lock.json?/yaml:1.10.2
Referenced In Projects/Scopes: simplicite-js:5.2.54/cosmiconfig:7.1.0 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author Eemeli Aro <eemeli@gmail.com> Highest Vendor package.json description JavaScript parser and stringifier for YAML Highest Vendor package.json homepage https://eemeli.org/yaml/v1/ Highest Vendor package.json name yaml Highest Vendor package.json name yaml_project Highest Product package.json name yaml Highest Version package.json version 1.10.2 Highest
Related Dependencies yaml:1.10.2File Path: /var/simplicite/simplicite-5.2/package-lock.json?cosmiconfig:7.1.0/yaml:^1.10.0 pkg:npm/yaml@1.10.2 yargs-parser:20.2.9Description:
the mighty option parser used by yargs License:
ISC File Path: /var/simplicite/simplicite-5.2/package-lock.json?/yargs-parser:20.2.9
Referenced In Projects/Scopes: simplicite-js:5.2.54/meow:9.0.0 simplicite-js:5.2.54/yargs:16.2.0 simplicite-js:5.2.54 Evidence Type Source Name Value Confidence Vendor package.json author Ben Coe <ben@npmjs.com> Highest Vendor package.json description the mighty option parser used by yargs Highest Vendor package.json name yargs-parser Highest Vendor package.json name yargs-parser_project Highest Product package.json name yargs-parser Highest Version package.json version 20.2.9 Highest
Related Dependencies yargs-parser:20.2.9File Path: /var/simplicite/simplicite-5.2/package-lock.json?meow:9.0.0/yargs-parser:^20.2.3 pkg:npm/yargs-parser@20.2.9 yargs-parser:20.2.9File Path: /var/simplicite/simplicite-5.2/package-lock.json?yargs:16.2.0/yargs-parser:^20.2.2 pkg:npm/yargs-parser@20.2.9 yargs:16.2.0Description:
yargs the modern, pirate-themed, successor to optimist. License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/yargs:16.2.0
Referenced In Projects/Scopes: simplicite-js:5.2.54 simplicite-js:5.2.54/depcheck:1.4.3 Evidence Type Source Name Value Confidence Vendor package.json description yargs the modern, pirate-themed, successor to optimist. Highest Vendor package.json homepage https://yargs.js.org/ Highest Vendor package.json name yargs Highest Vendor package.json name yargs_project Highest Product package.json name yargs Highest Version package.json version 16.2.0 Highest
Related Dependencies yargs:16.2.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?depcheck:1.4.3/yargs:^16.1.0 pkg:npm/yargs@16.2.0 yocto-queue:0.1.0Description:
Tiny queue data structure License:
MIT File Path: /var/simplicite/simplicite-5.2/package-lock.json?/yocto-queue:0.1.0
Referenced In Projects/Scopes: simplicite-js:5.2.54 simplicite-js:5.2.54/p-limit:3.1.0 Evidence Type Source Name Value Confidence Vendor package.json author.email sindresorhus@gmail.com Highest Vendor package.json author.name Sindre Sorhus Highest Vendor package.json author.url https://sindresorhus.com Highest Vendor package.json description Tiny queue data structure Highest Vendor package.json name yocto-queue Highest Vendor package.json name yocto-queue_project Highest Product package.json name yocto-queue Highest Version package.json version 0.1.0 Highest
Related Dependencies yocto-queue:0.1.0File Path: /var/simplicite/simplicite-5.2/package-lock.json?p-limit:3.1.0/yocto-queue:^0.1.0 pkg:npm/yocto-queue@0.1.0 zstd-jni-1.5.2-1.jarDescription:
JNI bindings for Zstd native library that provides fast and high compression lossless algorithm for Java and all JVM languages. License:
BSD 2-Clause License: https://opensource.org/licenses/BSD-2-Clause File Path: /var/simplicite/.m2/repository/com/github/luben/zstd-jni/1.5.2-1/zstd-jni-1.5.2-1.jar
MD5: 2909788860e8e3ee29d51b327a43ca24
SHA1: fad786abc1d1b81570e8d9a2fc8a1ef479bc27b6
SHA256: 93f7e4cbc907c2650f89f9f0bec94873735a58f1e4b66a54973294e4ec1878e8
Referenced In Project/Scope: Simplicite Platform:runtime
zstd-jni-1.5.2-1.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.apache.kafka/kafka-clients@3.3.1
Evidence Type Source Name Value Confidence Vendor file name zstd-jni High Vendor jar package name github Highest Vendor jar package name luben Highest Vendor jar package name zstd Highest Vendor Manifest automatic-module-name com.github.luben.zstd_jni Medium Vendor Manifest bundle-nativecode darwin/x86_64/libzstd-jni-1.5.2-1.dylib;osname=MacOS;osname=MacOSX;processor=x86_64, darwin/aarch64/libzstd-jni-1.5.2-1.dylib;osname=MacOS;osname=MacOSX;processor=aarch64, freebsd/amd64/libzstd-jni-1.5.2-1.so;osname=FreeBSD;processor=amd64, freebsd/i386/libzstd-jni-1.5.2-1.so;osname=FreeBSD;processor=i386, linux/aarch64/libzstd-jni-1.5.2-1.so;osname=Linux;processor=aarch64, linux/amd64/libzstd-jni-1.5.2-1.so;osname=Linux;processor=amd64, linux/arm/libzstd-jni-1.5.2-1.so;osname=Linux;processor=arm, linux/i386/libzstd-jni-1.5.2-1.so;osname=Linux;processor=i386, linux/mips64/libzstd-jni-1.5.2-1.so;osname=Linux;processor=mips64, linux/ppc64/libzstd-jni-1.5.2-1.so;osname=Linux;processor=ppc64, linux/ppc64le/libzstd-jni-1.5.2-1.so;osname=Linux;processor=ppc64le, linux/s390x/libzstd-jni-1.5.2-1.so;osname=Linux;processor=s390x, win/amd64/libzstd-jni-1.5.2-1.dll;osname=Win32;processor=amd64, win/x86/libzstd-jni-1.5.2-1.dll;osname=Win32;processor=x86 Low Vendor Manifest bundle-symbolicname com.github.luben.zstd-jni Medium Vendor Manifest Implementation-Vendor com.github.luben High Vendor Manifest Implementation-Vendor-Id com.github.luben Medium Vendor Manifest specification-vendor com.github.luben Low Vendor pom artifactid zstd-jni Highest Vendor pom artifactid zstd-jni Low Vendor pom developer email karavelov@gmail.com Low Vendor pom developer id karavelov Medium Vendor pom developer name Luben Karavelov Medium Vendor pom developer org com.github.luben Medium Vendor pom developer org URL https://github.com/luben Medium Vendor pom groupid com.github.luben Highest Vendor pom name zstd-jni High Vendor pom organization name com.github.luben High Vendor pom url luben/zstd-jni Highest Product file name zstd-jni High Product jar package name github Highest Product jar package name luben Highest Product jar package name zstd Highest Product Manifest automatic-module-name com.github.luben.zstd_jni Medium Product Manifest Bundle-Name zstd-jni Medium Product Manifest bundle-nativecode darwin/x86_64/libzstd-jni-1.5.2-1.dylib;osname=MacOS;osname=MacOSX;processor=x86_64, darwin/aarch64/libzstd-jni-1.5.2-1.dylib;osname=MacOS;osname=MacOSX;processor=aarch64, freebsd/amd64/libzstd-jni-1.5.2-1.so;osname=FreeBSD;processor=amd64, freebsd/i386/libzstd-jni-1.5.2-1.so;osname=FreeBSD;processor=i386, linux/aarch64/libzstd-jni-1.5.2-1.so;osname=Linux;processor=aarch64, linux/amd64/libzstd-jni-1.5.2-1.so;osname=Linux;processor=amd64, linux/arm/libzstd-jni-1.5.2-1.so;osname=Linux;processor=arm, linux/i386/libzstd-jni-1.5.2-1.so;osname=Linux;processor=i386, linux/mips64/libzstd-jni-1.5.2-1.so;osname=Linux;processor=mips64, linux/ppc64/libzstd-jni-1.5.2-1.so;osname=Linux;processor=ppc64, linux/ppc64le/libzstd-jni-1.5.2-1.so;osname=Linux;processor=ppc64le, linux/s390x/libzstd-jni-1.5.2-1.so;osname=Linux;processor=s390x, win/amd64/libzstd-jni-1.5.2-1.dll;osname=Win32;processor=amd64, win/x86/libzstd-jni-1.5.2-1.dll;osname=Win32;processor=x86 Low Product Manifest bundle-symbolicname com.github.luben.zstd-jni Medium Product Manifest Implementation-Title zstd-jni High Product Manifest specification-title zstd-jni Medium Product pom artifactid zstd-jni Highest Product pom developer email karavelov@gmail.com Low Product pom developer id karavelov Low Product pom developer name Luben Karavelov Low Product pom developer org com.github.luben Low Product pom developer org URL https://github.com/luben Low Product pom groupid com.github.luben Highest Product pom name zstd-jni High Product pom organization name com.github.luben Low Product pom url luben/zstd-jni High Version Manifest Implementation-Version 1.5.2-1 High Version pom version 1.5.2-1 Highest
zstd-jni-1.5.2-1.jar: libzstd-jni-1.5.2-1.dllFile Path: /var/simplicite/.m2/repository/com/github/luben/zstd-jni/1.5.2-1/zstd-jni-1.5.2-1.jar/win/amd64/libzstd-jni-1.5.2-1.dllMD5: 47cb3a35f42743eb1f9346af229e87b7SHA1: e31a10143ab3690a9bc2836ba62696023c94dfa0SHA256: 210044a424ce01b5b34d192d1c1c51b8058f7790770943f94e2df01906ea1f64Referenced In Project/Scope: Simplicite Platform:runtime
Evidence Type Source Name Value Confidence Vendor file name libzstd-jni High Product file name libzstd-jni High Version file name libzstd-jni Medium Version file version 1.5.2.1 High
zstd-jni-1.5.2-1.jar: libzstd-jni-1.5.2-1.dllFile Path: /var/simplicite/.m2/repository/com/github/luben/zstd-jni/1.5.2-1/zstd-jni-1.5.2-1.jar/win/x86/libzstd-jni-1.5.2-1.dllMD5: 74ee40fd92c62a5a1b6a385b5a1251cdSHA1: 8bbd3dc53b0bf577304fc048a2cd36709a190ae9SHA256: 3b887bee98cbce3af607256d2390f7cc5d068099f541590a4c3f7d6d5b48c65dReferenced In Project/Scope: Simplicite Platform:runtime
Evidence Type Source Name Value Confidence Vendor file name libzstd-jni High Product file name libzstd-jni High Version file name libzstd-jni Medium Version file version 1.5.2.1 High