Press CTR-C to copy XML [help]


Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user’s risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report.

How to read the report | Suppressing false positives | Getting Help: github issues

 Sponsor

Project: Simplicite Platform

com.simplicite:simplicite:5.2.54

Scan Information (show all):

Summary

Display: Showing Vulnerable Dependencies (click to show all)

DependencyVulnerability IDsPackageHighest SeverityCVE CountConfidenceEvidence Count
@aashutoshrathi/word-wrap:1.2.6pkg:npm/%40aashutoshrathi%2Fword-wrap@1.2.6 08
@ampproject/remapping:2.2.1pkg:npm/%40ampproject%2Fremapping@2.2.1 06
@babel/cli:7.23.9cpe:2.3:a:babelcli_project:babelcli:7.23.9:*:*:*:*:*:*:*pkg:npm/%40babel%2Fcli@7.23.9 0Low8
@babel/code-frame:7.23.5pkg:npm/%40babel%2Fcode-frame@7.23.5 08
@babel/compat-data:7.23.5pkg:npm/%40babel%2Fcompat-data@7.23.5 06
@babel/core:7.23.9pkg:npm/%40babel%2Fcore@7.23.9 08
@babel/generator:7.23.6pkg:npm/%40babel%2Fgenerator@7.23.6 08
@babel/helper-annotate-as-pure:7.22.5pkg:npm/%40babel%2Fhelper-annotate-as-pure@7.22.5 07
@babel/helper-builder-binary-assignment-operator-visitor:7.22.15pkg:npm/%40babel%2Fhelper-builder-binary-assignment-operator-visitor@7.22.15 07
@babel/helper-compilation-targets:7.23.6pkg:npm/%40babel%2Fhelper-compilation-targets@7.23.6 06
@babel/helper-create-class-features-plugin:7.23.10pkg:npm/%40babel%2Fhelper-create-class-features-plugin@7.23.10 06
@babel/helper-create-regexp-features-plugin:7.22.15pkg:npm/%40babel%2Fhelper-create-regexp-features-plugin@7.22.15 06
@babel/helper-define-polyfill-provider:0.5.0pkg:npm/%40babel%2Fhelper-define-polyfill-provider@0.5.0 05
@babel/helper-environment-visitor:7.22.20pkg:npm/%40babel%2Fhelper-environment-visitor@7.22.20 07
@babel/helper-function-name:7.23.0pkg:npm/%40babel%2Fhelper-function-name@7.23.0 07
@babel/helper-hoist-variables:7.22.5pkg:npm/%40babel%2Fhelper-hoist-variables@7.22.5 07
@babel/helper-member-expression-to-functions:7.23.0pkg:npm/%40babel%2Fhelper-member-expression-to-functions@7.23.0 07
@babel/helper-module-imports:7.22.15pkg:npm/%40babel%2Fhelper-module-imports@7.22.15 07
@babel/helper-module-transforms:7.23.3pkg:npm/%40babel%2Fhelper-module-transforms@7.23.3 07
@babel/helper-optimise-call-expression:7.22.5pkg:npm/%40babel%2Fhelper-optimise-call-expression@7.22.5 07
@babel/helper-plugin-utils:7.22.5pkg:npm/%40babel%2Fhelper-plugin-utils@7.22.5 07
@babel/helper-remap-async-to-generator:7.22.20pkg:npm/%40babel%2Fhelper-remap-async-to-generator@7.22.20 07
@babel/helper-replace-supers:7.22.20pkg:npm/%40babel%2Fhelper-replace-supers@7.22.20 07
@babel/helper-simple-access:7.22.5pkg:npm/%40babel%2Fhelper-simple-access@7.22.5 07
@babel/helper-skip-transparent-expression-wrappers:7.22.5pkg:npm/%40babel%2Fhelper-skip-transparent-expression-wrappers@7.22.5 06
@babel/helper-split-export-declaration:7.22.6pkg:npm/%40babel%2Fhelper-split-export-declaration@7.22.6 07
@babel/helper-string-parser:7.23.4pkg:npm/%40babel%2Fhelper-string-parser@7.23.4 07
@babel/helper-validator-identifier:7.22.20pkg:npm/%40babel%2Fhelper-validator-identifier@7.22.20 06
@babel/helper-validator-option:7.23.5pkg:npm/%40babel%2Fhelper-validator-option@7.23.5 06
@babel/helper-wrap-function:7.22.20pkg:npm/%40babel%2Fhelper-wrap-function@7.22.20 07
@babel/helpers:7.23.9pkg:npm/%40babel%2Fhelpers@7.23.9 07
@babel/highlight:7.23.4pkg:npm/%40babel%2Fhighlight@7.23.4 07
@babel/node:7.23.9pkg:npm/%40babel%2Fnode@7.23.9 07
@babel/parser:7.16.4pkg:npm/%40babel%2Fparser@7.16.4 08
@babel/parser:7.23.9pkg:npm/%40babel%2Fparser@7.23.9 08
@babel/plugin-bugfix-safari-id-destructuring-collision-in-function-expression:7.23.3pkg:npm/%40babel%2Fplugin-bugfix-safari-id-destructuring-collision-in-function-expression@7.23.3 07
@babel/plugin-bugfix-v8-spread-parameters-in-optional-chaining:7.23.3pkg:npm/%40babel%2Fplugin-bugfix-v8-spread-parameters-in-optional-chaining@7.23.3 07
@babel/plugin-bugfix-v8-static-class-fields-redefine-readonly:7.23.7pkg:npm/%40babel%2Fplugin-bugfix-v8-static-class-fields-redefine-readonly@7.23.7 07
@babel/plugin-proposal-private-property-in-object:7.21.0-placeholder-for-preset-env.2pkg:npm/%40babel%2Fplugin-proposal-private-property-in-object@7.21.0-placeholder-for-preset-env.2 07
@babel/plugin-syntax-async-generators:7.8.4pkg:npm/%40babel%2Fplugin-syntax-async-generators@7.8.4 05
@babel/plugin-syntax-class-properties:7.12.13pkg:npm/%40babel%2Fplugin-syntax-class-properties@7.12.13 06
@babel/plugin-syntax-class-static-block:7.14.5pkg:npm/%40babel%2Fplugin-syntax-class-static-block@7.14.5 07
@babel/plugin-syntax-dynamic-import:7.8.3pkg:npm/%40babel%2Fplugin-syntax-dynamic-import@7.8.3 05
@babel/plugin-syntax-export-namespace-from:7.8.3pkg:npm/%40babel%2Fplugin-syntax-export-namespace-from@7.8.3 05
@babel/plugin-syntax-import-assertions:7.23.3pkg:npm/%40babel%2Fplugin-syntax-import-assertions@7.23.3 06
@babel/plugin-syntax-import-attributes:7.23.3pkg:npm/%40babel%2Fplugin-syntax-import-attributes@7.23.3 06
@babel/plugin-syntax-import-meta:7.10.4pkg:npm/%40babel%2Fplugin-syntax-import-meta@7.10.4 05
@babel/plugin-syntax-json-strings:7.8.3pkg:npm/%40babel%2Fplugin-syntax-json-strings@7.8.3 05
@babel/plugin-syntax-logical-assignment-operators:7.10.4pkg:npm/%40babel%2Fplugin-syntax-logical-assignment-operators@7.10.4 05
@babel/plugin-syntax-nullish-coalescing-operator:7.8.3pkg:npm/%40babel%2Fplugin-syntax-nullish-coalescing-operator@7.8.3 05
@babel/plugin-syntax-numeric-separator:7.10.4pkg:npm/%40babel%2Fplugin-syntax-numeric-separator@7.10.4 05
@babel/plugin-syntax-object-rest-spread:7.8.3pkg:npm/%40babel%2Fplugin-syntax-object-rest-spread@7.8.3 05
@babel/plugin-syntax-optional-catch-binding:7.8.3pkg:npm/%40babel%2Fplugin-syntax-optional-catch-binding@7.8.3 05
@babel/plugin-syntax-optional-chaining:7.8.3pkg:npm/%40babel%2Fplugin-syntax-optional-chaining@7.8.3 05
@babel/plugin-syntax-private-property-in-object:7.14.5pkg:npm/%40babel%2Fplugin-syntax-private-property-in-object@7.14.5 07
@babel/plugin-syntax-top-level-await:7.14.5pkg:npm/%40babel%2Fplugin-syntax-top-level-await@7.14.5 07
@babel/plugin-syntax-unicode-sets-regex:7.18.6pkg:npm/%40babel%2Fplugin-syntax-unicode-sets-regex@7.18.6 08
@babel/plugin-transform-arrow-functions:7.23.3pkg:npm/%40babel%2Fplugin-transform-arrow-functions@7.23.3 07
@babel/plugin-transform-async-generator-functions:7.23.9pkg:npm/%40babel%2Fplugin-transform-async-generator-functions@7.23.9 07
@babel/plugin-transform-async-to-generator:7.23.3pkg:npm/%40babel%2Fplugin-transform-async-to-generator@7.23.3 07
@babel/plugin-transform-block-scoped-functions:7.23.3pkg:npm/%40babel%2Fplugin-transform-block-scoped-functions@7.23.3 07
@babel/plugin-transform-block-scoping:7.23.4pkg:npm/%40babel%2Fplugin-transform-block-scoping@7.23.4 07
@babel/plugin-transform-class-properties:7.23.3pkg:npm/%40babel%2Fplugin-transform-class-properties@7.23.3 07
@babel/plugin-transform-class-static-block:7.23.4pkg:npm/%40babel%2Fplugin-transform-class-static-block@7.23.4 07
@babel/plugin-transform-classes:7.23.8pkg:npm/%40babel%2Fplugin-transform-classes@7.23.8 07
@babel/plugin-transform-computed-properties:7.23.3pkg:npm/%40babel%2Fplugin-transform-computed-properties@7.23.3 07
@babel/plugin-transform-destructuring:7.23.3pkg:npm/%40babel%2Fplugin-transform-destructuring@7.23.3 07
@babel/plugin-transform-dotall-regex:7.23.3pkg:npm/%40babel%2Fplugin-transform-dotall-regex@7.23.3 08
@babel/plugin-transform-duplicate-keys:7.23.3pkg:npm/%40babel%2Fplugin-transform-duplicate-keys@7.23.3 07
@babel/plugin-transform-dynamic-import:7.23.4pkg:npm/%40babel%2Fplugin-transform-dynamic-import@7.23.4 06
@babel/plugin-transform-exponentiation-operator:7.23.3pkg:npm/%40babel%2Fplugin-transform-exponentiation-operator@7.23.3 07
@babel/plugin-transform-export-namespace-from:7.23.4pkg:npm/%40babel%2Fplugin-transform-export-namespace-from@7.23.4 07
@babel/plugin-transform-for-of:7.23.6pkg:npm/%40babel%2Fplugin-transform-for-of@7.23.6 07
@babel/plugin-transform-function-name:7.23.3pkg:npm/%40babel%2Fplugin-transform-function-name@7.23.3 07
@babel/plugin-transform-json-strings:7.23.4pkg:npm/%40babel%2Fplugin-transform-json-strings@7.23.4 07
@babel/plugin-transform-literals:7.23.3pkg:npm/%40babel%2Fplugin-transform-literals@7.23.3 07
@babel/plugin-transform-logical-assignment-operators:7.23.4pkg:npm/%40babel%2Fplugin-transform-logical-assignment-operators@7.23.4 07
@babel/plugin-transform-member-expression-literals:7.23.3pkg:npm/%40babel%2Fplugin-transform-member-expression-literals@7.23.3 07
@babel/plugin-transform-modules-amd:7.23.3pkg:npm/%40babel%2Fplugin-transform-modules-amd@7.23.3 07
@babel/plugin-transform-modules-commonjs:7.23.3pkg:npm/%40babel%2Fplugin-transform-modules-commonjs@7.23.3 07
@babel/plugin-transform-modules-systemjs:7.23.9pkg:npm/%40babel%2Fplugin-transform-modules-systemjs@7.23.9 07
@babel/plugin-transform-modules-umd:7.23.3pkg:npm/%40babel%2Fplugin-transform-modules-umd@7.23.3 07
@babel/plugin-transform-named-capturing-groups-regex:7.22.5pkg:npm/%40babel%2Fplugin-transform-named-capturing-groups-regex@7.22.5 08
@babel/plugin-transform-new-target:7.23.3pkg:npm/%40babel%2Fplugin-transform-new-target@7.23.3 07
@babel/plugin-transform-nullish-coalescing-operator:7.23.4pkg:npm/%40babel%2Fplugin-transform-nullish-coalescing-operator@7.23.4 07
@babel/plugin-transform-numeric-separator:7.23.4pkg:npm/%40babel%2Fplugin-transform-numeric-separator@7.23.4 07
@babel/plugin-transform-object-rest-spread:7.23.4pkg:npm/%40babel%2Fplugin-transform-object-rest-spread@7.23.4 07
@babel/plugin-transform-object-super:7.23.3pkg:npm/%40babel%2Fplugin-transform-object-super@7.23.3 07
@babel/plugin-transform-optional-catch-binding:7.23.4pkg:npm/%40babel%2Fplugin-transform-optional-catch-binding@7.23.4 07
@babel/plugin-transform-optional-chaining:7.23.4pkg:npm/%40babel%2Fplugin-transform-optional-chaining@7.23.4 07
@babel/plugin-transform-parameters:7.23.3pkg:npm/%40babel%2Fplugin-transform-parameters@7.23.3 07
@babel/plugin-transform-private-methods:7.23.3pkg:npm/%40babel%2Fplugin-transform-private-methods@7.23.3 07
@babel/plugin-transform-private-property-in-object:7.23.4pkg:npm/%40babel%2Fplugin-transform-private-property-in-object@7.23.4 07
@babel/plugin-transform-property-literals:7.23.3pkg:npm/%40babel%2Fplugin-transform-property-literals@7.23.3 07
@babel/plugin-transform-regenerator:7.23.3pkg:npm/%40babel%2Fplugin-transform-regenerator@7.23.3 07
@babel/plugin-transform-reserved-words:7.23.3pkg:npm/%40babel%2Fplugin-transform-reserved-words@7.23.3 07
@babel/plugin-transform-shorthand-properties:7.23.3pkg:npm/%40babel%2Fplugin-transform-shorthand-properties@7.23.3 07
@babel/plugin-transform-spread:7.23.3pkg:npm/%40babel%2Fplugin-transform-spread@7.23.3 07
@babel/plugin-transform-sticky-regex:7.23.3pkg:npm/%40babel%2Fplugin-transform-sticky-regex@7.23.3 07
@babel/plugin-transform-template-literals:7.23.3pkg:npm/%40babel%2Fplugin-transform-template-literals@7.23.3 07
@babel/plugin-transform-typeof-symbol:7.23.3pkg:npm/%40babel%2Fplugin-transform-typeof-symbol@7.23.3 07
@babel/plugin-transform-unicode-escapes:7.23.3pkg:npm/%40babel%2Fplugin-transform-unicode-escapes@7.23.3 07
@babel/plugin-transform-unicode-property-regex:7.23.3pkg:npm/%40babel%2Fplugin-transform-unicode-property-regex@7.23.3 08
@babel/plugin-transform-unicode-regex:7.23.3pkg:npm/%40babel%2Fplugin-transform-unicode-regex@7.23.3 07
@babel/plugin-transform-unicode-sets-regex:7.23.3pkg:npm/%40babel%2Fplugin-transform-unicode-sets-regex@7.23.3 08
@babel/preset-env:7.23.9pkg:npm/%40babel%2Fpreset-env@7.23.9 08
@babel/preset-modules:0.1.6-no-external-pluginspkg:npm/%40babel%2Fpreset-modules@0.1.6-no-external-plugins 05
@babel/register:7.23.7pkg:npm/%40babel%2Fregister@7.23.7 08
@babel/regjsgen:0.8.0pkg:npm/%40babel%2Fregjsgen@0.8.0 09
@babel/runtime:7.23.9pkg:npm/%40babel%2Fruntime@7.23.9 07
@babel/template:7.23.9pkg:npm/%40babel%2Ftemplate@7.23.9 08
@babel/traverse:7.23.9pkg:npm/%40babel%2Ftraverse@7.23.9 08
@babel/types:7.23.9pkg:npm/%40babel%2Ftypes@7.23.9 08
@colors/colors:1.5.0pkg:npm/%40colors%2Fcolors@1.5.0 08
@csstools/selector-specificity:2.2.0pkg:npm/%40csstools%2Fselector-specificity@2.2.0 07
@devexpress/error-stack-parser:2.0.6pkg:npm/%40devexpress%2Ferror-stack-parser@2.0.6 07
@es-joy/jsdoccomment:0.41.0pkg:npm/%40es-joy%2Fjsdoccomment@0.41.0 08
@eslint-community/eslint-utils:4.4.0pkg:npm/%40eslint-community%2Feslint-utils@4.4.0 08
@eslint-community/regexpp:4.6.2pkg:npm/%40eslint-community%2Fregexpp@4.6.2 08
@eslint/eslintrc:2.1.4pkg:npm/%40eslint%2Feslintrc@2.1.4 08
@eslint/js:8.56.0pkg:npm/%40eslint%2Fjs@8.56.0 07
@fullcalendar/bootstrap:5.11.0pkg:npm/%40fullcalendar%2Fbootstrap@5.11.0 010
@fullcalendar/common:5.11.5pkg:npm/%40fullcalendar%2Fcommon@5.11.5 010
@fullcalendar/core:5.11.0pkg:npm/%40fullcalendar%2Fcore@5.11.0 010
@fullcalendar/daygrid:5.11.0pkg:npm/%40fullcalendar%2Fdaygrid@5.11.0 010
@fullcalendar/google-calendar:5.11.0pkg:npm/%40fullcalendar%2Fgoogle-calendar@5.11.0 010
@fullcalendar/interaction:5.11.0pkg:npm/%40fullcalendar%2Finteraction@5.11.0 010
@fullcalendar/list:5.11.0pkg:npm/%40fullcalendar%2Flist@5.11.0 010
@fullcalendar/luxon:5.11.0pkg:npm/%40fullcalendar%2Fluxon@5.11.0 010
@fullcalendar/moment-timezone:5.11.0pkg:npm/%40fullcalendar%2Fmoment-timezone@5.11.0 010
@fullcalendar/moment:5.11.0pkg:npm/%40fullcalendar%2Fmoment@5.11.0 010
@fullcalendar/rrule:5.11.0pkg:npm/%40fullcalendar%2Frrule@5.11.0 010
@fullcalendar/timegrid:5.11.0pkg:npm/%40fullcalendar%2Ftimegrid@5.11.0 010
@humanwhocodes/config-array:0.11.13pkg:npm/%40humanwhocodes%2Fconfig-array@0.11.13 08
@humanwhocodes/module-importer:1.0.1pkg:npm/%40humanwhocodes%2Fmodule-importer@1.0.1 06
@humanwhocodes/object-schema:2.0.1pkg:npm/%40humanwhocodes%2Fobject-schema@2.0.1 08
@isaacs/cliui:8.0.2pkg:npm/%40isaacs%2Fcliui@8.0.2 06
@jridgewell/gen-mapping:0.3.3pkg:npm/%40jridgewell%2Fgen-mapping@0.3.3 06
@jridgewell/resolve-uri:3.1.0pkg:npm/%40jridgewell%2Fresolve-uri@3.1.0 06
@jridgewell/set-array:1.1.2pkg:npm/%40jridgewell%2Fset-array@1.1.2 06
@jridgewell/sourcemap-codec:1.4.14pkg:npm/%40jridgewell%2Fsourcemap-codec@1.4.14 06
@jridgewell/sourcemap-codec:1.4.15pkg:npm/%40jridgewell%2Fsourcemap-codec@1.4.15 06
@jridgewell/trace-mapping:0.3.18pkg:npm/%40jridgewell%2Ftrace-mapping@0.3.18 06
@jsdoc/salty:0.2.5pkg:npm/%40jsdoc%2Fsalty@0.2.5 08
@kessler/tableify:1.0.2pkg:npm/%40kessler%2Ftableify@1.0.2 08
@nicolo-ribaudo/chokidar-2:2.1.8-no-fsevents.3pkg:npm/%40nicolo-ribaudo%2Fchokidar-2@2.1.8-no-fsevents.3 06
@nodelib/fs.scandir:2.1.5pkg:npm/%40nodelib%2Ffs.scandir@2.1.5 05
@nodelib/fs.stat:2.0.5pkg:npm/%40nodelib%2Ffs.stat@2.0.5 05
@nodelib/fs.walk:1.2.8pkg:npm/%40nodelib%2Ffs.walk@1.2.8 05
@npmcli/fs:3.1.0pkg:npm/%40npmcli%2Ffs@3.1.0 06
@npmcli/git:4.1.0pkg:npm/%40npmcli%2Fgit@4.1.0 06
@npmcli/installed-package-contents:2.0.2pkg:npm/%40npmcli%2Finstalled-package-contents@2.0.2 06
@npmcli/node-gyp:3.0.0pkg:npm/%40npmcli%2Fnode-gyp@3.0.0 06
@npmcli/promise-spawn:6.0.2pkg:npm/%40npmcli%2Fpromise-spawn@6.0.2 06
@npmcli/run-script:6.0.2pkg:npm/%40npmcli%2Frun-script@6.0.2 06
@pkgjs/parseargs:0.11.0pkg:npm/%40pkgjs%2Fparseargs@0.11.0 08
@pnpm/config.env-replace:1.1.0pkg:npm/%40pnpm%2Fconfig.env-replace@1.1.0 05
@pnpm/network.ca-file:1.0.2pkg:npm/%40pnpm%2Fnetwork.ca-file@1.0.2 05
@pnpm/npm-conf:2.2.2pkg:npm/%40pnpm%2Fnpm-conf@2.2.2 05
@sigstore/bundle:1.0.0pkg:npm/%40sigstore%2Fbundle@1.0.0 08
@sigstore/protobuf-specs:0.2.0pkg:npm/%40sigstore%2Fprotobuf-specs@0.2.0 08
@sigstore/tuf:1.0.3pkg:npm/%40sigstore%2Ftuf@1.0.3 08
@sindresorhus/is:5.4.1pkg:npm/%40sindresorhus%2Fis@5.4.1 08
@szmarczak/http-timer:5.0.1pkg:npm/%40szmarczak%2Fhttp-timer@5.0.1 08
@tootallnate/once:2.0.0pkg:npm/%40tootallnate%2Fonce@2.0.0 07
@tufjs/canonical-json:1.0.0pkg:npm/%40tufjs%2Fcanonical-json@1.0.0 08
@tufjs/models:1.0.4pkg:npm/%40tufjs%2Fmodels@1.0.4 08
@types/http-cache-semantics:4.0.1pkg:npm/%40types%2Fhttp-cache-semantics@4.0.1 06
@types/linkify-it:3.0.2pkg:npm/%40types%2Flinkify-it@3.0.2 06
@types/lodash:4.14.195pkg:npm/%40types%2Flodash@4.14.195 06
@types/markdown-it:12.2.3pkg:npm/%40types%2Fmarkdown-it@12.2.3 06
@types/mdurl:1.0.2pkg:npm/%40types%2Fmdurl@1.0.2 05
@types/minimatch:3.0.5pkg:npm/%40types%2Fminimatch@3.0.5 06
@types/minimist:1.2.2pkg:npm/%40types%2Fminimist@1.2.2 06
@types/normalize-package-data:2.4.1pkg:npm/%40types%2Fnormalize-package-data@2.4.1 06
@types/parse-json:4.0.0pkg:npm/%40types%2Fparse-json@4.0.0 05
@ungap/structured-clone:1.2.0pkg:npm/%40ungap%2Fstructured-clone@1.2.0 08
@vue/compiler-core:3.3.4pkg:npm/%40vue%2Fcompiler-core@3.3.4 08
@vue/compiler-dom:3.3.4pkg:npm/%40vue%2Fcompiler-dom@3.3.4 08
@vue/compiler-sfc:3.3.4pkg:npm/%40vue%2Fcompiler-sfc@3.3.4 08
@vue/compiler-ssr:3.3.4pkg:npm/%40vue%2Fcompiler-ssr@3.3.4 08
@vue/reactivity-transform:3.3.4pkg:npm/%40vue%2Freactivity-transform@3.3.4 08
@vue/shared:3.3.4pkg:npm/%40vue%2Fshared@3.3.4 08
HikariCP-5.0.0.jarpkg:maven/com.zaxxer/HikariCP@5.0.0 038
JavaEWAH-1.1.13.jarpkg:maven/com.googlecode.javaewah/JavaEWAH@1.1.13 033
SparseBitSet-1.2.jarcpe:2.3:a:bit_project:bit:1.2:*:*:*:*:*:*:*pkg:maven/com.zaxxer/SparseBitSet@1.2 0Low27
abbrev:1.1.1pkg:npm/abbrev@1.1.1 06
ace-builds:1.4.12pkg:npm/ace-builds@1.4.12 08
ace-diff:3.0.3pkg:npm/ace-diff@3.0.3 08
acorn-jsx:5.3.2pkg:npm/acorn-jsx@5.3.2 09
acorn:8.11.3pkg:npm/acorn@8.11.3 014
agent-base:6.0.2pkg:npm/agent-base@6.0.2 07
agentkeepalive:4.3.0pkg:npm/agentkeepalive@4.3.0 07
aggregate-error:3.1.0pkg:npm/aggregate-error@3.1.0 08
ajv:6.12.6cpe:2.3:a:ajv.js:ajv:6.12.6:*:*:*:*:*:*:*pkg:npm/ajv@6.12.6 0Highest8
ajv:8.12.0cpe:2.3:a:ajv.js:ajv:8.12.0:*:*:*:*:*:*:*pkg:npm/ajv@8.12.0 0Highest8
animal-sniffer-annotations-1.20.jarpkg:maven/org.codehaus.mojo/animal-sniffer-annotations@1.20 019
annotations-4.1.1.4.jarpkg:maven/com.google.android/annotations@4.1.1.4 020
ansi-align:3.0.1pkg:npm/ansi-align@3.0.1 08
ansi-escapes:4.3.2pkg:npm/ansi-escapes@4.3.2 08
ansi-regex:5.0.1cpe:2.3:a:ansi-regex_project:ansi-regex:5.0.1:*:*:*:*:*:*:*pkg:npm/ansi-regex@5.0.1 0Highest9
ansi-styles:3.2.1pkg:npm/ansi-styles@3.2.1 09
ansi-styles:4.3.0pkg:npm/ansi-styles@4.3.0 08
ant-1.10.11.jarcpe:2.3:a:apache:ant:1.10.11:*:*:*:*:*:*:*pkg:maven/org.apache.ant/ant@1.10.11 0Highest24
antlr-2.7.7.jarpkg:maven/antlr/antlr@2.7.7 024
antlr-runtime-3.5.2.jarcpe:2.3:a:temporal:temporal:3.5.2:*:*:*:*:*:*:*pkg:maven/org.antlr/antlr-runtime@3.5.2 0Low39
anymatch:3.1.3pkg:npm/anymatch@3.1.3 08
aopalliance-1.0.jarpkg:maven/aopalliance/aopalliance@1.0 020
aopalliance-repackaged-2.6.1.jarpkg:maven/org.glassfish.hk2.external/aopalliance-repackaged@2.6.1 025
apache-mime4j-core-0.8.4.jarpkg:maven/org.apache.james/apache-mime4j-core@0.8.4MEDIUM134
apache-mime4j-dom-0.8.4.jarpkg:maven/org.apache.james/apache-mime4j-dom@0.8.4 034
api-common-2.0.2.jarpkg:maven/com.google.api/api-common@2.0.2 029
aproba:2.0.0pkg:npm/aproba@2.0.0 08
are-docs-informative:0.0.2pkg:npm/are-docs-informative@0.0.2 06
are-we-there-yet:3.0.1pkg:npm/are-we-there-yet@3.0.1 08
argparse:2.0.1pkg:npm/argparse@2.0.1 05
array-buffer-byte-length:1.0.0pkg:npm/array-buffer-byte-length@1.0.0 08
array-differ:3.0.0pkg:npm/array-differ@3.0.0 08
array-union:2.1.0pkg:npm/array-union@2.1.0 08
array.prototype.reduce:1.0.5pkg:npm/array.prototype.reduce@1.0.5 08
arrify:1.0.1pkg:npm/arrify@1.0.1 08
arrify:2.0.1pkg:npm/arrify@2.0.1 08
asm-9.2.jarpkg:maven/org.ow2.asm/asm@9.2 053
astral-regex:2.0.0pkg:npm/astral-regex@2.0.0 08
auto-value-annotations-1.8.2.jarpkg:maven/com.google.auto.value/auto-value-annotations@1.8.2 025
autolink-0.10.0.jarpkg:maven/org.nibor.autolink/autolink@0.10.0 023
available-typed-arrays:1.0.5pkg:npm/available-typed-arrays@1.0.5 08
avalon-framework-impl-4.2.0.jarpkg:maven/avalon-framework/avalon-framework-impl@4.2.0 021
aws-s3-2.4.0.jarcpe:2.3:a:apache:jclouds:2.4.0:*:*:*:*:*:*:*pkg:maven/org.apache.jclouds.provider/aws-s3@2.4.0 0Highest33
azureblob-2.4.0.jarcpe:2.3:a:apache:jclouds:2.4.0:*:*:*:*:*:*:*pkg:maven/org.apache.jclouds.provider/azureblob@2.4.0 0Highest35
babel-plugin-polyfill-corejs2:0.4.8pkg:npm/babel-plugin-polyfill-corejs2@0.4.8 05
babel-plugin-polyfill-corejs3:0.9.0pkg:npm/babel-plugin-polyfill-corejs3@0.9.0 05
babel-plugin-polyfill-regenerator:0.5.5pkg:npm/babel-plugin-polyfill-regenerator@0.5.5 05
balanced-match:1.0.2pkg:npm/balanced-match@1.0.2 09
balanced-match:2.0.0pkg:npm/balanced-match@2.0.0 09
barcode4j-2.1.jarcpe:2.3:a:web_project:web:2.1:*:*:*:*:*:*:*pkg:maven/net.sf.barcode4j/barcode4j@2.1 0Low50
base64-js:1.5.1pkg:npm/base64-js@1.5.1 08
bcmail-jdk15on-1.70.jarcpe:2.3:a:bouncycastle:bouncy_castle_for_java:1.70:*:*:*:*:*:*:*
cpe:2.3:a:bouncycastle:legion-of-the-bouncy-castle:1.70:*:*:*:*:*:*:*		pkg:maven/org.bouncycastle/bcmail-jdk15on@1.70MEDIUM1Low52
bcpg-jdk15on-1.70.jarcpe:2.3:a:bouncycastle:bouncy_castle_for_java:1.70:*:*:*:*:*:*:*
cpe:2.3:a:bouncycastle:legion-of-the-bouncy-castle:1.70:*:*:*:*:*:*:*		pkg:maven/org.bouncycastle/bcpg-jdk15on@1.70MEDIUM1Low54
bcpkix-jdk15on-1.70.jarcpe:2.3:a:bouncycastle:bouncy_castle_for_java:1.70:*:*:*:*:*:*:*
cpe:2.3:a:bouncycastle:legion-of-the-bouncy-castle:1.70:*:*:*:*:*:*:*		pkg:maven/org.bouncycastle/bcpkix-jdk15on@1.70MEDIUM1Low66
bcprov-ext-jdk15on-1.70.jarcpe:2.3:a:bouncycastle:bouncy_castle_for_java:1.70:*:*:*:*:*:*:*
cpe:2.3:a:bouncycastle:legion-of-the-bouncy-castle:1.70:*:*:*:*:*:*:*		pkg:maven/org.bouncycastle/bcprov-ext-jdk15on@1.70MEDIUM2Low58
bcprov-jdk15on-1.70.jarcpe:2.3:a:bouncycastle:bouncy-castle-crypto-package:1.70:*:*:*:*:*:*:*
cpe:2.3:a:bouncycastle:bouncy_castle_crypto_package:1.70:*:*:*:*:*:*:*
cpe:2.3:a:bouncycastle:bouncy_castle_for_java:1.70:*:*:*:*:*:*:*
cpe:2.3:a:bouncycastle:legion-of-the-bouncy-castle:1.70:*:*:*:*:*:*:*
cpe:2.3:a:bouncycastle:legion-of-the-bouncy-castle-java-crytography-api:1.70:*:*:*:*:*:*:*
cpe:2.3:a:bouncycastle:the_bouncy_castle_crypto_package_for_java:1.70:*:*:*:*:*:*:*		pkg:maven/org.bouncycastle/bcprov-jdk15on@1.70MEDIUM2Low60
bcutil-jdk15on-1.70.jarcpe:2.3:a:bouncycastle:bouncy_castle_for_java:1.70:*:*:*:*:*:*:*
cpe:2.3:a:bouncycastle:legion-of-the-bouncy-castle:1.70:*:*:*:*:*:*:*		pkg:maven/org.bouncycastle/bcutil-jdk15on@1.70MEDIUM1Low50
binary-extensions:2.2.0pkg:npm/binary-extensions@2.2.0 08
bl:4.1.0pkg:npm/bl@4.1.0 06
bluebird:3.7.2pkg:npm/bluebird@3.7.2 010
boilerpipe-1.1.0.jarpkg:maven/de.l3s.boilerpipe/boilerpipe@1.1.0 030
bootbox:5.5.2pkg:npm/bootbox@5.5.2MEDIUM36
bootstrap-datetimepicker:0.0.7pkg:npm/bootstrap-datetimepicker@0.0.7 04
bootstrap:4.6.0cpe:2.3:a:getbootstrap:bootstrap:4.6.0:*:*:*:*:*:*:*pkg:npm/bootstrap@4.6.0 0Highest8
boxen:4.2.0pkg:npm/boxen@4.2.0 08
brace-expansion:1.1.11cpe:2.3:a:brace_expansion_project:brace_expansion:1.1.11:*:*:*:*:*:*:*pkg:npm/brace-expansion@1.1.11 0Highest9
braces:3.0.2cpe:2.3:a:braces_project:braces:3.0.2:*:*:*:*:*:*:*pkg:npm/braces@3.0.2 0Highest8
browserslist:4.22.3cpe:2.3:a:browserslist_project:browserslist:4.22.3:*:*:*:*:*:*:*pkg:npm/browserslist@4.22.3 0Highest6
bson-3.12.12.jarcpe:2.3:a:mongodb:bson:3.12.12:*:*:*:*:*:*:*pkg:maven/org.mongodb/bson@3.12.12 0Highest26
buffer-from:1.1.2pkg:npm/buffer-from@1.1.2 04
buffer:5.7.1pkg:npm/buffer@5.7.1 010
buffer:6.0.3pkg:npm/buffer@6.0.3 010
builtin-modules:3.3.0pkg:npm/builtin-modules@3.3.0 08
builtins:5.0.1pkg:npm/builtins@5.0.1 05
byte-buddy-1.12.9.jar (shaded: net.bytebuddy:byte-buddy-dep:1.12.9)pkg:maven/net.bytebuddy/byte-buddy-dep@1.12.9 09
byte-buddy-1.12.9.jarpkg:maven/net.bytebuddy/byte-buddy@1.12.9 027
byte-buddy-agent-1.12.9.jarpkg:maven/net.bytebuddy/byte-buddy-agent@1.12.9 031
byte-buddy-agent-1.12.9.jar: attach_hotspot_windows.dll 02
byte-buddy-agent-1.12.9.jar: attach_hotspot_windows.dll 02
bzip2-0.9.1.jarcpe:2.3:a:bzip2_project:bzip2:0.9.1:*:*:*:*:*:*:*pkg:maven/org.itadaki/bzip2@0.9.1 0Highest20
c3p0-0.9.5.5.jarcpe:2.3:a:mchange:c3p0:0.9.5.5:*:*:*:*:*:*:*pkg:maven/com.mchange/c3p0@0.9.5.5 0Highest31
cacache:17.1.3pkg:npm/cacache@17.1.3 06
cacheable-lookup:7.0.0pkg:npm/cacheable-lookup@7.0.0 08
cacheable-request:10.2.12pkg:npm/cacheable-request@10.2.12 06
caffeine-3.0.6.jarpkg:maven/com.github.ben-manes.caffeine/caffeine@3.0.6 033
call-bind:1.0.2pkg:npm/call-bind@1.0.2 08
callsite-record:4.1.5pkg:npm/callsite-record@4.1.5 08
callsite:1.0.0pkg:npm/callsite@1.0.0 06
callsites:3.1.0pkg:npm/callsites@3.1.0 08
camelcase-keys:6.2.2pkg:npm/camelcase-keys@6.2.2 08
camelcase:5.3.1pkg:npm/camelcase@5.3.1 08
camelcase:6.3.0pkg:npm/camelcase@6.3.0 08
camelcase:7.0.1pkg:npm/camelcase@7.0.1 08
caniuse-lite:1.0.30001584pkg:npm/caniuse-lite@1.0.30001584 08
catharsis:0.9.0pkg:npm/catharsis@0.9.0 07
cdm-4.5.5.jarpkg:maven/edu.ucar/cdm@4.5.5 028
chalk:2.4.2pkg:npm/chalk@2.4.2 05
chalk:3.0.0pkg:npm/chalk@3.0.0 05
chalk:4.1.2pkg:npm/chalk@4.1.2 05
chardet:0.7.0pkg:npm/chardet@0.7.0 09
chart.js:2.9.4cpe:2.3:a:chartjs:chart.js:2.9.4:*:*:*:*:*:*:*pkg:npm/chart.js@2.9.4 0Highest7
chartjs-color-string:0.6.0pkg:npm/chartjs-color-string@0.6.0 06
chartjs-color:2.4.1pkg:npm/chartjs-color@2.4.1 05
checker-compat-qual-2.5.5.jarpkg:maven/org.checkerframework/checker-compat-qual@2.5.5 052
checker-qual-3.18.0.jarpkg:maven/org.checkerframework/checker-qual@3.18.0 046
chokidar:3.5.3pkg:npm/chokidar@3.5.3 08
chownr:2.0.0cpe:2.3:a:chownr_project:chownr:2.0.0:*:*:*:*:*:*:*pkg:npm/chownr@2.0.0 0Highest6
ci-info:2.0.0pkg:npm/ci-info@2.0.0 08
clean-stack:2.2.0pkg:npm/clean-stack@2.2.0 08
cli-boxes:2.2.1pkg:npm/cli-boxes@2.2.1 08
cli-boxes:3.0.0pkg:npm/cli-boxes@3.0.0 08
cli-cursor:3.1.0pkg:npm/cli-cursor@3.1.0 08
cli-spinners:2.9.0pkg:npm/cli-spinners@2.9.0 08
cli-table3:0.6.3pkg:npm/cli-table3@0.6.3 08
cli-width:3.0.0pkg:npm/cli-width@3.0.0 08
cli:1.0.1cpe:2.3:a:cli_project:cli:1.0.1:*:*:*:*:*:*:*pkg:npm/cli@1.0.1 0Highest9
cliui:7.0.4pkg:npm/cliui@7.0.4 06
clone-deep:4.0.1pkg:npm/clone-deep@4.0.1 08
clone-response:1.0.3pkg:npm/clone-response@1.0.3 06
clone:1.0.4pkg:npm/clone@1.0.4 07
co:4.6.0pkg:npm/co@4.6.0 05
codemodel-2.3.4.jarcpe:2.3:a:eclipse:glassfish:2.3.4:*:*:*:*:*:*:*pkg:maven/org.glassfish.jaxb/codemodel@2.3.4 0High34
color-convert:1.9.3pkg:npm/color-convert@1.9.3 06
color-convert:2.0.1pkg:npm/color-convert@2.0.1 06
color-name:1.1.3pkg:npm/color-name@1.1.3 08
color-name:1.1.4pkg:npm/color-name@1.1.4 08
color-support:1.1.3pkg:npm/color-support@1.1.3 06
colord:2.9.3pkg:npm/colord@2.9.3 06
commander:10.0.1pkg:npm/commander@10.0.1 06
commander:2.20.3pkg:npm/commander@2.20.3 06
commander:3.0.2pkg:npm/commander@3.0.2 06
commander:4.1.1pkg:npm/commander@4.1.1 06
comment-parser:1.4.1pkg:npm/comment-parser@1.4.1 08
commondir:1.0.1pkg:npm/commondir@1.0.1 08
commonmark-0.18.0.jarpkg:maven/org.commonmark/commonmark@0.18.0 023
commonmark-ext-autolink-0.18.0.jarpkg:maven/org.commonmark/commonmark-ext-autolink@0.18.0 023
commonmark-ext-gfm-strikethrough-0.18.0.jarpkg:maven/org.commonmark/commonmark-ext-gfm-strikethrough@0.18.0 025
commonmark-ext-gfm-tables-0.18.0.jarpkg:maven/org.commonmark/commonmark-ext-gfm-tables@0.18.0 025
commonmark-ext-heading-anchor-0.18.0.jarpkg:maven/org.commonmark/commonmark-ext-heading-anchor@0.18.0 025
commonmark-ext-image-attributes-0.18.0.jarpkg:maven/org.commonmark/commonmark-ext-image-attributes@0.18.0 025
commonmark-ext-ins-0.18.0.jarpkg:maven/org.commonmark/commonmark-ext-ins@0.18.0 023
commonmark-ext-task-list-items-0.18.0.jarpkg:maven/org.commonmark/commonmark-ext-task-list-items@0.18.0 025
commonmark-ext-yaml-front-matter-0.18.0.jarpkg:maven/org.commonmark/commonmark-ext-yaml-front-matter@0.18.0 025
commons-beanutils-1.9.4.jarcpe:2.3:a:apache:commons_beanutils:1.9.4:*:*:*:*:*:*:*pkg:maven/commons-beanutils/commons-beanutils@1.9.4 0Highest168
commons-cli-1.4.jarpkg:maven/commons-cli/commons-cli@1.4 085
commons-codec-1.15.jarpkg:maven/commons-codec/commons-codec@1.15 0108
commons-collections-3.2.2.jarcpe:2.3:a:apache:commons_collections:3.2.2:*:*:*:*:*:*:*pkg:maven/commons-collections/commons-collections@3.2.2 0Highest84
commons-collections4-4.4.jarcpe:2.3:a:apache:commons_collections:4.4:*:*:*:*:*:*:*pkg:maven/org.apache.commons/commons-collections4@4.4 0Highest105
commons-compress-1.21.jarcpe:2.3:a:apache:commons_compress:1.21:*:*:*:*:*:*:*pkg:maven/org.apache.commons/commons-compress@1.21MEDIUM2Highest105
commons-csv-1.9.0.jarpkg:maven/org.apache.commons/commons-csv@1.9.0 086
commons-digester-2.1.jarpkg:maven/commons-digester/commons-digester@2.1 098
commons-discovery-0.5.jarcpe:2.3:a:spirit-project:spirit:0.5:*:*:*:*:*:*:*pkg:maven/commons-discovery/commons-discovery@0.5MEDIUM1Low86
commons-email-1.5.jarcpe:2.3:a:apache:commons_email:1.5:*:*:*:*:*:*:*pkg:maven/org.apache.commons/commons-email@1.5 0Highest137
commons-exec-1.3.jarpkg:maven/org.apache.commons/commons-exec@1.3 059
commons-fileupload-1.4.jarcpe:2.3:a:apache:commons_fileupload:1.4:*:*:*:*:*:*:*pkg:maven/commons-fileupload/commons-fileupload@1.4HIGH1Highest115
commons-imaging-1.0-alpha2.jarcpe:2.3:a:apache:commons_imaging:1.0:pha2:*:*:*:*:*:*pkg:maven/org.apache.commons/commons-imaging@1.0-alpha2 0Highest67
commons-io-2.11.0.jarcpe:2.3:a:apache:commons_io:2.11.0:*:*:*:*:*:*:*pkg:maven/commons-io/commons-io@2.11.0 0Highest123
commons-lang-2.6.jarpkg:maven/commons-lang/commons-lang@2.6 0122
commons-lang3-3.12.0.jarpkg:maven/org.apache.commons/commons-lang3@3.12.0 0139
commons-logging-1.2.jarpkg:maven/commons-logging/commons-logging@1.2 0117
commons-math3-3.6.1.jarpkg:maven/org.apache.commons/commons-math3@3.6.1 0134
commons-net-3.8.0.jarcpe:2.3:a:apache:commons_net:3.8.0:*:*:*:*:*:*:*pkg:maven/commons-net/commons-net@3.8.0MEDIUM1Highest99
commons-pool2-2.11.1.jarpkg:maven/org.apache.commons/commons-pool2@2.11.1 090
commons-validator-1.7.jarpkg:maven/commons-validator/commons-validator@1.7 0125
commons-vfs2-2.9.0.jarpkg:maven/org.apache.commons/commons-vfs2@2.9.0 039
concat-map:0.0.1pkg:npm/concat-map@0.0.1 08
config-chain:1.1.13pkg:npm/config-chain@1.1.13 07
configstore:5.0.1pkg:npm/configstore@5.0.1 08
conscrypt-openjdk-uber-2.5.1.jarpkg:maven/org.conscrypt/conscrypt-openjdk-uber@2.5.1 037
conscrypt-openjdk-uber-2.5.1.jar: conscrypt_openjdk_jni-windows-x86.dll 04
conscrypt-openjdk-uber-2.5.1.jar: conscrypt_openjdk_jni-windows-x86_64.dll 02
console-browserify:1.1.0pkg:npm/console-browserify@1.1.0 09
console-control-strings:1.1.0pkg:npm/console-control-strings@1.1.0 06
convert-source-map:2.0.0pkg:npm/convert-source-map@2.0.0 09
core-3.0.1.jarpkg:maven/com.google.zxing/core@3.0.1 020
core-js-compat:3.35.1pkg:npm/core-js-compat@3.35.1 08
core-js:3.31.0pkg:npm/core-js@3.31.0 08
core-util-is:1.0.3pkg:npm/core-util-is@1.0.3 07
cosmiconfig:7.1.0pkg:npm/cosmiconfig@7.1.0 08
cross-spawn:7.0.3pkg:npm/cross-spawn@7.0.3 07
crypto-random-string:2.0.0pkg:npm/crypto-random-string@2.0.0 08
css-functions-list:3.1.0pkg:npm/css-functions-list@3.1.0 08
cssesc:3.0.0pkg:npm/cssesc@3.0.0 09
curvesapi-1.06.jarpkg:maven/com.github.virtuald/curvesapi@1.06 024
date-now:0.1.4pkg:npm/date-now@0.1.4 09
dd-plist-1.23.jarcpe:2.3:a:dd-plist_project:dd-plist:1.23:*:*:*:*:*:*:*pkg:maven/com.googlecode.plist/dd-plist@1.23 0Highest31
debug:4.3.4cpe:2.3:a:debug_project:debug:4.3.4:*:*:*:*:*:*:*pkg:npm/debug@4.3.4 0Highest6
dec-0.1.2.jarpkg:maven/org.brotli/dec@0.1.2 023
decamelize-keys:1.1.1pkg:npm/decamelize-keys@1.1.1 08
decamelize:1.2.0cpe:2.3:a:decamelize_project:decamelize:1.2.0:*:*:*:*:*:*:*pkg:npm/decamelize@1.2.0 0Highest8
decompress-response:6.0.0pkg:npm/decompress-response@6.0.0 08
deep-extend:0.6.0cpe:2.3:a:deep_extend_project:deep_extend:0.6.0:*:*:*:*:*:*:*pkg:npm/deep-extend@0.6.0 0Highest8
deep-is:0.1.4pkg:npm/deep-is@0.1.4 08
defaults:1.0.4pkg:npm/defaults@1.0.4 06
defer-to-connect:1.1.3pkg:npm/defer-to-connect@1.1.3 08
defer-to-connect:2.0.1pkg:npm/defer-to-connect@2.0.1 08
define-properties:1.2.0pkg:npm/define-properties@1.2.0 06
delegates:1.0.0pkg:npm/delegates@1.0.0 05
depcheck:1.4.3pkg:npm/depcheck@1.4.3 07
depd:2.0.0pkg:npm/depd@2.0.0 06
deps-regex:0.1.4pkg:npm/deps-regex@0.1.4 08
diff-match-patch:1.0.5pkg:npm/diff-match-patch@1.0.5 05
diffutils-1.3.0.jarcpe:2.3:a:utils_project:utils:1.3.0:*:*:*:*:*:*:*pkg:maven/com.googlecode.java-diff-utils/diffutils@1.3.0 0Highest19
dir-glob:3.0.1pkg:npm/dir-glob@3.0.1 08
docdash:2.0.2pkg:npm/docdash@2.0.2 06
doctrine:3.0.0cpe:2.3:a:doctrine-project:doctrine:3.0.0:*:*:*:*:*:*:*pkg:npm/doctrine@3.0.0 0Highest12
docusign-esign-java-3.14.0.jarpkg:maven/com.docusign/docusign-esign-java@3.14.0 034
docx4j-ImportXHTML-8.2.1.jarpkg:maven/org.docx4j/docx4j-ImportXHTML@8.2.1 029
docx4j-JAXB-ReferenceImpl-11.2.9.jarpkg:maven/org.docx4j/docx4j-JAXB-ReferenceImpl@11.2.9 030
docx4j-core-11.2.9.jarpkg:maven/org.docx4j/docx4j-core@11.2.9 034
docx4j-openxml-objects-11.2.9.jarpkg:maven/org.docx4j/docx4j-openxml-objects@11.2.9 026
docx4j-openxml-objects-pml-11.2.9.jarpkg:maven/org.docx4j/docx4j-openxml-objects-pml@11.2.9 026
docx4j-openxml-objects-sml-11.2.9.jarpkg:maven/org.docx4j/docx4j-openxml-objects-sml@11.2.9 026
dom-serializer:0.2.2pkg:npm/dom-serializer@0.2.2 06
domelementtype:1.3.1pkg:npm/domelementtype@1.3.1 06
domelementtype:2.3.0pkg:npm/domelementtype@2.3.0 06
domhandler:2.3.0pkg:npm/domhandler@2.3.0 06
domutils:1.5.1pkg:npm/domutils@1.5.1 06
dot-prop:5.3.0cpe:2.3:a:dot-prop_project:dot-prop:5.3.0:*:*:*:*:*:*:*pkg:npm/dot-prop@5.3.0 0Highest8
dot-prop:6.0.1cpe:2.3:a:dot-prop_project:dot-prop:6.0.1:*:*:*:*:*:*:*pkg:npm/dot-prop@6.0.1 0Highest8
dtd-parser-1.4.4.jarpkg:maven/com.sun.xml.dtd-parser/dtd-parser@1.4.4 038
duplexer3:0.1.5pkg:npm/duplexer3@0.1.5 05
eastasianwidth:0.2.0pkg:npm/eastasianwidth@0.2.0 06
eddsa-0.3.0.jarcpe:2.3:a:4d:4d:0.3.0:*:*:*:*:*:*:*pkg:maven/net.i2p.crypto/eddsa@0.3.0 0Low33
editorconfig:0.15.3pkg:npm/editorconfig@0.15.3 07
ehcache-3.9.6.jar (shaded: org.ehcache.modules:ehcache-107:3.9.6)pkg:maven/org.ehcache.modules/ehcache-107@3.9.6 021
ehcache-3.9.6.jar (shaded: org.ehcache.modules:ehcache-api:3.9.6)pkg:maven/org.ehcache.modules/ehcache-api@3.9.6 021
ehcache-3.9.6.jar (shaded: org.ehcache.modules:ehcache-core:3.9.6)pkg:maven/org.ehcache.modules/ehcache-core@3.9.6 021
ehcache-3.9.6.jar (shaded: org.ehcache.modules:ehcache-impl:3.9.6)pkg:maven/org.ehcache.modules/ehcache-impl@3.9.6 021
ehcache-3.9.6.jar (shaded: org.ehcache.modules:ehcache-xml:3.9.6)pkg:maven/org.ehcache.modules/ehcache-xml@3.9.6 021
ehcache-3.9.6.jar (shaded: org.ehcache:sizeof:0.4.0)pkg:maven/org.ehcache/sizeof@0.4.0 013
ehcache-3.9.6.jar (shaded: org.terracotta:offheap-store:2.5.2)pkg:maven/org.terracotta/offheap-store@2.5.2 017
ehcache-3.9.6.jar (shaded: org.terracotta:statistics:2.1)pkg:maven/org.terracotta/statistics@2.1 025
ehcache-3.9.6.jar (shaded: org.terracotta:terracotta-utilities-tools:0.0.9)pkg:maven/org.terracotta/terracotta-utilities-tools@0.0.9 019
ehcache-3.9.6.jarcpe:2.3:a:service_project:service:3.9.6:*:*:*:*:*:*:*pkg:maven/org.ehcache/ehcache@3.9.6 0Low52
ehcache-3.9.6.jar: sizeof-agent.jar 08
electron-to-chromium:1.4.656pkg:npm/electron-to-chromium@1.4.656 06
emoji-regex:8.0.0pkg:npm/emoji-regex@8.0.0 09
encoding:0.1.13pkg:npm/encoding@0.1.13 06
end-of-stream:1.4.4pkg:npm/end-of-stream@1.4.4 08
entities:1.0.0pkg:npm/entities@1.0.0 06
entities:2.1.0pkg:npm/entities@2.1.0 06
entities:2.2.0pkg:npm/entities@2.2.0 06
env-paths:2.2.1pkg:npm/env-paths@2.2.1 08
eol:0.9.1pkg:npm/eol@0.9.1 08
err-code:2.0.3pkg:npm/err-code@2.0.3 07
error-ex:1.3.2pkg:npm/error-ex@1.3.2 05
error_prone_annotations-2.3.4.jarpkg:maven/com.google.errorprone/error_prone_annotations@2.3.4 021
es-abstract:1.21.2pkg:npm/es-abstract@1.21.2 08
es-array-method-boxes-properly:1.0.0pkg:npm/es-array-method-boxes-properly@1.0.0 08
es-set-tostringtag:2.0.1pkg:npm/es-set-tostringtag@2.0.1 08
es-to-primitive:1.2.1pkg:npm/es-to-primitive@1.2.1 06
escalade:3.1.1pkg:npm/escalade@3.1.1 08
escape-goat:2.1.1pkg:npm/escape-goat@2.1.1 08
escape-string-regexp:1.0.5pkg:npm/escape-string-regexp@1.0.5 08
escape-string-regexp:2.0.0pkg:npm/escape-string-regexp@2.0.0 08
escape-string-regexp:4.0.0pkg:npm/escape-string-regexp@4.0.0 08
eslint-plugin-jsdoc:48.0.4pkg:npm/eslint-plugin-jsdoc@48.0.4 08
eslint-scope:7.2.2pkg:npm/eslint-scope@7.2.2 07
eslint-visitor-keys:3.4.3pkg:npm/eslint-visitor-keys@3.4.3 08
eslint:8.56.0pkg:npm/eslint@8.56.0 08
espree:9.6.1pkg:npm/espree@9.6.1 08
esprima:4.0.1pkg:npm/esprima@4.0.1 012
esquery:1.5.0pkg:npm/esquery@1.5.0 08
esrecurse:4.3.0pkg:npm/esrecurse@4.3.0 09
estraverse:5.3.0pkg:npm/estraverse@5.3.0 09
estree-walker:2.0.2pkg:npm/estree-walker@2.0.2 06
esutils:2.0.3pkg:npm/esutils@2.0.3 09
execa:5.1.1pkg:npm/execa@5.1.1 08
exit:0.1.2pkg:npm/exit@0.1.2 09
exponential-backoff:3.1.1pkg:npm/exponential-backoff@3.1.1 08
external-editor:3.1.0pkg:npm/external-editor@3.1.0 08
failureaccess-1.0.1.jarpkg:maven/com.google.guava/failureaccess@1.0.1 028
fast-and-simple-minify-1.0.jarpkg:maven/ch.simschla/fast-and-simple-minify@1.0 028
fast-deep-equal:3.1.3pkg:npm/fast-deep-equal@3.1.3 08
fast-glob:3.3.0pkg:npm/fast-glob@3.3.0 07
fast-json-stable-stringify:2.1.0pkg:npm/fast-json-stable-stringify@2.1.0 09
fast-levenshtein:2.0.6pkg:npm/fast-levenshtein@2.0.6 06
fast-memoize:2.5.2pkg:npm/fast-memoize@2.5.2 08
fastest-levenshtein:1.0.16pkg:npm/fastest-levenshtein@1.0.16 08
fastq:1.15.0pkg:npm/fastq@1.15.0 08
figures:3.2.0pkg:npm/figures@3.2.0 08
file-entry-cache:6.0.1pkg:npm/file-entry-cache@6.0.1 07
fill-range:7.0.1pkg:npm/fill-range@7.0.1 08
find-cache-dir:2.1.0pkg:npm/find-cache-dir@2.1.0 05
find-up:3.0.0pkg:npm/find-up@3.0.0 08
find-up:4.1.0pkg:npm/find-up@4.1.0 08
find-up:5.0.0pkg:npm/find-up@5.0.0 08
find-yarn-workspace-root2:1.2.16pkg:npm/find-yarn-workspace-root2@1.2.16 08
firebase-admin-8.0.1.jarpkg:maven/com.google.firebase/firebase-admin@8.0.1 034
flat-cache:3.0.4pkg:npm/flat-cache@3.0.4 07
flatted:3.2.7pkg:npm/flatted@3.2.7 08
fontbox-2.0.23.jarpkg:maven/org.apache.pdfbox/fontbox@2.0.23 033
for-each:0.3.3pkg:npm/for-each@0.3.3 09
foreground-child:3.1.1pkg:npm/foreground-child@3.1.1 06
form-data-encoder:2.1.4pkg:npm/form-data-encoder@2.1.4 06
fp-and-or:0.1.4pkg:npm/fp-and-or@0.1.4 08
fs-extra:8.1.0pkg:npm/fs-extra@8.1.0 07
fs-minipass:2.1.0pkg:npm/fs-minipass@2.1.0 08
fs-minipass:3.0.2pkg:npm/fs-minipass@3.0.2 08
fs-readdir-recursive:1.1.0pkg:npm/fs-readdir-recursive@1.1.0 09
fs.realpath:1.0.0pkg:npm/fs.realpath@1.0.0 06
function-bind:1.1.1pkg:npm/function-bind@1.1.1 09
function.prototype.name:1.1.5pkg:npm/function.prototype.name@1.1.5 06
functions-have-names:1.2.3pkg:npm/functions-have-names@1.2.3 08
fuzzywuzzy-1.3.1.jar (shaded: me.xdrop:diffutils:1.3)pkg:maven/me.xdrop/diffutils@1.3 07
fuzzywuzzy-1.3.1.jar (shaded: me.xdrop:fuzzywuzzy-build:1.3.1)pkg:maven/me.xdrop/fuzzywuzzy-build@1.3.1 011
fuzzywuzzy-1.3.1.jarpkg:maven/me.xdrop/fuzzywuzzy@1.3.1 028
gauge:4.0.4pkg:npm/gauge@4.0.4 08
gax-2.4.1.jarpkg:maven/com.google.api/gax@2.4.1 034
gax-grpc-2.4.1.jarcpe:2.3:a:grpc:grpc:2.4.1:*:*:*:*:*:*:*pkg:maven/com.google.api/gax-grpc@2.4.1 0Highest36
gax-httpjson-0.89.1.jarpkg:maven/com.google.api/gax-httpjson@0.89.1 036
gensync:1.0.0-beta.2pkg:npm/gensync@1.0.0-beta.2 07
geoapi-3.0.1.jarpkg:maven/org.opengis/geoapi@3.0.1 037
get-caller-file:2.0.5pkg:npm/get-caller-file@2.0.5 08
get-intrinsic:1.2.1pkg:npm/get-intrinsic@1.2.1 08
get-stdin:5.0.1pkg:npm/get-stdin@5.0.1 08
get-stdin:8.0.0pkg:npm/get-stdin@8.0.0 08
get-stream:5.2.0pkg:npm/get-stream@5.2.0 08
get-stream:6.0.1pkg:npm/get-stream@6.0.1 08
get-symbol-description:1.0.0pkg:npm/get-symbol-description@1.0.0 08
giturl:1.0.3pkg:npm/giturl@1.0.3 09
glob-parent:5.1.2cpe:2.3:a:gulpjs:glob-parent:5.1.2:*:*:*:*:*:*:*pkg:npm/glob-parent@5.1.2 0Highest6
glob-parent:6.0.2cpe:2.3:a:gulpjs:glob-parent:6.0.2:*:*:*:*:*:*:*pkg:npm/glob-parent@6.0.2 0Highest6
glob:10.3.3pkg:npm/glob@10.3.3 06
glob:7.2.3pkg:npm/glob@7.2.3 06
global-dirs:2.1.0pkg:npm/global-dirs@2.1.0 08
global-modules:2.0.0pkg:npm/global-modules@2.0.0 08
global-prefix:3.0.0pkg:npm/global-prefix@3.0.0 08
globals:11.12.0pkg:npm/globals@11.12.0 08
globals:13.20.0pkg:npm/globals@13.20.0 08
globalthis:1.0.3pkg:npm/globalthis@1.0.3 06
globby:11.1.0pkg:npm/globby@11.1.0 08
globjoin:0.1.4pkg:npm/globjoin@0.1.4 08
google-api-client-1.32.1.jarpkg:maven/com.google.api-client/google-api-client@1.32.1 035
google-api-client-gson-1.32.1.jarpkg:maven/com.google.api-client/google-api-client-gson@1.32.1 035
google-api-services-calendar-v3-rev20210804-1.32.1.jarpkg:maven/com.google.apis/google-api-services-calendar@v3-rev20210804-1.32.1 026
google-api-services-drive-v3-rev20210725-1.32.1.jarcpe:2.3:a:google:drive:v3.rev20210725.1.32.1:*:*:*:*:*:*:*pkg:maven/com.google.apis/google-api-services-drive@v3-rev20210725-1.32.1 0Highest26
google-api-services-gmail-v1-rev20210614-1.32.1.jarcpe:2.3:a:google:gmail:v1.rev20210614.1.32.1:*:*:*:*:*:*:*pkg:maven/com.google.apis/google-api-services-gmail@v1-rev20210614-1.32.1 0Highest26
google-api-services-plus-v1-rev20190328-1.30.10.jarpkg:maven/com.google.apis/google-api-services-plus@v1-rev20190328-1.30.10 026
google-api-services-sheets-v4-rev20210629-1.32.1.jarpkg:maven/com.google.apis/google-api-services-sheets@v4-rev20210629-1.32.1 026
google-api-services-storage-v1-rev20210914-1.32.1.jarpkg:maven/com.google.apis/google-api-services-storage@v1-rev20210914-1.32.1 026
google-api-services-translate-v2-rev20170525-1.30.1.jarpkg:maven/com.google.apis/google-api-services-translate@v2-rev20170525-1.30.1 026
google-api-services-youtube-v3-rev20210915-1.32.1.jarpkg:maven/com.google.apis/google-api-services-youtube@v3-rev20210915-1.32.1 026
google-auth-library-credentials-1.1.0.jarpkg:maven/com.google.auth/google-auth-library-credentials@1.1.0 023
google-auth-library-oauth2-http-1.1.0.jarpkg:maven/com.google.auth/google-auth-library-oauth2-http@1.1.0 025
google-cloud-core-2.1.4.jarpkg:maven/com.google.cloud/google-cloud-core@2.1.4 029
google-cloud-core-grpc-2.1.4.jarcpe:2.3:a:grpc:grpc:2.1.4:*:*:*:*:*:*:*pkg:maven/com.google.cloud/google-cloud-core-grpc@2.1.4 0Highest31
google-cloud-core-http-2.1.4.jarpkg:maven/com.google.cloud/google-cloud-core-http@2.1.4 031
google-cloud-firestore-2.6.1.jarpkg:maven/com.google.cloud/google-cloud-firestore@2.6.1 099
google-cloud-pubsub-1.114.4.jarpkg:maven/com.google.cloud/google-cloud-pubsub@1.114.4 039
google-cloud-storage-2.1.4.jarpkg:maven/com.google.cloud/google-cloud-storage@2.1.4 039
google-cloud-storage-2.4.0.jarcpe:2.3:a:apache:jclouds:2.4.0:*:*:*:*:*:*:*pkg:maven/org.apache.jclouds.provider/google-cloud-storage@2.4.0 0Highest29
google-http-client-1.40.0.jarpkg:maven/com.google.http-client/google-http-client@1.40.0 035
google-http-client-apache-v2-1.40.0.jarpkg:maven/com.google.http-client/google-http-client-apache-v2@1.40.0 031
google-http-client-appengine-1.40.0.jarpkg:maven/com.google.http-client/google-http-client-appengine@1.40.0 025
google-http-client-gson-1.40.0.jarpkg:maven/com.google.http-client/google-http-client-gson@1.40.0 025
google-http-client-jackson-1.29.2.jarcpe:2.3:a:apache:httpclient:1.29.2:*:*:*:*:*:*:*pkg:maven/com.google.http-client/google-http-client-jackson@1.29.2MEDIUM1Low31
google-http-client-jackson2-1.40.0.jarpkg:maven/com.google.http-client/google-http-client-jackson2@1.40.0 025
google-java-format-1.11.0.jarpkg:maven/com.google.googlejavaformat/google-java-format@1.11.0 029
google-oauth-client-1.32.1.jarcpe:2.3:a:google:oauth_client_library_for_java:1.32.1:*:*:*:*:*:*:*pkg:maven/com.google.oauth-client/google-oauth-client@1.32.1HIGH1Low37
googlecloud-2.4.0.jarcpe:2.3:a:apache:jclouds:2.4.0:*:*:*:*:*:*:*pkg:maven/org.apache.jclouds.common/googlecloud@2.4.0 0Highest31
gopd:1.0.1pkg:npm/gopd@1.0.1 08
got:12.6.1cpe:2.3:a:got_project:got:12.6.1:*:*:*:*:*:*:*pkg:npm/got@12.6.1 0Highest5
got:13.0.0cpe:2.3:a:got_project:got:13.0.0:*:*:*:*:*:*:*pkg:npm/got@13.0.0 0Highest5
got:9.6.0cpe:2.3:a:got_project:got:9.6.0:*:*:*:*:*:*:*pkg:npm/got@9.6.0MEDIUM1Highest5
graceful-fs:4.2.11pkg:npm/graceful-fs@4.2.11 05
graphemer:1.4.0pkg:npm/graphemer@1.4.0 08
graphics2d-0.32.jarpkg:maven/de.rototor.pdfbox/graphics2d@0.32 025
grib-4.5.5.jarpkg:maven/edu.ucar/grib@4.5.5 041
grpc-core-1.40.1.jarcpe:2.3:a:grpc:grpc:1.40.1:*:*:*:*:*:*:*pkg:maven/io.grpc/grpc-core@1.40.1HIGH*4Highest33
grpc-netty-shaded-1.40.1.jar: io_grpc_netty_shaded_netty_tcnative_windows_x86_64.dll 02
grpc-protobuf-1.40.1.jarcpe:2.3:a:grpc:grpc:1.40.1:*:*:*:*:*:*:*
cpe:2.3:a:protobuf:protobuf:1.40.1:*:*:*:*:*:*:*		pkg:maven/io.grpc/grpc-protobuf@1.40.1HIGH*4Highest35
gson-2.8.6.jarcpe:2.3:a:google:gson:2.8.6:*:*:*:*:*:*:*pkg:maven/com.google.code.gson/gson@2.8.6HIGH1Highest25
guava-30.1.1-jre.jarcpe:2.3:a:google:guava:30.1.1:*:*:*:*:*:*:*pkg:maven/com.google.guava/guava@30.1.1-jreHIGH2Highest23
guice-4.2.3.jar (shaded: cglib:cglib:3.3.0)pkg:maven/cglib/cglib@3.3.0 07
guice-4.2.3.jarpkg:maven/com.google.inject/guice@4.2.3 034
guice-assistedinject-4.2.3.jarpkg:maven/com.google.inject.extensions/guice-assistedinject@4.2.3 031
h2-2.1.214.jarcpe:2.3:a:h2database:h2:2.1.214:*:*:*:*:*:*:*pkg:maven/com.h2database/h2@2.1.214HIGH2Highest44
h2-2.1.214.jar: data.zip: table.js 00
h2-2.1.214.jar: data.zip: tree.js 00
hadoop-hdfs-client-3.3.1.jarcpe:2.3:a:apache:hadoop:3.3.1:*:*:*:*:*:*:*pkg:maven/org.apache.hadoop/hadoop-hdfs-client@3.3.1CRITICAL6Highest27
hamcrest-core-1.3.jarpkg:maven/org.hamcrest/hamcrest-core@1.3 024
handlebars:4.7.7cpe:2.3:a:handlebarsjs:handlebars:4.7.7:*:*:*:*:*:*:*pkg:npm/handlebars@4.7.7 0Highest7
hard-rejection:2.1.0pkg:npm/hard-rejection@2.1.0 08
has-bigints:1.0.2pkg:npm/has-bigints@1.0.2 08
has-flag:3.0.0pkg:npm/has-flag@3.0.0 08
has-property-descriptors:1.0.0pkg:npm/has-property-descriptors@1.0.0 08
has-proto:1.0.1pkg:npm/has-proto@1.0.1 08
has-symbols:1.0.3pkg:npm/has-symbols@1.0.3 010
has-tostringtag:1.0.0pkg:npm/has-tostringtag@1.0.0 010
has-unicode:2.0.1pkg:npm/has-unicode@2.0.1 08
has-yarn:2.1.0pkg:npm/has-yarn@2.1.0 08
has:1.0.3pkg:npm/has@1.0.3 09
highlight-es:1.0.3pkg:npm/highlight-es@1.0.3 08
highlight.js:10.7.3cpe:2.3:a:highlightjs:highlight.js:10.7.3:*:*:*:*:*:*:*pkg:npm/highlight.js@10.7.3 0Highest9
highlight.js:11.5.1cpe:2.3:a:highlightjs:highlight.js:11.5.1:*:*:*:*:*:*:*pkg:npm/highlight.js@11.5.1 0Highest9
hk2-api-2.6.1.jarpkg:maven/org.glassfish.hk2/hk2-api@2.6.1 025
hk2-locator-2.6.1.jarcpe:2.3:a:service_project:service:2.6.1:*:*:*:*:*:*:*pkg:maven/org.glassfish.hk2/hk2-locator@2.6.1 0Low21
hk2-utils-2.6.1.jarcpe:2.3:a:utils_project:utils:2.6.1:*:*:*:*:*:*:*pkg:maven/org.glassfish.hk2/hk2-utils@2.6.1 0Highest27
homedir-polyfill:1.0.3pkg:npm/homedir-polyfill@1.0.3 08
hosted-git-info:4.1.0pkg:npm/hosted-git-info@4.1.0 08
hosted-git-info:5.2.1pkg:npm/hosted-git-info@5.2.1 08
hsqldb-2.6.1.jarcpe:2.3:a:hsqldb:hypersql_database:2.6.1:*:*:*:*:*:*:*pkg:maven/org.hsqldb/hsqldb@2.6.1CRITICAL1Low41
html-tags:3.3.1pkg:npm/html-tags@3.3.1 08
htmlparser2:3.8.3pkg:npm/htmlparser2@3.8.3 08
http-cache-semantics:4.1.1cpe:2.3:a:http-cache-semantics_project:http-cache-semantics:4.1.1:*:*:*:*:*:*:*pkg:npm/http-cache-semantics@4.1.1 0Highest6
http-proxy-agent:5.0.0cpe:2.3:a:http-proxy-agent_project:http-proxy-agent:5.0.0:*:*:*:*:*:*:*pkg:npm/http-proxy-agent@5.0.0 0Highest7
http2-wrapper:2.2.0pkg:npm/http2-wrapper@2.2.0 08
httpasyncclient-4.1.4.jarcpe:2.3:a:apache:httpasyncclient:4.1.4:*:*:*:*:*:*:*pkg:maven/org.apache.httpcomponents/httpasyncclient@4.1.4 0Highest25
httpclient-4.5.13.jarcpe:2.3:a:apache:httpclient:4.5.13:*:*:*:*:*:*:*pkg:maven/org.apache.httpcomponents/httpclient@4.5.13 0Highest32
httpcore-4.4.14.jarpkg:maven/org.apache.httpcomponents/httpcore@4.4.14 032
httpcore-nio-4.4.14.jarpkg:maven/org.apache.httpcomponents/httpcore-nio@4.4.14 030
httpmime-4.5.13.jarpkg:maven/org.apache.httpcomponents/httpmime@4.5.13 030
https-proxy-agent:5.0.1cpe:2.3:a:https-proxy-agent_project:https-proxy-agent:5.0.1:*:*:*:*:*:*:*pkg:npm/https-proxy-agent@5.0.1 0Highest7
httpservices-4.5.5.jarpkg:maven/edu.ucar/httpservices@4.5.5 025
human-signals:2.1.0pkg:npm/human-signals@2.1.0 08
humanize-ms:1.2.1pkg:npm/humanize-ms@1.2.1 08
iconv-lite:0.4.24pkg:npm/iconv-lite@0.4.24 08
iconv-lite:0.6.3pkg:npm/iconv-lite@0.6.3 08
icu4j-69.1.jarcpe:2.3:a:icu-project:international_components_for_unicode:69.1:*:*:*:*:*:*:*
cpe:2.3:a:unicode:international_components_for_unicode:69.1:*:*:*:*:*:*:*		pkg:maven/com.ibm.icu/icu4j@69.1 0Low79
ieee754:1.2.1pkg:npm/ieee754@1.2.1 08
ignore-walk:6.0.3pkg:npm/ignore-walk@6.0.3 06
ignore:5.2.4pkg:npm/ignore@5.2.4 07
immediate:3.0.6pkg:npm/immediate@3.0.6 06
immutable:4.3.0pkg:npm/immutable@4.3.0 09
import-fresh:3.3.0pkg:npm/import-fresh@3.3.0 08
import-lazy:2.1.0pkg:npm/import-lazy@2.1.0 08
import-lazy:4.0.0pkg:npm/import-lazy@4.0.0 08
imurmurhash:0.1.4pkg:npm/imurmurhash@0.1.4 010
indent-string:4.0.0pkg:npm/indent-string@4.0.0 08
inflight:1.0.6pkg:npm/inflight@1.0.6 08
inherits:2.0.4pkg:npm/inherits@2.0.4 05
ini:1.3.8cpe:2.3:a:ini_project:ini:1.3.8:*:*:*:*:*:*:*pkg:npm/ini@1.3.8 0Highest6
ini:2.0.0cpe:2.3:a:ini_project:ini:2.0.0:*:*:*:*:*:*:*pkg:npm/ini@2.0.0 0Highest6
ini:4.1.1cpe:2.3:a:ini_project:ini:4.1.1:*:*:*:*:*:*:*pkg:npm/ini@4.1.1 0Highest6
inquirer:7.3.3pkg:npm/inquirer@7.3.3 06
internal-slot:1.0.5pkg:npm/internal-slot@1.0.5 08
invariant:2.2.4pkg:npm/invariant@2.2.4 06
ip:2.0.0cpe:2.3:a:fedorindutny:ip:2.0.0:*:*:*:*:*:*:*pkg:npm/ip@2.0.0CRITICAL1Highest6
is-array-buffer:3.0.2pkg:npm/is-array-buffer@3.0.2 08
is-arrayish:0.2.1pkg:npm/is-arrayish@0.2.1 06
is-bigint:1.0.4pkg:npm/is-bigint@1.0.4 08
is-binary-path:2.1.0pkg:npm/is-binary-path@2.1.0 08
is-boolean-object:1.1.2pkg:npm/is-boolean-object@1.1.2 06
is-builtin-module:3.2.1pkg:npm/is-builtin-module@3.2.1 08
is-callable:1.2.7pkg:npm/is-callable@1.2.7 08
is-ci:2.0.0pkg:npm/is-ci@2.0.0 08
is-core-module:2.12.1pkg:npm/is-core-module@2.12.1 08
is-date-object:1.0.5pkg:npm/is-date-object@1.0.5 06
is-docker:2.2.1pkg:npm/is-docker@2.2.1 08
is-es2016-keyword:1.0.0pkg:npm/is-es2016-keyword@1.0.0 08
is-extglob:2.1.1pkg:npm/is-extglob@2.1.1 08
is-fullwidth-code-point:3.0.0pkg:npm/is-fullwidth-code-point@3.0.0 08
is-glob:4.0.3pkg:npm/is-glob@4.0.3 08
is-installed-globally:0.3.2pkg:npm/is-installed-globally@0.3.2 08
is-interactive:1.0.0pkg:npm/is-interactive@1.0.0 08
is-lambda:1.0.1pkg:npm/is-lambda@1.0.1 08
is-negative-zero:2.0.2pkg:npm/is-negative-zero@2.0.2 08
is-npm:4.0.0pkg:npm/is-npm@4.0.0 08
is-number-object:1.0.7pkg:npm/is-number-object@1.0.7 08
is-number:7.0.0pkg:npm/is-number@7.0.0 08
is-obj:2.0.0pkg:npm/is-obj@2.0.0 08
is-path-inside:3.0.3pkg:npm/is-path-inside@3.0.3 08
is-plain-obj:1.1.0pkg:npm/is-plain-obj@1.1.0 08
is-plain-object:2.0.4pkg:npm/is-plain-object@2.0.4 08
is-plain-object:5.0.0pkg:npm/is-plain-object@5.0.0 08
is-regex:1.1.4pkg:npm/is-regex@1.1.4 08
is-shared-array-buffer:1.0.2pkg:npm/is-shared-array-buffer@1.0.2 010
is-stream:2.0.1pkg:npm/is-stream@2.0.1 08
is-string:1.0.7pkg:npm/is-string@1.0.7 06
is-symbol:1.0.4pkg:npm/is-symbol@1.0.4 07
is-typed-array:1.1.10pkg:npm/is-typed-array@1.1.10 08
is-typedarray:1.0.0pkg:npm/is-typedarray@1.0.0 08
is-unicode-supported:0.1.0pkg:npm/is-unicode-supported@0.1.0 08
is-weakref:1.0.2pkg:npm/is-weakref@1.0.2 08
is-wsl:2.2.0pkg:npm/is-wsl@2.2.0 08
is-yarn-global:0.3.0pkg:npm/is-yarn-global@0.3.0 06
isarray:0.0.1pkg:npm/isarray@0.0.1 09
isarray:2.0.5pkg:npm/isarray@2.0.5 09
isexe:2.0.0pkg:npm/isexe@2.0.0 08
isobject:3.0.1pkg:npm/isobject@3.0.1 08
isoparser-1.9.41.7.jarcpe:2.3:a:boxes_project:boxes:1.9.41.7:*:*:*:*:*:*:*pkg:maven/org.tallison/isoparser@1.9.41.7 0Low20
istack-commons-runtime-3.0.12.jarpkg:maven/com.sun.istack/istack-commons-runtime@3.0.12 033
istack-commons-tools-3.0.12.jarpkg:maven/com.sun.istack/istack-commons-tools@3.0.12 035
itext-2.1.7.jarpkg:maven/com.lowagie/itext@2.1.7HIGH146
itext-rtf-2.1.7.jarpkg:maven/com.lowagie/itext-rtf@2.1.7 046
j2objc-annotations-1.3.jarpkg:maven/com.google.j2objc/j2objc-annotations@1.3 024
jackcess-4.0.1.jarpkg:maven/com.healthmarketscience.jackcess/jackcess@4.0.1 042
jackcess-encrypt-4.0.1.jarpkg:maven/com.healthmarketscience.jackcess/jackcess-encrypt@4.0.1 038
jackson-core-2.12.4.jarcpe:2.3:a:fasterxml:jackson-modules-java8:2.12.4:*:*:*:*:*:*:*pkg:maven/com.fasterxml.jackson.core/jackson-core@2.12.4 0Low45
jackson-core-asl-1.9.13.jarpkg:maven/org.codehaus.jackson/jackson-core-asl@1.9.13 038
jackson-databind-2.12.4.jarcpe:2.3:a:fasterxml:jackson-databind:2.12.4:*:*:*:*:*:*:*
cpe:2.3:a:fasterxml:jackson-modules-java8:2.12.4:*:*:*:*:*:*:*		pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.12.4HIGH5Highest41
jackson-dataformat-csv-2.12.4.jarcpe:2.3:a:fasterxml:jackson-dataformat-xml:2.12.4:*:*:*:*:*:*:*pkg:maven/com.fasterxml.jackson.dataformat/jackson-dataformat-csv@2.12.4 0Highest39
jackson-datatype-guava-2.12.4.jarpkg:maven/com.fasterxml.jackson.datatype/jackson-datatype-guava@2.12.4 039
jackson-datatype-joda-2.12.4.jarpkg:maven/com.fasterxml.jackson.datatype/jackson-datatype-joda@2.12.4 041
jackson-jaxrs-base-2.12.4.jarpkg:maven/com.fasterxml.jackson.jaxrs/jackson-jaxrs-base@2.12.4 039
jackson-jaxrs-json-provider-2.12.4.jarpkg:maven/com.fasterxml.jackson.jaxrs/jackson-jaxrs-json-provider@2.12.4 039
jackson-jaxrs-xml-provider-2.12.4.jarpkg:maven/com.fasterxml.jackson.jaxrs/jackson-jaxrs-xml-provider@2.12.4 039
jackson-module-jaxb-annotations-2.12.4.jarpkg:maven/com.fasterxml.jackson.module/jackson-module-jaxb-annotations@2.12.4 041
jackspeak:2.3.6pkg:npm/jackspeak@2.3.6 06
jai-imageio-core-1.4.0.jarpkg:maven/com.github.jai-imageio/jai-imageio-core@1.4.0 042
jakarta.activation-2.0.1.jarpkg:maven/com.sun.activation/jakarta.activation@2.0.1 036
jakarta.annotation-api-1.3.5.jarcpe:2.3:a:oracle:projects:1.3.5:*:*:*:*:*:*:*pkg:maven/jakarta.annotation/jakarta.annotation-api@1.3.5 0Low35
jakarta.inject-2.6.1.jarpkg:maven/org.glassfish.hk2.external/jakarta.inject@2.6.1 027
jakarta.mail-2.0.1.jarpkg:maven/com.sun.mail/jakarta.mail@2.0.1 042
jakarta.ws.rs-api-2.1.6.jarcpe:2.3:a:web_project:web:2.1.6:*:*:*:*:*:*:*pkg:maven/jakarta.ws.rs/jakarta.ws.rs-api@2.1.6 0Low43
jakarta.xml.bind-api-2.3.3.jarpkg:maven/jakarta.xml.bind/jakarta.xml.bind-api@2.3.3 033
java-jwt-3.18.2.jarpkg:maven/com.auth0/java-jwt@3.18.2 039
java-libpst-0.9.3.jarpkg:maven/com.pff/java-libpst@0.9.3 020
java-saml-2.7.0.jarpkg:maven/com.onelogin/java-saml@2.7.0 018
java-saml-core-2.7.0.jarpkg:maven/com.onelogin/java-saml-core@2.7.0 017
javase-3.0.1.jarpkg:maven/com.google.zxing/javase@3.0.1 023
javassist-3.22.0-CR2.jarpkg:maven/org.javassist/javassist@3.22.0-CR2 056
javax.activation-api-1.2.0.jarpkg:maven/javax.activation/javax.activation-api@1.2.0 039
javax.annotation-api-1.3.2.jarpkg:maven/javax.annotation/javax.annotation-api@1.3.2 048
javax.ejb-api-3.2.2.jarpkg:maven/javax.ejb/javax.ejb-api@3.2.2 046
javax.inject-1.jarpkg:maven/javax.inject/javax.inject@1 020
javax.jms-api-2.0.1.jarcpe:2.3:a:oracle:projects:2.0.1:*:*:*:*:*:*:*pkg:maven/javax.jms/javax.jms-api@2.0.1 0Low34
javax.mail-api-1.6.2.jarpkg:maven/javax.mail/javax.mail-api@1.6.2 039
javax.servlet-api-4.0.1.jarcpe:2.3:a:oracle:java_se:4.0.1:*:*:*:*:*:*:*pkg:maven/javax.servlet/javax.servlet-api@4.0.1 0Medium48
javax.servlet.jsp-api-2.3.3.jarcpe:2.3:a:oracle:java_se:2.3.3:*:*:*:*:*:*:*
cpe:2.3:a:oracle:jsp:2.3.3:*:*:*:*:*:*:*		pkg:maven/javax.servlet.jsp/javax.servlet.jsp-api@2.3.3 0High46
javax.transaction-api-1.3.jarpkg:maven/javax.transaction/javax.transaction-api@1.3 048
javax.websocket-api-1.1.jarpkg:maven/javax.websocket/javax.websocket-api@1.1 030
javax.ws.rs-api-2.0.1.jarpkg:maven/javax.ws.rs/javax.ws.rs-api@2.0.1 057
jawk-1.02.jarpkg:maven/org.jawk/jawk@1.02 012
jaxb-api-2.3.1.jarpkg:maven/javax.xml.bind/jaxb-api@2.3.1 035
jaxb-impl-2.3.3.jar (shaded: com.sun.istack:istack-commons-runtime:3.0.11)pkg:maven/com.sun.istack/istack-commons-runtime@3.0.11 09
jaxb-impl-2.3.3.jar (shaded: org.glassfish.jaxb:jaxb-runtime:2.3.3)pkg:maven/org.glassfish.jaxb/jaxb-runtime@2.3.3 011
jaxb-impl-2.3.3.jar (shaded: org.glassfish.jaxb:txw2:2.3.3)pkg:maven/org.glassfish.jaxb/txw2@2.3.3 011
jaxb-impl-2.3.3.jarpkg:maven/com.sun.xml.bind/jaxb-impl@2.3.3 041
jaxb-svg11-1.0.2.jarpkg:maven/org.plutext/jaxb-svg11@1.0.2 034
jaxb-xjc-2.3.4.jarcpe:2.3:a:eclipse:glassfish:2.3.4:*:*:*:*:*:*:*pkg:maven/org.glassfish.jaxb/jaxb-xjc@2.3.4 0High33
jbig2-imageio-3.0.3.jarcpe:2.3:a:apache:pdfbox:3.0.3:*:*:*:*:*:*:*pkg:maven/org.apache.pdfbox/jbig2-imageio@3.0.3 0Highest130
jcip-annotations-1.0.jarpkg:maven/net.jcip/jcip-annotations@1.0 024
jcl-over-slf4j-1.7.32.jarpkg:maven/org.slf4j/jcl-over-slf4j@1.7.32 031
jclouds-core-2.4.0.jarcpe:2.3:a:apache:jclouds:2.4.0:*:*:*:*:*:*:*pkg:maven/org.apache.jclouds/jclouds-core@2.4.0 0Highest27
jclouds-core-2.4.0.jar: gson-2.8.5.jarcpe:2.3:a:google:gson:2.8.5:*:*:*:*:*:*:*pkg:maven/com.google.code.gson/gson@2.8.5HIGH1Highest24
jcommander-1.81.jarpkg:maven/com.beust/jcommander@1.81 026
jdom2-2.0.6.jarcpe:2.3:a:jdom:jdom:2.0.6:*:*:*:*:*:*:*pkg:maven/org.jdom/jdom2@2.0.6HIGH1Highest65
jedis-3.7.0.jarpkg:maven/redis.clients/jedis@3.7.0 027
jempbox-1.8.16.jarcpe:2.3:a:apache:pdfbox:1.8.16:*:*:*:*:*:*:*pkg:maven/org.apache.pdfbox/jempbox@1.8.16 0Highest31
jersey-common-2.29.1.jarcpe:2.3:a:jersey_project:jersey:2.29.1:*:*:*:*:*:*:*pkg:maven/org.glassfish.jersey.core/jersey-common@2.29.1MEDIUM1Highest29
jersey-hk2-2.29.1.jarcpe:2.3:a:jersey_project:jersey:2.29.1:*:*:*:*:*:*:*pkg:maven/org.glassfish.jersey.inject/jersey-hk2@2.29.1 0Highest27
jfreechart-1.5.3.jarcpe:2.3:a:time_project:time:1.5.3:*:*:*:*:*:*:*pkg:maven/org.jfree/jfreechart@1.5.3 0Low41
jhighlight-1.0.3.jarpkg:maven/org.codelibs/jhighlight@1.0.3 020
jju:1.4.0pkg:npm/jju@1.4.0 09
jjwt-api-0.11.2.jarpkg:maven/io.jsonwebtoken/jjwt-api@0.11.2 031
jjwt-impl-0.11.2.jarpkg:maven/io.jsonwebtoken/jjwt-impl@0.11.2 035
jjwt-jackson-0.11.2.jarpkg:maven/io.jsonwebtoken/jjwt-jackson@0.11.2 035
jlessc-1.10.jarpkg:maven/de.inetsoftware/jlessc@1.10 033
jlessc-ant-1.10.jarpkg:maven/com.simplicite.ant/jlessc-ant@1.10
pkg:maven/com.simplicite/jlessc-ant@1.10		 028
jmatio-1.5.jarpkg:maven/org.tallison/jmatio@1.5 026
jmustache-1.15.jarpkg:maven/com.samskivert/jmustache@1.15 028
jna-5.8.0.jarcpe:2.3:a:oracle:java_se:5.8.0:*:*:*:*:*:*:*pkg:maven/net.java.dev.jna/jna@5.8.0 0Low48
jna-5.8.0.jar: jnidispatch.dll 02
jna-5.8.0.jar: jnidispatch.dll 02
jna-5.8.0.jar: jnidispatch.dll 02
joda-time-2.10.10.jarpkg:maven/joda-time/joda-time@2.10.10 047
jose4j-0.7.11.jarcpe:2.3:a:jose4j_project:jose4j:0.7.11:*:*:*:*:*:*:*pkg:maven/org.bitbucket.b_c/jose4j@0.7.11HIGH2Highest39
jquery:3.6.0cpe:2.3:a:jquery:jquery:3.6.0:*:*:*:*:*:*:*pkg:npm/jquery@3.6.0 0Highest9
js-beautify:1.14.0cpe:2.3:a:js-beautify_project:js-beautify:1.14.0:*:*:*:*:*:*:*pkg:npm/js-beautify@1.14.0 0Highest8
js-tokens:4.0.0pkg:npm/js-tokens@4.0.0 06
js-yaml:3.14.1cpe:2.3:a:js-yaml_project:js-yaml:3.14.1:*:*:*:*:*:*:*pkg:npm/js-yaml@3.14.1 0Highest7
js-yaml:4.1.0cpe:2.3:a:js-yaml_project:js-yaml:4.1.0:*:*:*:*:*:*:*pkg:npm/js-yaml@4.1.0 0Highest6
js2xmlparser:4.0.2pkg:npm/js2xmlparser@4.0.2 07
jsdoc-type-pratt-parser:4.0.0pkg:npm/jsdoc-type-pratt-parser@4.0.0 08
jsdoc:4.0.2pkg:npm/jsdoc@4.0.2 010
jsesc:0.5.0pkg:npm/jsesc@0.5.0 09
jsesc:2.5.2pkg:npm/jsesc@2.5.2 09
jshint:2.13.1pkg:npm/jshint@2.13.1 010
json-20211205.jarcpe:2.3:a:json-java_project:json-java:*:*:*:*:*:*:*:*pkg:maven/org.json/json@20211205HIGH2Highest30
json-buffer:3.0.1pkg:npm/json-buffer@3.0.1 07
json-parse-even-better-errors:2.3.1pkg:npm/json-parse-even-better-errors@2.3.1 08
json-parse-even-better-errors:3.0.0pkg:npm/json-parse-even-better-errors@3.0.0 06
json-parse-helpfulerror:1.0.3pkg:npm/json-parse-helpfulerror@1.0.3 08
json-schema-traverse:0.4.1pkg:npm/json-schema-traverse@0.4.1 08
json-schema-traverse:1.0.0pkg:npm/json-schema-traverse@1.0.0 08
json-simple-1.1.1.jarpkg:maven/com.googlecode.json-simple/json-simple@1.1.1 025
json-stable-stringify-without-jsonify:1.0.1pkg:npm/json-stable-stringify-without-jsonify@1.0.1 09
json5:2.2.3cpe:2.3:a:json5:json5:2.2.3:*:*:*:*:*:*:*pkg:npm/json5@2.2.3 0Highest8
jsonfile:4.0.0pkg:npm/jsonfile@4.0.0 06
jsonlines:0.1.1pkg:npm/jsonlines@0.1.1 05
jsonparse:1.3.1pkg:npm/jsonparse@1.3.1 07
jsoup-1.14.3.jarcpe:2.3:a:jsoup:jsoup:1.14.3:*:*:*:*:*:*:*pkg:maven/org.jsoup/jsoup@1.14.3MEDIUM1Highest37
jsr305-3.0.2.jarpkg:maven/com.google.code.findbugs/jsr305@3.0.2 017
jszip-utils:0.1.0pkg:npm/jszip-utils@0.1.0 06
jszip:3.7.1cpe:2.3:a:jszip_project:jszip:3.7.1:*:*:*:*:*:*:*pkg:npm/jszip@3.7.1HIGH2Highest6
jtidy-r938.jarcpe:2.3:a:jtidy_project:jtidy:r938:*:*:*:*:*:*:*pkg:maven/net.sf.jtidy/jtidy@r938HIGH1Highest53
jul-to-slf4j-1.7.32.jarpkg:maven/org.slf4j/jul-to-slf4j@1.7.32 026
junit-4.13.2.jarcpe:2.3:a:junit:junit4:4.13.2:*:*:*:*:*:*:*pkg:maven/junit/junit@4.13.2 0Low53
juniversalchardet-1.0.3.jarpkg:maven/com.googlecode.juniversalchardet/juniversalchardet@1.0.3 024
junrar-7.4.0.jarcpe:2.3:a:junrar_project:junrar:7.4.0:*:*:*:*:*:*:*pkg:maven/com.github.junrar/junrar@7.4.0HIGH1Highest24
kafka-clients-3.3.1.jarcpe:2.3:a:apache:kafka:3.3.1:*:*:*:*:*:*:*pkg:maven/org.apache.kafka/kafka-clients@3.3.1HIGH1Highest24
keyv:3.1.0pkg:npm/keyv@3.1.0 08
keyv:4.5.2pkg:npm/keyv@4.5.2 08
kind-of:6.0.3cpe:2.3:a:kind-of_project:kind-of:6.0.3:*:*:*:*:*:*:*pkg:npm/kind-of@6.0.3 0Highest8
klaw:3.0.0pkg:npm/klaw@3.0.0 08
kleur:4.1.5pkg:npm/kleur@4.1.5 08
known-css-properties:0.26.0pkg:npm/known-css-properties@0.26.0 010
latest-version:5.1.0pkg:npm/latest-version@5.1.0 08
leaflet:1.7.1pkg:npm/leaflet@1.7.1 06
levn:0.4.1pkg:npm/levn@0.4.1 08
libphonenumber-8.12.32.jarpkg:maven/com.googlecode.libphonenumber/libphonenumber@8.12.32 020
license-report:6.5.0pkg:npm/license-report@6.5.0 08
lie:3.3.0pkg:npm/lie@3.3.0 06
lines-and-columns:1.2.4pkg:npm/lines-and-columns@1.2.4 08
linkify-it:3.0.3pkg:npm/linkify-it@3.0.3 05
listenablefuture-9999.0-empty-to-avoid-conflict-with-guava.jarpkg:maven/com.google.guava/listenablefuture@9999.0-empty-to-avoid-conflict-with-guava 013
load-yaml-file:0.2.0pkg:npm/load-yaml-file@0.2.0 04
locate-path:3.0.0pkg:npm/locate-path@3.0.0 08
locate-path:5.0.0pkg:npm/locate-path@5.0.0 08
locate-path:6.0.0pkg:npm/locate-path@6.0.0 08
lodash.debounce:4.0.8pkg:npm/lodash.debounce@4.0.8 07
lodash.merge:4.6.2pkg:npm/lodash.merge@4.6.2 07
lodash.truncate:4.4.2pkg:npm/lodash.truncate@4.4.2 07
lodash:4.17.21cpe:2.3:a:lodash:lodash:4.17.21:*:*:*:*:*:*:*pkg:npm/lodash@4.17.21 0Highest7
log-symbols:4.1.0pkg:npm/log-symbols@4.1.0 08
log4j-core-2.19.0.jarcpe:2.3:a:apache:log4j:2.19.0:*:*:*:*:*:*:*pkg:maven/org.apache.logging.log4j/log4j-core@2.19.0 0Highest48
log4j-slf4j-impl-2.19.0.jarpkg:maven/org.apache.logging.log4j/log4j-slf4j-impl@2.19.0 044
loose-envify:1.4.0pkg:npm/loose-envify@1.4.0 07
lower-case:2.0.2pkg:npm/lower-case@2.0.2 010
lowercase-keys:2.0.0pkg:npm/lowercase-keys@2.0.0 08
lowercase-keys:3.0.0pkg:npm/lowercase-keys@3.0.0 08
lru-cache:10.0.0pkg:npm/lru-cache@10.0.0 06
lru-cache:4.1.5pkg:npm/lru-cache@4.1.5 06
lru-cache:5.1.1pkg:npm/lru-cache@5.1.1 06
lru-cache:6.0.0pkg:npm/lru-cache@6.0.0 06
lru-cache:7.18.3pkg:npm/lru-cache@7.18.3 06
lucene-core-8.9.0.jarpkg:maven/org.apache.lucene/lucene-core@8.9.0 028
luxon:1.28.1pkg:npm/luxon@1.28.1 06
lz4-java-1.8.0.jarpkg:maven/org.lz4/lz4-java@1.8.0 037
magic-string:0.30.0pkg:npm/magic-string@0.30.0 06
make-dir:2.1.0pkg:npm/make-dir@2.1.0 08
make-dir:3.1.0pkg:npm/make-dir@3.1.0 08
make-fetch-happen:11.1.1pkg:npm/make-fetch-happen@11.1.1 06
map-obj:1.0.1pkg:npm/map-obj@1.0.1 08
map-obj:4.3.0pkg:npm/map-obj@4.3.0 08
markdown-it-anchor:8.6.7pkg:npm/markdown-it-anchor@8.6.7 05
markdown-it:12.3.2cpe:2.3:a:markdown-it_project:markdown-it:12.3.2:*:*:*:*:*:*:*pkg:npm/markdown-it@12.3.2 0Highest5
marked:1.2.9cpe:2.3:a:marked_project:marked:1.2.9:*:*:*:*:*:*:*pkg:npm/marked@1.2.9HIGH6Highest8
marked:3.0.4cpe:2.3:a:marked_project:marked:3.0.4:*:*:*:*:*:*:*pkg:npm/marked@3.0.4HIGH2Highest8
marked:4.3.0cpe:2.3:a:marked_project:marked:4.3.0:*:*:*:*:*:*:*pkg:npm/marked@4.3.0 0Highest8
mathml-tag-names:2.1.3pkg:npm/mathml-tag-names@2.1.3 07
mbassador-1.3.2.jarpkg:maven/net.engio/mbassador@1.3.2 029
mchange-commons-java-0.2.19.jarpkg:maven/com.mchange/mchange-commons-java@0.2.19 029
mdurl:1.0.1pkg:npm/mdurl@1.0.1 05
meow:9.0.0pkg:npm/meow@9.0.0 08
merge-stream:2.0.0pkg:npm/merge-stream@2.0.0 06
merge2:1.4.1pkg:npm/merge2@1.4.1 06
metadata-extractor-2.15.0.1.jarcpe:2.3:a:metadata-extractor_project:metadata-extractor:2.15.0.1:*:*:*:*:*:*:*pkg:maven/org.tallison/metadata-extractor@2.15.0.1MEDIUM2Highest34
micromatch:4.0.5pkg:npm/micromatch@4.0.5 08
migbase64-2.2.jarpkg:maven/com.brsanthu/migbase64@2.2 038
mimepull-1.9.11.jarpkg:maven/org.jvnet.mimepull/mimepull@1.9.11 037
mimic-fn:2.1.0pkg:npm/mimic-fn@2.1.0 08
mimic-response:1.0.1pkg:npm/mimic-response@1.0.1 08
mimic-response:3.1.0pkg:npm/mimic-response@3.1.0 08
mimic-response:4.0.0pkg:npm/mimic-response@4.0.0 08
min-indent:1.0.1pkg:npm/min-indent@1.0.1 08
minimatch:3.1.2cpe:2.3:a:minimatch_project:minimatch:3.1.2:*:*:*:*:*:*:*pkg:npm/minimatch@3.1.2 0Highest6
minimatch:9.0.3cpe:2.3:a:minimatch_project:minimatch:9.0.3:*:*:*:*:*:*:*pkg:npm/minimatch@9.0.3 0Highest6
minimist-options:4.1.0pkg:npm/minimist-options@4.1.0 06
minimist:1.2.8cpe:2.3:a:substack:minimist:1.2.8:*:*:*:*:*:*:*pkg:npm/minimist@1.2.8 0Highest9
minipass-collect:1.0.2pkg:npm/minipass-collect@1.0.2 06
minipass-fetch:3.0.3pkg:npm/minipass-fetch@3.0.3 06
minipass-flush:1.0.5pkg:npm/minipass-flush@1.0.5 06
minipass-json-stream:1.0.1pkg:npm/minipass-json-stream@1.0.1 06
minipass-pipeline:1.2.4pkg:npm/minipass-pipeline@1.2.4 06
minipass-sized:1.0.3pkg:npm/minipass-sized@1.0.3 06
minipass:3.3.6pkg:npm/minipass@3.3.6 06
minipass:5.0.0pkg:npm/minipass@5.0.0 06
minizlib:2.1.2pkg:npm/minizlib@2.1.2 06
mkdirp:1.0.4pkg:npm/mkdirp@1.0.4 05
mockito-core-4.5.1.jarpkg:maven/org.mockito/mockito-core@4.5.1 041
moment-timezone:0.5.34pkg:npm/moment-timezone@0.5.34MODERATE28
moment:2.29.4cpe:2.3:a:momentjs:moment:2.29.4:*:*:*:*:*:*:*pkg:npm/moment@2.29.4 0Highest8
mongodb-driver-core-3.12.12.jarcpe:2.3:a:mongodb:java_driver:3.12.12:*:*:*:*:*:*:*pkg:maven/org.mongodb/mongodb-driver-core@3.12.12 0Low28
ms:2.1.2pkg:npm/ms@2.1.2 05
mssql-jdbc-12.4.1.jre8.jarcpe:2.3:a:www-sql_project:www-sql:12.4.1.jre8:*:*:*:*:*:*:*pkg:maven/com.microsoft.sqlserver/mssql-jdbc@12.4.1
pkg:maven/com.microsoft.sqlserver/mssql-jdbc@12.4.1.jre8		 0Highest34
multimatch:5.0.0pkg:npm/multimatch@5.0.0 08
mustache:4.2.0pkg:npm/mustache@4.2.0 07
mute-stream:0.0.8pkg:npm/mute-stream@0.0.8 06
mysql-connector-j-8.1.0.jarcpe:2.3:a:mysql:mysql:8.1.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql_connector\/j:8.1.0:*:*:*:*:*:*:*		pkg:maven/com.mysql/mysql-connector-j@8.1.0HIGH1Highest52
nanoid:3.3.6cpe:2.3:a:nanoid_project:nanoid:3.3.6:*:*:*:*:*:*:*pkg:npm/nanoid@3.3.6 0Highest6
natural-compare:1.4.0pkg:npm/natural-compare@1.4.0 07
negotiator:0.6.3cpe:2.3:a:negotiator_project:negotiator:0.6.3:*:*:*:*:*:*:*pkg:npm/negotiator@0.6.3 0Highest5
neo-async:2.6.2pkg:npm/neo-async@2.6.2 06
netcdf4-4.5.5.jarpkg:maven/edu.ucar/netcdf4@4.5.5 025
netty-codec-4.1.59.Final.jarcpe:2.3:a:netty:netty:4.1.59:*:*:*:*:*:*:*pkg:maven/io.netty/netty-codec@4.1.59.FinalHIGH*10Highest32
netty-codec-http-4.1.59.Final.jarcpe:2.3:a:netty:netty:4.1.59:*:*:*:*:*:*:*pkg:maven/io.netty/netty-codec-http@4.1.59.FinalHIGH*10Highest32
netty-codec-mqtt-4.1.59.Final.jarcpe:2.3:a:mqtt:mqtt:4.1.59:*:*:*:*:*:*:*
cpe:2.3:a:netty:netty:4.1.59:*:*:*:*:*:*:*		pkg:maven/io.netty/netty-codec-mqtt@4.1.59.FinalHIGH*9Highest32
netty-common-4.1.59.Final.jar (shaded: org.jctools:jctools-core:3.1.0)pkg:maven/org.jctools/jctools-core@3.1.0 09
netty-transport-4.1.59.Final.jarcpe:2.3:a:netty:netty:4.1.59:*:*:*:*:*:*:*pkg:maven/io.netty/netty-transport@4.1.59.FinalHIGH*9Highest30
netty-transport-native-kqueue-4.1.65.Final-osx-x86_64.jarcpe:2.3:a:netty:netty:4.1.65:*:*:*:*:*:*:*pkg:maven/io.netty/netty-transport-native-kqueue@4.1.65.FinalHIGH*7Highest34
no-case:3.0.4cpe:2.3:a:no-case_project:no-case:3.0.4:*:*:*:*:*:*:*pkg:npm/no-case@3.0.4 0Highest10
node-emoji:1.11.0pkg:npm/node-emoji@1.11.0 07
node-environment-flags:1.0.6pkg:npm/node-environment-flags@1.0.6 06
node-gyp:9.4.0pkg:npm/node-gyp@9.4.0 06
node-releases:2.0.14pkg:npm/node-releases@2.0.14 06
nopt:5.0.0pkg:npm/nopt@5.0.0 06
nopt:6.0.0pkg:npm/nopt@6.0.0 06
normalize-package-data:2.5.0pkg:npm/normalize-package-data@2.5.0 06
normalize-package-data:3.0.3pkg:npm/normalize-package-data@3.0.3 06
normalize-package-data:5.0.0pkg:npm/normalize-package-data@5.0.0 06
normalize-path:3.0.0pkg:npm/normalize-path@3.0.0 08
normalize-url:4.5.1cpe:2.3:a:normalize-url_project:normalize-url:4.5.1:*:*:*:*:*:*:*pkg:npm/normalize-url@4.5.1 0Highest8
normalize-url:8.0.0cpe:2.3:a:normalize-url_project:normalize-url:8.0.0:*:*:*:*:*:*:*pkg:npm/normalize-url@8.0.0 0Highest8
npm-audit-html:1.5.0pkg:npm/npm-audit-html@1.5.0 06
npm-bundled:3.0.0pkg:npm/npm-bundled@3.0.0 06
npm-check-updates:16.14.14pkg:npm/npm-check-updates@16.14.14 08
npm-check:6.0.1pkg:npm/npm-check@6.0.1 09
npm-install-checks:6.1.1pkg:npm/npm-install-checks@6.1.1 06
npm-normalize-package-bin:3.0.1pkg:npm/npm-normalize-package-bin@3.0.1 06
npm-package-arg:10.1.0pkg:npm/npm-package-arg@10.1.0 08
npm-packlist:7.0.4pkg:npm/npm-packlist@7.0.4 06
npm-pick-manifest:8.0.2pkg:npm/npm-pick-manifest@8.0.2 06
npm-registry-fetch:14.0.5pkg:npm/npm-registry-fetch@14.0.5 06
npm-run-path:4.0.1pkg:npm/npm-run-path@4.0.1 08
npmlog:6.0.2pkg:npm/npmlog@6.0.2 06
numeral:2.0.6pkg:npm/numeral@2.0.6 010
oauth-2.4.0.jarcpe:2.3:a:apache:jclouds:2.4.0:*:*:*:*:*:*:*pkg:maven/org.apache.jclouds.api/oauth@2.4.0 0Highest31
object-inspect:1.12.3pkg:npm/object-inspect@1.12.3 09
object-keys:1.1.1pkg:npm/object-keys@1.1.1 08
object.assign:4.1.4pkg:npm/object.assign@4.1.4 06
object.getownpropertydescriptors:2.1.6pkg:npm/object.getownpropertydescriptors@2.1.6 06
objenesis-3.2.jarpkg:maven/org.objenesis/objenesis@3.2 027
ojdbc8-23.2.0.0.jarcpe:2.3:a:oracle:jdbc:23.2.0.0:*:*:*:*:*:*:*pkg:maven/com.oracle.database.jdbc/ojdbc8@23.2.0.0 0Highest32
okhttp-2.7.5.jarcpe:2.3:a:squareup:okhttp:2.7.5:*:*:*:*:*:*:*pkg:maven/com.squareup.okhttp/okhttp@2.7.5HIGH2Highest22
okio-1.6.0.jarcpe:2.3:a:squareup:okio:1.6.0:*:*:*:*:*:*:*pkg:maven/com.squareup.okio/okio@1.6.0HIGH1Highest16
once:1.4.0pkg:npm/once@1.4.0 06
onetime:5.1.2pkg:npm/onetime@5.1.2 08
open:7.4.2pkg:npm/open@7.4.2 08
opencensus-api-0.28.0.jarpkg:maven/io.opencensus/opencensus-api@0.28.0 033
opencensus-contrib-grpc-util-0.28.0.jarpkg:maven/io.opencensus/opencensus-contrib-grpc-util@0.28.0 037
opencensus-contrib-http-util-0.28.0.jarpkg:maven/io.opencensus/opencensus-contrib-http-util@0.28.0 037
openhtmltopdf-core-1.0.10.jarpkg:maven/com.openhtmltopdf/openhtmltopdf-core@1.0.10 025
openhtmltopdf-pdfbox-1.0.10.jarcpe:2.3:a:apache:pdfbox:1.0.10:*:*:*:*:*:*:*pkg:maven/com.openhtmltopdf/openhtmltopdf-pdfbox@1.0.10 0High21
openjson-1.0.12.jarpkg:maven/com.github.openjson/openjson@1.0.12 035
opennlp-tools-1.9.3.jarcpe:2.3:a:apache:opennlp:1.9.3:*:*:*:*:*:*:*pkg:maven/org.apache.opennlp/opennlp-tools@1.9.3 0Highest35
openstack-keystone-2.4.0.jarcpe:2.3:a:apache:jclouds:2.4.0:*:*:*:*:*:*:*
cpe:2.3:a:openstack:keystone:2.4.0:*:*:*:*:*:*:*
cpe:2.3:a:openstack:openstack:2.4.0:*:*:*:*:*:*:*		pkg:maven/org.apache.jclouds.api/openstack-keystone@2.4.0HIGH7Highest33
openstack-swift-2.4.0.jarcpe:2.3:a:apache:jclouds:2.4.0:*:*:*:*:*:*:*
cpe:2.3:a:openstack:openstack:2.4.0:*:*:*:*:*:*:*
cpe:2.3:a:openstack:swift:2.4.0:*:*:*:*:*:*:*		pkg:maven/org.apache.jclouds.api/openstack-swift@2.4.0CRITICAL4Highest33
optionator:0.9.3pkg:npm/optionator@0.9.3 08
ora:5.4.1pkg:npm/ora@5.4.1 08
org.apache.oltu.oauth2.client-1.0.2.jarpkg:maven/org.apache.oltu.oauth2/org.apache.oltu.oauth2.client@1.0.2 032
org.apache.oltu.oauth2.common-1.0.2.jarpkg:maven/org.apache.oltu.oauth2/org.apache.oltu.oauth2.common@1.0.2 032
org.eclipse.jgit.http.server-6.1.0.202203080745-r.jarcpe:2.3:a:eclipse:jgit:6.1.0:202203080745:*:*:*:*:*:*pkg:maven/org.eclipse.jgit/org.eclipse.jgit.http.server@6.1.0.202203080745-rHIGH1Highest40
org.eclipse.paho.client.mqttv3-1.2.5.jarcpe:2.3:a:eclipse:paho_java_client:1.2.5:*:*:*:*:*:*:*pkg:maven/org.eclipse.paho/org.eclipse.paho.client.mqttv3@1.2.5 0Low32
os-tmpdir:1.0.2pkg:npm/os-tmpdir@1.0.2 08
osgi-resource-locator-1.0.3.jarcpe:2.3:a:eclipse:glassfish:1.0.3:*:*:*:*:*:*:*pkg:maven/org.glassfish.hk2/osgi-resource-locator@1.0.3 0Medium34
p-cancelable:1.1.0pkg:npm/p-cancelable@1.1.0 08
p-cancelable:3.0.0pkg:npm/p-cancelable@3.0.0 08
p-limit:3.1.0pkg:npm/p-limit@3.1.0 09
p-locate:3.0.0pkg:npm/p-locate@3.0.0 08
p-locate:4.1.0pkg:npm/p-locate@4.1.0 08
p-locate:5.0.0pkg:npm/p-locate@5.0.0 08
p-map:4.0.0pkg:npm/p-map@4.0.0 08
p-try:2.2.0pkg:npm/p-try@2.2.0 08
package-json:6.5.0pkg:npm/package-json@6.5.0 08
package-json:8.1.1pkg:npm/package-json@8.1.1 08
pacote:15.2.0pkg:npm/pacote@15.2.0 06
pako:1.0.11pkg:npm/pako@1.0.11 06
parent-module:1.0.1pkg:npm/parent-module@1.0.1 08
parse-github-url:1.0.2pkg:npm/parse-github-url@1.0.2 08
parse-json:5.2.0cpe:2.3:a:parsejson_project:parsejson:5.2.0:*:*:*:*:*:*:*pkg:npm/parse-json@5.2.0 0Low8
parse-passwd:1.0.0pkg:npm/parse-passwd@1.0.0 08
parso-2.0.14.jarcpe:2.3:a:parso_project:parso:2.0.14:*:*:*:*:*:*:*pkg:maven/com.epam/parso@2.0.14 0Highest34
path-exists:3.0.0pkg:npm/path-exists@3.0.0 08
path-exists:4.0.0pkg:npm/path-exists@4.0.0 08
path-is-absolute:1.0.1pkg:npm/path-is-absolute@1.0.1 08
path-key:3.1.1pkg:npm/path-key@3.1.1 08
path-parse:1.0.7cpe:2.3:a:path-parse_project:path-parse:1.0.7:*:*:*:*:*:*:*pkg:npm/path-parse@1.0.7 0Highest8
path-scurry:1.10.1pkg:npm/path-scurry@1.10.1 06
path-type:4.0.0pkg:npm/path-type@4.0.0 08
pdfbox-2.0.23.jarcpe:2.3:a:apache:pdfbox:2.0.23:*:*:*:*:*:*:*pkg:maven/org.apache.pdfbox/pdfbox@2.0.23MEDIUM2Highest31
perfmark-api-0.23.0.jarpkg:maven/io.perfmark/perfmark-api@0.23.0 026
picocolors:1.0.0pkg:npm/picocolors@1.0.0 06
picomatch:2.3.1pkg:npm/picomatch@2.3.1 08
pify:4.0.1pkg:npm/pify@4.0.1 08
pinkie-promise:2.0.1pkg:npm/pinkie-promise@2.0.1 08
pinkie:2.0.4pkg:npm/pinkie@2.0.4 08
pirates:4.0.6pkg:npm/pirates@4.0.6 010
pkg-dir:3.0.0pkg:npm/pkg-dir@3.0.0 08
pkg-dir:4.2.0pkg:npm/pkg-dir@4.2.0 08
pkg-dir:5.0.0pkg:npm/pkg-dir@5.0.0 08
please-upgrade-node:3.2.0pkg:npm/please-upgrade-node@3.2.0 08
poi-4.1.2.jarcpe:2.3:a:apache:poi:4.1.2:*:*:*:*:*:*:*pkg:maven/org.apache.poi/poi@4.1.2MEDIUM1Highest29
popper.js:1.16.1pkg:npm/popper.js@1.16.1 08
postcss-less:6.0.0pkg:npm/postcss-less@6.0.0 08
postcss-media-query-parser:0.2.3pkg:npm/postcss-media-query-parser@0.2.3 08
postcss-resolve-nested-selector:0.1.1pkg:npm/postcss-resolve-nested-selector@0.1.1 06
postcss-safe-parser:6.0.0pkg:npm/postcss-safe-parser@6.0.0 06
postcss-selector-parser:6.0.13pkg:npm/postcss-selector-parser@6.0.13 05
postcss-value-parser:4.2.0pkg:npm/postcss-value-parser@4.2.0 08
postcss:8.4.24cpe:2.3:a:postcss:postcss:8.4.24:*:*:*:*:*:*:*pkg:npm/postcss@8.4.24MEDIUM1Highest8
postgresql-42.6.0.jarcpe:2.3:a:postgresql:postgresql_jdbc_driver:42.6.0:*:*:*:*:*:*:*pkg:maven/org.postgresql/postgresql@42.6.0CRITICAL1Low68
preact:10.15.1pkg:npm/preact@10.15.1 07
preferred-pm:3.0.3pkg:npm/preferred-pm@3.0.3 010
preflight-2.0.23.jarcpe:2.3:a:apache:pdfbox:2.0.23:*:*:*:*:*:*:*pkg:maven/org.apache.pdfbox/preflight@2.0.23MEDIUM2Highest33
prelude-ls:1.2.1pkg:npm/prelude-ls@1.2.1 08
prepend-http:2.0.0pkg:npm/prepend-http@2.0.0 08
proc-log:3.0.0pkg:npm/proc-log@3.0.0 06
process-nextick-args:2.0.1pkg:npm/process-nextick-args@2.0.1 08
progress:2.0.3pkg:npm/progress@2.0.3 06
promise-inflight:1.0.1pkg:npm/promise-inflight@1.0.1 08
promise-retry:2.0.1pkg:npm/promise-retry@2.0.1 07
prompts-ncu:3.0.0pkg:npm/prompts-ncu@3.0.0 08
proto-google-cloud-firestore-bundle-v1-2.6.1.jarpkg:maven/com.google.cloud/proto-google-cloud-firestore-bundle-v1@2.6.1 099
proto-google-cloud-firestore-v1-2.6.1.jarpkg:maven/com.google.api.grpc/proto-google-cloud-firestore-v1@2.6.1 099
proto-google-cloud-pubsub-v1-1.96.4.jarpkg:maven/com.google.api.grpc/proto-google-cloud-pubsub-v1@1.96.4 039
proto-google-common-protos-2.5.0.jarpkg:maven/com.google.api.grpc/proto-google-common-protos@2.5.0 037
proto-google-iam-v1-1.1.0.jarpkg:maven/com.google.api.grpc/proto-google-iam-v1@1.1.0 039
proto-list:1.2.4pkg:npm/proto-list@1.2.4 06
protobuf-java-3.17.3.jarcpe:2.3:a:google:protobuf-java:3.17.3:*:*:*:*:*:*:*
cpe:2.3:a:protobuf:protobuf:3.17.3:*:*:*:*:*:*:*		pkg:maven/com.google.protobuf/protobuf-java@3.17.3HIGH3Highest25
protobuf-java-util-3.17.3.jarcpe:2.3:a:google:protobuf-java:3.17.3:*:*:*:*:*:*:*
cpe:2.3:a:protobuf:protobuf:3.17.3:*:*:*:*:*:*:*		pkg:maven/com.google.protobuf/protobuf-java-util@3.17.3HIGH1Highest27
proton-j-0.33.8.jarcpe:2.3:a:apache:qpid:0.33.8:*:*:*:*:*:*:*
cpe:2.3:a:apache:qpid_proton:0.33.8:*:*:*:*:*:*:*
cpe:2.3:a:apache:qpid_proton-j:0.33.8:*:*:*:*:*:*:*
cpe:2.3:a:proton_project:proton:0.33.8:*:*:*:*:*:*:*		pkg:maven/org.apache.qpid/proton-j@0.33.8 0Highest30
pseudomap:1.0.2pkg:npm/pseudomap@1.0.2 08
pump:3.0.0pkg:npm/pump@3.0.0 06
punycode:2.3.0pkg:npm/punycode@2.3.0 09
pupa:2.1.1pkg:npm/pupa@2.1.1 09
qpid-jms-client-1.1.0.jarcpe:2.3:a:apache:qpid:1.1.0:*:*:*:*:*:*:*pkg:maven/org.apache.qpid/qpid-jms-client@1.1.0 0Highest25
qrgen-1.4.jarpkg:maven/net.glxn/qrgen@1.4 030
quartz-2.3.2.jarcpe:2.3:a:softwareag:quartz:2.3.2:*:*:*:*:*:*:*pkg:maven/org.quartz-scheduler/quartz@2.3.2CRITICAL1Highest33
query-ast:1.0.5pkg:npm/query-ast@1.0.5 07
queue-microtask:1.2.3pkg:npm/queue-microtask@1.2.3 010
quick-lru:4.0.1pkg:npm/quick-lru@4.0.1 08
quick-lru:5.1.1pkg:npm/quick-lru@5.1.1 08
rc-config-loader:4.1.3pkg:npm/rc-config-loader@4.1.3 08
rc:1.2.8pkg:npm/rc@1.2.8 06
read-package-json-fast:3.0.2pkg:npm/read-package-json-fast@3.0.2 06
read-package-json:6.0.4pkg:npm/read-package-json@6.0.4 06
read-pkg-up:7.0.1pkg:npm/read-pkg-up@7.0.1 08
read-pkg:5.2.0pkg:npm/read-pkg@5.2.0 08
readable-stream:1.1.14pkg:npm/readable-stream@1.1.14 06
readable-stream:2.3.8pkg:npm/readable-stream@2.3.8 05
readable-stream:3.6.2pkg:npm/readable-stream@3.6.2 05
readdirp:3.6.0pkg:npm/readdirp@3.6.0 08
redent:3.0.0pkg:npm/redent@3.0.0 08
regenerate-unicode-properties:10.1.0pkg:npm/regenerate-unicode-properties@10.1.0 09
regenerate:1.4.2pkg:npm/regenerate@1.4.2 09
regenerator-runtime:0.14.0pkg:npm/regenerator-runtime@0.14.0 06
regenerator-transform:0.15.2pkg:npm/regenerator-transform@0.15.2 06
regexp.prototype.flags:1.5.0pkg:npm/regexp.prototype.flags@1.5.0 06
regexpu-core:5.3.2pkg:npm/regexpu-core@5.3.2 09
registry-auth-token:4.2.2pkg:npm/registry-auth-token@4.2.2 08
registry-auth-token:5.0.2pkg:npm/registry-auth-token@5.0.2 08
registry-url:5.1.0pkg:npm/registry-url@5.1.0 08
registry-url:6.0.1pkg:npm/registry-url@6.0.1 08
regjsparser:0.9.1pkg:npm/regjsparser@0.9.1 06
relaxng-datatype-2.3.4.jarpkg:maven/com.sun.xml.bind.external/relaxng-datatype@2.3.4 034
remote-git-tags:3.0.0pkg:npm/remote-git-tags@3.0.0 08
require-directory:2.1.1pkg:npm/require-directory@2.1.1 08
require-from-string:2.0.2pkg:npm/require-from-string@2.0.2 08
require-package-name:2.0.1pkg:npm/require-package-name@2.0.1 010
requizzle:0.2.4pkg:npm/requizzle@0.2.4 08
resolve-alpn:1.2.1pkg:npm/resolve-alpn@1.2.1 08
resolve-from:4.0.0pkg:npm/resolve-from@4.0.0 08
resolve-from:5.0.0pkg:npm/resolve-from@5.0.0 08
resolve:1.22.2pkg:npm/resolve@1.22.2 08
responselike:1.0.2pkg:npm/responselike@1.0.2 06
responselike:3.0.0pkg:npm/responselike@3.0.0 06
restore-cursor:3.1.0pkg:npm/restore-cursor@3.1.0 08
retry:0.12.0pkg:npm/retry@0.12.0 07
reusify:1.0.4pkg:npm/reusify@1.0.4 08
rhino-1.7.13.jarpkg:maven/org.mozilla/rhino@1.7.13 031
rhino-1.7.13.jar: test.js 00
rhino-js-engine-1.7.10.jarpkg:maven/cat.inspiracio/rhino-js-engine@1.7.10 032
rhino-js-engine-1.7.10.jar: toplevel.js 00
rimraf:3.0.2pkg:npm/rimraf@3.0.2 06
rimraf:5.0.5pkg:npm/rimraf@5.0.5 06
rngom-2.3.4.jarpkg:maven/com.sun.xml.bind.external/rngom@2.3.4 036
rome-1.15.0.jarpkg:maven/com.rometools/rome@1.15.0 033
rome-utils-1.15.0.jarcpe:2.3:a:utils_project:utils:1.15.0:*:*:*:*:*:*:*pkg:maven/com.rometools/rome-utils@1.15.0 0Highest19
rrule:2.8.1pkg:npm/rrule@2.8.1 07
run-async:2.4.1pkg:npm/run-async@2.4.1 06
run-parallel:1.2.0pkg:npm/run-parallel@1.2.0 010
rxjs:6.6.7pkg:npm/rxjs@6.6.7 08
s3-2.4.0.jarcpe:2.3:a:apache:jclouds:2.4.0:*:*:*:*:*:*:*pkg:maven/org.apache.jclouds.api/s3@2.4.0 0Highest31
safe-array-concat:1.0.0pkg:npm/safe-array-concat@1.0.0 08
safe-buffer:5.2.1pkg:npm/safe-buffer@5.2.1 010
safe-regex-test:1.0.0pkg:npm/safe-regex-test@1.0.0 08
safer-buffer:2.1.2pkg:npm/safer-buffer@2.1.2 09
sass:1.63.6pkg:npm/sass@1.63.6 010
scss-parser:1.0.6pkg:npm/scss-parser@1.0.6 06
select2-theme-bootstrap4:1.0.0pkg:npm/select2-theme-bootstrap4@1.0.0 08
select2:4.0.13cpe:2.3:a:select2:select2:4.0.13:*:*:*:*:*:*:*pkg:npm/select2@4.0.13 0Highest9
semver-compare:1.0.0pkg:npm/semver-compare@1.0.0 09
semver-diff:3.1.1pkg:npm/semver-diff@3.1.1 08
semver-utils:1.1.4pkg:npm/semver-utils@1.1.4 07
semver:5.7.1pkg:npm/semver@5.7.1HIGH15
semver:6.3.1pkg:npm/semver@6.3.1 06
semver:7.5.4pkg:npm/semver@7.5.4 06
sentence-case:3.0.4pkg:npm/sentence-case@3.0.4 010
sentiment-analysis-parser-0.1.jarcpe:2.3:a:ini-parser_project:ini-parser:0.1:*:*:*:*:*:*:*pkg:maven/edu.usc.ir/sentiment-analysis-parser@0.1 0Low38
serializer-2.7.2.jarcpe:2.3:a:apache:xalan-java:2.7.2:*:*:*:*:*:*:*pkg:maven/xalan/serializer@2.7.2HIGH1Low32
set-blocking:2.0.0pkg:npm/set-blocking@2.0.0 08
set-immediate-shim:1.0.1pkg:npm/set-immediate-shim@1.0.1 08
shallow-clone:3.0.1pkg:npm/shallow-clone@3.0.1 08
shebang-command:2.0.0pkg:npm/shebang-command@2.0.0 08
shebang-regex:3.0.0pkg:npm/shebang-regex@3.0.0 08
shelljs:0.3.0cpe:2.3:a:shelljs_project:shelljs:0.3.0:*:*:*:*:*:*:*pkg:npm/shelljs@0.3.0HIGH1Highest7
side-channel:1.0.4pkg:npm/side-channel@1.0.4 08
sigmund:1.0.1pkg:npm/sigmund@1.0.1 06
signal-exit:3.0.7pkg:npm/signal-exit@3.0.7 08
signal-exit:4.0.2pkg:npm/signal-exit@4.0.2 06
signature_pad:2.3.2pkg:npm/signature_pad@2.3.2 09
sigstore:1.8.0pkg:npm/sigstore@1.8.0 08
simplicite-bootstrap-datetimepicker:1.0.6pkg:npm/simplicite-bootstrap-datetimepicker@1.0.6 07
simplicite:3.0.1pkg:npm/simplicite@3.0.1 08
sis-feature-1.0.jarpkg:maven/org.apache.sis.core/sis-feature@1.0 064
sis-metadata-1.0.jarpkg:maven/org.apache.sis.core/sis-metadata@1.0 048
sis-netcdf-1.0.jarpkg:maven/org.apache.sis.storage/sis-netcdf@1.0 052
sis-referencing-1.0.jarpkg:maven/org.apache.sis.core/sis-referencing@1.0 064
sis-storage-1.0.jarpkg:maven/org.apache.sis.storage/sis-storage@1.0 066
sis-utility-1.0.jarpkg:maven/org.apache.sis.core/sis-utility@1.0 051
sisteransi:1.0.5pkg:npm/sisteransi@1.0.5 08
slash:2.0.0pkg:npm/slash@2.0.0 08
slash:3.0.0pkg:npm/slash@3.0.0 08
slf4j-api-1.7.32.jarpkg:maven/org.slf4j/slf4j-api@1.7.32 027
slice-ansi:4.0.0pkg:npm/slice-ansi@4.0.0 05
smart-buffer:4.2.0pkg:npm/smart-buffer@4.2.0 08
snakeyaml-1.29.jarcpe:2.3:a:snakeyaml_project:snakeyaml:1.29:*:*:*:*:*:*:*pkg:maven/org.yaml/snakeyaml@1.29CRITICAL7Highest44
snappy-java-1.1.8.4.jarcpe:2.3:a:xerial:snappy-java:1.1.8.4:*:*:*:*:*:*:*pkg:maven/org.xerial.snappy/snappy-java@1.1.8.4HIGH4Highest49
snappy-java-1.1.8.4.jar: snappyjava.dll 02
snappy-java-1.1.8.4.jar: snappyjava.dll 02
socks-proxy-agent:7.0.0pkg:npm/socks-proxy-agent@7.0.0 010
socks:2.7.1pkg:npm/socks@2.7.1 08
source-map-js:1.0.2pkg:npm/source-map-js@1.0.2 07
source-map-support:0.5.21pkg:npm/source-map-support@0.5.21 06
source-map:0.6.1pkg:npm/source-map@0.6.1 07
spawn-please:2.0.2pkg:npm/spawn-please@2.0.2 07
spdx-correct:3.2.0pkg:npm/spdx-correct@3.2.0 05
spdx-exceptions:2.3.0pkg:npm/spdx-exceptions@2.3.0 06
spdx-expression-parse:3.0.1pkg:npm/spdx-expression-parse@3.0.1 06
spdx-expression-parse:4.0.0pkg:npm/spdx-expression-parse@4.0.0 06
spdx-license-ids:3.0.13pkg:npm/spdx-license-ids@3.0.13 06
spectrum-colorpicker:1.8.1pkg:npm/spectrum-colorpicker@1.8.1 09
split-text-to-chunks:1.0.0pkg:npm/split-text-to-chunks@1.0.0 05
sprintf-js:1.0.3pkg:npm/sprintf-js@1.0.3 06
sshd-osgi-2.8.0.jarcpe:2.3:a:apache:sshd:2.8.0:*:*:*:*:*:*:*pkg:maven/org.apache.sshd/sshd-osgi@2.8.0CRITICAL3Highest36
ssri:10.0.4cpe:2.3:a:ssri_project:ssri:10.0.4:*:*:*:*:*:*:*pkg:npm/ssri@10.0.4 0Highest6
stackframe:1.3.4pkg:npm/stackframe@1.3.4 07
stax2-api-4.2.jarpkg:maven/org.codehaus.woodstox/stax2-api@4.2 051
string-width:4.2.3pkg:npm/string-width@4.2.3 09
string.prototype.trim:1.2.7pkg:npm/string.prototype.trim@1.2.7 08
string.prototype.trimend:1.0.6pkg:npm/string.prototype.trimend@1.0.6 06
string.prototype.trimstart:1.0.6pkg:npm/string.prototype.trimstart@1.0.6 06
string_decoder:0.10.31pkg:npm/string_decoder@0.10.31 06
string_decoder:1.1.1pkg:npm/string_decoder@1.1.1 06
string_decoder:1.3.0pkg:npm/string_decoder@1.3.0 06
stringtemplate-3.2.1.jarcpe:2.3:a:temporal:temporal:3.2.1:*:*:*:*:*:*:*pkg:maven/org.antlr/stringtemplate@3.2.1 0Low38
strip-ansi:6.0.1pkg:npm/strip-ansi@6.0.1 09
strip-bom:3.0.0pkg:npm/strip-bom@3.0.0 08
strip-final-newline:2.0.0pkg:npm/strip-final-newline@2.0.0 08
strip-indent:3.0.0pkg:npm/strip-indent@3.0.0 08
strip-json-comments:1.0.4pkg:npm/strip-json-comments@1.0.4 08
strip-json-comments:2.0.1pkg:npm/strip-json-comments@2.0.1 08
strip-json-comments:3.1.1pkg:npm/strip-json-comments@3.1.1 08
strip-json-comments:5.0.1pkg:npm/strip-json-comments@5.0.1 08
stripe-java-20.77.0.jarcpe:2.3:a:stripe:stripe:20.77.0:*:*:*:*:*:*:*pkg:maven/com.stripe/stripe-java@20.77.0 0Highest32
sts-2.4.0.jarcpe:2.3:a:apache:jclouds:2.4.0:*:*:*:*:*:*:*pkg:maven/org.apache.jclouds.api/sts@2.4.0 0Highest31
style-search:0.1.0pkg:npm/style-search@0.1.0 08
stylelint-config-recommended:9.0.0pkg:npm/stylelint-config-recommended@9.0.0 06
stylelint-config-standard:29.0.0pkg:npm/stylelint-config-standard@29.0.0 06
stylelint:14.16.1pkg:npm/stylelint@14.16.1 07
supports-color:5.5.0pkg:npm/supports-color@5.5.0 08
supports-color:7.2.0pkg:npm/supports-color@7.2.0 08
supports-hyperlinks:2.3.0pkg:npm/supports-hyperlinks@2.3.0 08
supports-preserve-symlinks-flag:1.0.0pkg:npm/supports-preserve-symlinks-flag@1.0.0 08
svg-tags:1.0.0pkg:npm/svg-tags@1.0.0 08
swagger-annotations-1.5.18.jarpkg:maven/io.swagger/swagger-annotations@1.5.18 029
swagger-ui-dist:4.15.5pkg:npm/swagger-ui-dist@4.15.5 04
table:6.8.1pkg:npm/table@6.8.1 08
tablemark:3.0.0pkg:npm/tablemark@3.0.0 08
tagsoup-1.2.1.jarpkg:maven/org.ccil.cowan.tagsoup/tagsoup@1.2.1 024
tar:6.1.15cpe:2.3:a:tar_project:tar:6.1.15:*:*:*:*:*:*:*pkg:npm/tar@6.1.15MEDIUM1Highest6
term-size:2.2.1pkg:npm/term-size@2.2.1 08
terminal-link:2.1.1pkg:npm/terminal-link@2.1.1 08
text-table:0.2.0pkg:npm/text-table@0.2.0 09
threeten-extra-1.7.0.jarpkg:maven/org.threeten/threeten-extra@1.7.0 039
threetenbp-1.5.1.jarpkg:maven/org.threeten/threetenbp@1.5.1 041
throat:6.0.2pkg:npm/throat@6.0.2 06
through:2.3.8pkg:npm/through@2.3.8 07
tika-core-1.27.jarcpe:2.3:a:apache:tika:1.27:*:*:*:*:*:*:*pkg:maven/org.apache.tika/tika-core@1.27MEDIUM4Highest37
tinymce-i18n:20.12.25pkg:npm/tinymce-i18n@20.12.25 06
tinymce:5.9.2cpe:2.3:a:tiny:tinymce:5.9.2:*:*:*:*:*:*:*
cpe:2.3:a:tinymce:tinymce:5.9.2:*:*:*:*:*:*:*		pkg:npm/tinymce@5.9.2MEDIUM14Highest8
tmp:0.0.33pkg:npm/tmp@0.0.33 08
to-fast-properties:2.0.0pkg:npm/to-fast-properties@2.0.0 08
to-readable-stream:1.0.0pkg:npm/to-readable-stream@1.0.0 08
to-regex-range:5.0.1pkg:npm/to-regex-range@5.0.1 08
totp-1.7.1.jarcpe:2.3:a:time_project:time:1.7.1:*:*:*:*:*:*:*pkg:maven/dev.samstevens.totp/totp@1.7.1 0Low26
trim-newlines:3.0.1cpe:2.3:a:trim-newlines_project:trim-newlines:3.0.1:*:*:*:*:*:*:*pkg:npm/trim-newlines@3.0.1 0Highest8
tslib:1.14.1pkg:npm/tslib@1.14.1 08
tslib:2.6.0pkg:npm/tslib@2.6.0 08
tuf-js:1.1.7pkg:npm/tuf-js@1.1.7 08
twilio-8.19.1.jarpkg:maven/com.twilio.sdk/twilio@8.19.1 028
txw2-2.3.4.jarcpe:2.3:a:eclipse:glassfish:2.3.4:*:*:*:*:*:*:*pkg:maven/org.glassfish.jaxb/txw2@2.3.4 0High33
type-check:0.4.0pkg:npm/type-check@0.4.0 08
type-fest:0.18.1pkg:npm/type-fest@0.18.1 08
type-fest:0.20.2pkg:npm/type-fest@0.20.2 08
type-fest:0.21.3pkg:npm/type-fest@0.21.3 08
type-fest:0.6.0pkg:npm/type-fest@0.6.0 08
type-fest:0.8.1pkg:npm/type-fest@0.8.1 08
type-fest:1.4.0pkg:npm/type-fest@1.4.0 08
type-fest:2.19.0pkg:npm/type-fest@2.19.0 08
typed-array-length:1.0.4pkg:npm/typed-array-length@1.0.4 08
typedarray-to-buffer:3.1.5pkg:npm/typedarray-to-buffer@3.1.5 010
uc.micro:1.0.6pkg:npm/uc.micro@1.0.6 05
udunits-4.5.5.jarpkg:maven/edu.ucar/udunits@4.5.5 029
uglify-js:3.17.4cpe:2.3:a:uglifyjs_project:uglifyjs:3.17.4:*:*:*:*:*:*:*pkg:npm/uglify-js@3.17.4 0Low6
unbox-primitive:1.0.2pkg:npm/unbox-primitive@1.0.2 08
underscore:1.13.6cpe:2.3:a:underscorejs:underscore:1.13.6:*:*:*:*:*:*:*pkg:npm/underscore@1.13.6 0Highest7
unicode-canonical-property-names-ecmascript:2.0.0pkg:npm/unicode-canonical-property-names-ecmascript@2.0.0 09
unicode-match-property-ecmascript:2.0.0pkg:npm/unicode-match-property-ecmascript@2.0.0 09
unicode-match-property-value-ecmascript:2.1.0pkg:npm/unicode-match-property-value-ecmascript@2.1.0 09
unicode-property-aliases-ecmascript:2.1.0pkg:npm/unicode-property-aliases-ecmascript@2.1.0 09
unique-filename:3.0.0pkg:npm/unique-filename@3.0.0 08
unique-slug:4.0.0pkg:npm/unique-slug@4.0.0 06
unique-string:2.0.0pkg:npm/unique-string@2.0.0 08
unique-string:3.0.0pkg:npm/unique-string@3.0.0 08
unirest-java-3.14.2.jarpkg:maven/com.konghq/unirest-java@3.14.2 018
unit-api-1.0.jarpkg:maven/javax.measure/unit-api@1.0 0126
universalify:0.1.2pkg:npm/universalify@0.1.2 08
untildify:4.0.0pkg:npm/untildify@4.0.0 08
update-browserslist-db:1.0.13pkg:npm/update-browserslist-db@1.0.13 06
update-notifier:4.1.3pkg:npm/update-notifier@4.1.3 08
update-notifier:5.1.0pkg:npm/update-notifier@5.1.0 08
update-notifier:6.0.2pkg:npm/update-notifier@6.0.2 08
upper-case-first:2.0.2pkg:npm/upper-case-first@2.0.2 010
uri-js:4.4.1cpe:2.3:a:garycourt:uri-js:4.4.1:*:*:*:*:*:*:*
cpe:2.3:a:uri.js_project:uri.js:4.4.1:*:*:*:*:*:*:*		pkg:npm/uri-js@4.4.1 0Highest8
url-parse-lax:3.0.0pkg:npm/url-parse-lax@3.0.0 08
util-deprecate:1.0.2pkg:npm/util-deprecate@1.0.2 08
v8-compile-cache:2.3.0pkg:npm/v8-compile-cache@2.3.0 06
v8flags:3.2.0pkg:npm/v8flags@3.2.0 06
validate-npm-package-license:3.0.4pkg:npm/validate-npm-package-license@3.0.4 06
validate-npm-package-name:5.0.0pkg:npm/validate-npm-package-name@5.0.0 08
visit-values:2.0.0pkg:npm/visit-values@2.0.0 08
vorbis-java-core-0.8.jarpkg:maven/org.gagravarr/vorbis-java-core@0.8 022
vorbis-java-tika-0.8.jarpkg:maven/org.gagravarr/vorbis-java-tika@0.8 022
vue:2.6.14pkg:npm/vue@2.6.14 08
wcwidth:1.0.1pkg:npm/wcwidth@1.0.1 08
which-boxed-primitive:1.0.2pkg:npm/which-boxed-primitive@1.0.2 08
which-pm:2.0.0pkg:npm/which-pm@2.0.0 07
which-typed-array:1.1.9pkg:npm/which-typed-array@1.1.9 08
which:1.3.1pkg:npm/which@1.3.1 06
which:2.0.2pkg:npm/which@2.0.2 06
which:3.0.1pkg:npm/which@3.0.1 06
wide-align:1.1.5pkg:npm/wide-align@1.1.5 06
widest-line:3.1.0pkg:npm/widest-line@3.1.0 08
widest-line:4.0.1pkg:npm/widest-line@4.0.1 08
wmf2svg-0.9.8.jarpkg:maven/net.arnx/wmf2svg@0.9.8 031
woodstox-core-6.2.4.jar (shaded: com.sun.xml.bind.jaxb:isorelax:20090621)pkg:maven/com.sun.xml.bind.jaxb/isorelax@20090621 012
woodstox-core-6.2.4.jar (shaded: net.java.dev.msv:xsdlib:2013.6.1)cpe:2.3:a:xml_library_project:xml_library:2013.6.1:*:*:*:*:*:*:*pkg:maven/net.java.dev.msv/xsdlib@2013.6.1 0Low9
woodstox-core-6.2.4.jarcpe:2.3:a:fasterxml:woodstox:6.2.4:*:*:*:*:*:*:*pkg:maven/com.fasterxml.woodstox/woodstox-core@6.2.4HIGH1Highest46
wordwrap:1.0.0pkg:npm/wordwrap@1.0.0 08
wrap-ansi:7.0.0pkg:npm/wrap-ansi@7.0.0 08
wrap-ansi:8.1.0pkg:npm/wrap-ansi@8.1.0 08
wrappy:1.0.2pkg:npm/wrappy@1.0.2 08
write-file-atomic:3.0.3pkg:npm/write-file-atomic@3.0.3 08
write-file-atomic:4.0.2pkg:npm/write-file-atomic@4.0.2 09
xalan-2.7.2.jarcpe:2.3:a:apache:xalan-java:2.7.2:*:*:*:*:*:*:*pkg:maven/xalan/xalan@2.7.2HIGH1Low66
xalan-interpretive-11.0.0.jarpkg:maven/org.docx4j.org.apache/xalan-interpretive@11.0.0 042
xalan-serializer-11.0.0.jarpkg:maven/org.docx4j.org.apache/xalan-serializer@11.0.0 041
xdg-basedir:4.0.0pkg:npm/xdg-basedir@4.0.0 08
xdg-basedir:5.1.0pkg:npm/xdg-basedir@5.1.0 08
xercesImpl-2.12.2.jarcpe:2.3:a:apache:xerces-j:2.12.2:*:*:*:*:*:*:*
cpe:2.3:a:apache:xerces2_java:2.12.2:*:*:*:*:*:*:*		pkg:maven/xerces/xercesImpl@2.12.2MEDIUM1Low84
xmlbeans-3.1.0.jarcpe:2.3:a:apache:xmlbeans:3.1.0:*:*:*:*:*:*:*pkg:maven/org.apache.xmlbeans/xmlbeans@3.1.0 0Highest58
xmlcreate:2.0.4pkg:npm/xmlcreate@2.0.4 07
xmlgraphics-commons-2.3.jarcpe:2.3:a:apache:xmlgraphics_commons:2.3:*:*:*:*:*:*:*pkg:maven/org.apache.xmlgraphics/xmlgraphics-commons@2.3HIGH1Highest29
xmlsec-2.2.3.jarcpe:2.3:a:apache:santuario_xml_security_for_java:2.2.3:*:*:*:*:*:*:*
cpe:2.3:a:apache:xml_security_for_java:2.2.3:*:*:*:*:*:*:*		pkg:maven/org.apache.santuario/xmlsec@2.2.3MEDIUM1Low48
xmpbox-2.0.23.jarcpe:2.3:a:apache:pdfbox:2.0.23:*:*:*:*:*:*:*pkg:maven/org.apache.pdfbox/xmpbox@2.0.23MEDIUM2Highest31
xmpcore-shaded-6.1.11.jarpkg:maven/org.tallison.xmp/xmpcore-shaded@6.1.11 026
xsom-2.3.4.jarcpe:2.3:a:eclipse:glassfish:2.3.4:*:*:*:*:*:*:*pkg:maven/org.glassfish.jaxb/xsom@2.3.4 0High34
xtend:4.0.2pkg:npm/xtend@4.0.2 09
xterm-js:4.9.0cpe:2.3:a:xtermjs:xterm.js:4.9.0:*:*:*:*:*:*:*pkg:npm/xterm-js@4.9.0HIGH1Highest5
xz-1.9.jarcpe:2.3:a:tukaani:xz:1.9:*:*:*:*:*:*:*pkg:maven/org.tukaani/xz@1.9 0Highest33
y18n:5.0.8cpe:2.3:a:y18n_project:y18n:5.0.8:*:*:*:*:*:*:*pkg:npm/y18n@5.0.8 0Highest8
yallist:2.1.2pkg:npm/yallist@2.1.2 06
yallist:3.1.1pkg:npm/yallist@3.1.1 06
yallist:4.0.0pkg:npm/yallist@4.0.0 06
yaml:1.10.2cpe:2.3:a:yaml_project:yaml:1.10.2:*:*:*:*:*:*:*pkg:npm/yaml@1.10.2 0Highest7
yargs-parser:20.2.9cpe:2.3:a:yargs:yargs-parser:20.2.9:*:*:*:*:*:*:*pkg:npm/yargs-parser@20.2.9 0Highest6
yargs:16.2.0pkg:npm/yargs@16.2.0 06
yocto-queue:0.1.0pkg:npm/yocto-queue@0.1.0 08
zstd-jni-1.5.2-1.jarpkg:maven/com.github.luben/zstd-jni@1.5.2-1 043
zstd-jni-1.5.2-1.jar: libzstd-jni-1.5.2-1.dll 04
zstd-jni-1.5.2-1.jar: libzstd-jni-1.5.2-1.dll 04

* indicates the dependency has a known exploited vulnerability

Dependencies

@aashutoshrathi/word-wrap:1.2.6

Description:

Wrap words to a specified length.

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?optionator:0.9.3/@aashutoshrathi/word-wrap:^1.2.3

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/optionator:0.9.3
  • simplicite-js:5.2.54

Identifiers

@ampproject/remapping:2.2.1

Description:

Remap sequential sourcemaps through transformations to point at the original source code

License:

Apache-2.0
File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/core:7.23.9/@ampproject/remapping:^2.2.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/@babel/core:7.23.9
  • simplicite-js:5.2.54

Identifiers

@babel/cli:7.23.9

Description:

Babel command line.

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/@babel/cli:7.23.9

Referenced In Project/Scope: simplicite-js:5.2.54

Identifiers

@babel/code-frame:7.23.5

Description:

Generate errors that contain a code frame that point to source locations.

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?parse-json:5.2.0/@babel/code-frame:^7.0.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/@babel/traverse:7.23.9
  • simplicite-js:5.2.54/@babel/template:7.23.9
  • simplicite-js:5.2.54/@babel/core:7.23.9
  • simplicite-js:5.2.54
  • simplicite-js:5.2.54/parse-json:5.2.0

Identifiers

@babel/compat-data:7.23.5

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?babel-plugin-polyfill-corejs2:0.4.8/@babel/compat-data:^7.22.6

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/@babel/helper-compilation-targets:7.23.6
  • simplicite-js:5.2.54/babel-plugin-polyfill-corejs2:0.4.8
  • simplicite-js:5.2.54/@babel/plugin-transform-object-rest-spread:7.23.4
  • simplicite-js:5.2.54/@babel/preset-env:7.23.9
  • simplicite-js:5.2.54

Identifiers

@babel/core:7.23.9

Description:

Babel compiler core.

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/@babel/core:7.23.9

Referenced In Project/Scope: simplicite-js:5.2.54

Identifiers

@babel/generator:7.23.6

Description:

Turns an AST into code.

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/traverse:7.23.9/@babel/generator:^7.23.6

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/@babel/traverse:7.23.9
  • simplicite-js:5.2.54/@babel/core:7.23.9
  • simplicite-js:5.2.54

Identifiers

@babel/helper-annotate-as-pure:7.22.5

Description:

Helper function to annotate paths and nodes with #__PURE__ comment

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/plugin-transform-private-property-in-object:7.23.4/@babel/helper-annotate-as-pure:^7.22.5

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/@babel/plugin-transform-classes:7.23.8
  • simplicite-js:5.2.54/@babel/helper-create-regexp-features-plugin:7.22.15
  • simplicite-js:5.2.54/@babel/helper-create-class-features-plugin:7.23.10
  • simplicite-js:5.2.54/@babel/helper-remap-async-to-generator:7.22.20
  • simplicite-js:5.2.54
  • simplicite-js:5.2.54/@babel/plugin-transform-private-property-in-object:7.23.4

Identifiers

@babel/helper-builder-binary-assignment-operator-visitor:7.22.15

Description:

Helper function to build binary assignment operator visitors

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/plugin-transform-exponentiation-operator:7.23.3/@babel/helper-builder-binary-assignment-operator-visitor:^7.22.15

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/@babel/plugin-transform-exponentiation-operator:7.23.3
  • simplicite-js:5.2.54

Identifiers

@babel/helper-compilation-targets:7.23.6

Description:

Helper functions on Babel compilation targets

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/preset-env:7.23.9/@babel/helper-compilation-targets:^7.23.6

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/@babel/plugin-transform-function-name:7.23.3
  • simplicite-js:5.2.54/@babel/plugin-transform-classes:7.23.8
  • simplicite-js:5.2.54/@babel/plugin-transform-object-rest-spread:7.23.4
  • simplicite-js:5.2.54/@babel/preset-env:7.23.9
  • simplicite-js:5.2.54/@babel/helper-define-polyfill-provider:0.5.0
  • simplicite-js:5.2.54/@babel/core:7.23.9
  • simplicite-js:5.2.54

Identifiers

@babel/helper-create-class-features-plugin:7.23.10

Description:

Compile class public and private fields, private methods and decorators to ES6

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/plugin-transform-private-property-in-object:7.23.4/@babel/helper-create-class-features-plugin:^7.22.15

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/@babel/plugin-transform-class-static-block:7.23.4
  • simplicite-js:5.2.54/@babel/plugin-transform-private-methods:7.23.3
  • simplicite-js:5.2.54/@babel/plugin-transform-class-properties:7.23.3
  • simplicite-js:5.2.54
  • simplicite-js:5.2.54/@babel/plugin-transform-private-property-in-object:7.23.4

Identifiers

@babel/helper-create-regexp-features-plugin:7.22.15

Description:

Compile ESNext Regular Expressions to ES5

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/plugin-transform-unicode-sets-regex:7.23.3/@babel/helper-create-regexp-features-plugin:^7.22.15

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/@babel/plugin-transform-unicode-regex:7.23.3
  • simplicite-js:5.2.54/@babel/plugin-transform-unicode-property-regex:7.23.3
  • simplicite-js:5.2.54/@babel/plugin-transform-dotall-regex:7.23.3
  • simplicite-js:5.2.54/@babel/plugin-transform-named-capturing-groups-regex:7.22.5
  • simplicite-js:5.2.54/@babel/plugin-transform-unicode-sets-regex:7.23.3
  • simplicite-js:5.2.54
  • simplicite-js:5.2.54/@babel/plugin-syntax-unicode-sets-regex:7.18.6

Identifiers

@babel/helper-define-polyfill-provider:0.5.0

Description:

Babel helper to create your own polyfill provider

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?babel-plugin-polyfill-regenerator:0.5.5/@babel/helper-define-polyfill-provider:^0.5.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/babel-plugin-polyfill-regenerator:0.5.5
  • simplicite-js:5.2.54/babel-plugin-polyfill-corejs2:0.4.8
  • simplicite-js:5.2.54
  • simplicite-js:5.2.54/babel-plugin-polyfill-corejs3:0.9.0

Identifiers

@babel/helper-environment-visitor:7.22.20

Description:

Helper visitor to only visit nodes in the current 'this' context

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/traverse:7.23.9/@babel/helper-environment-visitor:^7.22.20

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/@babel/plugin-transform-classes:7.23.8
  • simplicite-js:5.2.54/@babel/traverse:7.23.9
  • simplicite-js:5.2.54/@babel/helper-create-class-features-plugin:7.23.10
  • simplicite-js:5.2.54/@babel/helper-replace-supers:7.22.20
  • simplicite-js:5.2.54/@babel/helper-module-transforms:7.23.3
  • simplicite-js:5.2.54/@babel/plugin-transform-async-generator-functions:7.23.9
  • simplicite-js:5.2.54/@babel/helper-remap-async-to-generator:7.22.20
  • simplicite-js:5.2.54
  • simplicite-js:5.2.54/@babel/plugin-bugfix-v8-static-class-fields-redefine-readonly:7.23.7

Identifiers

@babel/helper-function-name:7.23.0

Description:

Helper function to change the property 'name' of every function

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/traverse:7.23.9/@babel/helper-function-name:^7.23.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/@babel/plugin-transform-function-name:7.23.3
  • simplicite-js:5.2.54/@babel/plugin-transform-classes:7.23.8
  • simplicite-js:5.2.54/@babel/helper-wrap-function:7.22.20
  • simplicite-js:5.2.54/@babel/traverse:7.23.9
  • simplicite-js:5.2.54/@babel/helper-create-class-features-plugin:7.23.10
  • simplicite-js:5.2.54

Identifiers

@babel/helper-hoist-variables:7.22.5

Description:

Helper function to hoist variables

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/traverse:7.23.9/@babel/helper-hoist-variables:^7.22.5

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/@babel/plugin-transform-modules-systemjs:7.23.9
  • simplicite-js:5.2.54/@babel/traverse:7.23.9
  • simplicite-js:5.2.54

Identifiers

@babel/helper-member-expression-to-functions:7.23.0

Description:

Helper function to replace certain member expressions with function calls

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/helper-replace-supers:7.22.20/@babel/helper-member-expression-to-functions:^7.22.15

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/@babel/helper-create-class-features-plugin:7.23.10
  • simplicite-js:5.2.54/@babel/helper-replace-supers:7.22.20
  • simplicite-js:5.2.54

Identifiers

@babel/helper-module-imports:7.22.15

Description:

Babel helper functions for inserting module loads

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/plugin-transform-async-to-generator:7.23.3/@babel/helper-module-imports:^7.22.15

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/@babel/plugin-transform-async-to-generator:7.23.3
  • simplicite-js:5.2.54/@babel/helper-module-transforms:7.23.3
  • simplicite-js:5.2.54

Identifiers

@babel/helper-module-transforms:7.23.3

Description:

Babel helper functions for implementing ES6 module transformations

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/plugin-transform-modules-umd:7.23.3/@babel/helper-module-transforms:^7.23.3

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/@babel/plugin-transform-modules-systemjs:7.23.9
  • simplicite-js:5.2.54/@babel/plugin-transform-modules-amd:7.23.3
  • simplicite-js:5.2.54/@babel/plugin-transform-modules-commonjs:7.23.3
  • simplicite-js:5.2.54/@babel/plugin-transform-modules-umd:7.23.3
  • simplicite-js:5.2.54/@babel/core:7.23.9
  • simplicite-js:5.2.54

Identifiers

@babel/helper-optimise-call-expression:7.22.5

Description:

Helper function to optimise call expression

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/helper-replace-supers:7.22.20/@babel/helper-optimise-call-expression:^7.22.5

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/@babel/helper-create-class-features-plugin:7.23.10
  • simplicite-js:5.2.54/@babel/helper-replace-supers:7.22.20
  • simplicite-js:5.2.54

Identifiers

@babel/helper-plugin-utils:7.22.5

Description:

General utilities for plugins to use

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/preset-modules:0.1.6-no-external-plugins/@babel/helper-plugin-utils:^7.0.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/@babel/plugin-transform-reserved-words:7.23.3
  • simplicite-js:5.2.54/@babel/plugin-syntax-numeric-separator:7.10.4
  • simplicite-js:5.2.54/@babel/plugin-syntax-logical-assignment-operators:7.10.4
  • simplicite-js:5.2.54/@babel/plugin-transform-new-target:7.23.3
  • simplicite-js:5.2.54/@babel/plugin-transform-modules-commonjs:7.23.3
  • simplicite-js:5.2.54/@babel/plugin-transform-block-scoped-functions:7.23.3
  • simplicite-js:5.2.54/@babel/plugin-bugfix-v8-spread-parameters-in-optional-chaining:7.23.3
  • simplicite-js:5.2.54/@babel/plugin-syntax-optional-chaining:7.8.3
  • simplicite-js:5.2.54/@babel/plugin-syntax-import-assertions:7.23.3
  • simplicite-js:5.2.54/@babel/plugin-transform-unicode-property-regex:7.23.3
  • simplicite-js:5.2.54/@babel/plugin-transform-destructuring:7.23.3
  • simplicite-js:5.2.54/@babel/plugin-transform-classes:7.23.8
  • simplicite-js:5.2.54/@babel/plugin-syntax-object-rest-spread:7.8.3
  • simplicite-js:5.2.54/@babel/plugin-transform-shorthand-properties:7.23.3
  • simplicite-js:5.2.54/@babel/plugin-transform-logical-assignment-operators:7.23.4
  • simplicite-js:5.2.54/@babel/plugin-transform-dynamic-import:7.23.4
  • simplicite-js:5.2.54/@babel/plugin-syntax-top-level-await:7.14.5
  • simplicite-js:5.2.54/@babel/helper-define-polyfill-provider:0.5.0
  • simplicite-js:5.2.54/@babel/plugin-transform-typeof-symbol:7.23.3
  • simplicite-js:5.2.54/@babel/plugin-syntax-async-generators:7.8.4
  • simplicite-js:5.2.54/@babel/plugin-syntax-optional-catch-binding:7.8.3
  • simplicite-js:5.2.54/@babel/plugin-transform-parameters:7.23.3
  • simplicite-js:5.2.54/@babel/plugin-syntax-class-static-block:7.14.5
  • simplicite-js:5.2.54/@babel/plugin-transform-object-super:7.23.3
  • simplicite-js:5.2.54/@babel/plugin-transform-function-name:7.23.3
  • simplicite-js:5.2.54/@babel/preset-modules:0.1.6-no-external-plugins
  • simplicite-js:5.2.54/@babel/plugin-transform-spread:7.23.3
  • simplicite-js:5.2.54/@babel/plugin-transform-for-of:7.23.6
  • simplicite-js:5.2.54/@babel/plugin-transform-async-to-generator:7.23.3
  • simplicite-js:5.2.54/@babel/plugin-transform-export-namespace-from:7.23.4
  • simplicite-js:5.2.54/@babel/plugin-transform-computed-properties:7.23.3
  • simplicite-js:5.2.54/@babel/plugin-transform-async-generator-functions:7.23.9
  • simplicite-js:5.2.54/@babel/plugin-transform-duplicate-keys:7.23.3
  • simplicite-js:5.2.54/@babel/plugin-syntax-json-strings:7.8.3
  • simplicite-js:5.2.54/@babel/plugin-transform-named-capturing-groups-regex:7.22.5
  • simplicite-js:5.2.54/@babel/plugin-transform-optional-catch-binding:7.23.4
  • simplicite-js:5.2.54/@babel/plugin-transform-modules-amd:7.23.3
  • simplicite-js:5.2.54/@babel/plugin-transform-class-static-block:7.23.4
  • simplicite-js:5.2.54/@babel/plugin-bugfix-safari-id-destructuring-collision-in-function-expression:7.23.3
  • simplicite-js:5.2.54/@babel/plugin-transform-object-rest-spread:7.23.4
  • simplicite-js:5.2.54/@babel/plugin-transform-literals:7.23.3
  • simplicite-js:5.2.54/@babel/plugin-syntax-import-meta:7.10.4
  • simplicite-js:5.2.54/@babel/plugin-syntax-import-attributes:7.23.3
  • simplicite-js:5.2.54/@babel/plugin-transform-private-property-in-object:7.23.4
  • simplicite-js:5.2.54/@babel/plugin-transform-unicode-regex:7.23.3
  • simplicite-js:5.2.54/@babel/plugin-transform-unicode-escapes:7.23.3
  • simplicite-js:5.2.54/@babel/plugin-transform-regenerator:7.23.3
  • simplicite-js:5.2.54/@babel/plugin-transform-exponentiation-operator:7.23.3
  • simplicite-js:5.2.54/@babel/plugin-transform-json-strings:7.23.4
  • simplicite-js:5.2.54/@babel/plugin-transform-member-expression-literals:7.23.3
  • simplicite-js:5.2.54/@babel/plugin-transform-numeric-separator:7.23.4
  • simplicite-js:5.2.54/@babel/preset-env:7.23.9
  • simplicite-js:5.2.54/@babel/plugin-transform-modules-umd:7.23.3
  • simplicite-js:5.2.54/@babel/plugin-bugfix-v8-static-class-fields-redefine-readonly:7.23.7
  • simplicite-js:5.2.54/@babel/plugin-transform-nullish-coalescing-operator:7.23.4
  • simplicite-js:5.2.54/@babel/plugin-transform-optional-chaining:7.23.4
  • simplicite-js:5.2.54/@babel/plugin-syntax-export-namespace-from:7.8.3
  • simplicite-js:5.2.54/@babel/plugin-syntax-private-property-in-object:7.14.5
  • simplicite-js:5.2.54/@babel/plugin-syntax-nullish-coalescing-operator:7.8.3
  • simplicite-js:5.2.54/@babel/plugin-transform-private-methods:7.23.3
  • simplicite-js:5.2.54
  • simplicite-js:5.2.54/@babel/plugin-syntax-unicode-sets-regex:7.18.6
  • simplicite-js:5.2.54/@babel/plugin-transform-template-literals:7.23.3
  • simplicite-js:5.2.54/@babel/plugin-transform-dotall-regex:7.23.3
  • simplicite-js:5.2.54/@babel/plugin-transform-arrow-functions:7.23.3
  • simplicite-js:5.2.54/@babel/plugin-transform-modules-systemjs:7.23.9
  • simplicite-js:5.2.54/@babel/plugin-transform-block-scoping:7.23.4
  • simplicite-js:5.2.54/@babel/plugin-transform-unicode-sets-regex:7.23.3
  • simplicite-js:5.2.54/@babel/plugin-syntax-dynamic-import:7.8.3
  • simplicite-js:5.2.54/@babel/plugin-syntax-class-properties:7.12.13
  • simplicite-js:5.2.54/@babel/plugin-transform-class-properties:7.23.3
  • simplicite-js:5.2.54/@babel/plugin-transform-property-literals:7.23.3
  • simplicite-js:5.2.54/@babel/plugin-transform-sticky-regex:7.23.3

Identifiers

@babel/helper-remap-async-to-generator:7.22.20

Description:

Helper function to remap async functions to generators

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/plugin-transform-async-to-generator:7.23.3/@babel/helper-remap-async-to-generator:^7.22.20

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/@babel/plugin-transform-async-to-generator:7.23.3
  • simplicite-js:5.2.54/@babel/plugin-transform-async-generator-functions:7.23.9
  • simplicite-js:5.2.54

Identifiers

@babel/helper-replace-supers:7.22.20

Description:

Helper function to replace supers

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/plugin-transform-object-super:7.23.3/@babel/helper-replace-supers:^7.22.20

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/@babel/plugin-transform-object-super:7.23.3
  • simplicite-js:5.2.54/@babel/plugin-transform-classes:7.23.8
  • simplicite-js:5.2.54/@babel/helper-create-class-features-plugin:7.23.10
  • simplicite-js:5.2.54

Identifiers

@babel/helper-simple-access:7.22.5

Description:

Babel helper for ensuring that access to a given value is performed through simple accesses

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/plugin-transform-modules-commonjs:7.23.3/@babel/helper-simple-access:^7.22.5

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/@babel/helper-module-transforms:7.23.3
  • simplicite-js:5.2.54/@babel/plugin-transform-modules-commonjs:7.23.3
  • simplicite-js:5.2.54

Identifiers

@babel/helper-skip-transparent-expression-wrappers:7.22.5

Description:

Helper which skips types and parentheses

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/plugin-transform-spread:7.23.3/@babel/helper-skip-transparent-expression-wrappers:^7.22.5

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/@babel/plugin-transform-optional-chaining:7.23.4
  • simplicite-js:5.2.54/@babel/plugin-transform-spread:7.23.3
  • simplicite-js:5.2.54/@babel/plugin-transform-for-of:7.23.6
  • simplicite-js:5.2.54/@babel/helper-create-class-features-plugin:7.23.10
  • simplicite-js:5.2.54/@babel/plugin-bugfix-v8-spread-parameters-in-optional-chaining:7.23.3
  • simplicite-js:5.2.54

Identifiers

@babel/helper-split-export-declaration:7.22.6

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/traverse:7.23.9/@babel/helper-split-export-declaration:^7.22.6

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/@babel/plugin-transform-classes:7.23.8
  • simplicite-js:5.2.54/@babel/traverse:7.23.9
  • simplicite-js:5.2.54/@babel/helper-create-class-features-plugin:7.23.10
  • simplicite-js:5.2.54/@babel/helper-module-transforms:7.23.3
  • simplicite-js:5.2.54

Identifiers

@babel/helper-string-parser:7.23.4

Description:

A utility package to parse strings

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/types:7.23.9/@babel/helper-string-parser:^7.23.4

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/@babel/types:7.23.9
  • simplicite-js:5.2.54

Identifiers

@babel/helper-validator-identifier:7.22.20

Description:

Validate identifier/keywords name

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/types:7.23.9/@babel/helper-validator-identifier:^7.22.20

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/@babel/plugin-transform-modules-systemjs:7.23.9
  • simplicite-js:5.2.54/@babel/highlight:7.23.4
  • simplicite-js:5.2.54/@babel/helper-module-transforms:7.23.3
  • simplicite-js:5.2.54/@babel/types:7.23.9
  • simplicite-js:5.2.54

Identifiers

@babel/helper-validator-option:7.23.5

Description:

Validate plugin/preset options

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/preset-env:7.23.9/@babel/helper-validator-option:^7.23.5

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/@babel/helper-compilation-targets:7.23.6
  • simplicite-js:5.2.54/@babel/preset-env:7.23.9
  • simplicite-js:5.2.54

Identifiers

@babel/helper-wrap-function:7.22.20

Description:

Helper to wrap functions inside a function call.

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/@babel/helper-wrap-function:7.22.20

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54
  • simplicite-js:5.2.54/@babel/helper-remap-async-to-generator:7.22.20

Identifiers

@babel/helpers:7.23.9

Description:

Collection of helper functions used by Babel transforms.

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/@babel/helpers:7.23.9

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/@babel/core:7.23.9
  • simplicite-js:5.2.54

Identifiers

@babel/highlight:7.23.4

Description:

Syntax highlight JavaScript strings for output in terminals.

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/@babel/highlight:7.23.4

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54
  • simplicite-js:5.2.54/@babel/code-frame:7.23.5

Identifiers

@babel/node:7.23.9

Description:

Babel command line

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/@babel/node:7.23.9

Referenced In Project/Scope: simplicite-js:5.2.54

Identifiers

@babel/parser:7.16.4

Description:

A JavaScript parser

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/@babel/parser:7.16.4

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54
  • simplicite-js:5.2.54/depcheck:1.4.3

Identifiers

@babel/parser:7.23.9

Description:

A JavaScript parser

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?jsdoc:4.0.2/@babel/parser:^7.20.15

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/@vue/compiler-sfc:3.3.4
  • simplicite-js:5.2.54/jsdoc:4.0.2
  • simplicite-js:5.2.54/@vue/compiler-core:3.3.4
  • simplicite-js:5.2.54/@babel/traverse:7.23.9
  • simplicite-js:5.2.54/@vue/reactivity-transform:3.3.4
  • simplicite-js:5.2.54/@babel/template:7.23.9
  • simplicite-js:5.2.54/@babel/core:7.23.9
  • simplicite-js:5.2.54

Identifiers

@babel/plugin-bugfix-safari-id-destructuring-collision-in-function-expression:7.23.3

Description:

Rename destructuring parameter to workaround https://bugs.webkit.org/show_bug.cgi?id=220517

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/preset-env:7.23.9/@babel/plugin-bugfix-safari-id-destructuring-collision-in-function-expression:^7.23.3

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/@babel/preset-env:7.23.9
  • simplicite-js:5.2.54

Identifiers

@babel/plugin-bugfix-v8-spread-parameters-in-optional-chaining:7.23.3

Description:

Transform optional chaining operators to workaround https://crbug.com/v8/11558

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/preset-env:7.23.9/@babel/plugin-bugfix-v8-spread-parameters-in-optional-chaining:^7.23.3

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/@babel/preset-env:7.23.9
  • simplicite-js:5.2.54

Identifiers

@babel/plugin-bugfix-v8-static-class-fields-redefine-readonly:7.23.7

Description:

Transform static class fields assignments that are affected by https://crbug.com/v8/12421

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/preset-env:7.23.9/@babel/plugin-bugfix-v8-static-class-fields-redefine-readonly:^7.23.7

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/@babel/preset-env:7.23.9
  • simplicite-js:5.2.54

Identifiers

@babel/plugin-proposal-private-property-in-object:7.21.0-placeholder-for-preset-env.2

Description:

This plugin transforms checks for a private property in an object

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/preset-env:7.23.9/@babel/plugin-proposal-private-property-in-object:7.21.0-placeholder-for-preset-env.2

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/@babel/preset-env:7.23.9
  • simplicite-js:5.2.54

Identifiers

@babel/plugin-syntax-async-generators:7.8.4

Description:

Allow parsing of async generator functions

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/preset-env:7.23.9/@babel/plugin-syntax-async-generators:^7.8.4

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/@babel/preset-env:7.23.9
  • simplicite-js:5.2.54/@babel/plugin-transform-async-generator-functions:7.23.9
  • simplicite-js:5.2.54

Identifiers

@babel/plugin-syntax-class-properties:7.12.13

Description:

Allow parsing of class properties

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/preset-env:7.23.9/@babel/plugin-syntax-class-properties:^7.12.13

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/@babel/preset-env:7.23.9
  • simplicite-js:5.2.54

Identifiers

@babel/plugin-syntax-class-static-block:7.14.5

Description:

Allow parsing of class static blocks

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/preset-env:7.23.9/@babel/plugin-syntax-class-static-block:^7.14.5

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/@babel/plugin-transform-class-static-block:7.23.4
  • simplicite-js:5.2.54/@babel/preset-env:7.23.9
  • simplicite-js:5.2.54

Identifiers

@babel/plugin-syntax-dynamic-import:7.8.3

Description:

Allow parsing of import()

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/preset-env:7.23.9/@babel/plugin-syntax-dynamic-import:^7.8.3

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/@babel/plugin-transform-dynamic-import:7.23.4
  • simplicite-js:5.2.54/@babel/preset-env:7.23.9
  • simplicite-js:5.2.54

Identifiers

@babel/plugin-syntax-export-namespace-from:7.8.3

Description:

Allow parsing of export namespace from

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/preset-env:7.23.9/@babel/plugin-syntax-export-namespace-from:^7.8.3

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/@babel/plugin-transform-export-namespace-from:7.23.4
  • simplicite-js:5.2.54/@babel/preset-env:7.23.9
  • simplicite-js:5.2.54

Identifiers

@babel/plugin-syntax-import-assertions:7.23.3

Description:

Allow parsing of the module assertion attributes in the import statement

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/preset-env:7.23.9/@babel/plugin-syntax-import-assertions:^7.23.3

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/@babel/preset-env:7.23.9
  • simplicite-js:5.2.54

Identifiers

@babel/plugin-syntax-import-attributes:7.23.3

Description:

Allow parsing of the module attributes in the import statement

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/preset-env:7.23.9/@babel/plugin-syntax-import-attributes:^7.23.3

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/@babel/preset-env:7.23.9
  • simplicite-js:5.2.54

Identifiers

@babel/plugin-syntax-import-meta:7.10.4

Description:

Allow parsing of import.meta

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/preset-env:7.23.9/@babel/plugin-syntax-import-meta:^7.10.4

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/@babel/preset-env:7.23.9
  • simplicite-js:5.2.54

Identifiers

@babel/plugin-syntax-json-strings:7.8.3

Description:

Allow parsing of the U+2028 LINE SEPARATOR and U+2029 PARAGRAPH SEPARATOR in JS strings

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/preset-env:7.23.9/@babel/plugin-syntax-json-strings:^7.8.3

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/@babel/preset-env:7.23.9
  • simplicite-js:5.2.54
  • simplicite-js:5.2.54/@babel/plugin-transform-json-strings:7.23.4

Identifiers

@babel/plugin-syntax-logical-assignment-operators:7.10.4

Description:

Allow parsing of the logical assignment operators

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/preset-env:7.23.9/@babel/plugin-syntax-logical-assignment-operators:^7.10.4

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/@babel/plugin-transform-logical-assignment-operators:7.23.4
  • simplicite-js:5.2.54/@babel/preset-env:7.23.9
  • simplicite-js:5.2.54

Identifiers

@babel/plugin-syntax-nullish-coalescing-operator:7.8.3

Description:

Allow parsing of the nullish-coalescing operator

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/preset-env:7.23.9/@babel/plugin-syntax-nullish-coalescing-operator:^7.8.3

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/@babel/plugin-transform-nullish-coalescing-operator:7.23.4
  • simplicite-js:5.2.54/@babel/preset-env:7.23.9
  • simplicite-js:5.2.54

Identifiers

@babel/plugin-syntax-numeric-separator:7.10.4

Description:

Allow parsing of Decimal, Binary, Hex and Octal literals that contain a Numeric Literal Separator

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/preset-env:7.23.9/@babel/plugin-syntax-numeric-separator:^7.10.4

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/@babel/plugin-transform-numeric-separator:7.23.4
  • simplicite-js:5.2.54/@babel/preset-env:7.23.9
  • simplicite-js:5.2.54

Identifiers

@babel/plugin-syntax-object-rest-spread:7.8.3

Description:

Allow parsing of object rest/spread

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/preset-env:7.23.9/@babel/plugin-syntax-object-rest-spread:^7.8.3

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/@babel/plugin-transform-object-rest-spread:7.23.4
  • simplicite-js:5.2.54/@babel/preset-env:7.23.9
  • simplicite-js:5.2.54

Identifiers

@babel/plugin-syntax-optional-catch-binding:7.8.3

Description:

Allow parsing of optional catch bindings

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/preset-env:7.23.9/@babel/plugin-syntax-optional-catch-binding:^7.8.3

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/@babel/plugin-transform-optional-catch-binding:7.23.4
  • simplicite-js:5.2.54/@babel/preset-env:7.23.9
  • simplicite-js:5.2.54

Identifiers

@babel/plugin-syntax-optional-chaining:7.8.3

Description:

Allow parsing of optional properties

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/preset-env:7.23.9/@babel/plugin-syntax-optional-chaining:^7.8.3

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/@babel/plugin-transform-optional-chaining:7.23.4
  • simplicite-js:5.2.54/@babel/preset-env:7.23.9
  • simplicite-js:5.2.54

Identifiers

@babel/plugin-syntax-private-property-in-object:7.14.5

Description:

Allow parsing of '#foo in obj' brand checks

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/preset-env:7.23.9/@babel/plugin-syntax-private-property-in-object:^7.14.5

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/@babel/preset-env:7.23.9
  • simplicite-js:5.2.54
  • simplicite-js:5.2.54/@babel/plugin-transform-private-property-in-object:7.23.4

Identifiers

@babel/plugin-syntax-top-level-await:7.14.5

Description:

Allow parsing of top-level await in modules

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/preset-env:7.23.9/@babel/plugin-syntax-top-level-await:^7.14.5

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/@babel/preset-env:7.23.9
  • simplicite-js:5.2.54

Identifiers

@babel/plugin-syntax-unicode-sets-regex:7.18.6

Description:

Parse regular expressions' unicodeSets (v) flag.

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/preset-env:7.23.9/@babel/plugin-syntax-unicode-sets-regex:^7.18.6

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/@babel/preset-env:7.23.9
  • simplicite-js:5.2.54

Identifiers

@babel/plugin-transform-arrow-functions:7.23.3

Description:

Compile ES2015 arrow functions to ES5

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/preset-env:7.23.9/@babel/plugin-transform-arrow-functions:^7.23.3

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/@babel/preset-env:7.23.9
  • simplicite-js:5.2.54

Identifiers

@babel/plugin-transform-async-generator-functions:7.23.9

Description:

Turn async generator functions into ES2015 generators

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/preset-env:7.23.9/@babel/plugin-transform-async-generator-functions:^7.23.9

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/@babel/preset-env:7.23.9
  • simplicite-js:5.2.54

Identifiers

@babel/plugin-transform-async-to-generator:7.23.3

Description:

Turn async functions into ES2015 generators

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/preset-env:7.23.9/@babel/plugin-transform-async-to-generator:^7.23.3

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/@babel/preset-env:7.23.9
  • simplicite-js:5.2.54

Identifiers

@babel/plugin-transform-block-scoped-functions:7.23.3

Description:

Babel plugin to ensure function declarations at the block level are block scoped

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/preset-env:7.23.9/@babel/plugin-transform-block-scoped-functions:^7.23.3

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/@babel/preset-env:7.23.9
  • simplicite-js:5.2.54

Identifiers

@babel/plugin-transform-block-scoping:7.23.4

Description:

Compile ES2015 block scoping (const and let) to ES5

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/preset-env:7.23.9/@babel/plugin-transform-block-scoping:^7.23.4

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/@babel/preset-env:7.23.9
  • simplicite-js:5.2.54

Identifiers

@babel/plugin-transform-class-properties:7.23.3

Description:

This plugin transforms static class properties as well as properties declared with the property initializer syntax

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/preset-env:7.23.9/@babel/plugin-transform-class-properties:^7.23.3

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/@babel/preset-env:7.23.9
  • simplicite-js:5.2.54

Identifiers

@babel/plugin-transform-class-static-block:7.23.4

Description:

Transform class static blocks

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/preset-env:7.23.9/@babel/plugin-transform-class-static-block:^7.23.4

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/@babel/preset-env:7.23.9
  • simplicite-js:5.2.54

Identifiers

@babel/plugin-transform-classes:7.23.8

Description:

Compile ES2015 classes to ES5

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/preset-env:7.23.9/@babel/plugin-transform-classes:^7.23.8

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/@babel/preset-env:7.23.9
  • simplicite-js:5.2.54

Identifiers

@babel/plugin-transform-computed-properties:7.23.3

Description:

Compile ES2015 computed properties to ES5

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/preset-env:7.23.9/@babel/plugin-transform-computed-properties:^7.23.3

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/@babel/preset-env:7.23.9
  • simplicite-js:5.2.54

Identifiers

@babel/plugin-transform-destructuring:7.23.3

Description:

Compile ES2015 destructuring to ES5

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/preset-env:7.23.9/@babel/plugin-transform-destructuring:^7.23.3

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/@babel/preset-env:7.23.9
  • simplicite-js:5.2.54

Identifiers

@babel/plugin-transform-dotall-regex:7.23.3

Description:

Compile regular expressions using the `s` (`dotAll`) flag to ES5.

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/preset-env:7.23.9/@babel/plugin-transform-dotall-regex:^7.23.3

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/@babel/preset-env:7.23.9
  • simplicite-js:5.2.54

Identifiers

@babel/plugin-transform-duplicate-keys:7.23.3

Description:

Compile objects with duplicate keys to valid strict ES5

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/preset-env:7.23.9/@babel/plugin-transform-duplicate-keys:^7.23.3

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/@babel/preset-env:7.23.9
  • simplicite-js:5.2.54

Identifiers

@babel/plugin-transform-dynamic-import:7.23.4

Description:

Transform import() expressions

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/preset-env:7.23.9/@babel/plugin-transform-dynamic-import:^7.23.4

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/@babel/preset-env:7.23.9
  • simplicite-js:5.2.54

Identifiers

@babel/plugin-transform-exponentiation-operator:7.23.3

Description:

Compile exponentiation operator to ES5

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/preset-env:7.23.9/@babel/plugin-transform-exponentiation-operator:^7.23.3

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/@babel/preset-env:7.23.9
  • simplicite-js:5.2.54

Identifiers

@babel/plugin-transform-export-namespace-from:7.23.4

Description:

Compile export namespace to ES2015

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/preset-env:7.23.9/@babel/plugin-transform-export-namespace-from:^7.23.4

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/@babel/preset-env:7.23.9
  • simplicite-js:5.2.54

Identifiers

@babel/plugin-transform-for-of:7.23.6

Description:

Compile ES2015 for...of to ES5

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/preset-env:7.23.9/@babel/plugin-transform-for-of:^7.23.6

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/@babel/preset-env:7.23.9
  • simplicite-js:5.2.54

Identifiers

@babel/plugin-transform-function-name:7.23.3

Description:

Apply ES2015 function.name semantics to all functions

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/preset-env:7.23.9/@babel/plugin-transform-function-name:^7.23.3

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/@babel/preset-env:7.23.9
  • simplicite-js:5.2.54

Identifiers

@babel/plugin-transform-json-strings:7.23.4

Description:

Escape U+2028 LINE SEPARATOR and U+2029 PARAGRAPH SEPARATOR in JS strings

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/preset-env:7.23.9/@babel/plugin-transform-json-strings:^7.23.4

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/@babel/preset-env:7.23.9
  • simplicite-js:5.2.54

Identifiers

@babel/plugin-transform-literals:7.23.3

Description:

Compile ES2015 unicode string and number literals to ES5

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/preset-env:7.23.9/@babel/plugin-transform-literals:^7.23.3

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/@babel/preset-env:7.23.9
  • simplicite-js:5.2.54

Identifiers

@babel/plugin-transform-logical-assignment-operators:7.23.4

Description:

Transforms logical assignment operators into short-circuited assignments

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/preset-env:7.23.9/@babel/plugin-transform-logical-assignment-operators:^7.23.4

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/@babel/preset-env:7.23.9
  • simplicite-js:5.2.54

Identifiers

@babel/plugin-transform-member-expression-literals:7.23.3

Description:

Ensure that reserved words are quoted in property accesses

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/preset-env:7.23.9/@babel/plugin-transform-member-expression-literals:^7.23.3

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/@babel/preset-env:7.23.9
  • simplicite-js:5.2.54

Identifiers

@babel/plugin-transform-modules-amd:7.23.3

Description:

This plugin transforms ES2015 modules to AMD

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/preset-env:7.23.9/@babel/plugin-transform-modules-amd:^7.23.3

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/@babel/preset-env:7.23.9
  • simplicite-js:5.2.54

Identifiers

@babel/plugin-transform-modules-commonjs:7.23.3

Description:

This plugin transforms ES2015 modules to CommonJS

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/preset-env:7.23.9/@babel/plugin-transform-modules-commonjs:^7.23.3

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/@babel/preset-env:7.23.9
  • simplicite-js:5.2.54

Identifiers

@babel/plugin-transform-modules-systemjs:7.23.9

Description:

This plugin transforms ES2015 modules to SystemJS

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/preset-env:7.23.9/@babel/plugin-transform-modules-systemjs:^7.23.9

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/@babel/preset-env:7.23.9
  • simplicite-js:5.2.54

Identifiers

@babel/plugin-transform-modules-umd:7.23.3

Description:

This plugin transforms ES2015 modules to UMD

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/preset-env:7.23.9/@babel/plugin-transform-modules-umd:^7.23.3

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/@babel/preset-env:7.23.9
  • simplicite-js:5.2.54

Identifiers

@babel/plugin-transform-named-capturing-groups-regex:7.22.5

Description:

Compile regular expressions using named groups to ES5.

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/preset-env:7.23.9/@babel/plugin-transform-named-capturing-groups-regex:^7.22.5

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/@babel/preset-env:7.23.9
  • simplicite-js:5.2.54

Identifiers

@babel/plugin-transform-new-target:7.23.3

Description:

Transforms new.target meta property

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/preset-env:7.23.9/@babel/plugin-transform-new-target:^7.23.3

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/@babel/preset-env:7.23.9
  • simplicite-js:5.2.54

Identifiers

@babel/plugin-transform-nullish-coalescing-operator:7.23.4

Description:

Remove nullish coalescing operator

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/preset-env:7.23.9/@babel/plugin-transform-nullish-coalescing-operator:^7.23.4

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/@babel/preset-env:7.23.9
  • simplicite-js:5.2.54

Identifiers

@babel/plugin-transform-numeric-separator:7.23.4

Description:

Remove numeric separators from Decimal, Binary, Hex and Octal literals

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/preset-env:7.23.9/@babel/plugin-transform-numeric-separator:^7.23.4

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/@babel/preset-env:7.23.9
  • simplicite-js:5.2.54

Identifiers

@babel/plugin-transform-object-rest-spread:7.23.4

Description:

Compile object rest and spread to ES5

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/preset-env:7.23.9/@babel/plugin-transform-object-rest-spread:^7.23.4

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/@babel/preset-env:7.23.9
  • simplicite-js:5.2.54

Identifiers

@babel/plugin-transform-object-super:7.23.3

Description:

Compile ES2015 object super to ES5

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/preset-env:7.23.9/@babel/plugin-transform-object-super:^7.23.3

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/@babel/preset-env:7.23.9
  • simplicite-js:5.2.54

Identifiers

@babel/plugin-transform-optional-catch-binding:7.23.4

Description:

Compile optional catch bindings

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/preset-env:7.23.9/@babel/plugin-transform-optional-catch-binding:^7.23.4

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/@babel/preset-env:7.23.9
  • simplicite-js:5.2.54

Identifiers

@babel/plugin-transform-optional-chaining:7.23.4

Description:

Transform optional chaining operators into a series of nil checks

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/preset-env:7.23.9/@babel/plugin-transform-optional-chaining:^7.23.4

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/@babel/preset-env:7.23.9
  • simplicite-js:5.2.54
  • simplicite-js:5.2.54/@babel/plugin-bugfix-v8-spread-parameters-in-optional-chaining:7.23.3

Identifiers

@babel/plugin-transform-parameters:7.23.3

Description:

Compile ES2015 default and rest parameters to ES5

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/preset-env:7.23.9/@babel/plugin-transform-parameters:^7.23.3

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/@babel/plugin-transform-object-rest-spread:7.23.4
  • simplicite-js:5.2.54/@babel/preset-env:7.23.9
  • simplicite-js:5.2.54

Identifiers

@babel/plugin-transform-private-methods:7.23.3

Description:

This plugin transforms private class methods

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/preset-env:7.23.9/@babel/plugin-transform-private-methods:^7.23.3

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/@babel/preset-env:7.23.9
  • simplicite-js:5.2.54

Identifiers

@babel/plugin-transform-private-property-in-object:7.23.4

Description:

This plugin transforms checks for a private property in an object

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/preset-env:7.23.9/@babel/plugin-transform-private-property-in-object:^7.23.4

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/@babel/preset-env:7.23.9
  • simplicite-js:5.2.54

Identifiers

@babel/plugin-transform-property-literals:7.23.3

Description:

Ensure that reserved words are quoted in object property keys

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/preset-env:7.23.9/@babel/plugin-transform-property-literals:^7.23.3

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/@babel/preset-env:7.23.9
  • simplicite-js:5.2.54

Identifiers

@babel/plugin-transform-regenerator:7.23.3

Description:

Explode async and generator functions into a state machine.

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/preset-env:7.23.9/@babel/plugin-transform-regenerator:^7.23.3

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/@babel/preset-env:7.23.9
  • simplicite-js:5.2.54

Identifiers

@babel/plugin-transform-reserved-words:7.23.3

Description:

Ensure that no reserved words are used.

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/preset-env:7.23.9/@babel/plugin-transform-reserved-words:^7.23.3

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/@babel/preset-env:7.23.9
  • simplicite-js:5.2.54

Identifiers

@babel/plugin-transform-shorthand-properties:7.23.3

Description:

Compile ES2015 shorthand properties to ES5

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/preset-env:7.23.9/@babel/plugin-transform-shorthand-properties:^7.23.3

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/@babel/preset-env:7.23.9
  • simplicite-js:5.2.54

Identifiers

@babel/plugin-transform-spread:7.23.3

Description:

Compile ES2015 spread to ES5

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/preset-env:7.23.9/@babel/plugin-transform-spread:^7.23.3

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/@babel/preset-env:7.23.9
  • simplicite-js:5.2.54

Identifiers

@babel/plugin-transform-sticky-regex:7.23.3

Description:

Compile ES2015 sticky regex to an ES5 RegExp constructor

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/preset-env:7.23.9/@babel/plugin-transform-sticky-regex:^7.23.3

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/@babel/preset-env:7.23.9
  • simplicite-js:5.2.54

Identifiers

@babel/plugin-transform-template-literals:7.23.3

Description:

Compile ES2015 template literals to ES5

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/preset-env:7.23.9/@babel/plugin-transform-template-literals:^7.23.3

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/@babel/preset-env:7.23.9
  • simplicite-js:5.2.54

Identifiers

@babel/plugin-transform-typeof-symbol:7.23.3

Description:

This transformer wraps all typeof expressions with a method that replicates native behaviour. (ie. returning “symbol” for symbols)

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/preset-env:7.23.9/@babel/plugin-transform-typeof-symbol:^7.23.3

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/@babel/preset-env:7.23.9
  • simplicite-js:5.2.54

Identifiers

@babel/plugin-transform-unicode-escapes:7.23.3

Description:

Compile ES2015 Unicode escapes to ES5

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/preset-env:7.23.9/@babel/plugin-transform-unicode-escapes:^7.23.3

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/@babel/preset-env:7.23.9
  • simplicite-js:5.2.54

Identifiers

@babel/plugin-transform-unicode-property-regex:7.23.3

Description:

Compile Unicode property escapes in Unicode regular expressions to ES5.

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/preset-env:7.23.9/@babel/plugin-transform-unicode-property-regex:^7.23.3

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/@babel/preset-env:7.23.9
  • simplicite-js:5.2.54

Identifiers

@babel/plugin-transform-unicode-regex:7.23.3

Description:

Compile ES2015 Unicode regex to ES5

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/preset-env:7.23.9/@babel/plugin-transform-unicode-regex:^7.23.3

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/@babel/preset-env:7.23.9
  • simplicite-js:5.2.54

Identifiers

@babel/plugin-transform-unicode-sets-regex:7.23.3

Description:

Compile regular expressions' unicodeSets (v) flag.

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?@babel/preset-env:7.23.9/@babel/plugin-transform-unicode-sets-regex:^7.23.3

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/@babel/preset-env:7.23.9
  • simplicite-js:5.2.54

Identifiers

@babel/preset-env:7.23.9

Description:

A Babel preset for each environment.

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/@babel/preset-env:7.23.9

Referenced In Project/Scope: simplicite-js:5.2.54

Identifiers

@babel/preset-modules:0.1.6-no-external-plugins

Description:

A Babel preset that targets modern browsers by fixing engine bugs.

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/@babel/preset-modules:0.1.6-no-external-plugins

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/@babel/preset-env:7.23.9
  • simplicite-js:5.2.54

Identifiers

@babel/register:7.23.7

Description:

babel require hook

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/@babel/register:7.23.7

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/@babel/node:7.23.9
  • simplicite-js:5.2.54

Identifiers

@babel/regjsgen:0.8.0

Description:

Generate regular expressions from regjsparser’s AST.

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?regexpu-core:5.3.2/@babel/regjsgen:^0.8.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/regexpu-core:5.3.2
  • simplicite-js:5.2.54

Identifiers

@babel/runtime:7.23.9

Description:

babel's modular runtime helpers

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?regenerator-transform:0.15.2/@babel/runtime:^7.8.4

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/regenerator-transform:0.15.2
  • simplicite-js:5.2.54

Identifiers

@babel/template:7.23.9

Description:

Generate an AST from a string template.

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/@babel/template:7.23.9

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/@babel/helper-function-name:7.23.0
  • simplicite-js:5.2.54/@babel/helper-wrap-function:7.22.20
  • simplicite-js:5.2.54/@babel/plugin-transform-computed-properties:7.23.3
  • simplicite-js:5.2.54/@babel/core:7.23.9
  • simplicite-js:5.2.54
  • simplicite-js:5.2.54/@babel/helpers:7.23.9

Identifiers

@babel/traverse:7.23.9

Description:

The Babel Traverse module maintains the overall tree state, and is responsible for replacing, removing, and adding nodes

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?depcheck:1.4.3/@babel/traverse:^7.12.5

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/@babel/core:7.23.9
  • simplicite-js:5.2.54
  • simplicite-js:5.2.54/depcheck:1.4.3
  • simplicite-js:5.2.54/@babel/helpers:7.23.9

Identifiers

@babel/types:7.23.9

Description:

Babel Types is a Lodash-esque utility library for AST nodes

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/@babel/types:7.23.9

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/@babel/helper-split-export-declaration:7.22.6
  • simplicite-js:5.2.54/@babel/helper-module-imports:7.22.15
  • simplicite-js:5.2.54/@babel/helper-simple-access:7.22.5
  • simplicite-js:5.2.54/@babel/preset-modules:0.1.6-no-external-plugins
  • simplicite-js:5.2.54/@babel/helper-optimise-call-expression:7.22.5
  • simplicite-js:5.2.54/@babel/traverse:7.23.9
  • simplicite-js:5.2.54/@babel/helper-skip-transparent-expression-wrappers:7.22.5
  • simplicite-js:5.2.54/@babel/generator:7.23.6
  • simplicite-js:5.2.54/@babel/helper-builder-binary-assignment-operator-visitor:7.22.15
  • simplicite-js:5.2.54/@babel/core:7.23.9
  • simplicite-js:5.2.54
  • simplicite-js:5.2.54/@babel/helper-hoist-variables:7.22.5
  • simplicite-js:5.2.54/@babel/helper-annotate-as-pure:7.22.5
  • simplicite-js:5.2.54/@babel/helper-function-name:7.23.0
  • simplicite-js:5.2.54/@babel/helper-wrap-function:7.22.20
  • simplicite-js:5.2.54/@babel/template:7.23.9
  • simplicite-js:5.2.54/@babel/helpers:7.23.9
  • simplicite-js:5.2.54/@babel/helper-member-expression-to-functions:7.23.0

Identifiers

@colors/colors:1.5.0

Description:

get colors in your node.js console

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/@colors/colors:1.5.0

Referenced In Project/Scope: simplicite-js:5.2.54

Identifiers

@csstools/selector-specificity:2.2.0

Description:

Determine selector specificity with postcss-selector-parser

License:

CC0-1.0
File Path: /var/simplicite/simplicite-5.2/package-lock.json?stylelint:14.16.1/@csstools/selector-specificity:^2.0.2

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/stylelint:14.16.1
  • simplicite-js:5.2.54

Identifiers

@devexpress/error-stack-parser:2.0.6

Description:

Extract meaning from JS Errors

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?callsite-record:4.1.5/@devexpress/error-stack-parser:^2.0.6

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/callsite-record:4.1.5
  • simplicite-js:5.2.54

Identifiers

@es-joy/jsdoccomment:0.41.0

Description:

Maintained replacement for ESLint's deprecated SourceCode#getJSDocComment along with other jsdoc utilities

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?eslint-plugin-jsdoc:48.0.4/@es-joy/jsdoccomment:~0.41.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/eslint-plugin-jsdoc:48.0.4
  • simplicite-js:5.2.54

Identifiers

@eslint-community/eslint-utils:4.4.0

Description:

Utilities for ESLint plugins.

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?eslint:8.56.0/@eslint-community/eslint-utils:^4.2.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/eslint:8.56.0
  • simplicite-js:5.2.54

Identifiers

@eslint-community/regexpp:4.6.2

Description:

Regular expression parser for ECMAScript.

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?eslint:8.56.0/@eslint-community/regexpp:^4.6.1

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/eslint:8.56.0
  • simplicite-js:5.2.54

Identifiers

@eslint/eslintrc:2.1.4

Description:

The legacy ESLintRC config file format for ESLint

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?eslint:8.56.0/@eslint/eslintrc:^2.1.4

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/eslint:8.56.0
  • simplicite-js:5.2.54

Identifiers

@eslint/js:8.56.0

Description:

ESLint JavaScript language implementation

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?eslint:8.56.0/@eslint/js:8.56.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/eslint:8.56.0
  • simplicite-js:5.2.54

Identifiers

@fullcalendar/bootstrap:5.11.0

Description:

Bootstrap 4 theming for your calendar

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/@fullcalendar/bootstrap:5.11.0

Referenced In Project/Scope: simplicite-js:5.2.54

Identifiers

@fullcalendar/common:5.11.5

Description:

internal package

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?@fullcalendar/timegrid:5.11.0/@fullcalendar/common:~5.11.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/@fullcalendar/moment:5.11.0
  • simplicite-js:5.2.54/@fullcalendar/moment-timezone:5.11.0
  • simplicite-js:5.2.54
  • simplicite-js:5.2.54/@fullcalendar/interaction:5.11.0
  • simplicite-js:5.2.54/@fullcalendar/luxon:5.11.0
  • simplicite-js:5.2.54/@fullcalendar/google-calendar:5.11.0
  • simplicite-js:5.2.54/@fullcalendar/bootstrap:5.11.0
  • simplicite-js:5.2.54/@fullcalendar/daygrid:5.11.0
  • simplicite-js:5.2.54/@fullcalendar/timegrid:5.11.0
  • simplicite-js:5.2.54/@fullcalendar/list:5.11.0
  • simplicite-js:5.2.54/@fullcalendar/rrule:5.11.0
  • simplicite-js:5.2.54/@fullcalendar/core:5.11.0

Identifiers

@fullcalendar/core:5.11.0

Description:

Provides core functionality, including the Calendar class

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/@fullcalendar/core:5.11.0

Referenced In Project/Scope: simplicite-js:5.2.54

Identifiers

@fullcalendar/daygrid:5.11.0

Description:

Display events on Month view or DayGrid view

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?@fullcalendar/timegrid:5.11.0/@fullcalendar/daygrid:~5.11.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/@fullcalendar/timegrid:5.11.0
  • simplicite-js:5.2.54

Identifiers

@fullcalendar/google-calendar:5.11.0

Description:

Fetch events from a public Google Calendar feed

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/@fullcalendar/google-calendar:5.11.0

Referenced In Project/Scope: simplicite-js:5.2.54

Identifiers

@fullcalendar/interaction:5.11.0

Description:

Provides functionality for event drag-n-drop, resizing, dateClick, and selectable actions

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/@fullcalendar/interaction:5.11.0

Referenced In Project/Scope: simplicite-js:5.2.54

Identifiers

@fullcalendar/list:5.11.0

Description:

View your events as a bulleted list

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/@fullcalendar/list:5.11.0

Referenced In Project/Scope: simplicite-js:5.2.54

Identifiers

@fullcalendar/luxon:5.11.0

Description:

A connector to the Luxon 1 date library

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/@fullcalendar/luxon:5.11.0

Referenced In Project/Scope: simplicite-js:5.2.54

Identifiers

@fullcalendar/moment-timezone:5.11.0

Description:

A connector to the moment-timezone library

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/@fullcalendar/moment-timezone:5.11.0

Referenced In Project/Scope: simplicite-js:5.2.54

Identifiers

@fullcalendar/moment:5.11.0

Description:

A connector to the MomentJS date library

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/@fullcalendar/moment:5.11.0

Referenced In Project/Scope: simplicite-js:5.2.54

Identifiers

@fullcalendar/rrule:5.11.0

Description:

A connector to the RRule library, for recurring events

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/@fullcalendar/rrule:5.11.0

Referenced In Project/Scope: simplicite-js:5.2.54

Identifiers

@fullcalendar/timegrid:5.11.0

Description:

Display your events on a grid of time slots

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/@fullcalendar/timegrid:5.11.0

Referenced In Project/Scope: simplicite-js:5.2.54

Identifiers

@humanwhocodes/config-array:0.11.13

Description:

Glob-based configuration matching.

License:

Apache-2.0
File Path: /var/simplicite/simplicite-5.2/package-lock.json?eslint:8.56.0/@humanwhocodes/config-array:^0.11.13

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/eslint:8.56.0
  • simplicite-js:5.2.54

Identifiers

@humanwhocodes/module-importer:1.0.1

Description:

Universal module importer for Node.js

License:

Apache-2.0
File Path: /var/simplicite/simplicite-5.2/package-lock.json?eslint:8.56.0/@humanwhocodes/module-importer:^1.0.1

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/eslint:8.56.0
  • simplicite-js:5.2.54

Identifiers

@humanwhocodes/object-schema:2.0.1

Description:

An object schema merger/validator

License:

BSD-3-Clause
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/@humanwhocodes/object-schema:2.0.1

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54
  • simplicite-js:5.2.54/@humanwhocodes/config-array:0.11.13

Identifiers

@isaacs/cliui:8.0.2

Description:

easily create complex multi-column command-line-interfaces

License:

ISC
File Path: /var/simplicite/simplicite-5.2/package-lock.json?jackspeak:2.3.6/@isaacs/cliui:^8.0.2

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/jackspeak:2.3.6
  • simplicite-js:5.2.54

Identifiers

@jridgewell/gen-mapping:0.3.3

Description:

Generate source maps

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/@jridgewell/gen-mapping:0.3.3

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/@ampproject/remapping:2.2.1
  • simplicite-js:5.2.54/@babel/generator:7.23.6
  • simplicite-js:5.2.54

Identifiers

@jridgewell/resolve-uri:3.1.0

Description:

Resolve a URI relative to an optional base URI

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?@jridgewell/trace-mapping:0.3.18/@jridgewell/resolve-uri:3.1.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/@jridgewell/trace-mapping:0.3.18
  • simplicite-js:5.2.54

Identifiers

@jridgewell/set-array:1.1.2

Description:

Like a Set, but provides the index of the `key` in the backing array

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/@jridgewell/set-array:1.1.2

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/@jridgewell/gen-mapping:0.3.3
  • simplicite-js:5.2.54

Identifiers

@jridgewell/sourcemap-codec:1.4.14

Description:

Encode/decode sourcemap mappings

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/@jridgewell/sourcemap-codec:1.4.14

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/@jridgewell/trace-mapping:0.3.18
  • simplicite-js:5.2.54

Identifiers

@jridgewell/sourcemap-codec:1.4.15

Description:

Encode/decode sourcemap mappings

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?magic-string:0.30.0/@jridgewell/sourcemap-codec:^1.4.13

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/@jridgewell/gen-mapping:0.3.3
  • simplicite-js:5.2.54/magic-string:0.30.0
  • simplicite-js:5.2.54

Identifiers

@jridgewell/trace-mapping:0.3.18

Description:

Trace the original position through a source map

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/@jridgewell/trace-mapping:0.3.18

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/@ampproject/remapping:2.2.1
  • simplicite-js:5.2.54/@jridgewell/gen-mapping:0.3.3
  • simplicite-js:5.2.54/@babel/generator:7.23.6
  • simplicite-js:5.2.54/@babel/cli:7.23.9
  • simplicite-js:5.2.54

Identifiers

@jsdoc/salty:0.2.5

Description:

A drop-in replacement for (some of) TaffyDB.

License:

Apache-2.0
File Path: /var/simplicite/simplicite-5.2/package-lock.json?jsdoc:4.0.2/@jsdoc/salty:^0.2.1

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/jsdoc:4.0.2
  • simplicite-js:5.2.54/docdash:2.0.2
  • simplicite-js:5.2.54

Identifiers

@kessler/tableify:1.0.2

Description:

Create HTML tables from Javascript Objects

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?license-report:6.5.0/@kessler/tableify:^1.0.2

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/license-report:6.5.0
  • simplicite-js:5.2.54

Identifiers

@nicolo-ribaudo/chokidar-2:2.1.8-no-fsevents.3

Description:

A wrapper around chokidar@2 to be able to specify both @2 and @3 as dependencies

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/@nicolo-ribaudo/chokidar-2:2.1.8-no-fsevents.3

Referenced In Project/Scope: simplicite-js:5.2.54

Identifiers

@nodelib/fs.scandir:2.1.5

Description:

List files and directories inside the specified directory

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?@nodelib/fs.walk:1.2.8/@nodelib/fs.scandir:2.1.5

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/@nodelib/fs.walk:1.2.8
  • simplicite-js:5.2.54

Identifiers

@nodelib/fs.stat:2.0.5

Description:

Get the status of a file with some features

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?fast-glob:3.3.0/@nodelib/fs.stat:^2.0.2

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54
  • simplicite-js:5.2.54/@nodelib/fs.scandir:2.1.5
  • simplicite-js:5.2.54/fast-glob:3.3.0

Identifiers

@nodelib/fs.walk:1.2.8

Description:

A library for efficiently walking a directory recursively

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?fast-glob:3.3.0/@nodelib/fs.walk:^1.2.3

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/eslint:8.56.0
  • simplicite-js:5.2.54
  • simplicite-js:5.2.54/fast-glob:3.3.0

Identifiers

@npmcli/fs:3.1.0

Description:

filesystem utilities for the npm cli

License:

ISC
File Path: /var/simplicite/simplicite-5.2/package-lock.json?cacache:17.1.3/@npmcli/fs:^3.1.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/cacache:17.1.3
  • simplicite-js:5.2.54

Identifiers

@npmcli/git:4.1.0

Description:

a util for spawning git from npm CLI contexts

License:

ISC
File Path: /var/simplicite/simplicite-5.2/package-lock.json?pacote:15.2.0/@npmcli/git:^4.0.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/pacote:15.2.0
  • simplicite-js:5.2.54

Identifiers

@npmcli/installed-package-contents:2.0.2

Description:

Get the list of files installed in a package in node_modules, including bundled dependencies

License:

ISC
File Path: /var/simplicite/simplicite-5.2/package-lock.json?pacote:15.2.0/@npmcli/installed-package-contents:^2.0.1

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/pacote:15.2.0
  • simplicite-js:5.2.54

Identifiers

@npmcli/node-gyp:3.0.0

Description:

Tools for dealing with node-gyp packages

License:

ISC
File Path: /var/simplicite/simplicite-5.2/package-lock.json?@npmcli/run-script:6.0.2/@npmcli/node-gyp:^3.0.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/@npmcli/run-script:6.0.2
  • simplicite-js:5.2.54

Identifiers

@npmcli/promise-spawn:6.0.2

Description:

spawn processes the way the npm cli likes to do

License:

ISC
File Path: /var/simplicite/simplicite-5.2/package-lock.json?pacote:15.2.0/@npmcli/promise-spawn:^6.0.1

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/@npmcli/run-script:6.0.2
  • simplicite-js:5.2.54/pacote:15.2.0
  • simplicite-js:5.2.54
  • simplicite-js:5.2.54/@npmcli/git:4.1.0

Identifiers

@npmcli/run-script:6.0.2

Description:

Run a lifecycle script for a package (descendant of npm-lifecycle)

License:

ISC
File Path: /var/simplicite/simplicite-5.2/package-lock.json?pacote:15.2.0/@npmcli/run-script:^6.0.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/pacote:15.2.0
  • simplicite-js:5.2.54

Identifiers

@pkgjs/parseargs:0.11.0

Description:

Polyfill of future proposal for `util.parseArgs()`

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/@pkgjs/parseargs:0.11.0

Referenced In Project/Scope: simplicite-js:5.2.54

Identifiers

@pnpm/config.env-replace:1.1.0

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?@pnpm/npm-conf:2.2.2/@pnpm/config.env-replace:^1.1.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54
  • simplicite-js:5.2.54/@pnpm/npm-conf:2.2.2

Identifiers

@pnpm/network.ca-file:1.0.2

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?@pnpm/npm-conf:2.2.2/@pnpm/network.ca-file:^1.0.1

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54
  • simplicite-js:5.2.54/@pnpm/npm-conf:2.2.2

Identifiers

@pnpm/npm-conf:2.2.2

Description:

Get the npm config

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?registry-auth-token:5.0.2/@pnpm/npm-conf:^2.1.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/registry-auth-token:5.0.2
  • simplicite-js:5.2.54

Identifiers

@sigstore/bundle:1.0.0

Description:

Sigstore bundle type

License:

Apache-2.0
File Path: /var/simplicite/simplicite-5.2/package-lock.json?sigstore:1.8.0/@sigstore/bundle:^1.0.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/sigstore:1.8.0
  • simplicite-js:5.2.54

Identifiers

@sigstore/protobuf-specs:0.2.0

Description:

code-signing for npm packages

License:

Apache-2.0
File Path: /var/simplicite/simplicite-5.2/package-lock.json?sigstore:1.8.0/@sigstore/protobuf-specs:^0.2.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/sigstore:1.8.0
  • simplicite-js:5.2.54/@sigstore/tuf:1.0.3
  • simplicite-js:5.2.54/@sigstore/bundle:1.0.0
  • simplicite-js:5.2.54

Identifiers

@sigstore/tuf:1.0.3

Description:

Client for the Sigstore TUF repository

License:

Apache-2.0
File Path: /var/simplicite/simplicite-5.2/package-lock.json?sigstore:1.8.0/@sigstore/tuf:^1.0.3

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/sigstore:1.8.0
  • simplicite-js:5.2.54

Identifiers

@sindresorhus/is:5.4.1

Description:

Type check values

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?got:13.0.0/@sindresorhus/is:^5.2.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/got:12.6.1
  • simplicite-js:5.2.54/got:9.6.0
  • simplicite-js:5.2.54
  • simplicite-js:5.2.54/got:13.0.0

Identifiers

@szmarczak/http-timer:5.0.1

Description:

Timings for HTTP requests

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?got:13.0.0/@szmarczak/http-timer:^5.0.1

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/got:12.6.1
  • simplicite-js:5.2.54/got:9.6.0
  • simplicite-js:5.2.54
  • simplicite-js:5.2.54/got:13.0.0

Identifiers

@tootallnate/once:2.0.0

Description:

Creates a Promise that waits for a single event

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/@tootallnate/once:2.0.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/http-proxy-agent:5.0.0
  • simplicite-js:5.2.54

Identifiers

@tufjs/canonical-json:1.0.0

Description:

OLPC JSON canonicalization

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?@tufjs/models:1.0.4/@tufjs/canonical-json:1.0.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/@tufjs/models:1.0.4
  • simplicite-js:5.2.54

Identifiers

@tufjs/models:1.0.4

Description:

TUF metadata models

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?tuf-js:1.1.7/@tufjs/models:1.0.4

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/tuf-js:1.1.7
  • simplicite-js:5.2.54

Identifiers

@types/http-cache-semantics:4.0.1

Description:

TypeScript definitions for http-cache-semantics

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?cacheable-request:10.2.12/@types/http-cache-semantics:^4.0.1

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/cacheable-request:10.2.12
  • simplicite-js:5.2.54

Identifiers

@types/linkify-it:3.0.2

Description:

TypeScript definitions for linkify-it

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?@types/markdown-it:12.2.3/@types/linkify-it:*

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/@types/markdown-it:12.2.3
  • simplicite-js:5.2.54

Identifiers

@types/lodash:4.14.195

Description:

TypeScript definitions for Lo-Dash

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?callsite-record:4.1.5/@types/lodash:^4.14.72

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/callsite-record:4.1.5
  • simplicite-js:5.2.54

Identifiers

@types/markdown-it:12.2.3

Description:

TypeScript definitions for markdown-it

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?jsdoc:4.0.2/@types/markdown-it:^12.2.3

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/jsdoc:4.0.2
  • simplicite-js:5.2.54

Identifiers

@types/mdurl:1.0.2

Description:

TypeScript definitions for mdurl

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/@types/mdurl:1.0.2

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/@types/markdown-it:12.2.3
  • simplicite-js:5.2.54

Identifiers

@types/minimatch:3.0.5

Description:

TypeScript definitions for Minimatch

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?multimatch:5.0.0/@types/minimatch:^3.0.3

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/multimatch:5.0.0
  • simplicite-js:5.2.54

Identifiers

@types/minimist:1.2.2

Description:

TypeScript definitions for minimist

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?meow:9.0.0/@types/minimist:^1.2.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/meow:9.0.0
  • simplicite-js:5.2.54

Identifiers

@types/normalize-package-data:2.4.1

Description:

TypeScript definitions for normalize-package-data

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?read-pkg:5.2.0/@types/normalize-package-data:^2.4.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/read-pkg:5.2.0
  • simplicite-js:5.2.54

Identifiers

@types/parse-json:4.0.0

Description:

TypeScript definitions for parse-json

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?cosmiconfig:7.1.0/@types/parse-json:^4.0.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/cosmiconfig:7.1.0
  • simplicite-js:5.2.54

Identifiers

@ungap/structured-clone:1.2.0

Description:

A structuredClone polyfill

License:

ISC
File Path: /var/simplicite/simplicite-5.2/package-lock.json?eslint:8.56.0/@ungap/structured-clone:^1.2.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/eslint:8.56.0
  • simplicite-js:5.2.54

Identifiers

@vue/compiler-core:3.3.4

Description:

@vue/compiler-core

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?@vue/reactivity-transform:3.3.4/@vue/compiler-core:3.3.4

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/@vue/compiler-sfc:3.3.4
  • simplicite-js:5.2.54/@vue/reactivity-transform:3.3.4
  • simplicite-js:5.2.54/@vue/compiler-dom:3.3.4
  • simplicite-js:5.2.54

Identifiers

@vue/compiler-dom:3.3.4

Description:

@vue/compiler-dom

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?@vue/compiler-ssr:3.3.4/@vue/compiler-dom:3.3.4

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/@vue/compiler-sfc:3.3.4
  • simplicite-js:5.2.54/@vue/compiler-ssr:3.3.4
  • simplicite-js:5.2.54

Identifiers

@vue/compiler-sfc:3.3.4

Description:

@vue/compiler-sfc

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?depcheck:1.4.3/@vue/compiler-sfc:^3.0.5

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54
  • simplicite-js:5.2.54/depcheck:1.4.3

Identifiers

@vue/compiler-ssr:3.3.4

Description:

@vue/compiler-ssr

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/@vue/compiler-ssr:3.3.4

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/@vue/compiler-sfc:3.3.4
  • simplicite-js:5.2.54

Identifiers

@vue/reactivity-transform:3.3.4

Description:

@vue/reactivity-transform

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/@vue/reactivity-transform:3.3.4

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/@vue/compiler-sfc:3.3.4
  • simplicite-js:5.2.54

Identifiers

@vue/shared:3.3.4

Description:

internal utils shared across @vue packages

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/@vue/shared:3.3.4

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/@vue/compiler-sfc:3.3.4
  • simplicite-js:5.2.54/@vue/compiler-ssr:3.3.4
  • simplicite-js:5.2.54/@vue/compiler-core:3.3.4
  • simplicite-js:5.2.54/@vue/reactivity-transform:3.3.4
  • simplicite-js:5.2.54/@vue/compiler-dom:3.3.4
  • simplicite-js:5.2.54

Identifiers

HikariCP-5.0.0.jar

Description:

Ultimate JDBC Connection Pool

License:

The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /var/simplicite/.m2/repository/com/zaxxer/HikariCP/5.0.0/HikariCP-5.0.0.jar
MD5: 0231648391cf340e30a360f28b259073
SHA1: 8685b74cebc0435144d652311a2930f5914c968a
SHA256:cfab85c04fcb590ae4cfdbe1b1e87cfd7277c4ba378229422d8e8bce989a97d6
Referenced In Project/Scope: Simplicite Platform:compile
HikariCP-5.0.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.simplicite/simplicite@5.2.54

Identifiers

JavaEWAH-1.1.13.jar

Description:

The bit array data structure is implemented in Java as the BitSet class. Unfortunately, this fails to scale without compression.
  JavaEWAH is a word-aligned compressed variant of the Java bitset class. It uses a 64-bit run-length encoding (RLE) compression scheme.
  The goal of word-aligned compression is not to achieve the best compression, but rather to improve query processing time. Hence, we try to save CPU cycles, maybe at the expense of storage. However, the EWAH scheme we implemented is always more efficient storage-wise than an uncompressed bitmap (implemented in Java as the BitSet class). Unlike some alternatives, javaewah does not rely on a patented scheme.

License:

Apache 2: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /var/simplicite/.m2/repository/com/googlecode/javaewah/JavaEWAH/1.1.13/JavaEWAH-1.1.13.jar
MD5: a1eb305e5cc5bba238d4360e3139abb4
SHA1: 32cd724a42dc73f99ca08453d11a4bb83e0034c7
SHA256:4c0fda2b1d317750d7ea324e36c70b2bc48310c0aaae67b98df0915d696d7111
Referenced In Project/Scope: Simplicite Platform:compile
JavaEWAH-1.1.13.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.eclipse.jgit/org.eclipse.jgit@6.1.0.202203080745-r

Identifiers

SparseBitSet-1.2.jar

Description:

An efficient sparse bitset implementation for Java

License:

The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /var/simplicite/.m2/repository/com/zaxxer/SparseBitSet/1.2/SparseBitSet-1.2.jar
MD5: 1c6032441aec11b523e1a7bfa96d60cf
SHA1: 8467c813d442837fcaeddbc42cf5c5359fab4933
SHA256:91e6b318c901a0f2dd1f6ce781d62474435ae627d22fbac9b21bbc39ffd804b6
Referenced In Project/Scope: Simplicite Platform:compile
SparseBitSet-1.2.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.apache.poi/poi@4.1.2

Identifiers

abbrev:1.1.1

Description:

Like ruby's abbrev module, but in js

License:

ISC
File Path: /var/simplicite/simplicite-5.2/package-lock.json?nopt:6.0.0/abbrev:^1.0.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/nopt:5.0.0
  • simplicite-js:5.2.54/nopt:6.0.0
  • simplicite-js:5.2.54

Identifiers

ace-builds:1.4.12

Description:

Ace (Ajax.org Cloud9 Editor)

License:

BSD-3-Clause
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/ace-builds:1.4.12

Referenced In Project/Scope: simplicite-js:5.2.54

Identifiers

ace-diff:3.0.3

Description:

A diff/merging wrapper for Ace Editor built on google-diff-match-patch

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/ace-diff:3.0.3

Referenced In Project/Scope: simplicite-js:5.2.54

Identifiers

acorn-jsx:5.3.2

Description:

Modern, fast React.js JSX parser

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?espree:9.6.1/acorn-jsx:^5.3.2

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/espree:9.6.1
  • simplicite-js:5.2.54

Identifiers

acorn:8.11.3

Description:

ECMAScript parser

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?espree:9.6.1/acorn:^8.9.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/espree:9.6.1
  • simplicite-js:5.2.54

Identifiers

agent-base:6.0.2

Description:

Turn a function into an `http.Agent` instance

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?socks-proxy-agent:7.0.0/agent-base:^6.0.2

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/https-proxy-agent:5.0.1
  • simplicite-js:5.2.54/socks-proxy-agent:7.0.0
  • simplicite-js:5.2.54/http-proxy-agent:5.0.0
  • simplicite-js:5.2.54

Identifiers

agentkeepalive:4.3.0

Description:

Missing keepalive http.Agent

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?make-fetch-happen:11.1.1/agentkeepalive:^4.2.1

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/make-fetch-happen:11.1.1
  • simplicite-js:5.2.54

Identifiers

aggregate-error:3.1.0

Description:

Create an error from multiple errors

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?p-map:4.0.0/aggregate-error:^3.0.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/p-map:4.0.0
  • simplicite-js:5.2.54

Identifiers

ajv:6.12.6

Description:

Another JSON Schema Validator

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?eslint:8.56.0/ajv:^6.12.4

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/eslint:8.56.0
  • simplicite-js:5.2.54/@eslint/eslintrc:2.1.4
  • simplicite-js:5.2.54

Identifiers

ajv:8.12.0

Description:

Another JSON Schema Validator

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/ajv:8.12.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/table:6.8.1
  • simplicite-js:5.2.54

Identifiers

animal-sniffer-annotations-1.20.jar

File Path: /var/simplicite/.m2/repository/org/codehaus/mojo/animal-sniffer-annotations/1.20/animal-sniffer-annotations-1.20.jar
MD5: 919666ecef35662f89bd13e2fc04c127
SHA1: 0d98c2b001fcb9031859ec9d21914c2ce78912a5
SHA256:bedd44dfca2dc2b8f5c08cd1d6f0e0ce74094ec67781260968e03fc0e77522ac
Referenced In Project/Scope: Simplicite Platform:runtime
animal-sniffer-annotations-1.20.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.google.cloud/google-cloud-pubsub@1.114.4

Identifiers

annotations-4.1.1.4.jar

Description:

A library jar that provides annotations for the Google Android Platform.

License:

Apache 2.0: http://www.apache.org/licenses/LICENSE-2.0
File Path: /var/simplicite/.m2/repository/com/google/android/annotations/4.1.1.4/annotations-4.1.1.4.jar
MD5: c2cdd26a6ae577f24775e8ce75da1fdc
SHA1: a1678ba907bf92691d879fef34e1a187038f9259
SHA256:ba734e1e84c09d615af6a09d33034b4f0442f8772dec120efb376d86a565ae15
Referenced In Project/Scope: Simplicite Platform:runtime
annotations-4.1.1.4.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.google.cloud/google-cloud-pubsub@1.114.4

Identifiers

ansi-align:3.0.1

Description:

align-text with ANSI support for CLIs

License:

ISC
File Path: /var/simplicite/simplicite-5.2/package-lock.json?boxen:5.1.2/ansi-align:^3.0.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/boxen:5.1.2
  • simplicite-js:5.2.54/boxen:7.1.0
  • simplicite-js:5.2.54/boxen:4.2.0
  • simplicite-js:5.2.54

Identifiers

ansi-escapes:4.3.2

Description:

ANSI escape codes for manipulating the terminal

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?terminal-link:2.1.1/ansi-escapes:^4.2.1

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/terminal-link:2.1.1
  • simplicite-js:5.2.54/inquirer:7.3.3
  • simplicite-js:5.2.54

Identifiers

ansi-regex:5.0.1

Description:

Regular expression for matching ANSI escape codes

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?strip-ansi-cjs:6.0.1/ansi-regex:^5.0.1

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/strip-ansi-cjs:6.0.1
  • simplicite-js:5.2.54
  • simplicite-js:5.2.54/strip-ansi:6.0.1
  • simplicite-js:5.2.54/strip-ansi:7.1.0

Identifiers

ansi-styles:3.2.1

Description:

ANSI escape codes for styling strings in the terminal

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?chalk:2.4.2/ansi-styles:^3.2.1

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/slice-ansi:4.0.0
  • simplicite-js:5.2.54/chalk:3.0.0
  • simplicite-js:5.2.54/wrap-ansi:8.1.0
  • simplicite-js:5.2.54/chalk:4.1.2
  • simplicite-js:5.2.54
  • simplicite-js:5.2.54/chalk:2.4.2

Identifiers

ansi-styles:4.3.0

Description:

ANSI escape codes for styling strings in the terminal

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/ansi-styles:4.3.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/wrap-ansi:7.0.0
  • simplicite-js:5.2.54/wrap-ansi-cjs:7.0.0
  • simplicite-js:5.2.54

Identifiers

ant-1.10.11.jar

File Path: /var/simplicite/.m2/repository/org/apache/ant/ant/1.10.11/ant-1.10.11.jar
MD5: ee3529760a0cf967e19f38523adc603e
SHA1: b875cd48a0bc955ae9c5c477ad991e1f26fb24d2
SHA256:88c0b89bbbaae01e0d9fcae93be792f5abbe3409106f8eee858fdf365dbc0754
Referenced In Project/Scope: Simplicite Platform:compile
ant-1.10.11.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.simplicite/simplicite@5.2.54

Identifiers

antlr-2.7.7.jar

Description:

    A framework for constructing recognizers, compilers,
    and translators from grammatical descriptions containing
    Java, C#, C++, or Python actions.

License:

BSD License: http://www.antlr.org/license.html
File Path: /var/simplicite/.m2/repository/antlr/antlr/2.7.7/antlr-2.7.7.jar
MD5: f8f1352c52a4c6a500b597596501fc64
SHA1: 83cd2cd674a217ade95a4bb83a8a14f351f48bd0
SHA256:88fbda4b912596b9f56e8e12e580cc954bacfb51776ecfddd3e18fc1cf56dc4c
Referenced In Project/Scope: Simplicite Platform:compile
antlr-2.7.7.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.docx4j/docx4j-core@11.2.9

Identifiers

antlr-runtime-3.5.2.jar

Description:

A framework for constructing recognizers, compilers, and translators from grammatical descriptions containing Java, C#, C++, or Python actions.

File Path: /var/simplicite/.m2/repository/org/antlr/antlr-runtime/3.5.2/antlr-runtime-3.5.2.jar
MD5: 1fbbae2cb72530207c20b797bdabd029
SHA1: cd9cd41361c155f3af0f653009dcecb08d8b4afd
SHA256:ce3fc8ecb10f39e9a3cddcbb2ce350d272d9cd3d0b1e18e6fe73c3b9389c8734
Referenced In Project/Scope: Simplicite Platform:compile
antlr-runtime-3.5.2.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.docx4j/docx4j-core@11.2.9

Identifiers

anymatch:3.1.3

Description:

Matches strings against configurable strings, globs, regular expressions, and/or functions

License:

ISC
File Path: /var/simplicite/simplicite-5.2/package-lock.json?chokidar:3.5.3/anymatch:~3.1.2

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/chokidar:3.5.3
  • simplicite-js:5.2.54

Identifiers

aopalliance-1.0.jar

Description:

AOP Alliance

License:

Public Domain
File Path: /var/simplicite/.m2/repository/aopalliance/aopalliance/1.0/aopalliance-1.0.jar
MD5: 04177054e180d09e3998808efa0401c7
SHA1: 0235ba8b489512805ac13a8f9ea77a1ca5ebe3e8
SHA256:0addec670fedcd3f113c5c8091d783280d23f75e3acb841b61a9cdb079376a08
Referenced In Project/Scope: Simplicite Platform:compile
aopalliance-1.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.apache.jclouds/jclouds-core@2.4.0

Identifiers

aopalliance-repackaged-2.6.1.jar

Description:

Dependency Injection Kernel

License:

http://www.eclipse.org/legal/epl-2.0, https://www.gnu.org/software/classpath/license.html
File Path: /var/simplicite/.m2/repository/org/glassfish/hk2/external/aopalliance-repackaged/2.6.1/aopalliance-repackaged-2.6.1.jar
MD5: 0237846ebdaa7db36b356044a373ffba
SHA1: b2eb0a83bcbb44cc5d25f8b18f23be116313a638
SHA256:bad77f9278d753406360af9e4747bd9b3161554ea9cd3d62411a0ae1f2c141fd
Referenced In Project/Scope: Simplicite Platform:provided
aopalliance-repackaged-2.6.1.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.docusign/docusign-esign-java@3.14.0

Identifiers

apache-mime4j-core-0.8.4.jar

Description:

Java stream based MIME message parser

License:

https://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /var/simplicite/.m2/repository/org/apache/james/apache-mime4j-core/0.8.4/apache-mime4j-core-0.8.4.jar
MD5: 6d4ea538b14e34ee757fa00b06192514
SHA1: a7e552628c6587bdd1e2036045f1e06c4d513e32
SHA256:cd53e8269a9e1997c5699ffebd7d5c8245ffc81c2061fa397de27aa13f194883
Referenced In Project/Scope: Simplicite Platform:compile
apache-mime4j-core-0.8.4.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.apache.tika/tika-parsers@1.27

Identifiers

CVE-2024-21742 (OSSINDEX)  

Improper input validation allows for header injection in MIME4J library when using MIME4J DOM for composing message.
This can be exploited by an attacker to add unintended headers to MIME messages.
CWE-20 Improper Input Validation

CVSSv2:
  • Base Score: MEDIUM (5.3)
  • Vector: /AV:N/AC:L/Au:/C:N/I:L/A:N

References:

Vulnerable Software & Versions (OSSINDEX):

  • cpe:2.3:a:org.apache.james:apache-mime4j-core:0.8.4:*:*:*:*:*:*:*

apache-mime4j-dom-0.8.4.jar

Description:

Java MIME Document Object Model

License:

https://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /var/simplicite/.m2/repository/org/apache/james/apache-mime4j-dom/0.8.4/apache-mime4j-dom-0.8.4.jar
MD5: 075dc485dbd239a5d587fb0150afa49d
SHA1: dfdfdbc095017ffbaef308e80ff7ca53b1a6ff08
SHA256:f85feb2ad16aa15b5bbba48df16cd711b407f966967669cec897bd82498c5b5d
Referenced In Project/Scope: Simplicite Platform:compile
apache-mime4j-dom-0.8.4.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.apache.tika/tika-parsers@1.27

Identifiers

api-common-2.0.2.jar

Description:

Common utilities for Google APIs in Java

License:

BSD: https://github.com/googleapis/api-common-java/blob/master/LICENSE
File Path: /var/simplicite/.m2/repository/com/google/api/api-common/2.0.2/api-common-2.0.2.jar
MD5: c609f750cc5ca9563d7183358c7e2965
SHA1: d640515a0216e2143ad08fa7dece2653db4cc030
SHA256:d3c6632e3695a4cd5d0b25314f4585ce1a81743b2df345728d85e16208805340
Referenced In Project/Scope: Simplicite Platform:compile
api-common-2.0.2.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.google.cloud/google-cloud-storage@2.1.4

Identifiers

aproba:2.0.0

Description:

A ridiculously light-weight argument validator (now browser friendly)

License:

ISC
File Path: /var/simplicite/simplicite-5.2/package-lock.json?gauge:4.0.4/aproba:^1.0.3 || ^2.0.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/gauge:4.0.4
  • simplicite-js:5.2.54

Identifiers

are-docs-informative:0.0.2

Description:

Checks whether a documentation description introduces any new information.

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?eslint-plugin-jsdoc:48.0.4/are-docs-informative:^0.0.2

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/eslint-plugin-jsdoc:48.0.4
  • simplicite-js:5.2.54

Identifiers

are-we-there-yet:3.0.1

Description:

Keep track of the overall completion of many disparate processes

License:

ISC
File Path: /var/simplicite/simplicite-5.2/package-lock.json?npmlog:6.0.2/are-we-there-yet:^3.0.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/npmlog:6.0.2
  • simplicite-js:5.2.54

Identifiers

argparse:2.0.1

Description:

CLI arguments parser. Native port of python's argparse.

License:

Python-2.0
File Path: /var/simplicite/simplicite-5.2/package-lock.json?markdown-it:12.3.2/argparse:^2.0.1

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/js-yaml:3.14.1
  • simplicite-js:5.2.54/js-yaml:4.1.0
  • simplicite-js:5.2.54
  • simplicite-js:5.2.54/markdown-it:12.3.2

Identifiers

array-buffer-byte-length:1.0.0

Description:

Get the byte length of an ArrayBuffer, even in engines without a `.byteLength` method.

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?es-abstract:1.21.2/array-buffer-byte-length:^1.0.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/es-abstract:1.21.2
  • simplicite-js:5.2.54

Identifiers

array-differ:3.0.0

Description:

Create an array with values that are present in the first input array but not additional ones

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?multimatch:5.0.0/array-differ:^3.0.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/multimatch:5.0.0
  • simplicite-js:5.2.54

Identifiers

array-union:2.1.0

Description:

Create an array of unique values, in order, from the input arrays

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?multimatch:5.0.0/array-union:^2.1.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/multimatch:5.0.0
  • simplicite-js:5.2.54
  • simplicite-js:5.2.54/globby:11.1.0

Identifiers

array.prototype.reduce:1.0.5

Description:

An ES5 spec-compliant `Array.prototype.reduce` shim/polyfill/replacement that works as far down as ES3.

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?object.getownpropertydescriptors:2.1.6/array.prototype.reduce:^1.0.5

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/object.getownpropertydescriptors:2.1.6
  • simplicite-js:5.2.54

Identifiers

arrify:1.0.1

Description:

Convert a value to an array

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?minimist-options:4.1.0/arrify:^1.0.1

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54
  • simplicite-js:5.2.54/minimist-options:4.1.0

Identifiers

arrify:2.0.1

Description:

Convert a value to an array

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/arrify:2.0.1

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/multimatch:5.0.0
  • simplicite-js:5.2.54

Identifiers

asm-9.2.jar

Description:

ASM, a very small and fast Java bytecode manipulation framework

License:

BSD-3-Clause: https://asm.ow2.io/license.html
File Path: /var/simplicite/.m2/repository/org/ow2/asm/asm/9.2/asm-9.2.jar
MD5: 8f184dce9b1bedc675d4a3640d43ddf0
SHA1: 81a03f76019c67362299c40e0ba13405f5467bff
SHA256:b9d4fe4d71938df38839f0eca42aaaa64cf8b313d678da036f0cb3ca199b47f5
Referenced In Project/Scope: Simplicite Platform:compile
asm-9.2.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.apache.tika/tika-parsers@1.27

Identifiers

astral-regex:2.0.0

Description:

Regular expression for matching astral symbols

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?slice-ansi:4.0.0/astral-regex:^2.0.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/slice-ansi:4.0.0
  • simplicite-js:5.2.54

Identifiers

auto-value-annotations-1.8.2.jar

Description:

    Immutable value-type code generation for Java 1.6+.

File Path: /var/simplicite/.m2/repository/com/google/auto/value/auto-value-annotations/1.8.2/auto-value-annotations-1.8.2.jar
MD5: 9b5f83eed1eaf5c5ae972d7024542d03
SHA1: 546ae662e646e47a544ef68ebb43987a3146b692
SHA256:392a848fc611fff5fd317c2453a9a1bf7775e4f4de9c5af0d688bff57f691f6e
Referenced In Project/Scope: Simplicite Platform:compile
auto-value-annotations-1.8.2.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.google.cloud/google-cloud-storage@2.1.4

Identifiers

autolink-0.10.0.jar

Description:

        Java library to extract links (URLs, email addresses) from plain text;
        fast, small and smart about recognizing where links end

License:

MIT License: http://www.opensource.org/licenses/mit-license.php
File Path: /var/simplicite/.m2/repository/org/nibor/autolink/autolink/0.10.0/autolink-0.10.0.jar
MD5: be771f6d4d82b9098596afa30b4f48ea
SHA1: 6579ea7079be461e5ffa99f33222a632711cc671
SHA256:302b30160968415ee6cd1907987138c7575a6315f9b6ef13b9fe3abc87367857
Referenced In Project/Scope: Simplicite Platform:compile
autolink-0.10.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.commonmark/commonmark-ext-autolink@0.18.0

Identifiers

available-typed-arrays:1.0.5

Description:

Returns an array of Typed Array names that are available in the current environment

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?which-typed-array:1.1.9/available-typed-arrays:^1.0.5

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/es-abstract:1.21.2
  • simplicite-js:5.2.54/is-typed-array:1.1.10
  • simplicite-js:5.2.54/which-typed-array:1.1.9
  • simplicite-js:5.2.54

Identifiers

avalon-framework-impl-4.2.0.jar

File Path: /var/simplicite/.m2/repository/avalon-framework/avalon-framework-impl/4.2.0/avalon-framework-impl-4.2.0.jar
MD5: 5c1f8f5c8c6c043538fc4ea038c2aaf6
SHA1: 4da1db18947eb6950abb7ad79253011b9aec0e48
SHA256:ed42c573cab460ca634b5c64a3b40ed1d67d6ee47fe25f87947370bede6af814
Referenced In Project/Scope: Simplicite Platform:compile
avalon-framework-impl-4.2.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/net.sf.barcode4j/barcode4j@2.1

Identifiers

aws-s3-2.4.0.jar

Description:

Simple Storage Service (S3) implementation targeted to Amazon Web Services

File Path: /var/simplicite/.m2/repository/org/apache/jclouds/provider/aws-s3/2.4.0/aws-s3-2.4.0.jar
MD5: d2f0ffe2fdcebe6d992a4eff274a4b5f
SHA1: fc244f207a95f30508c422c5e74566495e3770fb
SHA256:6fc2a7bc0cd8cbbccb7197a6aeaed6e3a6ee603bbfbe983b8ecacaea70973ed7
Referenced In Project/Scope: Simplicite Platform:compile
aws-s3-2.4.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.simplicite/simplicite@5.2.54

Identifiers

azureblob-2.4.0.jar

Description:

jclouds components to access Azure Blob Service

File Path: /var/simplicite/.m2/repository/org/apache/jclouds/provider/azureblob/2.4.0/azureblob-2.4.0.jar
MD5: 29caba9ddf6d5112ad4afcdd1059c3ca
SHA1: 9e53b5e4417af041bedd16eaebcf3c0f87804dfc
SHA256:94c835b4321b02dd46c31054f8e4131efbb81c97abe15dee64397d7b02db03ca
Referenced In Project/Scope: Simplicite Platform:compile
azureblob-2.4.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.simplicite/simplicite@5.2.54

Identifiers

babel-plugin-polyfill-corejs2:0.4.8

Description:

A Babel plugin to inject imports to core-js@2 polyfills

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/babel-plugin-polyfill-corejs2:0.4.8

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/@babel/preset-env:7.23.9
  • simplicite-js:5.2.54

Identifiers

babel-plugin-polyfill-corejs3:0.9.0

Description:

A Babel plugin to inject imports to core-js@3 polyfills

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/babel-plugin-polyfill-corejs3:0.9.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/@babel/preset-env:7.23.9
  • simplicite-js:5.2.54

Identifiers

babel-plugin-polyfill-regenerator:0.5.5

Description:

A Babel plugin to inject imports to regenerator-runtime

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/babel-plugin-polyfill-regenerator:0.5.5

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/@babel/preset-env:7.23.9
  • simplicite-js:5.2.54

Identifiers

balanced-match:1.0.2

Description:

Match balanced character pairs, like "{" and "}"

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?brace-expansion:2.0.1/balanced-match:^1.0.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/brace-expansion:1.1.11
  • simplicite-js:5.2.54/brace-expansion:2.0.1
  • simplicite-js:5.2.54

Identifiers

balanced-match:2.0.0

Description:

Match balanced character pairs, like "{" and "}"

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/balanced-match:2.0.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/stylelint:14.16.1
  • simplicite-js:5.2.54

Identifiers

barcode4j-2.1.jar

Description:

Barcode4J is a flexible generator for barcodes written in Java.

License:

The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /var/simplicite/.m2/repository/net/sf/barcode4j/barcode4j/2.1/barcode4j-2.1.jar
MD5: 4fc30cdb7b1abaf1ce08f26b0666e351
SHA1: 4b38b2219c0d522fcea8238493f2ea3e238ef529
SHA256:eb7252cc41a1539bcd018348e9f60e0942872bdaa49c58051e656a6be94969fb
Referenced In Project/Scope: Simplicite Platform:compile
barcode4j-2.1.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.simplicite/simplicite@5.2.54

Identifiers

base64-js:1.5.1

Description:

Base64 encoding/decoding in pure JS

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?buffer:6.0.3/base64-js:^1.3.1

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/buffer:6.0.3
  • simplicite-js:5.2.54
  • simplicite-js:5.2.54/buffer:5.7.1

Identifiers

bcmail-jdk15on-1.70.jar

Description:

The Bouncy Castle Java S/MIME APIs for handling S/MIME protocols. This jar contains S/MIME APIs for JDK 1.5 and up. The APIs can be used in conjunction with a JCE/JCA provider such as the one provided with the Bouncy Castle Cryptography APIs. The JavaMail API and the Java activation framework will also be needed.

License:

Bouncy Castle Licence: https://www.bouncycastle.org/licence.html
File Path: /var/simplicite/.m2/repository/org/bouncycastle/bcmail-jdk15on/1.70/bcmail-jdk15on-1.70.jar
MD5: 8bb191ccc5fb9aacd10e6d90eb827133
SHA1: 08f4aafad90f6cc7f16b9992279828ae848c9e0d
SHA256:ff6cde372bcabca182e40c1cc5d9b1f9eb73370cad286ce362d3747aff15f230
Referenced In Project/Scope: Simplicite Platform:compile
bcmail-jdk15on-1.70.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.simplicite/simplicite@5.2.54

Identifiers

  • pkg:maven/org.bouncycastle/bcmail-jdk15on@1.70  (Confidence:High)
  • cpe:2.3:a:bouncycastle:bouncy_castle_for_java:1.70:*:*:*:*:*:*:*  (Confidence:Low)  
  • cpe:2.3:a:bouncycastle:legion-of-the-bouncy-castle:1.70:*:*:*:*:*:*:*  (Confidence:Low)  

CVE-2023-33202  

Bouncy Castle for Java before 1.73 contains a potential Denial of Service (DoS) issue within the Bouncy Castle org.bouncycastle.openssl.PEMParser class. This class parses OpenSSL PEM encoded streams containing X.509 certificates, PKCS8 encoded keys, and PKCS7 objects. Parsing a file that has crafted ASN.1 data through the PEMParser causes an OutOfMemoryError, which can enable a denial of service attack. (For users of the FIPS Java API: BC-FJA 1.0.2.3 and earlier are affected; BC-FJA 1.0.2.4 is fixed.)
CWE-400 Uncontrolled Resource Consumption

CVSSv3:
  • Base Score: MEDIUM (5.5)
  • Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

References:

Vulnerable Software & Versions:

bcpg-jdk15on-1.70.jar

Description:

The Bouncy Castle Java API for handling the OpenPGP protocol. This jar contains the OpenPGP API for JDK 1.5 and up. The APIs can be used in conjunction with a JCE/JCA provider such as the one provided with the Bouncy Castle Cryptography APIs.

License:

Bouncy Castle Licence: https://www.bouncycastle.org/licence.html
Apache Software License, Version 1.1: https://www.apache.org/licenses/LICENSE-1.1
File Path: /var/simplicite/.m2/repository/org/bouncycastle/bcpg-jdk15on/1.70/bcpg-jdk15on-1.70.jar
MD5: 01ddc3aa0289346f4db19d95039cefdb
SHA1: 062f72ec06f31a6c31a3f3355fce0384b21126d7
SHA256:4f08f4aa74048824151c98dd3e92e7165ac30659834404f08a8e843bdad32847
Referenced In Project/Scope: Simplicite Platform:compile
bcpg-jdk15on-1.70.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.simplicite/simplicite@5.2.54

Identifiers

  • pkg:maven/org.bouncycastle/bcpg-jdk15on@1.70  (Confidence:High)
  • cpe:2.3:a:bouncycastle:bouncy_castle_for_java:1.70:*:*:*:*:*:*:*  (Confidence:Low)  
  • cpe:2.3:a:bouncycastle:legion-of-the-bouncy-castle:1.70:*:*:*:*:*:*:*  (Confidence:Low)  

CVE-2023-33202  

Bouncy Castle for Java before 1.73 contains a potential Denial of Service (DoS) issue within the Bouncy Castle org.bouncycastle.openssl.PEMParser class. This class parses OpenSSL PEM encoded streams containing X.509 certificates, PKCS8 encoded keys, and PKCS7 objects. Parsing a file that has crafted ASN.1 data through the PEMParser causes an OutOfMemoryError, which can enable a denial of service attack. (For users of the FIPS Java API: BC-FJA 1.0.2.3 and earlier are affected; BC-FJA 1.0.2.4 is fixed.)
CWE-400 Uncontrolled Resource Consumption

CVSSv3:
  • Base Score: MEDIUM (5.5)
  • Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

References:

Vulnerable Software & Versions:

bcpkix-jdk15on-1.70.jar

Description:

The Bouncy Castle Java APIs for CMS, PKCS, EAC, TSP, CMP, CRMF, OCSP, and certificate generation. This jar contains APIs for JDK 1.5 and up. The APIs can be used in conjunction with a JCE/JCA provider such as the one provided with the Bouncy Castle Cryptography APIs.

License:

Bouncy Castle Licence: https://www.bouncycastle.org/licence.html
File Path: /var/simplicite/.m2/repository/org/bouncycastle/bcpkix-jdk15on/1.70/bcpkix-jdk15on-1.70.jar
MD5: 2c383f50d41937eae4fd32c35d8668cd
SHA1: f81e5af49571a9d5a109a88f239a73ce87055417
SHA256:e5b9cb821df57f70b0593358e89c0e8d7266515da9d088af6c646f63d433c07c
Referenced In Project/Scope: Simplicite Platform:compile
bcpkix-jdk15on-1.70.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.simplicite/simplicite@5.2.54

Identifiers

  • pkg:maven/org.bouncycastle/bcpkix-jdk15on@1.70  (Confidence:High)
  • cpe:2.3:a:bouncycastle:bouncy_castle_for_java:1.70:*:*:*:*:*:*:*  (Confidence:Low)  
  • cpe:2.3:a:bouncycastle:legion-of-the-bouncy-castle:1.70:*:*:*:*:*:*:*  (Confidence:Low)  

CVE-2023-33202  

Bouncy Castle for Java before 1.73 contains a potential Denial of Service (DoS) issue within the Bouncy Castle org.bouncycastle.openssl.PEMParser class. This class parses OpenSSL PEM encoded streams containing X.509 certificates, PKCS8 encoded keys, and PKCS7 objects. Parsing a file that has crafted ASN.1 data through the PEMParser causes an OutOfMemoryError, which can enable a denial of service attack. (For users of the FIPS Java API: BC-FJA 1.0.2.3 and earlier are affected; BC-FJA 1.0.2.4 is fixed.)
CWE-400 Uncontrolled Resource Consumption

CVSSv3:
  • Base Score: MEDIUM (5.5)
  • Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

References:

Vulnerable Software & Versions:

bcprov-ext-jdk15on-1.70.jar

Description:

The Bouncy Castle Crypto package is a Java implementation of cryptographic algorithms. This jar contains JCE provider and lightweight API for the Bouncy Castle Cryptography APIs for JDK 1.5 and up. Note: this package includes the NTRU encryption algorithms.

License:

Bouncy Castle Licence: https://www.bouncycastle.org/licence.html
File Path: /var/simplicite/.m2/repository/org/bouncycastle/bcprov-ext-jdk15on/1.70/bcprov-ext-jdk15on-1.70.jar
MD5: b94196703cf09438fb33c5d083c42f55
SHA1: 373d425c5ecb4edc9e3e2f7f7ff39bc8eff4abbf
SHA256:5d819f3b88597ec680c94151a0ba0a3afff0c0c1c999b5b065a67c998a3e3e1b
Referenced In Project/Scope: Simplicite Platform:compile
bcprov-ext-jdk15on-1.70.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.simplicite/simplicite@5.2.54

Identifiers

  • pkg:maven/org.bouncycastle/bcprov-ext-jdk15on@1.70  (Confidence:High)
  • cpe:2.3:a:bouncycastle:bouncy_castle_for_java:1.70:*:*:*:*:*:*:*  (Confidence:Low)  
  • cpe:2.3:a:bouncycastle:legion-of-the-bouncy-castle:1.70:*:*:*:*:*:*:*  (Confidence:Low)  

CVE-2023-33202  

Bouncy Castle for Java before 1.73 contains a potential Denial of Service (DoS) issue within the Bouncy Castle org.bouncycastle.openssl.PEMParser class. This class parses OpenSSL PEM encoded streams containing X.509 certificates, PKCS8 encoded keys, and PKCS7 objects. Parsing a file that has crafted ASN.1 data through the PEMParser causes an OutOfMemoryError, which can enable a denial of service attack. (For users of the FIPS Java API: BC-FJA 1.0.2.3 and earlier are affected; BC-FJA 1.0.2.4 is fixed.)
CWE-400 Uncontrolled Resource Consumption

CVSSv3:
  • Base Score: MEDIUM (5.5)
  • Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

References:

Vulnerable Software & Versions:

CVE-2023-33201 (OSSINDEX)  

Bouncy Castle For Java before 1.74 is affected by an LDAP injection vulnerability. The vulnerability only affects applications that use an LDAP CertStore from Bouncy Castle to validate X.509 certificates. During the certificate validation process, Bouncy Castle inserts the certificate's Subject Name into an LDAP search filter without any escaping, which leads to an LDAP injection vulnerability.
CWE-295 Improper Certificate Validation

CVSSv2:
  • Base Score: MEDIUM (5.3)
  • Vector: /AV:N/AC:L/Au:/C:L/I:N/A:N

References:

Vulnerable Software & Versions (OSSINDEX):

  • cpe:2.3:a:org.bouncycastle:bcprov-ext-jdk15on:1.70:*:*:*:*:*:*:*

bcprov-jdk15on-1.70.jar

Description:

The Bouncy Castle Crypto package is a Java implementation of cryptographic algorithms. This jar contains JCE provider and lightweight API for the Bouncy Castle Cryptography APIs for JDK 1.5 and up.

License:

Bouncy Castle Licence: https://www.bouncycastle.org/licence.html
File Path: /var/simplicite/.m2/repository/org/bouncycastle/bcprov-jdk15on/1.70/bcprov-jdk15on-1.70.jar
MD5: 1809d0449a6374279c01fdd3be26cd92
SHA1: 4636a0d01f74acaf28082fb62b317f1080118371
SHA256:8f3c20e3e2d565d26f33e8d4857a37d0d7f8ac39b62a7026496fcab1bdac30d4
Referenced In Project/Scope: Simplicite Platform:compile
bcprov-jdk15on-1.70.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.bouncycastle/bcpkix-jdk15on@1.70

Identifiers

  • pkg:maven/org.bouncycastle/bcprov-jdk15on@1.70  (Confidence:High)
  • cpe:2.3:a:bouncycastle:bouncy-castle-crypto-package:1.70:*:*:*:*:*:*:*  (Confidence:Low)  
  • cpe:2.3:a:bouncycastle:bouncy_castle_crypto_package:1.70:*:*:*:*:*:*:*  (Confidence:Low)  
  • cpe:2.3:a:bouncycastle:bouncy_castle_for_java:1.70:*:*:*:*:*:*:*  (Confidence:Low)  
  • cpe:2.3:a:bouncycastle:legion-of-the-bouncy-castle:1.70:*:*:*:*:*:*:*  (Confidence:Low)  
  • cpe:2.3:a:bouncycastle:legion-of-the-bouncy-castle-java-crytography-api:1.70:*:*:*:*:*:*:*  (Confidence:Low)  
  • cpe:2.3:a:bouncycastle:the_bouncy_castle_crypto_package_for_java:1.70:*:*:*:*:*:*:*  (Confidence:Low)  

CVE-2023-33202  

Bouncy Castle for Java before 1.73 contains a potential Denial of Service (DoS) issue within the Bouncy Castle org.bouncycastle.openssl.PEMParser class. This class parses OpenSSL PEM encoded streams containing X.509 certificates, PKCS8 encoded keys, and PKCS7 objects. Parsing a file that has crafted ASN.1 data through the PEMParser causes an OutOfMemoryError, which can enable a denial of service attack. (For users of the FIPS Java API: BC-FJA 1.0.2.3 and earlier are affected; BC-FJA 1.0.2.4 is fixed.)
CWE-400 Uncontrolled Resource Consumption

CVSSv3:
  • Base Score: MEDIUM (5.5)
  • Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

References:

Vulnerable Software & Versions:

CVE-2023-33201 (OSSINDEX)  

Bouncy Castle For Java before 1.74 is affected by an LDAP injection vulnerability. The vulnerability only affects applications that use an LDAP CertStore from Bouncy Castle to validate X.509 certificates. During the certificate validation process, Bouncy Castle inserts the certificate's Subject Name into an LDAP search filter without any escaping, which leads to an LDAP injection vulnerability.
CWE-295 Improper Certificate Validation

CVSSv2:
  • Base Score: MEDIUM (5.3)
  • Vector: /AV:N/AC:L/Au:/C:L/I:N/A:N

References:

Vulnerable Software & Versions (OSSINDEX):

  • cpe:2.3:a:org.bouncycastle:bcprov-jdk15on:1.70:*:*:*:*:*:*:*

bcutil-jdk15on-1.70.jar

Description:

The Bouncy Castle Java APIs for ASN.1 extension and utility APIs used to support bcpkix and bctls. This jar contains APIs for JDK 1.5 and up.

License:

Bouncy Castle Licence: https://www.bouncycastle.org/licence.html
File Path: /var/simplicite/.m2/repository/org/bouncycastle/bcutil-jdk15on/1.70/bcutil-jdk15on-1.70.jar
MD5: 805173dfb0891331dbe69d0e53371af4
SHA1: 54280e7195a7430d7911ded93fc01e07300b9526
SHA256:52dc5551b0257666526c5095424567fed7dc7b00d2b1ba7bd52298411112b1d0
Referenced In Project/Scope: Simplicite Platform:compile
bcutil-jdk15on-1.70.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.simplicite/simplicite@5.2.54

Identifiers

  • pkg:maven/org.bouncycastle/bcutil-jdk15on@1.70  (Confidence:High)
  • cpe:2.3:a:bouncycastle:bouncy_castle_for_java:1.70:*:*:*:*:*:*:*  (Confidence:Low)  
  • cpe:2.3:a:bouncycastle:legion-of-the-bouncy-castle:1.70:*:*:*:*:*:*:*  (Confidence:Low)  

CVE-2023-33202  

Bouncy Castle for Java before 1.73 contains a potential Denial of Service (DoS) issue within the Bouncy Castle org.bouncycastle.openssl.PEMParser class. This class parses OpenSSL PEM encoded streams containing X.509 certificates, PKCS8 encoded keys, and PKCS7 objects. Parsing a file that has crafted ASN.1 data through the PEMParser causes an OutOfMemoryError, which can enable a denial of service attack. (For users of the FIPS Java API: BC-FJA 1.0.2.3 and earlier are affected; BC-FJA 1.0.2.4 is fixed.)
CWE-400 Uncontrolled Resource Consumption

CVSSv3:
  • Base Score: MEDIUM (5.5)
  • Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

References:

Vulnerable Software & Versions:

binary-extensions:2.2.0

Description:

List of binary file extensions

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?is-binary-path:2.1.0/binary-extensions:^2.0.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/is-binary-path:2.1.0
  • simplicite-js:5.2.54

Identifiers

bl:4.1.0

Description:

Buffer List: collect buffers and access with a standard readable Buffer interface, streamable too!

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?ora:5.4.1/bl:^4.1.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/ora:5.4.1
  • simplicite-js:5.2.54

Identifiers

bluebird:3.7.2

Description:

Full featured Promises/A+ implementation with exceptionally good performance

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?jsdoc:4.0.2/bluebird:^3.7.2

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/jsdoc:4.0.2
  • simplicite-js:5.2.54

Identifiers

boilerpipe-1.1.0.jar

Description:

The boilerpipe library provides algorithms to detect and remove the surplus "clutter" (boilerplate, templates) around the main textual content of a web page.

The library already provides specific strategies for common tasks (for example: news article extraction) and may also be easily extended for individual problem settings.

Extracting content is very fast (milliseconds), just needs the input document (no global or site-level information required) and is usually quite accurate.

Boilerpipe is a Java library written by Christian Kohlschütter. It is released under the Apache License 2.0.

The algorithms used by the library are based on (and extending) some concepts of the paper "Boilerplate Detection using Shallow Text Features" by Christian Kohlschütter et al., presented at WSDM 2010 -- The Third ACM International Conference on Web Search and Data Mining New York City, NY USA.

License:

Apache License 2.0
File Path: /var/simplicite/.m2/repository/de/l3s/boilerpipe/boilerpipe/1.1.0/boilerpipe-1.1.0.jar
MD5: 0616568083786d0f49e2cb07a5d09fe4
SHA1: f62cb75ed52455a9e68d1d05b84c500673340eb2
SHA256:088203df4326c4dcc42cec1253a2b41e03dc8904984eae744543b48e2cc63846
Referenced In Project/Scope: Simplicite Platform:compile
boilerpipe-1.1.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.apache.tika/tika-parsers@1.27

Identifiers

bootbox:5.5.2

Description:

Wrappers for JavaScript alert(), confirm(), prompt(), and other flexible dialogs using the Bootstrap framework

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/bootbox:5.5.2

Referenced In Project/Scope: simplicite-js:5.2.54

Identifiers

CVE-2023-46998 (OSSINDEX)  

Cross Site Scripting vulnerability in BootBox Bootbox.js v.3.2 through 6.0 allows a remote attacker to execute arbitrary code via a crafted payload to alert(), confirm(), prompt() functions.
CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

CVSSv2:
  • Base Score: MEDIUM (6.1)
  • Vector: /AV:N/AC:L/Au:/C:L/I:L/A:N

References:

Vulnerable Software & Versions (OSSINDEX):

  • cpe:2.3:a:*:bootbox:5.5.2:*:*:*:*:*:*:*

GHSA-m4ch-4m5f-2gp6 (NPM)  

Cross Site Scripting vulnerability in BootBox Bootbox.js v.3.2 through 6.0 allows a remote attacker to execute arbitrary code via a crafted payload to alert(), confirm(), prompt() functions.
CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

CVSSv3:
  • Base Score: MEDIUM (6.1)
  • Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Unscored:
  • Severity: moderate

References:

Vulnerable Software & Versions (NPM):

  • cpe:2.3:a:*:bootbox:\>\=3.2.0\<\=6.0.0:*:*:*:*:*:*:*

GHSA-87mg-h5r3-hw88 (NPM)  

All version of `bootbox` are vulnerable to Cross-Site Scripting. The package does not sanitize user input in the provided dialog boxes, allowing attackers to inject HTML code and execute arbitrary JavaScript.


## Recommendation

Sanitize user input being passed to `bootbox` or consider using an alternative package.
CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting'), CWE-64 Windows Shortcut Following (.LNK)

Unscored:
  • Severity: moderate

References:

Vulnerable Software & Versions (NPM):

  • cpe:2.3:a:*:bootbox:\<\=5.5.2:*:*:*:*:*:*:*

bootstrap-datetimepicker:0.0.7

File Path: /var/simplicite/simplicite-5.2/package-lock.json?simplicite-bootstrap-datetimepicker:1.0.6/bootstrap-datetimepicker:0.0.7

Referenced In Projects/Scopes:

  • simplicite-js:5.2.54
  • simplicite-js:5.2.54/simplicite-bootstrap-datetimepicker:1.0.6

Identifiers

bootstrap:4.6.0

Description:

The most popular front-end framework for developing responsive, mobile first projects on the web.

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/bootstrap:4.6.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/bootbox:5.5.2
  • simplicite-js:5.2.54

Identifiers

boxen:4.2.0

Description:

Create boxes in the terminal

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?update-notifier:4.1.3/boxen:^4.2.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/update-notifier:6.0.2
  • simplicite-js:5.2.54/update-notifier:4.1.3
  • simplicite-js:5.2.54/update-notifier:5.1.0
  • simplicite-js:5.2.54

Identifiers

brace-expansion:1.1.11

Description:

Brace expansion as known from sh/bash

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?minimatch:3.1.2/brace-expansion:^1.1.7

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/minimatch:3.0.8
  • simplicite-js:5.2.54/minimatch:9.0.3
  • simplicite-js:5.2.54
  • simplicite-js:5.2.54/minimatch:3.1.2

Identifiers

braces:3.0.2

Description:

Bash-like brace expansion, implemented in JavaScript. Safer than other brace expansion libs, with complete support for the Bash 4.3 braces specification, without sacrificing speed.

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?micromatch:4.0.5/braces:^3.0.2

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/chokidar:3.5.3
  • simplicite-js:5.2.54
  • simplicite-js:5.2.54/micromatch:4.0.5

Identifiers

browserslist:4.22.3

Description:

Share target browsers between different front-end tools, like Autoprefixer, Stylelint and babel-env-preset

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?core-js-compat:3.35.1/browserslist:^4.22.2

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/@babel/helper-compilation-targets:7.23.6
  • simplicite-js:5.2.54/core-js-compat:3.35.1
  • simplicite-js:5.2.54

Identifiers

bson-3.12.12.jar

Description:

The BSON library

License:

The Apache License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /var/simplicite/.m2/repository/org/mongodb/bson/3.12.12/bson-3.12.12.jar
MD5: e942910fb1444c0841a7e269b53c05af
SHA1: 1696b031f013389d1754379a064c73a893ba8453
SHA256:f926aae0055c051ccca6d17c0e0da36f17d49984a65c133687892a63a89cbfd4
Referenced In Project/Scope: Simplicite Platform:compile
bson-3.12.12.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.mongodb/mongodb-driver@3.12.12

Identifiers

buffer-from:1.1.2

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?source-map-support:0.5.21/buffer-from:^1.0.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/source-map-support:0.5.21
  • simplicite-js:5.2.54

Identifiers

buffer:5.7.1

Description:

Node.js Buffer API, for the browser

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/buffer:5.7.1

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/bl:4.1.0
  • simplicite-js:5.2.54

Identifiers

buffer:6.0.3

Description:

Node.js Buffer API, for the browser

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/buffer:6.0.3

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/simplicite:3.0.1
  • simplicite-js:5.2.54

Identifiers

builtin-modules:3.3.0

Description:

List of the Node.js builtin modules

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?is-builtin-module:3.2.1/builtin-modules:^3.3.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/is-builtin-module:3.2.1
  • simplicite-js:5.2.54

Identifiers

builtins:5.0.1

Description:

List of node.js builtin modules

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?validate-npm-package-name:5.0.0/builtins:^5.0.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/validate-npm-package-name:5.0.0
  • simplicite-js:5.2.54

Identifiers

byte-buddy-1.12.9.jar (shaded: net.bytebuddy:byte-buddy-dep:1.12.9)

Description:

        Byte Buddy is a Java library for creating Java classes at run time.
        This artifact is a build of Byte Buddy with a remaining dependency onto ASM.
        You should never depend on this module without repackaging Byte Buddy and ASM into your own namespace.

File Path: /var/simplicite/.m2/repository/net/bytebuddy/byte-buddy/1.12.9/byte-buddy-1.12.9.jar/META-INF/maven/net.bytebuddy/byte-buddy-dep/pom.xml
MD5: f252b6a3ad73a2fe8b82d4e5e252b6e7
SHA1: bd386dc86918b6f7769ad855aa2636b40b639c76
SHA256:71c523053fd9cd841080a5bc89a4740b49f5dedd648e8de0ab064456e3113c14
Referenced In Project/Scope: Simplicite Platform:compile

Identifiers

byte-buddy-1.12.9.jar

Description:

        Byte Buddy is a Java library for creating Java classes at run time.
        This artifact is a build of Byte Buddy with all ASM dependencies repackaged into its own name space.

License:

https://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /var/simplicite/.m2/repository/net/bytebuddy/byte-buddy/1.12.9/byte-buddy-1.12.9.jar
MD5: a120a37aba17a10766b9bc869f90fd2b
SHA1: 424ded9ef3496b0d997ce066f2166a4f7ec7b07a
SHA256:e305b6b5bdf8602bc5012efaa50c96b0fb922a3c60308ee1af85605b74d82710
Referenced In Project/Scope: Simplicite Platform:compile
byte-buddy-1.12.9.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.mockito/mockito-core@4.5.1

Identifiers

byte-buddy-agent-1.12.9.jar

Description:

The Byte Buddy agent offers convenience for attaching an agent to the local or a remote VM.

License:

https://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /var/simplicite/.m2/repository/net/bytebuddy/byte-buddy-agent/1.12.9/byte-buddy-agent-1.12.9.jar
MD5: cb4881cad7e1625aad4a59e333847a2a
SHA1: f58bf71d15e827fa47e9b37e63156b333e3389d3
SHA256:5d62779f66436ef2130b470b7ecb6463c552fd411be757267034798a130bf5ed
Referenced In Project/Scope: Simplicite Platform:compile
byte-buddy-agent-1.12.9.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.mockito/mockito-core@4.5.1

Identifiers

byte-buddy-agent-1.12.9.jar: attach_hotspot_windows.dll

File Path: /var/simplicite/.m2/repository/net/bytebuddy/byte-buddy-agent/1.12.9/byte-buddy-agent-1.12.9.jar/win32-x86-64/attach_hotspot_windows.dll
MD5: 053a783e5777c6a9867c27d51af89677
SHA1: 5ef4d98ae6a033a5707d0b5466e6138beb337e76
SHA256:16d424423f9b09accf132ad35dbeaa52ac9f6bd45bba1406b89df851f651db20
Referenced In Project/Scope: Simplicite Platform:compile

Identifiers

  • None

byte-buddy-agent-1.12.9.jar: attach_hotspot_windows.dll

File Path: /var/simplicite/.m2/repository/net/bytebuddy/byte-buddy-agent/1.12.9/byte-buddy-agent-1.12.9.jar/win32-x86/attach_hotspot_windows.dll
MD5: fbca33102ac97be0ed496c0f78e466b3
SHA1: c4df05146a86a6d073769bb697d550ef42518ed5
SHA256:810f94c4a2f5ca1a072c19859f7954fed9aa3a1dcb0d601e92d2338793202e72
Referenced In Project/Scope: Simplicite Platform:compile

Identifiers

  • None

bzip2-0.9.1.jar

Description:

jbzip2 is a Java bzip2 compression/decompression library. It can be used as a replacement for the Apache CBZip2InputStream / CBZip2OutputStream classes.

License:

MIT License (MIT): http://opensource.org/licenses/mit-license.php
File Path: /var/simplicite/.m2/repository/org/itadaki/bzip2/0.9.1/bzip2-0.9.1.jar
MD5: ddd5eb3a035655cbbb536e9b86907a00
SHA1: 47ca95f71e3ccae756c4a24354d48069c58f475c
SHA256:865a7a13dd33ef0388f675993adaf4c6f95632ba80d609d42e9d42e6343aae77
Referenced In Project/Scope: Simplicite Platform:compile
bzip2-0.9.1.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.apache.tika/tika-parsers@1.27

Identifiers

c3p0-0.9.5.5.jar

Description:

a JDBC Connection pooling / Statement caching library

License:

GNU Lesser General Public License, Version 2.1: http://www.gnu.org/licenses/lgpl-2.1.html
Eclipse Public License, Version 1.0: http://www.eclipse.org/org/documents/epl-v10.php
File Path: /var/simplicite/.m2/repository/com/mchange/c3p0/0.9.5.5/c3p0-0.9.5.5.jar
MD5: 9fc982b4b179e44cec986ea86fe1bff7
SHA1: 37dfc3021e5589d65ff2ae0becf811510b87ab01
SHA256:96cec5ddfe2f08b8407125d8228eb0392121e1bf2239ca621bb19228b67f741a
Referenced In Project/Scope: Simplicite Platform:compile
c3p0-0.9.5.5.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.simplicite/simplicite@5.2.54

Identifiers

cacache:17.1.3

Description:

Fast, fault-tolerant, cross-platform, disk-based, data-agnostic, content-addressable cache.

License:

ISC
File Path: /var/simplicite/simplicite-5.2/package-lock.json?pacote:15.2.0/cacache:^17.0.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/make-fetch-happen:11.1.1
  • simplicite-js:5.2.54/pacote:15.2.0
  • simplicite-js:5.2.54

Identifiers

cacheable-lookup:7.0.0

Description:

A cacheable dns.lookup(…) that respects TTL

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?got:13.0.0/cacheable-lookup:^7.0.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/got:12.6.1
  • simplicite-js:5.2.54
  • simplicite-js:5.2.54/got:13.0.0

Identifiers

cacheable-request:10.2.12

Description:

Wrap native HTTP requests with RFC compliant cache support

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?got:13.0.0/cacheable-request:^10.2.8

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/got:12.6.1
  • simplicite-js:5.2.54/got:9.6.0
  • simplicite-js:5.2.54
  • simplicite-js:5.2.54/got:13.0.0

Identifiers

caffeine-3.0.6.jar

Description:

A high performance caching library

License:

Apache License, Version 2.0: https://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /var/simplicite/.m2/repository/com/github/ben-manes/caffeine/caffeine/3.0.6/caffeine-3.0.6.jar
MD5: b3db829baf2b527a737abf24aabfd27f
SHA1: e261a64f8f828eeadae139d8d0ff2a9b1224f4ef
SHA256:0b1aabc3ba98c95d4f0a5376b006c4126a1a09e153826b9294c9c64c68ef7bcd
Referenced In Project/Scope: Simplicite Platform:compile
caffeine-3.0.6.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.simplicite/simplicite@5.2.54

Identifiers

call-bind:1.0.2

Description:

Robustly `.call.bind()` a function

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?which-typed-array:1.1.9/call-bind:^1.0.2

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/function.prototype.name:1.1.5
  • simplicite-js:5.2.54/is-weakref:1.0.2
  • simplicite-js:5.2.54/safe-array-concat:1.0.0
  • simplicite-js:5.2.54/is-typed-array:1.1.10
  • simplicite-js:5.2.54/get-symbol-description:1.0.0
  • simplicite-js:5.2.54/object.getownpropertydescriptors:2.1.6
  • simplicite-js:5.2.54/safe-regex-test:1.0.0
  • simplicite-js:5.2.54/is-regex:1.1.4
  • simplicite-js:5.2.54/es-abstract:1.21.2
  • simplicite-js:5.2.54/side-channel:1.0.4
  • simplicite-js:5.2.54/string.prototype.trimend:1.0.6
  • simplicite-js:5.2.54/array.prototype.reduce:1.0.5
  • simplicite-js:5.2.54/regexp.prototype.flags:1.5.0
  • simplicite-js:5.2.54
  • simplicite-js:5.2.54/string.prototype.trimstart:1.0.6
  • simplicite-js:5.2.54/object.assign:4.1.4
  • simplicite-js:5.2.54/array-buffer-byte-length:1.0.0
  • simplicite-js:5.2.54/unbox-primitive:1.0.2
  • simplicite-js:5.2.54/is-array-buffer:3.0.2
  • simplicite-js:5.2.54/typed-array-length:1.0.4
  • simplicite-js:5.2.54/which-typed-array:1.1.9
  • simplicite-js:5.2.54/is-boolean-object:1.1.2
  • simplicite-js:5.2.54/string.prototype.trim:1.2.7
  • simplicite-js:5.2.54/is-shared-array-buffer:1.0.2

Identifiers

callsite-record:4.1.5

Description:

Create fancy log entries for errors and function call sites.

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?npm-check:6.0.1/callsite-record:^4.1.3

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/npm-check:6.0.1
  • simplicite-js:5.2.54

Identifiers

callsite:1.0.0

Description:

access to v8's CallSites

File Path: /var/simplicite/simplicite-5.2/package-lock.json?callsite-record:4.1.5/callsite:^1.0.0

Referenced In Projects/Scopes:

  • simplicite-js:5.2.54/callsite-record:4.1.5
  • simplicite-js:5.2.54

Identifiers

callsites:3.1.0

Description:

Get callsites from the V8 stack trace API

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?parent-module:1.0.1/callsites:^3.0.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/parent-module:1.0.1
  • simplicite-js:5.2.54

Identifiers

camelcase-keys:6.2.2

Description:

Convert object keys to camel case

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?meow:9.0.0/camelcase-keys:^6.2.2

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/meow:9.0.0
  • simplicite-js:5.2.54

Identifiers

camelcase:5.3.1

Description:

Convert a dash/dot/underscore/space separated string to camelCase or PascalCase: `foo-bar` → `fooBar`

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/camelcase:5.3.1

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/camelcase-keys:6.2.2
  • simplicite-js:5.2.54/boxen:4.2.0
  • simplicite-js:5.2.54

Identifiers

camelcase:6.3.0

Description:

Convert a dash/dot/underscore/space separated string to camelCase or PascalCase: `foo-bar` → `fooBar`

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?boxen:5.1.2/camelcase:^6.2.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/boxen:5.1.2
  • simplicite-js:5.2.54/boxen:7.1.0
  • simplicite-js:5.2.54
  • simplicite-js:5.2.54/depcheck:1.4.3

Identifiers

camelcase:7.0.1

Description:

Convert a dash/dot/underscore/space separated string to camelCase or PascalCase: `foo-bar` → `fooBar`

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/camelcase:7.0.1

Referenced In Project/Scope: simplicite-js:5.2.54

Identifiers

caniuse-lite:1.0.30001584

Description:

A smaller version of caniuse-db, with only the essentials!

License:

CC-BY-4.0
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/caniuse-lite:1.0.30001584

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/browserslist:4.22.3
  • simplicite-js:5.2.54

Identifiers

catharsis:0.9.0

Description:

A JavaScript parser for Google Closure Compiler and JSDoc type expressions.

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?jsdoc:4.0.2/catharsis:^0.9.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/jsdoc:4.0.2
  • simplicite-js:5.2.54

Identifiers

cdm-4.5.5.jar

Description:

    The NetCDF-Java Library is a Java interface to NetCDF files,
    as well as to many other types of scientific data formats.

File Path: /var/simplicite/.m2/repository/edu/ucar/cdm/4.5.5/cdm-4.5.5.jar
MD5: 7770c86aabbd0ec5e12ed1f0600d5492
SHA1: af1748a3d024069cb7fd3fc2591efe806c914589
SHA256:74ea183cda0f7aa06fae2f3cfa8c3c6c64d013ce8cb87bde4a06de6676eacfdb
Referenced In Project/Scope: Simplicite Platform:compile
cdm-4.5.5.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.apache.tika/tika-parsers@1.27

Identifiers

chalk:2.4.2

Description:

Terminal string styling done right

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?highlight-es:1.0.3/chalk:^2.4.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/npm-audit-html:1.5.0
  • simplicite-js:5.2.54/npm-check:6.0.1
  • simplicite-js:5.2.54/update-notifier:5.1.0
  • simplicite-js:5.2.54/callsite-record:4.1.5
  • simplicite-js:5.2.54/npm-check-updates:16.14.14
  • simplicite-js:5.2.54
  • simplicite-js:5.2.54/log-symbols:4.1.0
  • simplicite-js:5.2.54/update-notifier:6.0.2
  • simplicite-js:5.2.54/eslint:8.56.0
  • simplicite-js:5.2.54/inquirer:7.3.3
  • simplicite-js:5.2.54/boxen:5.1.2
  • simplicite-js:5.2.54/@babel/highlight:7.23.4
  • simplicite-js:5.2.54/boxen:7.1.0
  • simplicite-js:5.2.54/highlight-es:1.0.3
  • simplicite-js:5.2.54/@babel/code-frame:7.23.5

Identifiers

chalk:3.0.0

Description:

Terminal string styling done right

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/chalk:3.0.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/update-notifier:4.1.3
  • simplicite-js:5.2.54/boxen:4.2.0
  • simplicite-js:5.2.54

Identifiers

chalk:4.1.2

Description:

Terminal string styling done right

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/chalk:4.1.2

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/ora:5.4.1
  • simplicite-js:5.2.54

Identifiers

chardet:0.7.0

Description:

Character detector

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?external-editor:3.1.0/chardet:^0.7.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54
  • simplicite-js:5.2.54/external-editor:3.1.0

Identifiers

chart.js:2.9.4

Description:

Simple HTML5 charts using the canvas element.

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/chart.js:2.9.4

Referenced In Project/Scope: simplicite-js:5.2.54

Identifiers

chartjs-color-string:0.6.0

Description:

Parser and generator for CSS color strings

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/chartjs-color-string:0.6.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/chartjs-color:2.4.1
  • simplicite-js:5.2.54

Identifiers

chartjs-color:2.4.1

Description:

Color conversion and manipulation with CSS string support

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/chartjs-color:2.4.1

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/chart.js:2.9.4
  • simplicite-js:5.2.54

Identifiers

checker-compat-qual-2.5.5.jar

Description:

        Checker Qual is the set of annotations (qualifiers) and supporting classes
        used by the Checker Framework to type check Java source code.  Please
        see artifact:
        org.checkerframework:checker

License:

GNU General Public License, version 2 (GPL2), with the classpath exception: http://www.gnu.org/software/classpath/license.html
The MIT License: http://opensource.org/licenses/MIT
File Path: /var/simplicite/.m2/repository/org/checkerframework/checker-compat-qual/2.5.5/checker-compat-qual-2.5.5.jar
MD5: b7a5c96547fb3fb6869f5f76bcd19b15
SHA1: 435dc33e3019c9f019e15f01aa111de9d6b2b79c
SHA256:11d134b245e9cacc474514d2d66b5b8618f8039a1465cdc55bbc0b34e0008b7a
Referenced In Project/Scope: Simplicite Platform:compile
checker-compat-qual-2.5.5.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.google.firebase/firebase-admin@8.0.1

Identifiers

checker-qual-3.18.0.jar

Description:

checker-qual contains annotations (type qualifiers) that a programmer
writes to specify Java code for type-checking by the Checker Framework.

License:

The MIT License: http://opensource.org/licenses/MIT
File Path: /var/simplicite/.m2/repository/org/checkerframework/checker-qual/3.18.0/checker-qual-3.18.0.jar
MD5: abc64881dec789241c89d9e1738fde98
SHA1: 7d1ffd35973fa4c94c3aebf187a26cf0b4350281
SHA256:99d4491b3a8b810641eb2fd7d96b2869e8ca8c05b5ae2cf4bc030f65bb12c3a1
Referenced In Project/Scope: Simplicite Platform:compile
checker-qual-3.18.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.simplicite/simplicite@5.2.54

Identifiers

chokidar:3.5.3

Description:

Minimal and efficient cross-platform file watching library

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?sass:1.63.6/chokidar:>=3.0.0 <4.0.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54
  • simplicite-js:5.2.54/sass:1.63.6

Identifiers

chownr:2.0.0

Description:

like `chown -R`

License:

ISC
File Path: /var/simplicite/simplicite-5.2/package-lock.json?tar:6.1.15/chownr:^2.0.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/tar:6.1.15
  • simplicite-js:5.2.54

Identifiers

ci-info:2.0.0

Description:

Get details about the current Continuous Integration environment

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?is-ci:2.0.0/ci-info:^2.0.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/is-ci:2.0.0
  • simplicite-js:5.2.54
  • simplicite-js:5.2.54/is-ci:3.0.1

Identifiers

clean-stack:2.2.0

Description:

Clean up error stack traces

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/clean-stack:2.2.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/aggregate-error:3.1.0
  • simplicite-js:5.2.54

Identifiers

cli-boxes:2.2.1

Description:

Boxes for use in the terminal

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?boxen:5.1.2/cli-boxes:^2.2.1

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/boxen:5.1.2
  • simplicite-js:5.2.54/boxen:4.2.0
  • simplicite-js:5.2.54/boxen:7.1.0
  • simplicite-js:5.2.54

Identifiers

cli-boxes:3.0.0

Description:

Boxes for use in the terminal

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/cli-boxes:3.0.0

Referenced In Project/Scope: simplicite-js:5.2.54

Identifiers

cli-cursor:3.1.0

Description:

Toggle the CLI cursor

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?ora:5.4.1/cli-cursor:^3.1.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/inquirer:7.3.3
  • simplicite-js:5.2.54/ora:5.4.1
  • simplicite-js:5.2.54

Identifiers

cli-spinners:2.9.0

Description:

Spinners for use in the terminal

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?ora:5.4.1/cli-spinners:^2.5.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/ora:5.4.1
  • simplicite-js:5.2.54

Identifiers

cli-table3:0.6.3

Description:

Pretty unicode tables for the command line. Based on the original cli-table.

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?npm-check-updates:16.14.14/cli-table3:^0.6.3

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/npm-check-updates:16.14.14
  • simplicite-js:5.2.54

Identifiers

cli-width:3.0.0

Description:

Get stdout window width, with two fallbacks, tty and then a default.

License:

ISC
File Path: /var/simplicite/simplicite-5.2/package-lock.json?inquirer:7.3.3/cli-width:^3.0.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/inquirer:7.3.3
  • simplicite-js:5.2.54

Identifiers

cli:1.0.1

Description:

A tool for rapidly building command line apps

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?jshint:2.13.1/cli:~1.0.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/jshint:2.13.1
  • simplicite-js:5.2.54

Identifiers

cliui:7.0.4

Description:

easily create complex multi-column command-line-interfaces

License:

ISC
File Path: /var/simplicite/simplicite-5.2/package-lock.json?yargs:16.2.0/cliui:^7.0.2

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/yargs:16.2.0
  • simplicite-js:5.2.54

Identifiers

clone-deep:4.0.1

Description:

Recursively (deep) clone JavaScript native types, like Object, Array, RegExp, Date as well as primitives.

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/clone-deep:4.0.1

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54
  • simplicite-js:5.2.54/@babel/register:7.23.7

Identifiers

clone-response:1.0.3

Description:

Clone a Node.js HTTP response stream

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?cacheable-request:6.1.0/clone-response:^1.0.2

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/cacheable-request:6.1.0
  • simplicite-js:5.2.54

Identifiers

clone:1.0.4

Description:

deep cloning of objects and arrays

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?defaults:1.0.4/clone:^1.0.2

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/defaults:1.0.4
  • simplicite-js:5.2.54

Identifiers

co:4.6.0

Description:

generator async control flow goodness

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?npm-check:6.0.1/co:^4.6.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/npm-check:6.0.1
  • simplicite-js:5.2.54

Identifiers

codemodel-2.3.4.jar

Description:

The core functionality of the CodeModel java source code generation library

License:

http://www.eclipse.org/org/documents/edl-v10.php
File Path: /var/simplicite/.m2/repository/org/glassfish/jaxb/codemodel/2.3.4/codemodel-2.3.4.jar
MD5: c1d9b683da4372476e0a24a5145f1376
SHA1: 8ab752f833454bbd9bc736749cbc939427dd9ef9
SHA256:de6863199942948ea1cdf0c9740539a7ada7e87a70049fb7d00798c0a2e4210e
Referenced In Project/Scope: Simplicite Platform:compile
codemodel-2.3.4.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.glassfish.jaxb/jaxb-xjc@2.3.4

Identifiers

color-convert:1.9.3

Description:

Plain color conversion functions

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/color-convert:1.9.3

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/ansi-styles:3.2.1
  • simplicite-js:5.2.54/ansi-styles:4.3.0
  • simplicite-js:5.2.54/chartjs-color:2.4.1
  • simplicite-js:5.2.54

Identifiers

color-convert:2.0.1

Description:

Plain color conversion functions

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/color-convert:2.0.1

Referenced In Project/Scope: simplicite-js:5.2.54

Identifiers

color-name:1.1.3

Description:

A list of color names and its values

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/color-name:1.1.3

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/color-convert:1.9.3
  • simplicite-js:5.2.54

Identifiers

color-name:1.1.4

Description:

A list of color names and its values

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?color-convert:2.0.1/color-name:~1.1.4

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/chartjs-color-string:0.6.0
  • simplicite-js:5.2.54
  • simplicite-js:5.2.54/color-convert:2.0.1

Identifiers

color-support:1.1.3

Description:

A module which will endeavor to guess your terminal's level of color support.

License:

ISC
File Path: /var/simplicite/simplicite-5.2/package-lock.json?gauge:4.0.4/color-support:^1.1.3

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/gauge:4.0.4
  • simplicite-js:5.2.54

Identifiers

colord:2.9.3

Description:

👑 A tiny yet powerful tool for high-performance color manipulations and conversions

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?stylelint:14.16.1/colord:^2.9.3

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/stylelint:14.16.1
  • simplicite-js:5.2.54

Identifiers

commander:10.0.1

Description:

the complete solution for node.js command-line programs

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/commander:10.0.1

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/npm-check-updates:16.14.14
  • simplicite-js:5.2.54

Identifiers

commander:2.20.3

Description:

the complete solution for node.js command-line programs

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/commander:2.20.3

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/editorconfig:0.15.3
  • simplicite-js:5.2.54

Identifiers

commander:3.0.2

Description:

the complete solution for node.js command-line programs

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/commander:3.0.2

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/npm-audit-html:1.5.0
  • simplicite-js:5.2.54

Identifiers

commander:4.1.1

Description:

the complete solution for node.js command-line programs

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/commander:4.1.1

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/@babel/node:7.23.9
  • simplicite-js:5.2.54/@babel/cli:7.23.9
  • simplicite-js:5.2.54

Identifiers

comment-parser:1.4.1

Description:

Generic JSDoc-like comment parser

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?eslint-plugin-jsdoc:48.0.4/comment-parser:1.4.1

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/eslint-plugin-jsdoc:48.0.4
  • simplicite-js:5.2.54
  • simplicite-js:5.2.54/@es-joy/jsdoccomment:0.41.0

Identifiers

commondir:1.0.1

Description:

compute the closest common parent for file paths

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?find-cache-dir:2.1.0/commondir:^1.0.1

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/find-cache-dir:2.1.0
  • simplicite-js:5.2.54

Identifiers

commonmark-0.18.0.jar

Description:

Core of commonmark-java (implementation of CommonMark for parsing markdown and rendering to HTML)

File Path: /var/simplicite/.m2/repository/org/commonmark/commonmark/0.18.0/commonmark-0.18.0.jar
MD5: 16eff9d995c0fbe10f46daee7b7f2796
SHA1: 89d6f732805a7ae903a03de5d24daf5541bdac87
SHA256:533c431a2ec613074a48ba011d319a327c649aeb5b8d69c9e66e437f18cfbccb
Referenced In Project/Scope: Simplicite Platform:compile
commonmark-0.18.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.simplicite/simplicite@5.2.54

Identifiers

commonmark-ext-autolink-0.18.0.jar

Description:

commonmark-java extension for turning plain URLs and email addresses into links

File Path: /var/simplicite/.m2/repository/org/commonmark/commonmark-ext-autolink/0.18.0/commonmark-ext-autolink-0.18.0.jar
MD5: 6627c79a625066f5be762e5f39ef7e24
SHA1: d6faf1eb8cff81888dbda77f74c82090fe260adb
SHA256:10feb418bc1849a2fed75a8cf7224c4863f7e0ba11b7d36fa05af613a332c035
Referenced In Project/Scope: Simplicite Platform:compile
commonmark-ext-autolink-0.18.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.simplicite/simplicite@5.2.54

Identifiers

commonmark-ext-gfm-strikethrough-0.18.0.jar

Description:

commonmark-java extension for GFM strikethrough using ~~ (GitHub Flavored Markdown)

File Path: /var/simplicite/.m2/repository/org/commonmark/commonmark-ext-gfm-strikethrough/0.18.0/commonmark-ext-gfm-strikethrough-0.18.0.jar
MD5: 882d5909d422496addca68d51b0b86c1
SHA1: 26a14a38e55e465241b30f96a0d67be02064f622
SHA256:5243b357e493e69f39a03d60504e957c0a03d633638bf87d420537073d8dc7b0
Referenced In Project/Scope: Simplicite Platform:compile
commonmark-ext-gfm-strikethrough-0.18.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.simplicite/simplicite@5.2.54

Identifiers

commonmark-ext-gfm-tables-0.18.0.jar

Description:

commonmark-java extension for GFM tables using "|" pipes (GitHub Flavored Markdown)

File Path: /var/simplicite/.m2/repository/org/commonmark/commonmark-ext-gfm-tables/0.18.0/commonmark-ext-gfm-tables-0.18.0.jar
MD5: 656495abc933a6d5b024dfa83c5d8837
SHA1: 27885f6bbe1ac5b74eedc74bfee452e206ffcdf4
SHA256:50e63bea8f1ae8166de3a6bd27330064247ab534db931e194bd90bb2ad655b0f
Referenced In Project/Scope: Simplicite Platform:compile
commonmark-ext-gfm-tables-0.18.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.simplicite/simplicite@5.2.54

Identifiers

commonmark-ext-heading-anchor-0.18.0.jar

Description:

commonmark-java extension for adding unique id attributes to header tags

File Path: /var/simplicite/.m2/repository/org/commonmark/commonmark-ext-heading-anchor/0.18.0/commonmark-ext-heading-anchor-0.18.0.jar
MD5: c320f2bb2a369012f2d8d711f8ca1b1e
SHA1: 3c580d3a7e9a193d78e36f36f5e07a52ae8e31a3
SHA256:a21a24bbddec2a35c1dc17f0a45f0006ff37f289d06c3d5df64f8d265531ca71
Referenced In Project/Scope: Simplicite Platform:compile
commonmark-ext-heading-anchor-0.18.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.simplicite/simplicite@5.2.54

Identifiers

commonmark-ext-image-attributes-0.18.0.jar

Description:

commonmark-java extension for adding attributes to images

File Path: /var/simplicite/.m2/repository/org/commonmark/commonmark-ext-image-attributes/0.18.0/commonmark-ext-image-attributes-0.18.0.jar
MD5: 9689b1bccdce2e16c49638738bf99318
SHA1: edae8c5450ae6bcf9505bf4d7d496498a7167707
SHA256:786ddf5e3a1b8f19c5cb0ea23285c8cc362734541169aa8cf99dc5ee195e584c
Referenced In Project/Scope: Simplicite Platform:compile
commonmark-ext-image-attributes-0.18.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.simplicite/simplicite@5.2.54

Identifiers

commonmark-ext-ins-0.18.0.jar

Description:

commonmark-java extension for using ++

File Path: /var/simplicite/.m2/repository/org/commonmark/commonmark-ext-ins/0.18.0/commonmark-ext-ins-0.18.0.jar
MD5: 01e7942caf3cfa753520598f8fc62f97
SHA1: b5c97a6443bada4e6cc5dced0c7bb7a712f084c3
SHA256:3b5a6d0d9245c290721850abd9017910172a0d5349bfaf3fd6327a991543ec5a
Referenced In Project/Scope: Simplicite Platform:compile
commonmark-ext-ins-0.18.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.simplicite/simplicite@5.2.54

Identifiers

commonmark-ext-task-list-items-0.18.0.jar

Description:

commonmark-java extension for task list items

File Path: /var/simplicite/.m2/repository/org/commonmark/commonmark-ext-task-list-items/0.18.0/commonmark-ext-task-list-items-0.18.0.jar
MD5: f9f7bc9524e2b6a10c3c2cf9091481ab
SHA1: ab00471367a4bae9c3574669910841a72362cdd2
SHA256:10c4a970d410201ce131291ac9105ed7e09c4b7abba3d76a7e2fc07e296cae14
Referenced In Project/Scope: Simplicite Platform:compile
commonmark-ext-task-list-items-0.18.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.simplicite/simplicite@5.2.54

Identifiers

commonmark-ext-yaml-front-matter-0.18.0.jar

Description:

commonmark-java extension for YAML front matter

File Path: /var/simplicite/.m2/repository/org/commonmark/commonmark-ext-yaml-front-matter/0.18.0/commonmark-ext-yaml-front-matter-0.18.0.jar
MD5: 9cce63bec84708f4006f2ca305d203b4
SHA1: 944587429d6f2d2df6acd75534c5f02e48972b49
SHA256:3170acbd220b0f5d27c16ec52323e641ea99ce36c3c86dfbb46ef5e925bd5ba0
Referenced In Project/Scope: Simplicite Platform:compile
commonmark-ext-yaml-front-matter-0.18.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.simplicite/simplicite@5.2.54

Identifiers

commons-beanutils-1.9.4.jar

Description:

Apache Commons BeanUtils provides an easy-to-use but flexible wrapper around reflection and introspection.

License:

https://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /var/simplicite/.m2/repository/commons-beanutils/commons-beanutils/1.9.4/commons-beanutils-1.9.4.jar
MD5: 07dc532ee316fe1f2f0323e9bd2f8df4
SHA1: d52b9abcd97f38c81342bb7e7ae1eee9b73cba51
SHA256:7d938c81789028045c08c065e94be75fc280527620d5bd62b519d5838532368a
Referenced In Project/Scope: Simplicite Platform:compile
commons-beanutils-1.9.4.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.simplicite/simplicite@5.2.54

Identifiers

commons-cli-1.4.jar

Description:

    Apache Commons CLI provides a simple API for presenting, processing and validating a command line interface.

License:

https://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /var/simplicite/.m2/repository/commons-cli/commons-cli/1.4/commons-cli-1.4.jar
MD5: c966d7e03507c834d5b09b848560174e
SHA1: c51c00206bb913cd8612b24abd9fa98ae89719b1
SHA256:fd3c7c9545a9cdb2051d1f9155c4f76b1e4ac5a57304404a6eedb578ffba7328
Referenced In Project/Scope: Simplicite Platform:compile
commons-cli-1.4.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.simplicite/simplicite@5.2.54

Identifiers

commons-codec-1.15.jar

Description:

     The Apache Commons Codec package contains simple encoder and decoders for
     various formats such as Base64 and Hexadecimal.  In addition to these
     widely used encoders and decoders, the codec package also maintains a
     collection of phonetic encoding utilities.

License:

https://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /var/simplicite/.m2/repository/commons-codec/commons-codec/1.15/commons-codec-1.15.jar
MD5: 303baf002ce6d382198090aedd9d79a2
SHA1: 49d94806b6e3dc933dacbd8acb0fdbab8ebd1e5d
SHA256:b3e9f6d63a790109bf0d056611fbed1cf69055826defeb9894a71369d246ed63
Referenced In Project/Scope: Simplicite Platform:compile
commons-codec-1.15.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.simplicite/simplicite@5.2.54

Identifiers

commons-collections-3.2.2.jar

Description:

Types that extend and augment the Java Collections Framework.

License:

http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /var/simplicite/.m2/repository/commons-collections/commons-collections/3.2.2/commons-collections-3.2.2.jar
MD5: f54a8510f834a1a57166970bfc982e94
SHA1: 8ad72fe39fa8c91eaaf12aadb21e0c3661fe26d5
SHA256:eeeae917917144a68a741d4c0dff66aa5c5c5fd85593ff217bced3fc8ca783b8
Referenced In Project/Scope: Simplicite Platform:compile
commons-collections-3.2.2.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.simplicite/simplicite@5.2.54

Identifiers

commons-collections4-4.4.jar

Description:

The Apache Commons Collections package contains types that extend and augment the Java Collections Framework.

License:

https://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /var/simplicite/.m2/repository/org/apache/commons/commons-collections4/4.4/commons-collections4-4.4.jar
MD5: 4a37023740719b391f10030362c86be6
SHA1: 62ebe7544cb7164d87e0637a2a6a2bdc981395e8
SHA256:1df8b9430b5c8ed143d7815e403e33ef5371b2400aadbe9bda0883762e0846d1
Referenced In Project/Scope: Simplicite Platform:compile
commons-collections4-4.4.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.simplicite/simplicite@5.2.54

Identifiers

commons-compress-1.21.jar

Description:

Apache Commons Compress software defines an API for working with
compression and archive formats.  These include: bzip2, gzip, pack200,
lzma, xz, Snappy, traditional Unix Compress, DEFLATE, DEFLATE64, LZ4,
Brotli, Zstandard and ar, cpio, jar, tar, zip, dump, 7z, arj.

License:

https://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /var/simplicite/.m2/repository/org/apache/commons/commons-compress/1.21/commons-compress-1.21.jar
MD5: 2a713d10331bc4e13459a3dc0463f16f
SHA1: 4ec95b60d4e86b5c95a0e919cb172a0af98011ef
SHA256:6aecfd5459728a595601cfa07258d131972ffc39b492eb48bdd596577a2f244a
Referenced In Project/Scope: Simplicite Platform:compile
commons-compress-1.21.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.simplicite/simplicite@5.2.54

Identifiers

CVE-2024-25710  

Loop with Unreachable Exit Condition ('Infinite Loop') vulnerability in Apache Commons Compress.This issue affects Apache Commons Compress: from 1.3 through 1.25.0.

Users are recommended to upgrade to version 1.26.0 which fixes the issue.
CWE-835 Loop with Unreachable Exit Condition ('Infinite Loop')

CVSSv3:
  • Base Score: MEDIUM (5.5)
  • Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

References:

Vulnerable Software & Versions:

CVE-2024-26308  

Allocation of Resources Without Limits or Throttling vulnerability in Apache Commons Compress.This issue affects Apache Commons Compress: from 1.21 before 1.26.

Users are recommended to upgrade to version 1.26, which fixes the issue.
CWE-770 Allocation of Resources Without Limits or Throttling

CVSSv3:
  • Base Score: MEDIUM (5.5)
  • Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

References:

Vulnerable Software & Versions:

commons-csv-1.9.0.jar

Description:

The Apache Commons CSV library provides a simple interface for reading and writing CSV files of various types.

License:

https://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /var/simplicite/.m2/repository/org/apache/commons/commons-csv/1.9.0/commons-csv-1.9.0.jar
MD5: 75559edcb39c783299289690c5a45816
SHA1: b59d8f64cd0b83ee1c04ff1748de2504457018c1
SHA256:c418d6aab4db4f1f70983d355de8d7c1e755c754820a92294da2e5f5081022cc
Referenced In Project/Scope: Simplicite Platform:compile
commons-csv-1.9.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.simplicite/simplicite@5.2.54

Identifiers

commons-digester-2.1.jar

Description:

    The Digester package lets you configure an XML to Java object mapping module
    which triggers certain actions called rules whenever a particular 
    pattern of nested XML elements is recognized.

License:

http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /var/simplicite/.m2/repository/commons-digester/commons-digester/2.1/commons-digester-2.1.jar
MD5: 528445033f22da28f5047b6abcd1c7c9
SHA1: 73a8001e7a54a255eef0f03521ec1805dc738ca0
SHA256:e0b2b980a84fc6533c5ce291f1917b32c507f62bcad64198fff44368c2196a3d
Referenced In Project/Scope: Simplicite Platform:compile
commons-digester-2.1.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/commons-validator/commons-validator@1.7

Identifiers

commons-discovery-0.5.jar

Description:

The Apache Commons Discovery component is about discovering, or finding,
  implementations for pluggable interfaces.

License:

http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /var/simplicite/.m2/repository/commons-discovery/commons-discovery/0.5/commons-discovery-0.5.jar
MD5: b35120680c3a22cec7a037fce196cd97
SHA1: 3a8ac816bbe02d2f88523ef22cbf2c4abd71d6a8
SHA256:e5b7d58ae62e5b309d5c0ffa5a5b1d9d1e0f0c4c3cc18d1fe3103fd29f90149d
Referenced In Project/Scope: Simplicite Platform:compile
commons-discovery-0.5.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.simplicite/simplicite@5.2.54

Identifiers

CVE-2022-0869  

Multiple Open Redirect in GitHub repository nitely/spirit prior to 0.12.3.
CWE-601 URL Redirection to Untrusted Site ('Open Redirect')

CVSSv2:
  • Base Score: MEDIUM (5.8)
  • Vector: /AV:N/AC:M/Au:N/C:P/I:P/A:N
CVSSv3:
  • Base Score: MEDIUM (6.1)
  • Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

References:

Vulnerable Software & Versions:

commons-email-1.5.jar

Description:

        Apache Commons Email aims to provide an API for sending email. It is built on top of
        the JavaMail API, which it aims to simplify.

License:

http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /var/simplicite/.m2/repository/org/apache/commons/commons-email/1.5/commons-email-1.5.jar
MD5: e72657496d31f152aa26d4122e0850d9
SHA1: e8e677c6362eba14ff3c476ba63ccb83132dbd52
SHA256:ee8479906abb2c355a46a0a9845cfa1803bcc3c520a34baea4a6cf4e1f0f0cc1
Referenced In Project/Scope: Simplicite Platform:compile
commons-email-1.5.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.simplicite/simplicite@5.2.54

Identifiers

commons-exec-1.3.jar

Description:

Apache Commons Exec is a library to reliably execute external processes from within the JVM.

License:

http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /var/simplicite/.m2/repository/org/apache/commons/commons-exec/1.3/commons-exec-1.3.jar
MD5: 8bb8fa2edfd60d5c7ed6bf9923d14aa8
SHA1: 8dfb9facd0830a27b1b5f29f84593f0aeee7773b
SHA256:cb49812dc1bfb0ea4f20f398bcae1a88c6406e213e67f7524fb10d4f8ad9347b
Referenced In Project/Scope: Simplicite Platform:compile
commons-exec-1.3.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.simplicite/simplicite@5.2.54

Identifiers

commons-fileupload-1.4.jar

Description:

    The Apache Commons FileUpload component provides a simple yet flexible means of adding support for multipart
    file upload functionality to servlets and web applications.

License:

https://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /var/simplicite/.m2/repository/commons-fileupload/commons-fileupload/1.4/commons-fileupload-1.4.jar
MD5: 0c3b924dcaaa90c3fb93fe04ae96a35e
SHA1: f95188e3d372e20e7328706c37ef366e5d7859b0
SHA256:a4ec02336f49253ea50405698b79232b8c5cbf02cb60df3a674d77a749a1def7
Referenced In Project/Scope: Simplicite Platform:compile
commons-fileupload-1.4.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.simplicite/simplicite@5.2.54

Identifiers

CVE-2023-24998  

Apache Commons FileUpload before 1.5 does not limit the number of request parts to be processed resulting in the possibility of an attacker triggering a DoS with a malicious upload or series of uploads.




Note that, like all of the file upload limits, the
          new configuration option (FileUploadBase#setFileCountMax) is not
          enabled by default and must be explicitly configured.
CWE-770 Allocation of Resources Without Limits or Throttling

CVSSv3:
  • Base Score: HIGH (7.5)
  • Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

References:

Vulnerable Software & Versions: (show all)

commons-imaging-1.0-alpha2.jar

Description:

Apache Commons Imaging (previously Sanselan) is a pure-Java image library.

License:

https://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /var/simplicite/.m2/repository/org/apache/commons/commons-imaging/1.0-alpha2/commons-imaging-1.0-alpha2.jar
MD5: b1b9d002d76145c50fe3947d7b9724e2
SHA1: 838bd680e85e4611cdc0a81c81174bb87927e255
SHA256:64d649007364d70dcab24a1f895646e6976f5e2b339ba73a4af20642d041666a
Referenced In Project/Scope: Simplicite Platform:compile
commons-imaging-1.0-alpha2.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.simplicite/simplicite@5.2.54

Identifiers

commons-io-2.11.0.jar

Description:

The Apache Commons IO library contains utility classes, stream implementations, file filters,
file comparators, endian transformation classes, and much more.

License:

https://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /var/simplicite/.m2/repository/commons-io/commons-io/2.11.0/commons-io-2.11.0.jar
MD5: 3b4b7ccfaeceeac240b804839ee1a1ca
SHA1: a2503f302b11ebde7ebc3df41daebe0e4eea3689
SHA256:961b2f6d87dbacc5d54abf45ab7a6e2495f89b75598962d8c723cea9bc210908
Referenced In Project/Scope: Simplicite Platform:compile
commons-io-2.11.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.simplicite/simplicite@5.2.54

Identifiers

commons-lang-2.6.jar

Description:

        Commons Lang, a package of Java utility classes for the
        classes that are in java.lang's hierarchy, or are considered to be so
        standard as to justify existence in java.lang.

License:

http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /var/simplicite/.m2/repository/commons-lang/commons-lang/2.6/commons-lang-2.6.jar
MD5: 4d5c1693079575b362edf41500630bbd
SHA1: 0ce1edb914c94ebc388f086c6827e8bdeec71ac2
SHA256:50f11b09f877c294d56f24463f47d28f929cf5044f648661c0f0cfbae9a2f49c
Referenced In Project/Scope: Simplicite Platform:compile
commons-lang-2.6.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.simplicite/simplicite@5.2.54

Identifiers

commons-lang3-3.12.0.jar

Description:

  Apache Commons Lang, a package of Java utility classes for the
  classes that are in java.lang's hierarchy, or are considered to be so
  standard as to justify existence in java.lang.

License:

https://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /var/simplicite/.m2/repository/org/apache/commons/commons-lang3/3.12.0/commons-lang3-3.12.0.jar
MD5: 19fe50567358922bdad277959ea69545
SHA1: c6842c86792ff03b9f1d1fe2aab8dc23aa6c6f0e
SHA256:d919d904486c037f8d193412da0c92e22a9fa24230b9d67a57855c5c31c7e94e
Referenced In Project/Scope: Simplicite Platform:compile
commons-lang3-3.12.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.simplicite/simplicite@5.2.54

Identifiers

commons-logging-1.2.jar

Description:

Apache Commons Logging is a thin adapter allowing configurable bridging to other,
    well known logging systems.

License:

http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /var/simplicite/.m2/repository/commons-logging/commons-logging/1.2/commons-logging-1.2.jar
MD5: 040b4b4d8eac886f6b4a2a3bd2f31b00
SHA1: 4bfc12adfe4842bf07b657f0369c4cb522955686
SHA256:daddea1ea0be0f56978ab3006b8ac92834afeefbd9b7e4e6316fca57df0fa636
Referenced In Project/Scope: Simplicite Platform:compile
commons-logging-1.2.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.simplicite/simplicite@5.2.54

Identifiers

commons-math3-3.6.1.jar

Description:

The Apache Commons Math project is a library of lightweight, self-contained mathematics and statistics components addressing the most common practical problems not immediately available in the Java programming language or commons-lang.

License:

http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /var/simplicite/.m2/repository/org/apache/commons/commons-math3/3.6.1/commons-math3-3.6.1.jar
MD5: 5b730d97e4e6368069de1983937c508e
SHA1: e4ba98f1d4b3c80ec46392f25e094a6a2e58fcbf
SHA256:1e56d7b058d28b65abd256b8458e3885b674c1d588fa43cd7d1cbb9c7ef2b308
Referenced In Project/Scope: Simplicite Platform:compile
commons-math3-3.6.1.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.simplicite/simplicite@5.2.54

Identifiers

commons-net-3.8.0.jar

Description:

Apache Commons Net library contains a collection of network utilities and protocol implementations.
Supported protocols include: Echo, Finger, FTP, NNTP, NTP, POP3(S), SMTP(S), Telnet, Whois

License:

https://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /var/simplicite/.m2/repository/commons-net/commons-net/3.8.0/commons-net-3.8.0.jar
MD5: d4b7197bf50afc96e2fa2657a339f037
SHA1: 63ea56587c8aaf05adab5cb0397e056bac8a2db0
SHA256:352b0ba1c657d8930063a9b83878fb717deef2d29ee25d13943be9beccc64d49
Referenced In Project/Scope: Simplicite Platform:compile
commons-net-3.8.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.simplicite/simplicite@5.2.54

Identifiers

CVE-2021-37533  

Prior to Apache Commons Net 3.9.0, Net's FTP client trusts the host from PASV response by default. A malicious server can redirect the Commons Net code to use a different host, but the user has to connect to the malicious server in the first place. This may lead to leakage of information about services running on the private network of the client. The default in version 3.9.0 is now false to ignore such hosts, as cURL does. See https://issues.apache.org/jira/browse/NET-711.
CWE-20 Improper Input Validation

CVSSv3:
  • Base Score: MEDIUM (6.5)
  • Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

References:

Vulnerable Software & Versions:

commons-pool2-2.11.1.jar

Description:

The Apache Commons Object Pooling Library.

License:

https://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /var/simplicite/.m2/repository/org/apache/commons/commons-pool2/2.11.1/commons-pool2-2.11.1.jar
MD5: 2210a041929e7c94485d5402458340b9
SHA1: 8970fd110c965f285ed4c6e40be7630c62db6f68
SHA256:ea0505ee7515e58b1ac0e686e4d1a5d9f7d808e251a61bc371aa0595b9963f83
Referenced In Project/Scope: Simplicite Platform:compile
commons-pool2-2.11.1.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.simplicite/simplicite@5.2.54

Identifiers

commons-validator-1.7.jar

Description:

    Apache Commons Validator provides the building blocks for both client side validation and server side data validation.
    It may be used standalone or with a framework like Struts.

License:

https://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /var/simplicite/.m2/repository/commons-validator/commons-validator/1.7/commons-validator-1.7.jar
MD5: 4b6f22de69432bc03254b47310d59651
SHA1: 76069c915de3787f3ddd8726a56f47a95bfcbb0e
SHA256:4d74f4ce4fb68b2617edad086df6defdf9338467d2377d2c62e69038e1c4f02f
Referenced In Project/Scope: Simplicite Platform:compile
commons-validator-1.7.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.simplicite/simplicite@5.2.54

Identifiers

commons-vfs2-2.9.0.jar

Description:

Apache Commons VFS is a Virtual File System library.

License:

https://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /var/simplicite/.m2/repository/org/apache/commons/commons-vfs2/2.9.0/commons-vfs2-2.9.0.jar
MD5: beba9c4909dd2799ee95c8e0c280dbf2
SHA1: 48115c2fb1c5f0a2498a4365162d6b69adec73f3
SHA256:266f96b77aa18773191f6992fc7910999bf8ee8a244ec67a3398b486eb726a7f
Referenced In Project/Scope: Simplicite Platform:compile
commons-vfs2-2.9.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.simplicite/simplicite@5.2.54

Identifiers

concat-map:0.0.1

Description:

concatenative mapdashery

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/concat-map:0.0.1

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/brace-expansion:1.1.11
  • simplicite-js:5.2.54

Identifiers

config-chain:1.1.13

Description:

HANDLE CONFIGURATION ONCE AND FOR ALL

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?js-beautify:1.14.0/config-chain:^1.1.12

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/js-beautify:1.14.0
  • simplicite-js:5.2.54
  • simplicite-js:5.2.54/@pnpm/npm-conf:2.2.2

Identifiers

configstore:5.0.1

Description:

Easily load and save config without having to think about where and how

License:

BSD-2-Clause
File Path: /var/simplicite/simplicite-5.2/package-lock.json?update-notifier:4.1.3/configstore:^5.0.1

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/update-notifier:6.0.2
  • simplicite-js:5.2.54/update-notifier:4.1.3
  • simplicite-js:5.2.54/update-notifier:5.1.0
  • simplicite-js:5.2.54

Identifiers

conscrypt-openjdk-uber-2.5.1.jar

Description:

Conscrypt: OpenJdk UberJAR

License:

Apache 2: https://www.apache.org/licenses/LICENSE-2.0
File Path: /var/simplicite/.m2/repository/org/conscrypt/conscrypt-openjdk-uber/2.5.1/conscrypt-openjdk-uber-2.5.1.jar
MD5: ee6de6e578762d474b2ca5418e16815b
SHA1: 3658b276ab54bd600f754b3c8cf4b7cd77fc61e6
SHA256:01f9c742cb592a151e2e62bd5397a8980628a967001fcdacd4aa4744678685f3
Referenced In Project/Scope: Simplicite Platform:compile
conscrypt-openjdk-uber-2.5.1.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.google.cloud/google-cloud-pubsub@1.114.4

Identifiers

conscrypt-openjdk-uber-2.5.1.jar: conscrypt_openjdk_jni-windows-x86.dll

File Path: /var/simplicite/.m2/repository/org/conscrypt/conscrypt-openjdk-uber/2.5.1/conscrypt-openjdk-uber-2.5.1.jar/META-INF/native/conscrypt_openjdk_jni-windows-x86.dll
MD5: 1837b5f2ee4d31f4c34e2c1afa2e5788
SHA1: 7a2afc78dd37293c450301307f1bad4dcf88192f
SHA256:71599c8027fe32c3688ec00945b170300792f6965089d0e321356084bb7ce0aa
Referenced In Project/Scope: Simplicite Platform:compile

Identifiers

  • None

conscrypt-openjdk-uber-2.5.1.jar: conscrypt_openjdk_jni-windows-x86_64.dll

File Path: /var/simplicite/.m2/repository/org/conscrypt/conscrypt-openjdk-uber/2.5.1/conscrypt-openjdk-uber-2.5.1.jar/META-INF/native/conscrypt_openjdk_jni-windows-x86_64.dll
MD5: 26cd5423ca8df336f97ac6f82a1248fe
SHA1: f1b981e0caeac000a74ad069665beae9e831dcf2
SHA256:e9337a1b2050da01d1626deefbbed517e312ab4acb8e1d8a214ee362fbae891a
Referenced In Project/Scope: Simplicite Platform:compile

Identifiers

  • None

console-browserify:1.1.0

Description:

Emulate console for all the browsers

File Path: /var/simplicite/simplicite-5.2/package-lock.json?/console-browserify:1.1.0

Referenced In Projects/Scopes:

  • simplicite-js:5.2.54/jshint:2.13.1
  • simplicite-js:5.2.54

Identifiers

console-control-strings:1.1.0

Description:

A library of cross-platform tested terminal/console command strings for doing things like color and cursor positioning.  This is a subset of both ansi and vt100.  All control codes included work on both Windows & Unix-like OSes, except where noted.

License:

ISC
File Path: /var/simplicite/simplicite-5.2/package-lock.json?npmlog:6.0.2/console-control-strings:^1.1.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/gauge:4.0.4
  • simplicite-js:5.2.54/npmlog:6.0.2
  • simplicite-js:5.2.54

Identifiers

convert-source-map:2.0.0

Description:

Converts a source-map from/to  different formats and allows adding/changing properties.

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/convert-source-map:2.0.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/@babel/core:7.23.9
  • simplicite-js:5.2.54/@babel/cli:7.23.9
  • simplicite-js:5.2.54

Identifiers

core-3.0.1.jar

Description:

Core barcode encoding/decoding library

File Path: /var/simplicite/.m2/repository/com/google/zxing/core/3.0.1/core-3.0.1.jar
MD5: 0a0184c3f92492f721d8631d6f5237de
SHA1: 9ebf6cd580d67601fbf88fd007aab4703b19e4c2
SHA256:38c49045765281e4c170062fa3f48e4e988629bf985cab850c7497be5eaa72a1
Referenced In Project/Scope: Simplicite Platform:compile
core-3.0.1.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.simplicite/simplicite@5.2.54

Identifiers

core-js-compat:3.35.1

Description:

core-js compat

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/core-js-compat:3.35.1

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/@babel/preset-env:7.23.9
  • simplicite-js:5.2.54
  • simplicite-js:5.2.54/babel-plugin-polyfill-corejs3:0.9.0

Identifiers

core-js:3.31.0

Description:

Standard library

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/core-js:3.31.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/@babel/node:7.23.9
  • simplicite-js:5.2.54

Identifiers

core-util-is:1.0.3

Description:

The `util.is*` functions introduced in Node v0.12.

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?readable-stream:1.1.14/core-util-is:~1.0.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/readable-stream:2.3.8
  • simplicite-js:5.2.54/readable-stream:1.1.14
  • simplicite-js:5.2.54

Identifiers

cosmiconfig:7.1.0

Description:

Find and load configuration from a package.json property, rc file, or CommonJS module

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?stylelint:14.16.1/cosmiconfig:^7.1.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/stylelint:14.16.1
  • simplicite-js:5.2.54
  • simplicite-js:5.2.54/depcheck:1.4.3

Identifiers

cross-spawn:7.0.3

Description:

Cross platform child_process#spawn and child_process#spawnSync

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?spawn-please:2.0.2/cross-spawn:^7.0.3

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/eslint:8.56.0
  • simplicite-js:5.2.54/foreground-child:3.1.1
  • simplicite-js:5.2.54/spawn-please:2.0.2
  • simplicite-js:5.2.54/execa:5.1.1
  • simplicite-js:5.2.54

Identifiers

crypto-random-string:2.0.0

Description:

Generate a cryptographically strong random string

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?unique-string:2.0.0/crypto-random-string:^2.0.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/unique-string:2.0.0
  • simplicite-js:5.2.54
  • simplicite-js:5.2.54/unique-string:3.0.0

Identifiers

css-functions-list:3.1.0

Description:

List of standard and browser specific CSS functions.

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?stylelint:14.16.1/css-functions-list:^3.1.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/stylelint:14.16.1
  • simplicite-js:5.2.54

Identifiers

cssesc:3.0.0

Description:

A JavaScript library for escaping CSS strings and identifiers while generating the shortest possible ASCII-only output.

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?postcss-selector-parser:6.0.13/cssesc:^3.0.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/postcss-selector-parser:6.0.13
  • simplicite-js:5.2.54

Identifiers

curvesapi-1.06.jar

Description:

Implementation of various mathematical curves that define themselves over a set of control points. The API is written in Java. The curves supported are: Bezier, B-Spline, Cardinal Spline, Catmull-Rom Spline, Lagrange, Natural Cubic Spline, and NURBS.

License:

BSD License: http://opensource.org/licenses/BSD-3-Clause
File Path: /var/simplicite/.m2/repository/com/github/virtuald/curvesapi/1.06/curvesapi-1.06.jar
MD5: 049221bdb7f8d8a2065c02000e854ed4
SHA1: 159dd2e8956459a4eb0a9a6ecda9004d8d289708
SHA256:38bb45c99e6153260c19b97b99b6a7370a067de63344de6d1ea11922acaed86b
Referenced In Project/Scope: Simplicite Platform:compile
curvesapi-1.06.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.apache.poi/poi-ooxml@4.1.2

Identifiers

date-now:0.1.4

Description:

A requirable version of Date.now()

File Path: /var/simplicite/simplicite-5.2/package-lock.json?/date-now:0.1.4

Referenced In Projects/Scopes:

  • simplicite-js:5.2.54/console-browserify:1.1.0
  • simplicite-js:5.2.54

Identifiers

dd-plist-1.23.jar

Description:

        This library enables Java applications to work with property lists in various formats.
        Supported formats for reading and writing are OS X/iOS binary and XML property lists.
        ASCII property lists are also supported.
        The library also provides access to basic functions of NeXTSTEP/Cocoa classes like
        NSDictionary, NSArray, etc.

License:

MIT License: http://opensource.org/licenses/mit
File Path: /var/simplicite/.m2/repository/com/googlecode/plist/dd-plist/1.23/dd-plist-1.23.jar
MD5: 728c9b2138c0b5f38d017ec8f4ea97e4
SHA1: f522894abd90d6f5a15e9586e625407a7d50e80d
SHA256:3d794f2808d0e90c7ec889658e843f92a24414bd4df18ecf9f1478726af1238c
Referenced In Project/Scope: Simplicite Platform:compile
dd-plist-1.23.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.apache.tika/tika-parsers@1.27

Identifiers

debug:4.3.4

Description:

Lightweight debugging utility for Node.js and the browser

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?tuf-js:1.1.7/debug:^4.3.4

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/rc-config-loader:4.1.3
  • simplicite-js:5.2.54/socks-proxy-agent:7.0.0
  • simplicite-js:5.2.54/@eslint/eslintrc:2.1.4
  • simplicite-js:5.2.54/@babel/traverse:7.23.9
  • simplicite-js:5.2.54/http-proxy-agent:5.0.0
  • simplicite-js:5.2.54/license-report:6.5.0
  • simplicite-js:5.2.54/agentkeepalive:4.3.0
  • simplicite-js:5.2.54/@babel/core:7.23.9
  • simplicite-js:5.2.54
  • simplicite-js:5.2.54/@humanwhocodes/config-array:0.11.13
  • simplicite-js:5.2.54/depcheck:1.4.3
  • simplicite-js:5.2.54/https-proxy-agent:5.0.1
  • simplicite-js:5.2.54/eslint:8.56.0
  • simplicite-js:5.2.54/stylelint:14.16.1
  • simplicite-js:5.2.54/eslint-plugin-jsdoc:48.0.4
  • simplicite-js:5.2.54/agent-base:6.0.2
  • simplicite-js:5.2.54/@babel/helper-define-polyfill-provider:0.5.0
  • simplicite-js:5.2.54/tuf-js:1.1.7

Identifiers

dec-0.1.2.jar

Description:

Brotli is a generic-purpose lossless compression algorithm.

License:

http://www.opensource.org/licenses/mit-license.php
File Path: /var/simplicite/.m2/repository/org/brotli/dec/0.1.2/dec-0.1.2.jar
MD5: 4b1cd14cf29733941cc536b27e6aedfa
SHA1: 0c26a897ae0d524809eef1c786cc6183b4ddcc3b
SHA256:615c0c3efef990d77831104475fba6a1f7971388691d4bad1471ad84101f6d52
Referenced In Project/Scope: Simplicite Platform:compile
dec-0.1.2.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.apache.tika/tika-parsers@1.27

Identifiers

decamelize-keys:1.1.1

Description:

Convert object keys from camelCase to lowercase with a custom separator

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?meow:9.0.0/decamelize-keys:^1.1.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/meow:9.0.0
  • simplicite-js:5.2.54

Identifiers

decamelize:1.2.0

Description:

Convert a camelized string into a lowercased one with a custom separator: unicornRainbow → unicorn_rainbow

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?meow:9.0.0/decamelize:^1.2.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/meow:9.0.0
  • simplicite-js:5.2.54/decamelize-keys:1.1.1
  • simplicite-js:5.2.54

Identifiers

decompress-response:6.0.0

Description:

Decompress a HTTP response if needed

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?got:13.0.0/decompress-response:^6.0.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/got:12.6.1
  • simplicite-js:5.2.54/got:9.6.0
  • simplicite-js:5.2.54
  • simplicite-js:5.2.54/got:13.0.0

Identifiers

deep-extend:0.6.0

Description:

Recursive object extending

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?rc:1.2.8/deep-extend:^0.6.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/rc:1.2.8
  • simplicite-js:5.2.54

Identifiers

deep-is:0.1.4

Description:

node's assert.deepEqual algorithm except for NaN being equal to NaN

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?optionator:0.9.3/deep-is:^0.1.3

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/optionator:0.9.3
  • simplicite-js:5.2.54

Identifiers

defaults:1.0.4

Description:

merge single level defaults over a config object

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?wcwidth:1.0.1/defaults:^1.0.3

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/wcwidth:1.0.1
  • simplicite-js:5.2.54

Identifiers

defer-to-connect:1.1.3

Description:

The safe way to handle the `connect` socket event

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/defer-to-connect:1.1.3

Referenced In Project/Scope: simplicite-js:5.2.54

Identifiers

defer-to-connect:2.0.1

Description:

The safe way to handle the `connect` socket event

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/defer-to-connect:2.0.1

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/@szmarczak/http-timer:5.0.1
  • simplicite-js:5.2.54
  • simplicite-js:5.2.54/@szmarczak/http-timer:1.1.2

Identifiers

define-properties:1.2.0

Description:

Define multiple non-enumerable properties at once. Uses `Object.defineProperty` when available; falls back to standard assignment in older engines.

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?string.prototype.trimstart:1.0.6/define-properties:^1.1.4

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/function.prototype.name:1.1.5
  • simplicite-js:5.2.54/string.prototype.trimend:1.0.6
  • simplicite-js:5.2.54/object.getownpropertydescriptors:2.1.6
  • simplicite-js:5.2.54/globalthis:1.0.3
  • simplicite-js:5.2.54/array.prototype.reduce:1.0.5
  • simplicite-js:5.2.54/string.prototype.trim:1.2.7
  • simplicite-js:5.2.54/regexp.prototype.flags:1.5.0
  • simplicite-js:5.2.54
  • simplicite-js:5.2.54/string.prototype.trimstart:1.0.6
  • simplicite-js:5.2.54/object.assign:4.1.4

Identifiers

delegates:1.0.0

Description:

delegate methods and accessors to another property

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/delegates:1.0.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/are-we-there-yet:3.0.1
  • simplicite-js:5.2.54

Identifiers

depcheck:1.4.3

Description:

Check dependencies in your node module

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?npm-check:6.0.1/depcheck:^1.3.1

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/npm-check:6.0.1
  • simplicite-js:5.2.54

Identifiers

depd:2.0.0

Description:

Deprecate all the things

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/depd:2.0.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/agentkeepalive:4.3.0
  • simplicite-js:5.2.54

Identifiers

deps-regex:0.1.4

Description:

Regular expression for matching javascript require statements.

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/deps-regex:0.1.4

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54
  • simplicite-js:5.2.54/depcheck:1.4.3

Identifiers

diff-match-patch:1.0.5

Description:

npm package for https://github.com/google/diff-match-patch

License:

Apache-2.0
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/diff-match-patch:1.0.5

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54
  • simplicite-js:5.2.54/ace-diff:3.0.3

Identifiers

diffutils-1.3.0.jar

Description:

The DiffUtils library for computing diffs, applying patches, generationg side-by-side view in Java.

License:

The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /var/simplicite/.m2/repository/com/googlecode/java-diff-utils/diffutils/1.3.0/diffutils-1.3.0.jar
MD5: 638158a6bca62926aa9986c92ccb15e0
SHA1: 7e060dd5b19431e6d198e91ff670644372f60fbd
SHA256:61ba4dc49adca95243beaa0569adc2a23aedb5292ae78aa01186fa782ebdc5c2
Referenced In Project/Scope: Simplicite Platform:compile
diffutils-1.3.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.simplicite/simplicite@5.2.54

Identifiers

dir-glob:3.0.1

Description:

Convert directories to glob compatible strings

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?globby:11.1.0/dir-glob:^3.0.1

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54
  • simplicite-js:5.2.54/globby:11.1.0

Identifiers

docdash:2.0.2

Description:

A clean, responsive documentation template theme for JSDoc 3 inspired by lodash and minami

License:

Apache-2.0
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/docdash:2.0.2

Referenced In Project/Scope: simplicite-js:5.2.54

Identifiers

doctrine:3.0.0

Description:

JSDoc parser

License:

Apache-2.0
File Path: /var/simplicite/simplicite-5.2/package-lock.json?eslint:8.56.0/doctrine:^3.0.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/eslint:8.56.0
  • simplicite-js:5.2.54

Identifiers

docusign-esign-java-3.14.0.jar

Description:

The official DocuSign eSignature JAVA client is based on version 2 of the DocuSign REST API and provides libraries for JAVA application integration. It is recommended that you use this version of the library for new development.

License:

DocuSign Java Client License: https://raw.githubusercontent.com/docusign/docusign-java-client/master/LICENSE
File Path: /var/simplicite/.m2/repository/com/docusign/docusign-esign-java/3.14.0/docusign-esign-java-3.14.0.jar
MD5: 9918c72f296fb6032208ac18f3732952
SHA1: e548b03bc892e8017f07b8bafe5c92de59941b61
SHA256:b1c1d69645cbbb48859b0bab92a38fd710e06f63975620976ed3b1b706d08319
Referenced In Project/Scope: Simplicite Platform:provided
docusign-esign-java-3.14.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.simplicite/simplicite@5.2.54

Identifiers

docx4j-ImportXHTML-8.2.1.jar

Description:

		docx4j-ImportXHTML converts XHTML to OpenXML WordML (docx) using docx4j

License:

LGPL v2.1: http://www.gnu.org/licenses/lgpl-2.1.html
File Path: /var/simplicite/.m2/repository/org/docx4j/docx4j-ImportXHTML/8.2.1/docx4j-ImportXHTML-8.2.1.jar
MD5: bac211a763b6851384c3efa44fe82eb4
SHA1: c097fd27a2346ab4412b9c61b98945b1831ebc39
SHA256:34a88dd7a94f5eca46879250f9e0cb8ac5e174829aa8f01f734e47a1dd91efc5
Referenced In Project/Scope: Simplicite Platform:compile
docx4j-ImportXHTML-8.2.1.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.simplicite/simplicite@5.2.54

Identifiers

docx4j-JAXB-ReferenceImpl-11.2.9.jar

Description:

config specifying that docx4j should use the JAXB reference impls

License:

Apache 2: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /var/simplicite/.m2/repository/org/docx4j/docx4j-JAXB-ReferenceImpl/11.2.9/docx4j-JAXB-ReferenceImpl-11.2.9.jar
MD5: f781b5f96a97131dfab997bb67aad004
SHA1: ddbfc5b22e6a09d3cc801140ce76e474776f7ac2
SHA256:f3f17502f0659b0de3abef6409548e6a0d74e7e13d899a6013ea35a18a19b5bf
Referenced In Project/Scope: Simplicite Platform:compile
docx4j-JAXB-ReferenceImpl-11.2.9.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.simplicite/simplicite@5.2.54

Identifiers

docx4j-core-11.2.9.jar

Description:

docx4j is a library which helps you to work with the Office Open
		XML file format as used in docx
		documents, pptx presentations, and xlsx spreadsheets.

License:

Apache 2: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /var/simplicite/.m2/repository/org/docx4j/docx4j-core/11.2.9/docx4j-core-11.2.9.jar
MD5: 68339af41973a57fcb24a6b464498f63
SHA1: 78f7fc21ab817f1ed728bb33e78a15ab7e1dd74a
SHA256:c7baa6c3a196ad7232006edb369a1304455abe42671685afb0d549101e086b4c
Referenced In Project/Scope: Simplicite Platform:compile
docx4j-core-11.2.9.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.simplicite/simplicite@5.2.54

Identifiers

docx4j-openxml-objects-11.2.9.jar

Description:

Our JAXB representation of OpenXML, except for pml and sml (handled separately)

License:

Apache 2: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /var/simplicite/.m2/repository/org/docx4j/docx4j-openxml-objects/11.2.9/docx4j-openxml-objects-11.2.9.jar
MD5: be8c6edf33347da19ae19b42b49160a8
SHA1: d8fb8895ec6aea9fae5a2e6afe1c66dc61ced549
SHA256:1444b2e329e88f3236e749d5cf3c23744eb7858f1d2c89902e42685a474aec06
Referenced In Project/Scope: Simplicite Platform:compile
docx4j-openxml-objects-11.2.9.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.docx4j/docx4j-core@11.2.9

Identifiers

docx4j-openxml-objects-pml-11.2.9.jar

Description:

Our JAXB representation of OpenXML Presentation Markup Language (pml)

License:

Apache 2: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /var/simplicite/.m2/repository/org/docx4j/docx4j-openxml-objects-pml/11.2.9/docx4j-openxml-objects-pml-11.2.9.jar
MD5: 334971a5b2bca26054cda0f28af42bf7
SHA1: ae8ac27bc6949a16ac13d44a0ace4b043ac0a4fb
SHA256:a7a2dae98f8ebcd69e8fa557869ee1030b9742089365bd71e2d9a82f46ebf3ae
Referenced In Project/Scope: Simplicite Platform:compile
docx4j-openxml-objects-pml-11.2.9.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.docx4j/docx4j-core@11.2.9

Identifiers

docx4j-openxml-objects-sml-11.2.9.jar

Description:

Our JAXB representation of OpenXML Spreadsheet Markup Language (sml)

License:

Apache 2: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /var/simplicite/.m2/repository/org/docx4j/docx4j-openxml-objects-sml/11.2.9/docx4j-openxml-objects-sml-11.2.9.jar
MD5: 5afb7490b73c6ac25a5c9dfc38c0de21
SHA1: f6914a455f3b19c6aa9d4eccb0cd3096d1be0c72
SHA256:0fe802ac08e0d200b0fb0cbf7244e012125d39eb13e33ae4859387f7d77862b4
Referenced In Project/Scope: Simplicite Platform:compile
docx4j-openxml-objects-sml-11.2.9.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.docx4j/docx4j-core@11.2.9

Identifiers

dom-serializer:0.2.2

Description:

render dom nodes to string

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/dom-serializer:0.2.2

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54
  • simplicite-js:5.2.54/domutils:1.5.1

Identifiers

domelementtype:1.3.1

Description:

all the types of nodes in htmlparser2's dom

License:

BSD-2-Clause
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/domelementtype:1.3.1

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/htmlparser2:3.8.3
  • simplicite-js:5.2.54/domhandler:2.3.0
  • simplicite-js:5.2.54
  • simplicite-js:5.2.54/domutils:1.5.1

Identifiers

domelementtype:2.3.0

Description:

all the types of nodes in htmlparser2's dom

License:

BSD-2-Clause
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/domelementtype:2.3.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/dom-serializer:0.2.2
  • simplicite-js:5.2.54

Identifiers

domhandler:2.3.0

Description:

handler for htmlparser2 that turns pages into a dom

File Path: /var/simplicite/simplicite-5.2/package-lock.json?/domhandler:2.3.0

Referenced In Projects/Scopes:

  • simplicite-js:5.2.54/htmlparser2:3.8.3
  • simplicite-js:5.2.54

Identifiers

domutils:1.5.1

Description:

utilities for working with htmlparser2's dom

File Path: /var/simplicite/simplicite-5.2/package-lock.json?/domutils:1.5.1

Referenced In Projects/Scopes:

  • simplicite-js:5.2.54/htmlparser2:3.8.3
  • simplicite-js:5.2.54

Identifiers

dot-prop:5.3.0

Description:

Get, set, or delete a property from a nested object using a dot path

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/dot-prop:5.3.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/configstore:6.0.0
  • simplicite-js:5.2.54
  • simplicite-js:5.2.54/configstore:5.0.1

Identifiers

dot-prop:6.0.1

Description:

Get, set, or delete a property from a nested object using a dot path

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/dot-prop:6.0.1

Referenced In Project/Scope: simplicite-js:5.2.54

Identifiers

dtd-parser-1.4.4.jar

Description:

SAX-like API for parsing XML DTDs.

License:

Eclipse Distribution License - v 1.0: http://www.eclipse.org/org/documents/edl-v10.php
File Path: /var/simplicite/.m2/repository/com/sun/xml/dtd-parser/dtd-parser/1.4.4/dtd-parser-1.4.4.jar
MD5: f711370da18d104e1edcc44b7e831e95
SHA1: 77b8756371b63d4004a53c90a731945f34ea4c71
SHA256:13d244b7dc112f05ea51b8320fc0b20628e4bea631e1230875df155c56082c59
Referenced In Project/Scope: Simplicite Platform:compile
dtd-parser-1.4.4.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.glassfish.jaxb/jaxb-xjc@2.3.4

Identifiers

duplexer3:0.1.5

Description:

Like duplexer but using streams3

License:

BSD-3-Clause
File Path: /var/simplicite/simplicite-5.2/package-lock.json?got:9.6.0/duplexer3:^0.1.4

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/got:9.6.0
  • simplicite-js:5.2.54

Identifiers

eastasianwidth:0.2.0

Description:

Get East Asian Width from a character.

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?string-width:5.1.2/eastasianwidth:^0.2.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/string-width:5.1.2
  • simplicite-js:5.2.54

Identifiers

eddsa-0.3.0.jar

Description:

Implementation of EdDSA in Java

License:

CC0 1.0 Universal: https://creativecommons.org/publicdomain/zero/1.0/
File Path: /var/simplicite/.m2/repository/net/i2p/crypto/eddsa/0.3.0/eddsa-0.3.0.jar
MD5: ee7de3b6f19de76a06e465efc978f669
SHA1: 1901c8d4d8bffb7d79027686cfb91e704217c3e1
SHA256:4dda1120db856640dbec04140ed23242215a075fe127bdefa0dcfa29fb31267d
Referenced In Project/Scope: Simplicite Platform:compile
eddsa-0.3.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.eclipse.jgit/org.eclipse.jgit.ssh.apache@6.1.0.202203080745-r

Identifiers

editorconfig:0.15.3

Description:

EditorConfig File Locator and Interpreter for Node.js

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?js-beautify:1.14.0/editorconfig:^0.15.3

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/js-beautify:1.14.0
  • simplicite-js:5.2.54

Identifiers

ehcache-3.9.6.jar (shaded: org.ehcache.modules:ehcache-107:3.9.6)

Description:

The JSR-107 compatibility module of Ehcache 3

License:

The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /var/simplicite/.m2/repository/org/ehcache/ehcache/3.9.6/ehcache-3.9.6.jar/META-INF/maven/org.ehcache.modules/ehcache-107/pom.xml
MD5: 13c94acb6584e8f0305a98ade3df97e7
SHA1: d0cd4e5dfcc655527b4c390291cfc42c418935b9
SHA256:5a3e9568b9a4b6a7972279d92b604769070aade315882ed0330cacf6243505a6
Referenced In Project/Scope: Simplicite Platform:compile

Identifiers

ehcache-3.9.6.jar (shaded: org.ehcache.modules:ehcache-api:3.9.6)

Description:

The API module of Ehcache 3

License:

The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /var/simplicite/.m2/repository/org/ehcache/ehcache/3.9.6/ehcache-3.9.6.jar/META-INF/maven/org.ehcache.modules/ehcache-api/pom.xml
MD5: de091a511003ad153bf8f2b1fb430474
SHA1: 7bdbd3589b3bb6fb7552067cd43128625145be04
SHA256:ac3d73e785d839a019faa5446e8d7feb00f708557191345e82b59f1d48379d19
Referenced In Project/Scope: Simplicite Platform:compile

Identifiers

ehcache-3.9.6.jar (shaded: org.ehcache.modules:ehcache-core:3.9.6)

Description:

The Core module of Ehcache 3

License:

The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /var/simplicite/.m2/repository/org/ehcache/ehcache/3.9.6/ehcache-3.9.6.jar/META-INF/maven/org.ehcache.modules/ehcache-core/pom.xml
MD5: 57178604434be0022c4815062e52e26b
SHA1: c46d1c2fd9d0fd1ae74c40ef82f7582a3053a6b7
SHA256:3eea5cd5a9b8583c24bf77bb85b2d568ce6fe672ba6dd9d754fe457aa89ec74d
Referenced In Project/Scope: Simplicite Platform:compile

Identifiers

ehcache-3.9.6.jar (shaded: org.ehcache.modules:ehcache-impl:3.9.6)

Description:

The implementation module of Ehcache 3

License:

The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /var/simplicite/.m2/repository/org/ehcache/ehcache/3.9.6/ehcache-3.9.6.jar/META-INF/maven/org.ehcache.modules/ehcache-impl/pom.xml
MD5: 956f6047a239689f506d981c715b8a61
SHA1: 8e194f6b76fb23899d8091719fc70516ecdc0c65
SHA256:7b19e56f8525654a0cb4f3355a518d39721562d8cd1da34be3b7fcabdc1b8e3a
Referenced In Project/Scope: Simplicite Platform:compile

Identifiers

ehcache-3.9.6.jar (shaded: org.ehcache.modules:ehcache-xml:3.9.6)

Description:

The module containing all XML parsing logic Ehcache 3

License:

The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /var/simplicite/.m2/repository/org/ehcache/ehcache/3.9.6/ehcache-3.9.6.jar/META-INF/maven/org.ehcache.modules/ehcache-xml/pom.xml
MD5: 298122afe88cc7c818768b30abd92733
SHA1: 84fcb1a938a1ffc9b815eaf1c0ca36a6866c11f1
SHA256:800fe5e94fe94f682f75ac2ed9e8fb89e1562daf063b9732f2b75943e82d79eb
Referenced In Project/Scope: Simplicite Platform:compile

Identifiers

ehcache-3.9.6.jar (shaded: org.ehcache:sizeof:0.4.0)

Description:

SizeOf engine, extracted from Ehcache

License:

The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /var/simplicite/.m2/repository/org/ehcache/ehcache/3.9.6/ehcache-3.9.6.jar/META-INF/maven/org.ehcache/sizeof/pom.xml
MD5: 4c6f7de9f499531083e2a0d03392f3cf
SHA1: 73ae8131061b4f5b29fa15819c0ed429ac4708d4
SHA256:e9a89defb70a370e182e4eb1e4ced5e8b5a0ebc3c21d1da4342ed040bf02d4ad
Referenced In Project/Scope: Simplicite Platform:compile

Identifiers

ehcache-3.9.6.jar (shaded: org.terracotta:offheap-store:2.5.2)

Description:

A library that offers data structures allocated off the java heap.

License:

The Apache License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /var/simplicite/.m2/repository/org/ehcache/ehcache/3.9.6/ehcache-3.9.6.jar/META-INF/maven/org.terracotta/offheap-store/pom.xml
MD5: d089641b4a80a158a3bc42c39610173a
SHA1: 8b22532136a07c5a03aa5b571d55e3bd4919b43d
SHA256:79fdf6cc2cfa6c9332864109cbf13e69cfbeb7b381023793e40d35c3e959c9cb
Referenced In Project/Scope: Simplicite Platform:compile

Identifiers

ehcache-3.9.6.jar (shaded: org.terracotta:statistics:2.1)

Description:

A statistics framework used inside Ehcache and the Terracotta products

License:

The Apache License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /var/simplicite/.m2/repository/org/ehcache/ehcache/3.9.6/ehcache-3.9.6.jar/META-INF/maven/org.terracotta/statistics/pom.xml
MD5: c2e7d02d7e332392956c557deed20543
SHA1: 56e7b6d8a273bd82f2d7066b7063de656763f2b7
SHA256:c97d57efb3ac671e65a39fc2109e354ef5ea665a1a6490491e5a348e0dbf1ebb
Referenced In Project/Scope: Simplicite Platform:compile

Identifiers

ehcache-3.9.6.jar (shaded: org.terracotta:terracotta-utilities-tools:0.0.9)

Description:

Utility classes/methods for common Java tasks

License:

The Apache License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /var/simplicite/.m2/repository/org/ehcache/ehcache/3.9.6/ehcache-3.9.6.jar/META-INF/maven/org.terracotta/terracotta-utilities-tools/pom.xml
MD5: a55b2ab2781f5fdd83ae6c23d9e42887
SHA1: 6ee0ebbb1f94e470f04d3a5737a0650e9d02e30e
SHA256:7703955943c1f9ab2f4343a0f21a8aa61d159df0eaf2a2786c81be464dda6aaa
Referenced In Project/Scope: Simplicite Platform:compile

Identifiers

ehcache-3.9.6.jar

Description:

End-user ehcache3 jar artifact

License:

The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /var/simplicite/.m2/repository/org/ehcache/ehcache/3.9.6/ehcache-3.9.6.jar
MD5: f3cad96e513526c473610fb449ed411a
SHA1: c63362936308b841f81dbc7cd40384ffc473c595
SHA256:e1a0f4f270ed4a5b194cb632369a2d851472122d436b548a5a22430acad9cd24
Referenced In Project/Scope: Simplicite Platform:compile
ehcache-3.9.6.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.simplicite/simplicite@5.2.54

Identifiers

ehcache-3.9.6.jar: sizeof-agent.jar

File Path: /var/simplicite/.m2/repository/org/ehcache/ehcache/3.9.6/ehcache-3.9.6.jar/org/ehcache/sizeof/impl/sizeof-agent.jar
MD5: ebbbeb86eb031d51e9607e2e5581ec70
SHA1: fb0f17e0abef2dce271fe80fff4ec331bb635a2a
SHA256:e0bc6c03760bf71296d00ca2c15eb4b9bfa19f60a287edf002b2b2423f993d88
Referenced In Project/Scope: Simplicite Platform:compile

Identifiers

  • None

electron-to-chromium:1.4.656

Description:

Provides a list of electron-to-chromium version mappings

License:

ISC
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/electron-to-chromium:1.4.656

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/browserslist:4.22.3
  • simplicite-js:5.2.54

Identifiers

emoji-regex:8.0.0

Description:

A regular expression to match all Emoji-only symbols as per the Unicode Standard.

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?string-width-cjs:4.2.3/emoji-regex:^8.0.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/string-width:4.2.3
  • simplicite-js:5.2.54/string-width-cjs:4.2.3
  • simplicite-js:5.2.54/string-width:5.1.2
  • simplicite-js:5.2.54

Identifiers

encoding:0.1.13

Description:

Convert encodings, uses iconv-lite

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/encoding:0.1.13

Referenced In Project/Scope: simplicite-js:5.2.54

Identifiers

end-of-stream:1.4.4

Description:

Call a callback when a readable/writable/duplex stream has completed or failed.

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?pump:3.0.0/end-of-stream:^1.1.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/pump:3.0.0
  • simplicite-js:5.2.54

Identifiers

entities:1.0.0

Description:

Encode & decode XML/HTML entities with ease

License:

BSD-like
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/entities:1.0.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/htmlparser2:3.8.3
  • simplicite-js:5.2.54

Identifiers

entities:2.1.0

Description:

Encode & decode XML and HTML entities with ease

License:

BSD-2-Clause
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/entities:2.1.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54
  • simplicite-js:5.2.54/markdown-it:12.3.2

Identifiers

entities:2.2.0

Description:

Encode & decode XML and HTML entities with ease

License:

BSD-2-Clause
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/entities:2.2.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/dom-serializer:0.2.2
  • simplicite-js:5.2.54

Identifiers

env-paths:2.2.1

Description:

Get paths for storing things like data, config, cache, etc

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?node-gyp:9.4.0/env-paths:^2.2.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/node-gyp:9.4.0
  • simplicite-js:5.2.54

Identifiers

eol:0.9.1

Description:

Newline character converter

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?license-report:6.5.0/eol:^0.9.1

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/license-report:6.5.0
  • simplicite-js:5.2.54

Identifiers

err-code:2.0.3

Description:

Create an error with a code

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?promise-retry:2.0.1/err-code:^2.0.2

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54
  • simplicite-js:5.2.54/promise-retry:2.0.1

Identifiers

error-ex:1.3.2

Description:

Easy error subclassing and stack customization

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?parse-json:5.2.0/error-ex:^1.3.1

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54
  • simplicite-js:5.2.54/parse-json:5.2.0

Identifiers

error_prone_annotations-2.3.4.jar

License:

Apache 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /var/simplicite/.m2/repository/com/google/errorprone/error_prone_annotations/2.3.4/error_prone_annotations-2.3.4.jar
MD5: 67beeee58df00366100061c7da82f4c2
SHA1: dac170e4594de319655ffb62f41cbd6dbb5e601e
SHA256:baf7d6ea97ce606c53e11b6854ba5f2ce7ef5c24dddf0afa18d1260bd25b002c
Referenced In Project/Scope: Simplicite Platform:compile
error_prone_annotations-2.3.4.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.google.protobuf/protobuf-java-util@3.17.3

Identifiers

es-abstract:1.21.2

Description:

ECMAScript spec abstract operations.

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?string.prototype.trimstart:1.0.6/es-abstract:^1.20.4

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/function.prototype.name:1.1.5
  • simplicite-js:5.2.54/string.prototype.trimend:1.0.6
  • simplicite-js:5.2.54/object.getownpropertydescriptors:2.1.6
  • simplicite-js:5.2.54/array.prototype.reduce:1.0.5
  • simplicite-js:5.2.54/string.prototype.trim:1.2.7
  • simplicite-js:5.2.54
  • simplicite-js:5.2.54/string.prototype.trimstart:1.0.6

Identifiers

es-array-method-boxes-properly:1.0.0

Description:

Utility package to determine if an `Array.prototype` method properly boxes the callback's receiver and third argument.

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/es-array-method-boxes-properly:1.0.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/array.prototype.reduce:1.0.5
  • simplicite-js:5.2.54

Identifiers

es-set-tostringtag:2.0.1

Description:

A helper to optimistically set Symbol.toStringTag, when possible.

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/es-set-tostringtag:2.0.1

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/es-abstract:1.21.2
  • simplicite-js:5.2.54

Identifiers

es-to-primitive:1.2.1

Description:

ECMAScript “ToPrimitive” algorithm. Provides ES5 and ES2015 versions.

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/es-to-primitive:1.2.1

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/es-abstract:1.21.2
  • simplicite-js:5.2.54

Identifiers

escalade:3.1.1

Description:

A tiny (183B to 210B) and fast utility to ascend parent directories

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?yargs:16.2.0/escalade:^3.1.1

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/yargs:16.2.0
  • simplicite-js:5.2.54
  • simplicite-js:5.2.54/update-browserslist-db:1.0.13

Identifiers

escape-goat:2.1.1

Description:

Escape a string for use in HTML or the inverse

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?pupa:2.1.1/escape-goat:^2.0.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/pupa:2.1.1
  • simplicite-js:5.2.54/pupa:3.1.0
  • simplicite-js:5.2.54

Identifiers

escape-string-regexp:1.0.5

Description:

Escape RegExp special characters

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?figures:3.2.0/escape-string-regexp:^1.0.5

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/figures:3.2.0
  • simplicite-js:5.2.54
  • simplicite-js:5.2.54/chalk:2.4.2

Identifiers

escape-string-regexp:2.0.0

Description:

Escape RegExp special characters

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/escape-string-regexp:2.0.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/jsdoc:4.0.2
  • simplicite-js:5.2.54

Identifiers

escape-string-regexp:4.0.0

Description:

Escape RegExp special characters

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/escape-string-regexp:4.0.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/eslint:8.56.0
  • simplicite-js:5.2.54/eslint-plugin-jsdoc:48.0.4
  • simplicite-js:5.2.54

Identifiers

eslint-plugin-jsdoc:48.0.4

Description:

JSDoc linting rules for ESLint.

License:

BSD-3-Clause
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/eslint-plugin-jsdoc:48.0.4

Referenced In Project/Scope: simplicite-js:5.2.54

Identifiers

eslint-scope:7.2.2

Description:

ECMAScript scope analyzer for ESLint

License:

BSD-2-Clause
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/eslint-scope:7.2.2

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/eslint:8.56.0
  • simplicite-js:5.2.54

Identifiers

eslint-visitor-keys:3.4.3

Description:

Constants and utilities about visitor keys to traverse AST.

License:

Apache-2.0
File Path: /var/simplicite/simplicite-5.2/package-lock.json?espree:9.6.1/eslint-visitor-keys:^3.4.1

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/espree:9.6.1
  • simplicite-js:5.2.54/eslint:8.56.0
  • simplicite-js:5.2.54
  • simplicite-js:5.2.54/@eslint-community/eslint-utils:4.4.0

Identifiers

eslint:8.56.0

Description:

An AST-based pattern checker for JavaScript.

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/eslint:8.56.0

Referenced In Project/Scope: simplicite-js:5.2.54

Identifiers

espree:9.6.1

Description:

An Esprima-compatible JavaScript parser built on Acorn

License:

BSD-2-Clause
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/espree:9.6.1

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/eslint:8.56.0
  • simplicite-js:5.2.54/@eslint/eslintrc:2.1.4
  • simplicite-js:5.2.54

Identifiers

esprima:4.0.1

Description:

ECMAScript parsing infrastructure for multipurpose analysis

License:

BSD-2-Clause
File Path: /var/simplicite/simplicite-5.2/package-lock.json?js-yaml:3.14.1/esprima:^4.0.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/js-yaml:3.14.1
  • simplicite-js:5.2.54

Identifiers

esquery:1.5.0

Description:

A query library for ECMAScript AST using a CSS selector like query language.

License:

BSD-3-Clause
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/esquery:1.5.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/eslint:8.56.0
  • simplicite-js:5.2.54/eslint-plugin-jsdoc:48.0.4
  • simplicite-js:5.2.54
  • simplicite-js:5.2.54/@es-joy/jsdoccomment:0.41.0

Identifiers

esrecurse:4.3.0

Description:

ECMAScript AST recursive visitor

License:

BSD-2-Clause
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/esrecurse:4.3.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/eslint-scope:7.2.2
  • simplicite-js:5.2.54

Identifiers

estraverse:5.3.0

Description:

ECMAScript JS AST traversal functions

License:

BSD-2-Clause
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/estraverse:5.3.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/esquery:1.5.0
  • simplicite-js:5.2.54/eslint-scope:7.2.2
  • simplicite-js:5.2.54/esrecurse:4.3.0
  • simplicite-js:5.2.54

Identifiers

estree-walker:2.0.2

Description:

Traverse an ESTree-compliant AST

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/estree-walker:2.0.2

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/@vue/compiler-sfc:3.3.4
  • simplicite-js:5.2.54/@vue/compiler-core:3.3.4
  • simplicite-js:5.2.54/@vue/reactivity-transform:3.3.4
  • simplicite-js:5.2.54

Identifiers

esutils:2.0.3

Description:

utility box for ECMAScript language tools

License:

BSD-2-Clause
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/esutils:2.0.3

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/eslint:8.56.0
  • simplicite-js:5.2.54/doctrine:3.0.0
  • simplicite-js:5.2.54/@babel/preset-modules:0.1.6-no-external-plugins
  • simplicite-js:5.2.54

Identifiers

execa:5.1.1

Description:

Process execution for humans

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?npm-check:6.0.1/execa:^5.0.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/npm-check:6.0.1
  • simplicite-js:5.2.54

Identifiers

exit:0.1.2

Description:

A replacement for process.exit that ensures stdio are fully drained before exiting.

File Path: /var/simplicite/simplicite-5.2/package-lock.json?/exit:0.1.2

Referenced In Projects/Scopes:

  • simplicite-js:5.2.54/jshint:2.13.1
  • simplicite-js:5.2.54
  • simplicite-js:5.2.54/cli:1.0.1

Identifiers

exponential-backoff:3.1.1

Description:

A utility that allows retrying a function with an exponential delay between attempts.

License:

Apache-2.0
File Path: /var/simplicite/simplicite-5.2/package-lock.json?node-gyp:9.4.0/exponential-backoff:^3.1.1

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/node-gyp:9.4.0
  • simplicite-js:5.2.54

Identifiers

external-editor:3.1.0

Description:

Edit a string with the users preferred text editor using $VISUAL or $ENVIRONMENT

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?inquirer:7.3.3/external-editor:^3.0.3

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/inquirer:7.3.3
  • simplicite-js:5.2.54

Identifiers

failureaccess-1.0.1.jar

Description:

    Contains
    com.google.common.util.concurrent.internal.InternalFutureFailureAccess and
    InternalFutures. Most users will never need to use this artifact. Its
    classes is conceptually a part of Guava, but they're in this separate
    artifact so that Android libraries can use them without pulling in all of
    Guava (just as they can use ListenableFuture by depending on the
    listenablefuture artifact).

License:

http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /var/simplicite/.m2/repository/com/google/guava/failureaccess/1.0.1/failureaccess-1.0.1.jar
MD5: 091883993ef5bfa91da01dcc8fc52236
SHA1: 1dcf1de382a0bf95a3d8b0849546c88bac1292c9
SHA256:a171ee4c734dd2da837e4b16be9df4661afab72a41adaf31eb84dfdaf936ca26
Referenced In Project/Scope: Simplicite Platform:compile
failureaccess-1.0.1.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.google.guava/guava@30.1.1-jre

Identifiers

fast-and-simple-minify-1.0.jar

Description:

fast-and-simple-minify is a combined java-port of the JSMin and CSSMin utility with some additional features

License:

The Apache License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /var/simplicite/.m2/repository/ch/simschla/fast-and-simple-minify/1.0/fast-and-simple-minify-1.0.jar
MD5: 762fd1d990bb4e97a7581d2cd3255fc1
SHA1: ade6ae013ee38869b79eeb0661203451ddc16f46
SHA256:86e94527a0705c1ac20ff2b80e7d673975cc92f988210cc440f5bd1bb44087b5
Referenced In Project/Scope: Simplicite Platform:compile
fast-and-simple-minify-1.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.simplicite/simplicite@5.2.54

Identifiers

fast-deep-equal:3.1.3

Description:

Fast deep equal

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?ajv:8.12.0/fast-deep-equal:^3.1.1

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/ajv:8.12.0
  • simplicite-js:5.2.54/eslint:8.56.0
  • simplicite-js:5.2.54
  • simplicite-js:5.2.54/ajv:6.12.6

Identifiers

fast-glob:3.3.0

Description:

It's a very fast and efficient glob library for Node.js

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?stylelint:14.16.1/fast-glob:^3.2.12

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/stylelint:14.16.1
  • simplicite-js:5.2.54
  • simplicite-js:5.2.54/globby:11.1.0

Identifiers

fast-json-stable-stringify:2.1.0

Description:

deterministic `JSON.stringify()` - a faster version of substack's json-stable-strigify without jsonify

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/fast-json-stable-stringify:2.1.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54
  • simplicite-js:5.2.54/ajv:6.12.6

Identifiers

fast-levenshtein:2.0.6

Description:

Efficient implementation of Levenshtein algorithm  with locale-specific collator support.

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?optionator:0.9.3/fast-levenshtein:^2.0.6

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/optionator:0.9.3
  • simplicite-js:5.2.54

Identifiers

fast-memoize:2.5.2

Description:

Fastest memoization lib that supports N arguments

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?npm-check-updates:16.14.14/fast-memoize:^2.5.2

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/npm-check-updates:16.14.14
  • simplicite-js:5.2.54

Identifiers

fastest-levenshtein:1.0.16

Description:

Fastest Levenshtein distance implementation in JS.

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?stylelint:14.16.1/fastest-levenshtein:^1.0.16

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/stylelint:14.16.1
  • simplicite-js:5.2.54

Identifiers

fastq:1.15.0

Description:

Fast, in memory work queue

License:

ISC
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/fastq:1.15.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/@nodelib/fs.walk:1.2.8
  • simplicite-js:5.2.54

Identifiers

figures:3.2.0

Description:

Unicode symbols with Windows CMD fallbacks

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?inquirer:7.3.3/figures:^3.0.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/inquirer:7.3.3
  • simplicite-js:5.2.54

Identifiers

file-entry-cache:6.0.1

Description:

Super simple cache for file metadata, useful for process that work o a given series of files and that only need to repeat the job on the changed ones since the previous run of the process

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?stylelint:14.16.1/file-entry-cache:^6.0.1

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/eslint:8.56.0
  • simplicite-js:5.2.54/stylelint:14.16.1
  • simplicite-js:5.2.54

Identifiers

fill-range:7.0.1

Description:

Fill in a range of numbers or letters, optionally passing an increment or `step` to use, or create a regex-compatible range with `options.toRegex`

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/fill-range:7.0.1

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/braces:3.0.2
  • simplicite-js:5.2.54

Identifiers

find-cache-dir:2.1.0

Description:

Finds the common standard cache directory

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/find-cache-dir:2.1.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54
  • simplicite-js:5.2.54/@babel/register:7.23.7

Identifiers

find-up:3.0.0

Description:

Find a file or directory by walking up parent directories

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/find-up:3.0.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54
  • simplicite-js:5.2.54/pkg-dir:3.0.0

Identifiers

find-up:4.1.0

Description:

Find a file or directory by walking up parent directories

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/find-up:4.1.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/read-pkg-up:7.0.1
  • simplicite-js:5.2.54

Identifiers

find-up:5.0.0

Description:

Find a file or directory by walking up parent directories

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?preferred-pm:3.0.3/find-up:^5.0.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/pkg-dir:4.2.0
  • simplicite-js:5.2.54/eslint:8.56.0
  • simplicite-js:5.2.54/preferred-pm:3.0.3
  • simplicite-js:5.2.54/npm-check-updates:16.14.14
  • simplicite-js:5.2.54
  • simplicite-js:5.2.54/pkg-dir:5.0.0

Identifiers

find-yarn-workspace-root2:1.2.16

Description:

Algorithm for finding the root of a yarn workspace, extracted from yarnpkg.com

License:

Apache-2.0
File Path: /var/simplicite/simplicite-5.2/package-lock.json?preferred-pm:3.0.3/find-yarn-workspace-root2:1.2.16

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/preferred-pm:3.0.3
  • simplicite-js:5.2.54

Identifiers

firebase-admin-8.0.1.jar

Description:

        This is the official Firebase Admin Java SDK. Build extraordinary native JVM apps in
        minutes with Firebase. The Firebase platform can power your app’s backend, user
        authentication, static hosting, and more.

License:

Apache License, Version 2.0: https://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /var/simplicite/.m2/repository/com/google/firebase/firebase-admin/8.0.1/firebase-admin-8.0.1.jar
MD5: ad737768e02962f728b4de7f0f5150cb
SHA1: 948994c3364ece7d973133885abd5f9ff5eb19a9
SHA256:f54d541dc92f18a073956cc033fb00428c98d6494e56701ca35392e9653525d5
Referenced In Project/Scope: Simplicite Platform:compile
firebase-admin-8.0.1.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.simplicite/simplicite@5.2.54

Identifiers

flat-cache:3.0.4

Description:

A stupidly simple key/value storage using files to persist some data

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/flat-cache:3.0.4

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/file-entry-cache:6.0.1
  • simplicite-js:5.2.54

Identifiers

flatted:3.2.7

Description:

A super light and fast circular JSON parser.

License:

ISC
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/flatted:3.2.7

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/flat-cache:3.0.4
  • simplicite-js:5.2.54

Identifiers

fontbox-2.0.23.jar

Description:

    The Apache FontBox library is an open source Java tool to obtain low level information
    from font files. FontBox is a subproject of Apache PDFBox.

License:

https://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /var/simplicite/.m2/repository/org/apache/pdfbox/fontbox/2.0.23/fontbox-2.0.23.jar
MD5: f9aa90c666c88ff29e3cd34c15d538ca
SHA1: 1a6b960dd2c1b1f8a5f5d6668b2930b50ff4324d
SHA256:5b8a00ee90b1e7ec29b00a96230c667279cac5e61cfd6cfc5efb6294ff4639b1
Referenced In Project/Scope: Simplicite Platform:compile
fontbox-2.0.23.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.simplicite/simplicite@5.2.54

Identifiers

for-each:0.3.3

Description:

A better forEach

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?which-typed-array:1.1.9/for-each:^0.3.3

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/is-typed-array:1.1.10
  • simplicite-js:5.2.54/typed-array-length:1.0.4
  • simplicite-js:5.2.54/which-typed-array:1.1.9
  • simplicite-js:5.2.54

Identifiers

foreground-child:3.1.1

Description:

Run a child as if it's the foreground process. Give it stdio. Exit when it exits.

License:

ISC
File Path: /var/simplicite/simplicite-5.2/package-lock.json?glob:10.3.3/foreground-child:^3.1.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/glob:10.3.10
  • simplicite-js:5.2.54
  • simplicite-js:5.2.54/glob:10.3.3

Identifiers

form-data-encoder:2.1.4

Description:

Encode FormData content into the multipart/form-data format

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?got:13.0.0/form-data-encoder:^2.1.2

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/got:12.6.1
  • simplicite-js:5.2.54
  • simplicite-js:5.2.54/got:13.0.0

Identifiers

fp-and-or:0.1.4

Description:

Simple `and` and `or` functional programming predicates

License:

ISC
File Path: /var/simplicite/simplicite-5.2/package-lock.json?npm-check-updates:16.14.14/fp-and-or:^0.1.4

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/npm-check-updates:16.14.14
  • simplicite-js:5.2.54

Identifiers

fs-extra:8.1.0

Description:

fs-extra contains methods that aren't included in the vanilla Node.js fs package. Such as mkdir -p, cp -r, and rm -rf.

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?npm-audit-html:1.5.0/fs-extra:^8.1.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/npm-audit-html:1.5.0
  • simplicite-js:5.2.54

Identifiers

fs-minipass:2.1.0

Description:

fs read and write streams based on minipass

License:

ISC
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/fs-minipass:2.1.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/tar:6.1.15
  • simplicite-js:5.2.54

Identifiers

fs-minipass:3.0.2

Description:

fs read and write streams based on minipass

License:

ISC
File Path: /var/simplicite/simplicite-5.2/package-lock.json?pacote:15.2.0/fs-minipass:^3.0.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/cacache:17.1.3
  • simplicite-js:5.2.54/pacote:15.2.0
  • simplicite-js:5.2.54

Identifiers

fs-readdir-recursive:1.1.0

Description:

Recursively read a directory

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/fs-readdir-recursive:1.1.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/@babel/cli:7.23.9
  • simplicite-js:5.2.54

Identifiers

fs.realpath:1.0.0

Description:

Use node's fs.realpath, but fall back to the JS implementation if the native one fails

License:

ISC
File Path: /var/simplicite/simplicite-5.2/package-lock.json?glob:7.2.3/fs.realpath:^1.0.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/glob:7.2.3
  • simplicite-js:5.2.54

Identifiers

function-bind:1.1.1

Description:

Implementation of Function.prototype.bind

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?has:1.0.3/function-bind:^1.1.1

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/call-bind:1.0.2
  • simplicite-js:5.2.54/has:1.0.3
  • simplicite-js:5.2.54/get-intrinsic:1.2.1
  • simplicite-js:5.2.54

Identifiers

function.prototype.name:1.1.5

Description:

An ES2015 spec-compliant `Function.prototype.name` shim

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/function.prototype.name:1.1.5

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/es-abstract:1.21.2
  • simplicite-js:5.2.54

Identifiers

functions-have-names:1.2.3

Description:

Does this JS environment support the `name` property on functions?

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?regexp.prototype.flags:1.5.0/functions-have-names:^1.2.3

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/function.prototype.name:1.1.5
  • simplicite-js:5.2.54/regexp.prototype.flags:1.5.0
  • simplicite-js:5.2.54

Identifiers

fuzzywuzzy-1.3.1.jar (shaded: me.xdrop:diffutils:1.3)

File Path: /var/simplicite/.m2/repository/me/xdrop/fuzzywuzzy/1.3.1/fuzzywuzzy-1.3.1.jar/META-INF/maven/me.xdrop/diffutils/pom.xml
MD5: 9d75ff06b99ebf130bb19c8e085714b2
SHA1: edcb90cdd072a9291d9580eb01656c925a73cdad
SHA256:8f44a4acb88339f7d9d858d504a8f88d268e4fc6094d0e55f8918227b87709bf
Referenced In Project/Scope: Simplicite Platform:compile

Identifiers

fuzzywuzzy-1.3.1.jar (shaded: me.xdrop:fuzzywuzzy-build:1.3.1)

Description:

Fuzzy string matching algorithm for Java

License:

GPL 2: https://www.gnu.org/licenses/old-licenses/gpl-2.0.html
File Path: /var/simplicite/.m2/repository/me/xdrop/fuzzywuzzy/1.3.1/fuzzywuzzy-1.3.1.jar/META-INF/maven/me.xdrop/fuzzywuzzy-build/pom.xml
MD5: c15930598f1712ac392d73ef1fc51fa0
SHA1: 5d8908e51ae7bb25697600f6b0238a63b1289e22
SHA256:d60db08c740e18d5bf4bebfe4e7afca866a4dc57dac047d090807e55f1a707b9
Referenced In Project/Scope: Simplicite Platform:compile

Identifiers

fuzzywuzzy-1.3.1.jar

Description:

Fuzzy string searching implementation of the well-known fuzzywuzzy algorithm in Java

License:

GPL 2: https://www.gnu.org/licenses/old-licenses/gpl-2.0.html
File Path: /var/simplicite/.m2/repository/me/xdrop/fuzzywuzzy/1.3.1/fuzzywuzzy-1.3.1.jar
MD5: c740aacfef63c5c3dd2c74bc4ca5df0c
SHA1: c691e88d356f92a29f22c68c56a053efba8569d0
SHA256:99947e309302a45870e48453e8f53faefa2ed03eea3bbc0e8fe8003905773bd3
Referenced In Project/Scope: Simplicite Platform:compile
fuzzywuzzy-1.3.1.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.simplicite/simplicite@5.2.54

Identifiers

gauge:4.0.4

Description:

A terminal based horizontal gauge

License:

ISC
File Path: /var/simplicite/simplicite-5.2/package-lock.json?npmlog:6.0.2/gauge:^4.0.3

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/npmlog:6.0.2
  • simplicite-js:5.2.54

Identifiers

gax-2.4.1.jar

Description:

Google Api eXtensions for Java

License:

BSD: https://github.com/googleapis/gax-java/blob/master/LICENSE
File Path: /var/simplicite/.m2/repository/com/google/api/gax/2.4.1/gax-2.4.1.jar
MD5: 1f86e65eb3f5f8d3e0e1f015c6885de1
SHA1: 5dced409330c9d80420621ec0407a0f1d19c2e11
SHA256:57f627e1934e295ad3f476191936c62e703f695dcb0e56ca2a460d1f420c6014
Referenced In Project/Scope: Simplicite Platform:compile
gax-2.4.1.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.simplicite/simplicite@5.2.54

Identifiers

gax-grpc-2.4.1.jar

Description:

Google Api eXtensions for Java

License:

BSD: https://github.com/googleapis/gax-java/blob/master/LICENSE
File Path: /var/simplicite/.m2/repository/com/google/api/gax-grpc/2.4.1/gax-grpc-2.4.1.jar
MD5: 0dd17b33909c06ce2953d269f7160feb
SHA1: c49be346136d03ec8ece55bbc15f25b7a0c23e8a
SHA256:68ef606e08266bf724532c7fb54e183bf043d8eee76465b34f107c042e6ea68b
Referenced In Project/Scope: Simplicite Platform:compile
gax-grpc-2.4.1.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.google.cloud/google-cloud-core-grpc@2.1.4

Identifiers

gax-httpjson-0.89.1.jar

Description:

Google Api eXtensions for Java

License:

BSD: https://github.com/googleapis/gax-java/blob/master/LICENSE
File Path: /var/simplicite/.m2/repository/com/google/api/gax-httpjson/0.89.1/gax-httpjson-0.89.1.jar
MD5: c06c1ccfe151172fddbf63ccaf84c411
SHA1: 5a29f187bd05a5e5e5ac3edac482f16f5b6c13f7
SHA256:42869cdf1fd6c95c1dfd8dee6ac01d9965422155ad4f8a82cf51bfd9bd5a0dbf
Referenced In Project/Scope: Simplicite Platform:compile
gax-httpjson-0.89.1.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.google.cloud/google-cloud-storage@2.1.4

Identifiers

gensync:1.0.0-beta.2

Description:

Allows users to use generators in order to write common functions that can be both sync or async.

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/gensync:1.0.0-beta.2

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/@babel/core:7.23.9
  • simplicite-js:5.2.54

Identifiers

geoapi-3.0.1.jar

Description:


The development community in building GIS solutions is sustaining an enormous level
 of effort. The GeoAPI project aims to reduce duplication and increase interoperability
 by providing neutral, interface-only APIs derived from OGC/ISO Standards.

License:

https://raw.githubusercontent.com/opengeospatial/geoapi/master/LICENSE.txt
File Path: /var/simplicite/.m2/repository/org/opengis/geoapi/3.0.1/geoapi-3.0.1.jar
MD5: fa9a86892774b94b2bde0446ebbebd62
SHA1: a69b261841b0794b82b8d42fcd6e9a370eb62809
SHA256:ca1dfeba112d0dea575c7abba76a8ecd6ea7818e508de964302a9cfc4779b837
Referenced In Project/Scope: Simplicite Platform:compile
geoapi-3.0.1.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.apache.tika/tika-parsers@1.27

Identifiers

get-caller-file:2.0.5

License:

ISC
File Path: /var/simplicite/simplicite-5.2/package-lock.json?yargs:16.2.0/get-caller-file:^2.0.5

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/yargs:16.2.0
  • simplicite-js:5.2.54

Identifiers

get-intrinsic:1.2.1

Description:

Get and robustly cache all JS language-level intrinsics at first require time

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?side-channel:1.0.4/get-intrinsic:^1.0.2

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/es-abstract:1.21.2
  • simplicite-js:5.2.54/call-bind:1.0.2
  • simplicite-js:5.2.54/side-channel:1.0.4
  • simplicite-js:5.2.54/internal-slot:1.0.5
  • simplicite-js:5.2.54/safe-array-concat:1.0.0
  • simplicite-js:5.2.54
  • simplicite-js:5.2.54/is-array-buffer:3.0.2
  • simplicite-js:5.2.54/gopd:1.0.1
  • simplicite-js:5.2.54/get-symbol-description:1.0.0
  • simplicite-js:5.2.54/has-property-descriptors:1.0.0
  • simplicite-js:5.2.54/safe-regex-test:1.0.0
  • simplicite-js:5.2.54/es-set-tostringtag:2.0.1

Identifiers

get-stdin:5.0.1

Description:

Get stdin as a string or buffer

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/get-stdin:5.0.1

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/split-text-to-chunks:1.0.0
  • simplicite-js:5.2.54

Identifiers

get-stdin:8.0.0

Description:

Get stdin as a string or buffer

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?npm-check-updates:16.14.14/get-stdin:^8.0.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/npm-check-updates:16.14.14
  • simplicite-js:5.2.54

Identifiers

get-stream:5.2.0

Description:

Get a stream as a string, buffer, or array

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/get-stream:5.2.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/cacheable-request:6.1.0
  • simplicite-js:5.2.54

Identifiers

get-stream:6.0.1

Description:

Get a stream as a string, buffer, or array

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?got:13.0.0/get-stream:^6.0.1

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/cacheable-request:10.2.12
  • simplicite-js:5.2.54/got:12.6.1
  • simplicite-js:5.2.54/execa:5.1.1
  • simplicite-js:5.2.54/got:9.6.0
  • simplicite-js:5.2.54
  • simplicite-js:5.2.54/got:13.0.0

Identifiers

get-symbol-description:1.0.0

Description:

Gets the description of a Symbol. Handles `Symbol()` vs `Symbol('')` properly when possible.

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/get-symbol-description:1.0.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/es-abstract:1.21.2
  • simplicite-js:5.2.54

Identifiers

giturl:1.0.3

Description:

Transfer git url to web url

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?npm-check:6.0.1/giturl:^1.0.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/npm-check:6.0.1
  • simplicite-js:5.2.54

Identifiers

glob-parent:5.1.2

Description:

Extract the non-magic parent path from a glob string.

License:

ISC
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/glob-parent:5.1.2

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/chokidar:3.5.3
  • simplicite-js:5.2.54
  • simplicite-js:5.2.54/fast-glob:3.3.0

Identifiers

glob-parent:6.0.2

Description:

Extract the non-magic parent path from a glob string.

License:

ISC
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/glob-parent:6.0.2

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/eslint:8.56.0
  • simplicite-js:5.2.54

Identifiers

glob:10.3.3

Description:

the most correct and second fastest glob implementation in JavaScript

License:

ISC
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/glob:10.3.3

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/read-package-json:6.0.4
  • simplicite-js:5.2.54/cacache:17.1.3
  • simplicite-js:5.2.54

Identifiers

glob:7.2.3

Description:

a little globber

License:

ISC
File Path: /var/simplicite/simplicite-5.2/package-lock.json?rimraf:3.0.2/glob:^7.1.3

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/js-beautify:1.14.0
  • simplicite-js:5.2.54/rimraf:3.0.2
  • simplicite-js:5.2.54/rimraf:5.0.5
  • simplicite-js:5.2.54/node-gyp:9.4.0
  • simplicite-js:5.2.54/@babel/cli:7.23.9
  • simplicite-js:5.2.54
  • simplicite-js:5.2.54/cli:1.0.1

Identifiers

global-dirs:2.1.0

Description:

Get the directory of globally installed packages and binaries

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?is-installed-globally:0.3.2/global-dirs:^2.0.1

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/is-installed-globally:0.4.0
  • simplicite-js:5.2.54/is-installed-globally:0.3.2
  • simplicite-js:5.2.54

Identifiers

global-modules:2.0.0

Description:

The directory used by npm for globally installed npm modules.

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?stylelint:14.16.1/global-modules:^2.0.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/npm-check:6.0.1
  • simplicite-js:5.2.54/stylelint:14.16.1
  • simplicite-js:5.2.54

Identifiers

global-prefix:3.0.0

Description:

Get the npm global path prefix.

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/global-prefix:3.0.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/global-modules:2.0.0
  • simplicite-js:5.2.54

Identifiers

globals:11.12.0

Description:

Global identifiers from different JavaScript environments

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/globals:11.12.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/@babel/plugin-transform-classes:7.23.8
  • simplicite-js:5.2.54/@babel/traverse:7.23.9
  • simplicite-js:5.2.54

Identifiers

globals:13.20.0

Description:

Global identifiers from different JavaScript environments

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/globals:13.20.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/eslint:8.56.0
  • simplicite-js:5.2.54/@eslint/eslintrc:2.1.4
  • simplicite-js:5.2.54

Identifiers

globalthis:1.0.3

Description:

ECMAScript spec-compliant polyfill/shim for `globalThis`

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/globalthis:1.0.3

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/es-abstract:1.21.2
  • simplicite-js:5.2.54

Identifiers

globby:11.1.0

Description:

User-friendly glob matching

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?stylelint:14.16.1/globby:^11.1.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/npm-check:6.0.1
  • simplicite-js:5.2.54/stylelint:14.16.1
  • simplicite-js:5.2.54/npm-check-updates:16.14.14
  • simplicite-js:5.2.54

Identifiers

globjoin:0.1.4

Description:

Join paths and globs.

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?stylelint:14.16.1/globjoin:^0.1.4

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/stylelint:14.16.1
  • simplicite-js:5.2.54

Identifiers

google-api-client-1.32.1.jar

Description:

The Google API Client Library for Java provides functionality common to all Google APIs; for example HTTP transport, error handling, authentication, JSON parsing, media download/upload, and batching.

License:

http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /var/simplicite/.m2/repository/com/google/api-client/google-api-client/1.32.1/google-api-client-1.32.1.jar
MD5: ab8897bdbaebe699ac834baefb6e2d40
SHA1: 3e216f54e59e3c6f01bc52beeeed9010724e0edf
SHA256:77adc2aeface4fc92a698bafa0f8bab716ab051bb21cb410600f5de2a7e6b30e
Referenced In Project/Scope: Simplicite Platform:compile
google-api-client-1.32.1.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.simplicite/simplicite@5.2.54

Identifiers

google-api-client-gson-1.32.1.jar

Description:

GSON extensions to the Google APIs Client Library for Java

License:

http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /var/simplicite/.m2/repository/com/google/api-client/google-api-client-gson/1.32.1/google-api-client-gson-1.32.1.jar
MD5: 3fb4a71b614190f543f45b29f8b911a9
SHA1: 0bcd14452a94d85d584864c72b4be2c2229acd14
SHA256:76bd3e253c4a225a7b476c436b5dcb02fe48e22782b9887c02d1a3fffecd4a4c
Referenced In Project/Scope: Simplicite Platform:compile
google-api-client-gson-1.32.1.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.simplicite/simplicite@5.2.54

Identifiers

google-api-services-calendar-v3-rev20210804-1.32.1.jar

License:

The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /var/simplicite/.m2/repository/com/google/apis/google-api-services-calendar/v3-rev20210804-1.32.1/google-api-services-calendar-v3-rev20210804-1.32.1.jar
MD5: 37a443276d961e591d8bf1902c6654ab
SHA1: f86ed9f4ede41d69c995f2e6ce9a9edcf128ddc9
SHA256:ec2e3682c0fdc96404e606b7765ecbfe2f4de4fcf67c62d76144c027b611aa2d
Referenced In Project/Scope: Simplicite Platform:compile
google-api-services-calendar-v3-rev20210804-1.32.1.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.simplicite/simplicite@5.2.54

Identifiers

google-api-services-drive-v3-rev20210725-1.32.1.jar

License:

The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /var/simplicite/.m2/repository/com/google/apis/google-api-services-drive/v3-rev20210725-1.32.1/google-api-services-drive-v3-rev20210725-1.32.1.jar
MD5: a8237e9fc7c5b5f89fd91b1ec43216e1
SHA1: 9779ff7c932a2731e707cd5bce295a71a3a44a46
SHA256:1dd0644e57ec6fc13e7486bb30f95810f71b617ed820f1be404ac3dc38b4a419
Referenced In Project/Scope: Simplicite Platform:compile
google-api-services-drive-v3-rev20210725-1.32.1.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.simplicite/simplicite@5.2.54

Identifiers

google-api-services-gmail-v1-rev20210614-1.32.1.jar

License:

The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /var/simplicite/.m2/repository/com/google/apis/google-api-services-gmail/v1-rev20210614-1.32.1/google-api-services-gmail-v1-rev20210614-1.32.1.jar
MD5: 90003e1802549bac7b98a8d30add1215
SHA1: 11c761e27444acc5eb4d41dc6e4867b51f0ecdfa
SHA256:67d306b01a66ee26557678b70fd7cfc721dcaf6d82986224d34407d4b9b7e037
Referenced In Project/Scope: Simplicite Platform:compile
google-api-services-gmail-v1-rev20210614-1.32.1.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.simplicite/simplicite@5.2.54

Identifiers

google-api-services-plus-v1-rev20190328-1.30.10.jar

License:

The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /var/simplicite/.m2/repository/com/google/apis/google-api-services-plus/v1-rev20190328-1.30.10/google-api-services-plus-v1-rev20190328-1.30.10.jar
MD5: 27f1e9ce42ebc0956aeac57c24de46b3
SHA1: 5134f9422badf1c956d5c922aad72c6eebeea6a3
SHA256:8df825f167faac9115d3d6efa92f3a901b7901c4564d5a7e4f2ea1c0de1ddf2e
Referenced In Project/Scope: Simplicite Platform:compile
google-api-services-plus-v1-rev20190328-1.30.10.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.simplicite/simplicite@5.2.54

Identifiers

google-api-services-sheets-v4-rev20210629-1.32.1.jar

License:

The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /var/simplicite/.m2/repository/com/google/apis/google-api-services-sheets/v4-rev20210629-1.32.1/google-api-services-sheets-v4-rev20210629-1.32.1.jar
MD5: 47ec72d0d21ea49affca8dfe00162baa
SHA1: 9f51b6639b9e7ca036e45c767c92f6c9929247c6
SHA256:f768e78cf563e10fab81338182e30ada2747a787d2647f71f7f1f50142e9945e
Referenced In Project/Scope: Simplicite Platform:compile
google-api-services-sheets-v4-rev20210629-1.32.1.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.simplicite/simplicite@5.2.54

Identifiers

google-api-services-storage-v1-rev20210914-1.32.1.jar

License:

The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /var/simplicite/.m2/repository/com/google/apis/google-api-services-storage/v1-rev20210914-1.32.1/google-api-services-storage-v1-rev20210914-1.32.1.jar
MD5: 7dcd44564fbc9747ffa3a77182ef7e4f
SHA1: 70f5f4c0368d8bf7a7dac77d8af7a53ea8fa41ae
SHA256:c8cddc6b675a70599ed60f501a569891c1871b7eff35b38092cdb8b76dfa9451
Referenced In Project/Scope: Simplicite Platform:compile
google-api-services-storage-v1-rev20210914-1.32.1.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.simplicite/simplicite@5.2.54

Identifiers

google-api-services-translate-v2-rev20170525-1.30.1.jar

License:

The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /var/simplicite/.m2/repository/com/google/apis/google-api-services-translate/v2-rev20170525-1.30.1/google-api-services-translate-v2-rev20170525-1.30.1.jar
MD5: 49b810431970d3585119ebae4d372955
SHA1: d190fa670e88901a2e5247ea394f7ae2cc394c15
SHA256:ae3b32be4e5a9450a36f8fed26ea5f26bc624ec15fb4a0f1160c6c8cf0e35559
Referenced In Project/Scope: Simplicite Platform:compile
google-api-services-translate-v2-rev20170525-1.30.1.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.simplicite/simplicite@5.2.54

Identifiers

google-api-services-youtube-v3-rev20210915-1.32.1.jar

License:

The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /var/simplicite/.m2/repository/com/google/apis/google-api-services-youtube/v3-rev20210915-1.32.1/google-api-services-youtube-v3-rev20210915-1.32.1.jar
MD5: 42609e482cd3a6a092156db1bb524c1c
SHA1: d58625dda3387fb1b5932b53ecd184449ff48f14
SHA256:7b2835ef981b287f5e5cbbc9b93a08326f80cc53ebbd4a649fdce92ee7853be5
Referenced In Project/Scope: Simplicite Platform:compile
google-api-services-youtube-v3-rev20210915-1.32.1.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.simplicite/simplicite@5.2.54

Identifiers

google-auth-library-credentials-1.1.0.jar

File Path: /var/simplicite/.m2/repository/com/google/auth/google-auth-library-credentials/1.1.0/google-auth-library-credentials-1.1.0.jar
MD5: a540ffc780389df78a0133771e17ffb1
SHA1: 7474b57ebbf57a1b80ee214a0b2b533887748c1c
SHA256:6e92f773bf4431d6ab51b5419e116b0dd31a901677e4ff96dcce48f4f2b76778
Referenced In Project/Scope: Simplicite Platform:compile
google-auth-library-credentials-1.1.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.google.cloud/google-cloud-storage@2.1.4

Identifiers

google-auth-library-oauth2-http-1.1.0.jar

File Path: /var/simplicite/.m2/repository/com/google/auth/google-auth-library-oauth2-http/1.1.0/google-auth-library-oauth2-http-1.1.0.jar
MD5: 75d253cc91a49b849959673e933956da
SHA1: 5e1faa257968291f3f79c4e9884ac606b09a1bc8
SHA256:c23ebfe3ee67534143f9e2509526d4eefbb806d4ce5180754a6c721fa941c186
Referenced In Project/Scope: Simplicite Platform:compile
google-auth-library-oauth2-http-1.1.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.google.cloud/google-cloud-storage@2.1.4

Identifiers

google-cloud-core-2.1.4.jar

Description:

    Core module for the google-cloud.

File Path: /var/simplicite/.m2/repository/com/google/cloud/google-cloud-core/2.1.4/google-cloud-core-2.1.4.jar
MD5: 7e1bccd28e0fe063399c3c41b243ac57
SHA1: 82341cf77bfd7f3935a2d983407663e54a548cfe
SHA256:bc89942886d3efd44398f8d94afdd5b8a58d312dd46ff991944bb11d118f8d02
Referenced In Project/Scope: Simplicite Platform:compile
google-cloud-core-2.1.4.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.simplicite/simplicite@5.2.54

Identifiers

google-cloud-core-grpc-2.1.4.jar

Description:

    Core gRPC module for the google-cloud.

File Path: /var/simplicite/.m2/repository/com/google/cloud/google-cloud-core-grpc/2.1.4/google-cloud-core-grpc-2.1.4.jar
MD5: 2d0970c0045f273bb0354f4da53fc338
SHA1: f27b2c1d3dbe4edb6c5add1538e5f8c4c95d089b
SHA256:279ad084876da1a7d45a01b73b6b0867a59dec31cd158cd182872dd72d73492e
Referenced In Project/Scope: Simplicite Platform:compile
google-cloud-core-grpc-2.1.4.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.simplicite/simplicite@5.2.54

Identifiers

google-cloud-core-http-2.1.4.jar

Description:

    Core http module for the google-cloud.

File Path: /var/simplicite/.m2/repository/com/google/cloud/google-cloud-core-http/2.1.4/google-cloud-core-http-2.1.4.jar
MD5: 7519d02de39e2e17d8187680801f5226
SHA1: a4257935f6855be8a80320a580598d62a849e0d4
SHA256:895f44d137deff4b7b46f4f50641563acedc058e81f2152adca8e1aa348e3676
Referenced In Project/Scope: Simplicite Platform:compile
google-cloud-core-http-2.1.4.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.simplicite/simplicite@5.2.54

Identifiers

google-cloud-firestore-2.6.1.jar

Description:

Java idiomatic client for Google Cloud Firestore.

License:

Apache-2.0: https://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /var/simplicite/.m2/repository/com/google/cloud/google-cloud-firestore/2.6.1/google-cloud-firestore-2.6.1.jar
MD5: 089a4baeb81874c4461546f51f17fc9f
SHA1: fea3ad6874eb21a0cec7e7b27d5608fbcbce2f03
SHA256:bdc1d50e2f40c1fc9ded4af406e2813e4fa0e8b17d42335dd0e52c45b205b937
Referenced In Project/Scope: Simplicite Platform:compile
google-cloud-firestore-2.6.1.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.google.firebase/firebase-admin@8.0.1

Identifiers

google-cloud-pubsub-1.114.4.jar

Description:

Java idiomatic client for Google Cloud Pub/Sub

License:

Apache-2.0: https://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /var/simplicite/.m2/repository/com/google/cloud/google-cloud-pubsub/1.114.4/google-cloud-pubsub-1.114.4.jar
MD5: 9c08e8a72e01044d0c09291a44e3afab
SHA1: 0500ce71f1018140e26cd22afc03df17b8164085
SHA256:3cbe8b158cabd3435b6eefef6178bac0badb244a978e9d1fd18faf44f9559216
Referenced In Project/Scope: Simplicite Platform:compile
google-cloud-pubsub-1.114.4.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.simplicite/simplicite@5.2.54

Identifiers

google-cloud-storage-2.1.4.jar

Description:

Java idiomatic client for Google Cloud Storage.

License:

Apache-2.0: https://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /var/simplicite/.m2/repository/com/google/cloud/google-cloud-storage/2.1.4/google-cloud-storage-2.1.4.jar
MD5: 86f02993fd8d41778e17421a760376ea
SHA1: 192a4967111aec8fa14c6c805a60287fd42b0155
SHA256:f91dc7c1eef5afce79ce367ebb14cd186f05086397d1351443c312e4e5559617
Referenced In Project/Scope: Simplicite Platform:compile
google-cloud-storage-2.1.4.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.simplicite/simplicite@5.2.54

Identifiers

google-cloud-storage-2.4.0.jar

Description:

jclouds components to access Google Cloud Storage

File Path: /var/simplicite/.m2/repository/org/apache/jclouds/provider/google-cloud-storage/2.4.0/google-cloud-storage-2.4.0.jar
MD5: 935d5f66416e6bc222a5ddbcc4af5819
SHA1: f15802cae53be95ca6504ad5caced03089293d80
SHA256:0671a6e1d1e69ee84648b3f133256042ec19fee4c9909e827712effce020fb24
Referenced In Project/Scope: Simplicite Platform:compile
google-cloud-storage-2.4.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.simplicite/simplicite@5.2.54

Identifiers

google-http-client-1.40.0.jar

Description:

    Google HTTP Client Library for Java. Functionality that works on all supported Java platforms,
    including Java 7 (or higher) desktop (SE) and web (EE), Android, and Google App Engine.

License:

http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /var/simplicite/.m2/repository/com/google/http-client/google-http-client/1.40.0/google-http-client-1.40.0.jar
MD5: 50d47962ad50b9a6a2ae7015df5c43ee
SHA1: d18d5505dbe71ab4636001a9c3d69921dba56727
SHA256:b8cf1d7fe650a7c1a6072fe882b2c2063eab7f6d3b7475dd39122d27f9d73136
Referenced In Project/Scope: Simplicite Platform:compile
google-http-client-1.40.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.simplicite/simplicite@5.2.54

Identifiers

google-http-client-apache-v2-1.40.0.jar

Description:

Google HTTP Client Library for Java

License:

http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /var/simplicite/.m2/repository/com/google/http-client/google-http-client-apache-v2/1.40.0/google-http-client-apache-v2-1.40.0.jar
MD5: cdec7271d1b694afd1db7c5ce54c9cbc
SHA1: d845bcfe730cb14a07b17120ee391e1edc7a2500
SHA256:c5e74b1c3a107ef50212051f076c72dd3410b1806ea89dcc5e333f995948ebc8
Referenced In Project/Scope: Simplicite Platform:compile
google-http-client-apache-v2-1.40.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.simplicite/simplicite@5.2.54

Identifiers

google-http-client-appengine-1.40.0.jar

File Path: /var/simplicite/.m2/repository/com/google/http-client/google-http-client-appengine/1.40.0/google-http-client-appengine-1.40.0.jar
MD5: a200c158747ce799d321150a5b13532e
SHA1: 10ffe0c4e9819d05b875faf265e20cd1ae5ca391
SHA256:a9ac09b244dbf94e43f1a9b6e10b80f115f779b3909b27145e4462063daa8a1d
Referenced In Project/Scope: Simplicite Platform:compile
google-http-client-appengine-1.40.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.simplicite/simplicite@5.2.54

Identifiers

google-http-client-gson-1.40.0.jar

File Path: /var/simplicite/.m2/repository/com/google/http-client/google-http-client-gson/1.40.0/google-http-client-gson-1.40.0.jar
MD5: 6d215e99eed6a07356f890b2f669b3da
SHA1: 20eb1d7fe604dc18cb48adedce7b354ccf499898
SHA256:6c5c98d468e16edc728e47c3d3486c69c407daeec247bad9ebfeeedae44aa4a9
Referenced In Project/Scope: Simplicite Platform:compile
google-http-client-gson-1.40.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.simplicite/simplicite@5.2.54

Identifiers

google-http-client-jackson-1.29.2.jar

License:

http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /var/simplicite/.m2/repository/com/google/http-client/google-http-client-jackson/1.29.2/google-http-client-jackson-1.29.2.jar
MD5: 72ad680f4cd70758086ec12492544fcd
SHA1: 98ba3a73bbfcabbaa1105fc013305d319f6ebf32
SHA256:54478a70cc90eb7fd7e6ab89a447a41fb1f4f98201bf4d5418d4647751538552
Referenced In Project/Scope: Simplicite Platform:compile
google-http-client-jackson-1.29.2.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.simplicite/simplicite@5.2.54

Identifiers

CVE-2020-13956  

Apache HttpClient versions prior to version 4.5.13 and 5.0.3 can misinterpret malformed authority component in request URIs passed to the library as java.net.URI object and pick the wrong target host for request execution.
NVD-CWE-noinfo

CVSSv2:
  • Base Score: MEDIUM (5.0)
  • Vector: /AV:N/AC:L/Au:N/C:N/I:P/A:N
CVSSv3:
  • Base Score: MEDIUM (5.3)
  • Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

References:

Vulnerable Software & Versions: (show all)

google-http-client-jackson2-1.40.0.jar

File Path: /var/simplicite/.m2/repository/com/google/http-client/google-http-client-jackson2/1.40.0/google-http-client-jackson2-1.40.0.jar
MD5: e89ef887e8998c08889a9af60371ce3e
SHA1: cb3c88bb3f255e10ebfc423698fb251d1b214cd2
SHA256:c7997a3eee9980b2c4f1999cb52b9b453b5e65114a5cb046ec15e15e49dd6d22
Referenced In Project/Scope: Simplicite Platform:compile
google-http-client-jackson2-1.40.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.simplicite/simplicite@5.2.54

Identifiers

google-java-format-1.11.0.jar

Description:

    A Java source code formatter that follows Google Java Style.

File Path: /var/simplicite/.m2/repository/com/google/googlejavaformat/google-java-format/1.11.0/google-java-format-1.11.0.jar
MD5: a8e0485cee059bfc0a62cd8a491f4562
SHA1: 6deca3d92cbff57be7e5a288cc6fdbf7f90e64dd
SHA256:6865907d78a745018fb47b604d493c563bddfd7f6129b995e71156d9b7ec673c
Referenced In Project/Scope: Simplicite Platform:compile
google-java-format-1.11.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.simplicite/simplicite@5.2.54

Identifiers

google-oauth-client-1.32.1.jar

Description:

    Google OAuth Client Library for Java. Functionality that works on all supported Java platforms,
    including Java 7 (or higher) desktop (SE) and web (EE), Android, and Google App Engine.

License:

https://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /var/simplicite/.m2/repository/com/google/oauth-client/google-oauth-client/1.32.1/google-oauth-client-1.32.1.jar
MD5: 6f010b506d86723504a75fe7b185216d
SHA1: 58edd8b2fd2e10eef6fd194ebb9c933054c4a744
SHA256:063039e4ad5ff52fc06a05e2f1a0e347cee4cbf11ea9b79aeb7a9b45d7c6dbf2
Referenced In Project/Scope: Simplicite Platform:compile
google-oauth-client-1.32.1.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.simplicite/simplicite@5.2.54

Identifiers

CVE-2021-22573  

The vulnerability is that IDToken verifier does not verify if token is properly signed. Signature verification makes sure that the token's payload comes from valid provider, not from someone else. An attacker can provide a compromised token with custom payload. The token will pass the validation on the client side. We recommend upgrading to version 1.33.3 or above
CWE-347 Improper Verification of Cryptographic Signature

CVSSv2:
  • Base Score: LOW (3.5)
  • Vector: /AV:N/AC:M/Au:S/C:N/I:P/A:N
CVSSv3:
  • Base Score: HIGH (7.3)
  • Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N

References:

Vulnerable Software & Versions:

googlecloud-2.4.0.jar

Description:

jclouds components common to Google Cloud products

File Path: /var/simplicite/.m2/repository/org/apache/jclouds/common/googlecloud/2.4.0/googlecloud-2.4.0.jar
MD5: d4d56554f7170451abab0c773c53d39a
SHA1: 2a6f27ae2a7cc35442660337b59082d0a9cf647f
SHA256:bf4a2309869e86a2c3197e16a6f9484660ebdb23b0376d01db5fae64d64accd5
Referenced In Project/Scope: Simplicite Platform:compile
googlecloud-2.4.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.apache.jclouds.provider/google-cloud-storage@2.4.0

Identifiers

gopd:1.0.1

Description:

`Object.getOwnPropertyDescriptor`, but accounts for IE's broken implementation.

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?which-typed-array:1.1.9/gopd:^1.0.1

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/es-abstract:1.21.2
  • simplicite-js:5.2.54/is-typed-array:1.1.10
  • simplicite-js:5.2.54/which-typed-array:1.1.9
  • simplicite-js:5.2.54

Identifiers

got:12.6.1

Description:

Human-friendly and powerful HTTP request library for Node.js

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?package-json:8.1.1/got:^12.1.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/package-json:8.1.1
  • simplicite-js:5.2.54

Identifiers

got:13.0.0

Description:

Human-friendly and powerful HTTP request library for Node.js

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/got:13.0.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/license-report:6.5.0
  • simplicite-js:5.2.54

Identifiers

got:9.6.0

Description:

Simplified HTTP requests

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/got:9.6.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54
  • simplicite-js:5.2.54/package-json:6.5.0

Identifiers

CVE-2022-33987  

The got package before 12.1.0 (also fixed in 11.8.5) for Node.js allows a redirect to a UNIX socket.
NVD-CWE-noinfo

CVSSv2:
  • Base Score: MEDIUM (5.0)
  • Vector: /AV:N/AC:L/Au:N/C:N/I:P/A:N
CVSSv3:
  • Base Score: MEDIUM (5.3)
  • Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

References:

Vulnerable Software & Versions:

graceful-fs:4.2.11

Description:

A drop-in replacement for fs, making various improvements.

License:

ISC
File Path: /var/simplicite/simplicite-5.2/package-lock.json?configstore:6.0.0/graceful-fs:^4.2.6

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/configstore:6.0.0
  • simplicite-js:5.2.54/@pnpm/network.ca-file:1.0.2
  • simplicite-js:5.2.54/klaw:3.0.0
  • simplicite-js:5.2.54/load-yaml-file:0.2.0
  • simplicite-js:5.2.54/fs-extra:8.1.0
  • simplicite-js:5.2.54/node-gyp:9.4.0
  • simplicite-js:5.2.54
  • simplicite-js:5.2.54/configstore:5.0.1

Identifiers

graphemer:1.4.0

Description:

A JavaScript library that breaks strings into their individual user-perceived characters (including emojis!)

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/graphemer:1.4.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/eslint:8.56.0
  • simplicite-js:5.2.54

Identifiers

graphics2d-0.32.jar

Description:

Graphics2D Bridge for Apache PDFBox

File Path: /var/simplicite/.m2/repository/de/rototor/pdfbox/graphics2d/0.32/graphics2d-0.32.jar
MD5: 164b89cef806e962457f2dda37915993
SHA1: d8892871a9a1446e94f25eb625a7eec3bfa31b15
SHA256:37f8f387395f96c214ac44f7475c7a2e1f832dfc1de289a3610e0ffbf728f679
Referenced In Project/Scope: Simplicite Platform:compile
graphics2d-0.32.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.openhtmltopdf/openhtmltopdf-pdfbox@1.0.10

Identifiers

grib-4.5.5.jar

Description:

    Decoder for the GRIB format.

File Path: /var/simplicite/.m2/repository/edu/ucar/grib/4.5.5/grib-4.5.5.jar
MD5: 0cb80276d8ea89cacc1d5632dbf39fe9
SHA1: cfe552910e9a8d57ce71134796abb281a74ead16
SHA256:1e0492135f421f554c4651a95225f27f2a3230e993329f69348110f8521c32d9
Referenced In Project/Scope: Simplicite Platform:compile
grib-4.5.5.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.apache.tika/tika-parsers@1.27

Identifiers

grpc-core-1.40.1.jar

Description:

gRPC: Core

License:

Apache 2.0: https://opensource.org/licenses/Apache-2.0
File Path: /var/simplicite/.m2/repository/io/grpc/grpc-core/1.40.1/grpc-core-1.40.1.jar
MD5: 1797c07e8514720eefcca36af23b36a1
SHA1: 1db817d971cdeba5017e1adf056ca0f8f8a2d748
SHA256:c32e97f7b937445cde40e88760df8a308bc2c2420ff0d00a3ce2025fde939e0f
Referenced In Project/Scope: Simplicite Platform:compile
grpc-core-1.40.1.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.google.cloud/google-cloud-core-grpc@2.1.4

Identifiers

CVE-2023-33953  

gRPC contains a vulnerability that allows hpack table accounting errors could lead to unwanted disconnects between clients and servers in exceptional cases/ Three vectors were found that allow the following DOS attacks:

- Unbounded memory buffering in the HPACK parser
- Unbounded CPU consumption in the HPACK parser

The unbounded CPU consumption is down to a copy that occurred per-input-block in the parser, and because that could be unbounded due to the memory copy bug we end up with an O(n^2) parsing loop, with n selected by the client.

The unbounded memory buffering bugs:

- The header size limit check was behind the string reading code, so we needed to first buffer up to a 4 gigabyte string before rejecting it as longer than 8 or 16kb.
- HPACK varints have an encoding quirk whereby an infinite number of 0’s can be added at the start of an integer. gRPC’s hpack parser needed to read all of them before concluding a parse.
- gRPC’s metadata overflow check was performed per frame, so that the following sequence of frames could cause infinite buffering: HEADERS: containing a: 1 CONTINUATION: containing a: 2 CONTINUATION: containing a: 3 etc…
CWE-834 Excessive Iteration, CWE-770 Allocation of Resources Without Limits or Throttling

CVSSv3:
  • Base Score: HIGH (7.5)
  • Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

References:

Vulnerable Software & Versions: (show all)

CVE-2023-44487  

CISA Known Exploited Vulnerability:
  • Product: IETF HTTP/2
  • Name: HTTP/2 Rapid Reset Attack Vulnerability
  • Date Added: 2023-10-10
  • Description: HTTP/2 contains a rapid reset vulnerability that allows for a distributed denial-of-service attack (DDoS).
  • Required Action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
  • Due Date: 2023-10-31
  • Notes: https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack/

The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
CWE-400 Uncontrolled Resource Consumption

CVSSv3:
  • Base Score: HIGH (7.5)
  • Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

References:

Vulnerable Software & Versions: (show all)

CVE-2023-4785  

Lack of error handling in the TCP server in Google's gRPC starting version 1.23 on posix-compatible platforms (ex. Linux) allows an attacker to cause a denial of service by initiating a significant number of connections with the server. Note that gRPC C++ Python, and Ruby are affected, but gRPC Java, and Go are NOT affected. 
NVD-CWE-noinfo

CVSSv3:
  • Base Score: HIGH (7.5)
  • Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

References:

Vulnerable Software & Versions: (show all)

CVE-2023-32732  

gRPC contains a vulnerability whereby a client can cause a termination of connection between a HTTP2 proxy and a gRPC server: a base64 encoding error for `-bin` suffixed headers will result in a disconnection by the gRPC server, but is typically allowed by HTTP2 proxies. We recommend upgrading beyond the commit in  https://github.com/grpc/grpc/pull/32309 https://www.google.com/url
NVD-CWE-Other

CVSSv3:
  • Base Score: MEDIUM (5.3)
  • Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

References:

Vulnerable Software & Versions:

grpc-netty-shaded-1.40.1.jar: io_grpc_netty_shaded_netty_tcnative_windows_x86_64.dll

File Path: /var/simplicite/.m2/repository/io/grpc/grpc-netty-shaded/1.40.1/grpc-netty-shaded-1.40.1.jar/META-INF/native/io_grpc_netty_shaded_netty_tcnative_windows_x86_64.dll
MD5: df40caf232172f5ce179cefa36743933
SHA1: 76188b994e5e178da647e2406cb36f47dc6ccf1f
SHA256:22237bcda94eda9244f3bd8d6d3b80e8af0e1ccc952d8541a2cf53c2a8313951
Referenced In Project/Scope: Simplicite Platform:compile

Identifiers

  • None

grpc-protobuf-1.40.1.jar

Description:

gRPC: Protobuf

License:

Apache 2.0: https://opensource.org/licenses/Apache-2.0
File Path: /var/simplicite/.m2/repository/io/grpc/grpc-protobuf/1.40.1/grpc-protobuf-1.40.1.jar
MD5: ad86e87c3dac1394641124c08cea2666
SHA1: a8b5db3ba7a573104d851cf0cdf51b824514ac85
SHA256:8c00437701483c73977144fac6313403475b448cb5e913ac54efc3f3cb1d44f8
Referenced In Project/Scope: Simplicite Platform:compile
grpc-protobuf-1.40.1.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.google.cloud/google-cloud-pubsub@1.114.4

Identifiers

CVE-2023-33953  

gRPC contains a vulnerability that allows hpack table accounting errors could lead to unwanted disconnects between clients and servers in exceptional cases/ Three vectors were found that allow the following DOS attacks:

- Unbounded memory buffering in the HPACK parser
- Unbounded CPU consumption in the HPACK parser

The unbounded CPU consumption is down to a copy that occurred per-input-block in the parser, and because that could be unbounded due to the memory copy bug we end up with an O(n^2) parsing loop, with n selected by the client.

The unbounded memory buffering bugs:

- The header size limit check was behind the string reading code, so we needed to first buffer up to a 4 gigabyte string before rejecting it as longer than 8 or 16kb.
- HPACK varints have an encoding quirk whereby an infinite number of 0’s can be added at the start of an integer. gRPC’s hpack parser needed to read all of them before concluding a parse.
- gRPC’s metadata overflow check was performed per frame, so that the following sequence of frames could cause infinite buffering: HEADERS: containing a: 1 CONTINUATION: containing a: 2 CONTINUATION: containing a: 3 etc…
CWE-834 Excessive Iteration, CWE-770 Allocation of Resources Without Limits or Throttling

CVSSv3:
  • Base Score: HIGH (7.5)
  • Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

References:

Vulnerable Software & Versions: (show all)

CVE-2023-44487  

CISA Known Exploited Vulnerability:
  • Product: IETF HTTP/2
  • Name: HTTP/2 Rapid Reset Attack Vulnerability
  • Date Added: 2023-10-10
  • Description: HTTP/2 contains a rapid reset vulnerability that allows for a distributed denial-of-service attack (DDoS).
  • Required Action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
  • Due Date: 2023-10-31
  • Notes: https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack/

The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
CWE-400 Uncontrolled Resource Consumption

CVSSv3:
  • Base Score: HIGH (7.5)
  • Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

References:

Vulnerable Software & Versions: (show all)

CVE-2023-4785  

Lack of error handling in the TCP server in Google's gRPC starting version 1.23 on posix-compatible platforms (ex. Linux) allows an attacker to cause a denial of service by initiating a significant number of connections with the server. Note that gRPC C++ Python, and Ruby are affected, but gRPC Java, and Go are NOT affected. 
NVD-CWE-noinfo

CVSSv3:
  • Base Score: HIGH (7.5)
  • Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

References:

Vulnerable Software & Versions: (show all)

CVE-2023-32732  

gRPC contains a vulnerability whereby a client can cause a termination of connection between a HTTP2 proxy and a gRPC server: a base64 encoding error for `-bin` suffixed headers will result in a disconnection by the gRPC server, but is typically allowed by HTTP2 proxies. We recommend upgrading beyond the commit in  https://github.com/grpc/grpc/pull/32309 https://www.google.com/url
NVD-CWE-Other

CVSSv3:
  • Base Score: MEDIUM (5.3)
  • Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

References:

Vulnerable Software & Versions:

gson-2.8.6.jar

Description:

Gson JSON library

File Path: /var/simplicite/.m2/repository/com/google/code/gson/gson/2.8.6/gson-2.8.6.jar
MD5: 310f5841387183aca7900fead98d4858
SHA1: 9180733b7df8542621dc12e21e87557e8c99b8cb
SHA256:c8fb4839054d280b3033f800d1f5a97de2f028eb8ba2eb458ad287e536f3f25f
Referenced In Project/Scope: Simplicite Platform:compile
gson-2.8.6.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.google.protobuf/protobuf-java-util@3.17.3

Identifiers

CVE-2022-25647  

The package com.google.code.gson:gson before 2.8.9 are vulnerable to Deserialization of Untrusted Data via the writeReplace() method in internal classes, which may lead to DoS attacks.
CWE-502 Deserialization of Untrusted Data

CVSSv2:
  • Base Score: MEDIUM (5.0)
  • Vector: /AV:N/AC:L/Au:N/C:N/I:N/A:P
CVSSv3:
  • Base Score: HIGH (7.5)
  • Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

References:

Vulnerable Software & Versions: (show all)

guava-30.1.1-jre.jar

Description:

    Guava is a suite of core and expanded libraries that include
    utility classes, Google's collections, I/O classes, and
    much more.

License:

http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /var/simplicite/.m2/repository/com/google/guava/guava/30.1.1-jre/guava-30.1.1-jre.jar
MD5: 05374f163d0a4141db672fff9df95b12
SHA1: 87e0fd1df874ea3cbe577702fe6f17068b790fd8
SHA256:44ce229ce26d880bf3afc362bbfcec34d7e6903d195bbb1db9f3b6e0d9834f06
Referenced In Project/Scope: Simplicite Platform:compile
guava-30.1.1-jre.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.simplicite/simplicite@5.2.54

Identifiers

CVE-2023-2976  

Use of Java's default temporary directory for file creation in `FileBackedOutputStream` in Google Guava versions 1.0 to 31.1 on Unix systems and Android Ice Cream Sandwich allows other users and apps on the machine with access to the default Java temporary directory to be able to access the files created by the class.

Even though the security vulnerability is fixed in version 32.0.0, we recommend using version 32.0.1 as version 32.0.0 breaks some functionality under Windows.
CWE-552 Files or Directories Accessible to External Parties

CVSSv3:
  • Base Score: HIGH (7.1)
  • Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

References:

Vulnerable Software & Versions:

CVE-2020-8908  

A temp directory creation vulnerability exists in all versions of Guava, allowing an attacker with access to the machine to potentially access data in a temporary directory created by the Guava API com.google.common.io.Files.createTempDir(). By default, on unix-like systems, the created directory is world-readable (readable by an attacker with access to the system). The method in question has been marked @Deprecated in versions 30.0 and later and should not be used. For Android developers, we recommend choosing a temporary directory API provided by Android, such as context.getCacheDir(). For other Java developers, we recommend migrating to the Java 7 API java.nio.file.Files.createTempDirectory() which explicitly configures permissions of 700, or configuring the Java runtime's java.io.tmpdir system property to point to a location whose permissions are appropriately configured.
CWE-732 Incorrect Permission Assignment for Critical Resource

CVSSv2:
  • Base Score: LOW (2.1)
  • Vector: /AV:L/AC:L/Au:N/C:P/I:N/A:N
CVSSv3:
  • Base Score: LOW (3.3)
  • Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

References:

Vulnerable Software & Versions: (show all)

guice-4.2.3.jar (shaded: cglib:cglib:3.3.0)

File Path: /var/simplicite/.m2/repository/com/google/inject/guice/4.2.3/guice-4.2.3.jar/META-INF/maven/cglib/cglib/pom.xml
MD5: a7ecad92e5ab821614c934f58b17de64
SHA1: e6b82e37edf3d2709f59e92f6752a929f72076c5
SHA256:4bce8fb88b4f0ef6bef2ab889c5276c4b5abbd3bdb7c7e5146f6f31c372ac253
Referenced In Project/Scope: Simplicite Platform:compile

Identifiers

guice-4.2.3.jar

Description:

Guice is a lightweight dependency injection framework for Java 6 and above

License:

http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /var/simplicite/.m2/repository/com/google/inject/guice/4.2.3/guice-4.2.3.jar
MD5: 4209f9e543a157db0f194688760409c9
SHA1: 2ea992d6d7bdcac7a43111a95d182a4c42eb5ff7
SHA256:a21e50ffbb67e7adc5b46cf7b9e1a480f1e0f04fd4201ddb1c65da91290601af
Referenced In Project/Scope: Simplicite Platform:compile
guice-4.2.3.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.apache.jclouds/jclouds-core@2.4.0

Identifiers

guice-assistedinject-4.2.3.jar

Description:

Guice is a lightweight dependency injection framework for Java 6 and above

License:

http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /var/simplicite/.m2/repository/com/google/inject/extensions/guice-assistedinject/4.2.3/guice-assistedinject-4.2.3.jar
MD5: acb899a13864c3e0994f3342b7fdc604
SHA1: acbfddc556ee9496293ed1df250cc378f331d854
SHA256:f27810a4b60663fa2d06b8423eda402fa9f8553bfbfde81bf0f0f1f2876b1385
Referenced In Project/Scope: Simplicite Platform:compile
guice-assistedinject-4.2.3.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.apache.jclouds/jclouds-core@2.4.0

Identifiers

h2-2.1.214.jar

Description:

H2 Database Engine

License:

MPL 2.0: https://www.mozilla.org/en-US/MPL/2.0/
EPL 1.0: https://opensource.org/licenses/eclipse-1.0.php
File Path: /var/simplicite/.m2/repository/com/h2database/h2/2.1.214/h2-2.1.214.jar
MD5: 93628fb706e682dd989f697394039025
SHA1: d5c2005c9e3279201e12d4776c948578b16bf8b2
SHA256:d623cdc0f61d218cf549a8d09f1c391ff91096116b22e2475475fce4fbe72bd0
Referenced In Project/Scope: Simplicite Platform:runtime
h2-2.1.214.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.simplicite/simplicite@5.2.54

Identifiers

CVE-2022-45868  

The web-based admin console in H2 Database Engine through 2.1.214 can be started via the CLI with the argument -webAdminPassword, which allows the user to specify the password in cleartext for the web admin console. Consequently, a local user (or an attacker that has obtained local access through some means) would be able to discover the password by listing processes and their arguments. NOTE: the vendor states "This is not a vulnerability of H2 Console ... Passwords should never be passed on the command line and every qualified DBA or system administrator is expected to know that."
CWE-312 Cleartext Storage of Sensitive Information

CVSSv3:
  • Base Score: HIGH (7.8)
  • Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

References:

Vulnerable Software & Versions:

CVE-2018-14335 (OSSINDEX)  

h2database - Improper Link Resolution Before File Access

The software attempts to access a file based on the filename, but it does not properly prevent that filename from identifying a link or shortcut that resolves to an unintended resource.
CWE-59 Improper Link Resolution Before File Access ('Link Following')

CVSSv2:
  • Base Score: MEDIUM (6.0)
  • Vector: /AV:L/AC:L/Au:/C:H/I:N/A:N

References:

Vulnerable Software & Versions (OSSINDEX):

  • cpe:2.3:a:com.h2database:h2:2.1.214:*:*:*:*:*:*:*

h2-2.1.214.jar: data.zip: table.js

File Path: /var/simplicite/.m2/repository/com/h2database/h2/2.1.214/h2-2.1.214.jar/org/h2/util/data.zip/org/h2/server/web/res/table.js
MD5: 1c37e9e03787c821410ce684efa8feb7
SHA1: 3377bc4afb4fa0aeaa4fff9098ebb4446fa5be99
SHA256:07e1b3fc6feb8a8713b6659fc047cd9177d85b22f4bb0fa857be1c81786db701
Referenced In Project/Scope: Simplicite Platform:runtime

Identifiers

  • None

h2-2.1.214.jar: data.zip: tree.js

File Path: /var/simplicite/.m2/repository/com/h2database/h2/2.1.214/h2-2.1.214.jar/org/h2/util/data.zip/org/h2/server/web/res/tree.js
MD5: 4303428a5a49c1ae6c87a5dde9b4c9c3
SHA1: 9bca06117ddee5657dbe89eea197372128fe56e9
SHA256:1d5c4ba3b1a5dfcfe250fba716b55a9a7d0ffe624fc480713ff782c4d671836f
Referenced In Project/Scope: Simplicite Platform:runtime

Identifiers

  • None

hadoop-hdfs-client-3.3.1.jar

Description:

Apache Hadoop HDFS Client

File Path: /var/simplicite/.m2/repository/org/apache/hadoop/hadoop-hdfs-client/3.3.1/hadoop-hdfs-client-3.3.1.jar
MD5: df16b76d5b2b4c33561e94ae47827637
SHA1: 5ad71520a3632a9b5b2c65f9f53d1c9d80544ee0
SHA256:23e86d658b016394c263f80b8e318f232167a8862a07a3d50e5369175f3e8a58
Referenced In Project/Scope: Simplicite Platform:compile
hadoop-hdfs-client-3.3.1.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.apache.commons/commons-vfs2@2.9.0

Identifiers

CVE-2021-37404  

There is a potential heap buffer overflow in Apache Hadoop libhdfs native code. Opening a file path provided by user without validation may result in a denial of service or arbitrary code execution. Users should upgrade to Apache Hadoop 2.10.2, 3.2.3, 3.3.2 or higher.
CWE-787 Out-of-bounds Write

CVSSv2:
  • Base Score: HIGH (7.5)
  • Vector: /AV:N/AC:L/Au:N/C:P/I:P/A:P
CVSSv3:
  • Base Score: CRITICAL (9.8)
  • Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

References:

Vulnerable Software & Versions: (show all)

CVE-2022-25168  

Apache Hadoop's FileUtil.unTar(File, File) API does not escape the input file name before being passed to the shell. An attacker can inject arbitrary commands. This is only used in Hadoop 3.3 InMemoryAliasMap.completeBootstrapTransfer, which is only ever run by a local user. It has been used in Hadoop 2.x for yarn localization, which does enable remote code execution. It is used in Apache Spark, from the SQL command ADD ARCHIVE. As the ADD ARCHIVE command adds new binaries to the classpath, being able to execute shell scripts does not confer new permissions to the caller. SPARK-38305. "Check existence of file before untarring/zipping", which is included in 3.3.0, 3.1.4, 3.2.2, prevents shell commands being executed, regardless of which version of the hadoop libraries are in use. Users should upgrade to Apache Hadoop 2.10.2, 3.2.4, 3.3.3 or upper (including HADOOP-18136).
CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

CVSSv3:
  • Base Score: CRITICAL (9.8)
  • Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

References:

Vulnerable Software & Versions: (show all)

CVE-2022-26612  

In Apache Hadoop, The unTar function uses unTarUsingJava function on Windows and the built-in tar utility on Unix and other OSes. As a result, a TAR entry may create a symlink under the expected extraction directory which points to an external directory. A subsequent TAR entry may extract an arbitrary file into the external directory using the symlink name. This however would be caught by the same targetDirPath check on Unix because of the getCanonicalPath call. However on Windows, getCanonicalPath doesn't resolve symbolic links, which bypasses the check. unpackEntries during TAR extraction follows symbolic links which allows writing outside expected base directory on Windows. This was addressed in Apache Hadoop 3.2.3
CWE-59 Improper Link Resolution Before File Access ('Link Following')

CVSSv2:
  • Base Score: HIGH (7.5)
  • Vector: /AV:N/AC:L/Au:N/C:P/I:P/A:P
CVSSv3:
  • Base Score: CRITICAL (9.8)
  • Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

References:

Vulnerable Software & Versions: (show all)

CVE-2021-25642  

ZKConfigurationStore which is optionally used by CapacityScheduler of Apache Hadoop YARN deserializes data obtained from ZooKeeper without validation. An attacker having access to ZooKeeper can run arbitrary commands as YARN user by exploiting this. Users should upgrade to Apache Hadoop 2.10.2, 3.2.4, 3.3.4 or later (containing YARN-11126) if ZKConfigurationStore is used.
CWE-502 Deserialization of Untrusted Data

CVSSv3:
  • Base Score: HIGH (8.8)
  • Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

References:

Vulnerable Software & Versions: (show all)

CVE-2021-33036  

In Apache Hadoop 2.2.0 to 2.10.1, 3.0.0-alpha1 to 3.1.4, 3.2.0 to 3.2.2, and 3.3.0 to 3.3.1, a user who can escalate to yarn user can possibly run arbitrary commands as root user. Users should upgrade to Apache Hadoop 2.10.2, 3.2.3, 3.3.2 or higher.
CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

CVSSv2:
  • Base Score: HIGH (9.0)
  • Vector: /AV:N/AC:L/Au:S/C:C/I:C/A:C
CVSSv3:
  • Base Score: HIGH (8.8)
  • Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

References:

Vulnerable Software & Versions: (show all)

CVE-2023-26031  

Relative library resolution in linux container-executor binary in Apache Hadoop 3.3.1-3.3.4 on Linux allows local user to gain root privileges. If the YARN cluster is accepting work from remote (authenticated) users, this MAY permit remote users to gain root privileges.

Hadoop 3.3.0 updated the " YARN Secure Containers https://hadoop.apache.org/docs/stable/hadoop-yarn/hadoop-yarn-site/SecureContainer.html " to add a feature for executing user-submitted applications in isolated linux containers.

The native binary HADOOP_HOME/bin/container-executor is used to launch these containers; it must be owned by root and have the suid bit set in order for the YARN processes to run the containers as the specific users submitting the jobs.

The patch " YARN-10495 https://issues.apache.org/jira/browse/YARN-10495 . make the rpath of container-executor configurable" modified the library loading path for loading .so files from "$ORIGIN/" to ""$ORIGIN/:../lib/native/". This is the a path through which libcrypto.so is located. Thus it is is possible for a user with reduced privileges to install a malicious libcrypto library into a path to which they have write access, invoke the container-executor command, and have their modified library executed as root.
If the YARN cluster is accepting work from remote (authenticated) users, and these users' submitted job are executed in the physical host, rather than a container, then the CVE permits remote users to gain root privileges.

The fix for the vulnerability is to revert the change, which is done in  YARN-11441 https://issues.apache.org/jira/browse/YARN-11441 , "Revert YARN-10495". This patch is in hadoop-3.3.5.

To determine whether a version of container-executor is vulnerable, use the readelf command. If the RUNPATH or RPATH value contains the relative path "./lib/native/" then it  is at risk

$ readelf -d container-executor|grep 'RUNPATH\|RPATH' 
0x000000000000001d (RUNPATH)            Library runpath: [$ORIGIN/:../lib/native/]

If it does not, then it is safe:

$ readelf -d container-executor|grep 'RUNPATH\|RPATH' 
0x000000000000001d (RUNPATH)            Library runpath: [$ORIGIN/]

For an at-risk version of container-executor to enable privilege escalation, the owner must be root and the suid bit must be set

$ ls -laF /opt/hadoop/bin/container-executor
---Sr-s---. 1 root hadoop 802968 May 9 20:21 /opt/hadoop/bin/container-executor

A safe installation lacks the suid bit; ideally is also not owned by root.

$ ls -laF /opt/hadoop/bin/container-executor
-rwxr-xr-x. 1 yarn hadoop 802968 May 9 20:21 /opt/hadoop/bin/container-executor

This configuration does not support Yarn Secure Containers, but all other hadoop services, including YARN job execution outside secure containers continue to work.
CWE-426 Untrusted Search Path

CVSSv3:
  • Base Score: HIGH (7.5)
  • Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

References:

Vulnerable Software & Versions:

hamcrest-core-1.3.jar

Description:

    This is the core API of hamcrest matcher framework to be used by third-party framework providers. This includes the a foundation set of matcher implementations for common operations.

File Path: /var/simplicite/.m2/repository/org/hamcrest/hamcrest-core/1.3/hamcrest-core-1.3.jar
MD5: 6393363b47ddcbba82321110c3e07519
SHA1: 42a25dc3219429f0e5d060061f71acb49bf010a0
SHA256:66fdef91e9739348df7a096aa384a5685f4e875584cce89386a7a47251c4d8e9
Referenced In Project/Scope: Simplicite Platform:compile
hamcrest-core-1.3.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/junit/junit@4.13.2

Identifiers

handlebars:4.7.7

Description:

Handlebars provides the power necessary to let you build semantic templates effectively with no frustration

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?npm-audit-html:1.5.0/handlebars:^4.7.6

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/npm-audit-html:1.5.0
  • simplicite-js:5.2.54

Identifiers

hard-rejection:2.1.0

Description:

Make unhandled promise rejections fail hard right away instead of the default silent fail

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?meow:9.0.0/hard-rejection:^2.1.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/meow:9.0.0
  • simplicite-js:5.2.54

Identifiers

has-bigints:1.0.2

Description:

Determine if the JS environment has BigInt support.

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?unbox-primitive:1.0.2/has-bigints:^1.0.2

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/unbox-primitive:1.0.2
  • simplicite-js:5.2.54
  • simplicite-js:5.2.54/is-bigint:1.0.4

Identifiers

has-flag:3.0.0

Description:

Check if argv has a specific flag

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?supports-color:5.5.0/has-flag:^3.0.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/supports-color:5.5.0
  • simplicite-js:5.2.54/supports-hyperlinks:2.3.0
  • simplicite-js:5.2.54
  • simplicite-js:5.2.54/supports-color:7.2.0

Identifiers

has-property-descriptors:1.0.0

Description:

Does the environment have full property descriptor support? Handles IE 8's broken defineProperty/gOPD.

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/has-property-descriptors:1.0.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/es-abstract:1.21.2
  • simplicite-js:5.2.54/define-properties:1.2.0
  • simplicite-js:5.2.54

Identifiers

has-proto:1.0.1

Description:

Does this environment have the ability to get the [[Prototype]] of an object on creation with `__proto__`?

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/has-proto:1.0.1

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/es-abstract:1.21.2
  • simplicite-js:5.2.54/get-intrinsic:1.2.1
  • simplicite-js:5.2.54

Identifiers

has-symbols:1.0.3

Description:

Determine if the JS environment has Symbol support. Supports spec, or shams.

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?unbox-primitive:1.0.2/has-symbols:^1.0.3

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/unbox-primitive:1.0.2
  • simplicite-js:5.2.54/es-abstract:1.21.2
  • simplicite-js:5.2.54/has-tostringtag:1.0.0
  • simplicite-js:5.2.54/is-symbol:1.0.4
  • simplicite-js:5.2.54/safe-array-concat:1.0.0
  • simplicite-js:5.2.54/get-intrinsic:1.2.1
  • simplicite-js:5.2.54
  • simplicite-js:5.2.54/object.assign:4.1.4

Identifiers

has-tostringtag:1.0.0

Description:

Determine if the JS environment has `Symbol.toStringTag` support. Supports spec, or shams.

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?which-typed-array:1.1.9/has-tostringtag:^1.0.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/is-string:1.0.7
  • simplicite-js:5.2.54/is-typed-array:1.1.10
  • simplicite-js:5.2.54/which-typed-array:1.1.9
  • simplicite-js:5.2.54/is-boolean-object:1.1.2
  • simplicite-js:5.2.54/is-number-object:1.0.7
  • simplicite-js:5.2.54
  • simplicite-js:5.2.54/es-set-tostringtag:2.0.1
  • simplicite-js:5.2.54/is-regex:1.1.4
  • simplicite-js:5.2.54/is-date-object:1.0.5

Identifiers

has-unicode:2.0.1

Description:

Try to guess if your terminal supports unicode

License:

ISC
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/has-unicode:2.0.1

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/gauge:4.0.4
  • simplicite-js:5.2.54

Identifiers

has-yarn:2.1.0

Description:

Check if a project is using Yarn

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?update-notifier:4.1.3/has-yarn:^2.1.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/update-notifier:6.0.2
  • simplicite-js:5.2.54/update-notifier:4.1.3
  • simplicite-js:5.2.54/update-notifier:5.1.0
  • simplicite-js:5.2.54

Identifiers

has:1.0.3

Description:

Object.prototype.hasOwnProperty.call shortcut

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?is-core-module:2.12.1/has:^1.0.3

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/es-abstract:1.21.2
  • simplicite-js:5.2.54/internal-slot:1.0.5
  • simplicite-js:5.2.54/is-core-module:2.12.1
  • simplicite-js:5.2.54/get-intrinsic:1.2.1
  • simplicite-js:5.2.54
  • simplicite-js:5.2.54/es-set-tostringtag:2.0.1

Identifiers

highlight-es:1.0.3

Description:

Highlight ECMAScript syntax for the console or any other medium.

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/highlight-es:1.0.3

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/callsite-record:4.1.5
  • simplicite-js:5.2.54

Identifiers

highlight.js:10.7.3

Description:

Syntax highlighting with language autodetection.

License:

BSD-3-Clause
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/highlight.js:10.7.3

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/npm-audit-html:1.5.0
  • simplicite-js:5.2.54

Identifiers

highlight.js:11.5.1

Description:

Syntax highlighting with language autodetection.

License:

BSD-3-Clause
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/highlight.js:11.5.1

Referenced In Project/Scope: simplicite-js:5.2.54

Identifiers

hk2-api-2.6.1.jar

Description:

${project.name}

License:

http://www.eclipse.org/legal/epl-2.0, https://www.gnu.org/software/classpath/license.html
File Path: /var/simplicite/.m2/repository/org/glassfish/hk2/hk2-api/2.6.1/hk2-api-2.6.1.jar
MD5: 23e8c18dae0c7b776bed756763d5153f
SHA1: 114bd7afb4a1bd9993527f52a08a252b5d2acac5
SHA256:c2cb80a01e58440ae57d5ee59af4d4d94e5180e04aff112b0cb611c07d61e773
Referenced In Project/Scope: Simplicite Platform:provided
hk2-api-2.6.1.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.docusign/docusign-esign-java@3.14.0

Identifiers

hk2-locator-2.6.1.jar

Description:

${project.name}

License:

http://www.eclipse.org/legal/epl-2.0, https://www.gnu.org/software/classpath/license.html
File Path: /var/simplicite/.m2/repository/org/glassfish/hk2/hk2-locator/2.6.1/hk2-locator-2.6.1.jar
MD5: dfd358720393d83b01747928db6e3912
SHA1: 9dedf9d2022e38ec0743ed44c1ac94ad6149acdd
SHA256:febc668deb9f2000c76bd4918d8086c0a4c74d07bd0c60486b72c6bd38b62874
Referenced In Project/Scope: Simplicite Platform:provided
hk2-locator-2.6.1.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.docusign/docusign-esign-java@3.14.0

Identifiers

hk2-utils-2.6.1.jar

Description:

${project.name}

License:

http://www.eclipse.org/legal/epl-2.0, https://www.gnu.org/software/classpath/license.html
File Path: /var/simplicite/.m2/repository/org/glassfish/hk2/hk2-utils/2.6.1/hk2-utils-2.6.1.jar
MD5: 75ccb55538a77bf878996497ffeb86f3
SHA1: 396513aa96c1d5a10aa4f75c4dcbf259a698d62d
SHA256:30727f79086452fdefdab08451d982c2082aa239d9f75cdeb1ba271e3c887036
Referenced In Project/Scope: Simplicite Platform:provided
hk2-utils-2.6.1.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.docusign/docusign-esign-java@3.14.0

Identifiers

homedir-polyfill:1.0.3

Description:

Node.js os.homedir polyfill for older versions of node.js.

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?v8flags:3.2.0/homedir-polyfill:^1.0.1

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54
  • simplicite-js:5.2.54/v8flags:3.2.0

Identifiers

hosted-git-info:4.1.0

Description:

Provides metadata and conversions from repository urls for GitHub, Bitbucket and GitLab

License:

ISC
File Path: /var/simplicite/simplicite-5.2/package-lock.json?normalize-package-data:3.0.3/hosted-git-info:^4.0.1

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/normalize-package-data:3.0.3
  • simplicite-js:5.2.54/normalize-package-data:2.5.0
  • simplicite-js:5.2.54/npm-package-arg:10.1.0
  • simplicite-js:5.2.54
  • simplicite-js:5.2.54/normalize-package-data:5.0.0

Identifiers

hosted-git-info:5.2.1

Description:

Provides metadata and conversions from repository urls for GitHub, Bitbucket and GitLab

License:

ISC
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/hosted-git-info:5.2.1

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/npm-check-updates:16.14.14
  • simplicite-js:5.2.54

Identifiers

hsqldb-2.6.1.jar

Description:

HSQLDB - Lightweight 100% Java SQL Database Engine

License:

HSQLDB License, a BSD open source license: http://hsqldb.org/web/hsqlLicense.html
File Path: /var/simplicite/.m2/repository/org/hsqldb/hsqldb/2.6.1/hsqldb-2.6.1.jar
MD5: 9dd059b3f1558202870d7cf585275ef7
SHA1: e626f8231592da1862fac632a6230752cf69b8e9
SHA256:e3f9e9d472d985b95ee5c10ed40d03496c3a26b950590ae0a49ce608626dcbe8
Referenced In Project/Scope: Simplicite Platform:runtime
hsqldb-2.6.1.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.simplicite/simplicite@5.2.54

Identifiers

CVE-2022-41853  

Those using java.sql.Statement or java.sql.PreparedStatement in hsqldb (HyperSQL DataBase) to process untrusted input may be vulnerable to a remote code execution attack. By default it is allowed to call any static method of any Java class in the classpath resulting in code execution. The issue can be prevented by updating to 2.7.1 or by setting the system property "hsqldb.method_class_names" to classes which are allowed to be called. For example, System.setProperty("hsqldb.method_class_names", "abc") or Java argument -Dhsqldb.method_class_names="abc" can be used. From version 2.7.1 all classes by default are not accessible except those in java.lang.Math and need to be manually enabled.
NVD-CWE-noinfo

CVSSv3:
  • Base Score: CRITICAL (9.8)
  • Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

References:

Vulnerable Software & Versions:

html-tags:3.3.1

Description:

List of standard HTML tags

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?stylelint:14.16.1/html-tags:^3.2.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/stylelint:14.16.1
  • simplicite-js:5.2.54

Identifiers

htmlparser2:3.8.3

Description:

Fast & forgiving HTML/XML/RSS parser

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/htmlparser2:3.8.3

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/jshint:2.13.1
  • simplicite-js:5.2.54

Identifiers

http-cache-semantics:4.1.1

Description:

Parses Cache-Control and other headers. Helps building correct HTTP caches and proxies

License:

BSD-2-Clause
File Path: /var/simplicite/simplicite-5.2/package-lock.json?cacheable-request:6.1.0/http-cache-semantics:^4.0.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/cacheable-request:6.1.0
  • simplicite-js:5.2.54/make-fetch-happen:11.1.1
  • simplicite-js:5.2.54/cacheable-request:10.2.12
  • simplicite-js:5.2.54

Identifiers

http-proxy-agent:5.0.0

Description:

An HTTP(s) proxy `http.Agent` implementation for HTTP

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?make-fetch-happen:11.1.1/http-proxy-agent:^5.0.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/make-fetch-happen:11.1.1
  • simplicite-js:5.2.54

Identifiers

http2-wrapper:2.2.0

Description:

HTTP2 client, just with the familiar `https` API

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?got:13.0.0/http2-wrapper:^2.1.10

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/got:12.6.1
  • simplicite-js:5.2.54
  • simplicite-js:5.2.54/got:13.0.0

Identifiers

httpasyncclient-4.1.4.jar

Description:

   Apache HttpComponents AsyncClient

File Path: /var/simplicite/.m2/repository/org/apache/httpcomponents/httpasyncclient/4.1.4/httpasyncclient-4.1.4.jar
MD5: f29a16f1c28f5b3dd511cbd16d7fa422
SHA1: f3a3240681faae3fa46b573a4c7e50cec9db0d86
SHA256:50e981a8e567a16ebdad104605b156540a863459fa127b8ba647f310dfc83ef8
Referenced In Project/Scope: Simplicite Platform:compile
httpasyncclient-4.1.4.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.simplicite/simplicite@5.2.54

Identifiers

httpclient-4.5.13.jar

Description:

   Apache HttpComponents Client

File Path: /var/simplicite/.m2/repository/org/apache/httpcomponents/httpclient/4.5.13/httpclient-4.5.13.jar
MD5: 40d6b9075fbd28fa10292a45a0db9457
SHA1: e5f6cae5ca7ecaac1ec2827a9e2d65ae2869cada
SHA256:6fe9026a566c6a5001608cf3fc32196641f6c1e5e1986d1037ccdbd5f31ef743
Referenced In Project/Scope: Simplicite Platform:compile
httpclient-4.5.13.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.simplicite/simplicite@5.2.54

Identifiers

httpcore-4.4.14.jar

Description:

   Apache HttpComponents Core (blocking I/O)

File Path: /var/simplicite/.m2/repository/org/apache/httpcomponents/httpcore/4.4.14/httpcore-4.4.14.jar
MD5: 2b3991eda121042765a5ee299556c200
SHA1: 9dd1a631c082d92ecd4bd8fd4cf55026c720a8c1
SHA256:f956209e450cb1d0c51776dfbd23e53e9dd8db9a1298ed62b70bf0944ba63b28
Referenced In Project/Scope: Simplicite Platform:compile
httpcore-4.4.14.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.simplicite/simplicite@5.2.54

Identifiers

httpcore-nio-4.4.14.jar

Description:

   Apache HttpComponents Core (non-blocking I/O)

File Path: /var/simplicite/.m2/repository/org/apache/httpcomponents/httpcore-nio/4.4.14/httpcore-nio-4.4.14.jar
MD5: fc67803925f395dbb90e61992bbf0291
SHA1: 175aeb59b09cf2ebbec622fe1704904a092ee291
SHA256:88c695f7342ba76dafd4035fa9bebbf82837c573de0d81324ba7921b4e14f5c8
Referenced In Project/Scope: Simplicite Platform:compile
httpcore-nio-4.4.14.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.simplicite/simplicite@5.2.54

Identifiers

httpmime-4.5.13.jar

Description:

   Apache HttpComponents HttpClient - MIME coded entities

File Path: /var/simplicite/.m2/repository/org/apache/httpcomponents/httpmime/4.5.13/httpmime-4.5.13.jar
MD5: 3f0c1ef2c9dc47b62b780192f54b0c18
SHA1: efc110bad4a0d45cda7858e6beee1d8a8313da5a
SHA256:06e754d99245b98dcc2860dcb43d20e737d650da2bf2077a105f68accbd5c5cc
Referenced In Project/Scope: Simplicite Platform:compile
httpmime-4.5.13.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.simplicite/simplicite@5.2.54

Identifiers

https-proxy-agent:5.0.1

Description:

An HTTP(s) proxy `http.Agent` implementation for HTTPS

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?make-fetch-happen:11.1.1/https-proxy-agent:^5.0.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/make-fetch-happen:11.1.1
  • simplicite-js:5.2.54

Identifiers

httpservices-4.5.5.jar

File Path: /var/simplicite/.m2/repository/edu/ucar/httpservices/4.5.5/httpservices-4.5.5.jar
MD5: c5207827b8b7e6045b2af7e1e8c5b1d4
SHA1: ee5f217be599e5e03f7f0e55e03f9e721a154f62
SHA256:8334da7adc9ed7a7b941a780f4d22054f8a11d03973be83ae8399400d55300e4
Referenced In Project/Scope: Simplicite Platform:compile
httpservices-4.5.5.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.apache.tika/tika-parsers@1.27

Identifiers

human-signals:2.1.0

Description:

Human-friendly process signals

License:

Apache-2.0
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/human-signals:2.1.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/execa:5.1.1
  • simplicite-js:5.2.54

Identifiers

humanize-ms:1.2.1

Description:

transform humanize time to ms

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/humanize-ms:1.2.1

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/agentkeepalive:4.3.0
  • simplicite-js:5.2.54

Identifiers

iconv-lite:0.4.24

Description:

Convert character encodings in pure javascript.

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/iconv-lite:0.4.24

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54
  • simplicite-js:5.2.54/external-editor:3.1.0

Identifiers

iconv-lite:0.6.3

Description:

Convert character encodings in pure javascript.

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/iconv-lite:0.6.3

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54
  • simplicite-js:5.2.54/encoding:0.1.13

Identifiers

icu4j-69.1.jar

Description:

    International Component for Unicode for Java (ICU4J) is a mature, widely used Java library
    providing Unicode and Globalization support

License:

Unicode/ICU License: https://raw.githubusercontent.com/unicode-org/icu/master/icu4c/LICENSE
File Path: /var/simplicite/.m2/repository/com/ibm/icu/icu4j/69.1/icu4j-69.1.jar
MD5: 1be8018240774c697a812df60e23aed4
SHA1: ff666ac55986650893aacb9e2e0003538e9799c0
SHA256:98286f3d538bc7bde87d70bf2cac3acc9ed7b7fe941db5e94a8c3fa13516f963
Referenced In Project/Scope: Simplicite Platform:compile
icu4j-69.1.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.simplicite/simplicite@5.2.54

Identifiers

  • pkg:maven/com.ibm.icu/icu4j@69.1  (Confidence:High)
  • cpe:2.3:a:icu-project:international_components_for_unicode:69.1:*:*:*:*:*:*:*  (Confidence:Low)  
  • cpe:2.3:a:unicode:international_components_for_unicode:69.1:*:*:*:*:*:*:*  (Confidence:Low)  

ieee754:1.2.1

Description:

Read/write IEEE754 floating point numbers from/to a Buffer or array-like object

License:

BSD-3-Clause
File Path: /var/simplicite/simplicite-5.2/package-lock.json?buffer:6.0.3/ieee754:^1.2.1

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/buffer:6.0.3
  • simplicite-js:5.2.54
  • simplicite-js:5.2.54/buffer:5.7.1

Identifiers

ignore-walk:6.0.3

Description:

Nested/recursive `.gitignore`/`.npmignore` parsing and filtering.

License:

ISC
File Path: /var/simplicite/simplicite-5.2/package-lock.json?npm-packlist:7.0.4/ignore-walk:^6.0.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/npm-packlist:7.0.4
  • simplicite-js:5.2.54

Identifiers

ignore:5.2.4

Description:

Ignore is a manager and filter for .gitignore rules, the one used by eslint, gitbook and many others.

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?stylelint:14.16.1/ignore:^5.2.1

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/eslint:8.56.0
  • simplicite-js:5.2.54/stylelint:14.16.1
  • simplicite-js:5.2.54/@eslint/eslintrc:2.1.4
  • simplicite-js:5.2.54
  • simplicite-js:5.2.54/globby:11.1.0
  • simplicite-js:5.2.54/depcheck:1.4.3

Identifiers

immediate:3.0.6

Description:

A cross browser microtask library

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?lie:3.3.0/immediate:~3.0.5

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/lie:3.3.0
  • simplicite-js:5.2.54

Identifiers

immutable:4.3.0

Description:

Immutable Data Collections

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?sass:1.63.6/immutable:^4.0.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54
  • simplicite-js:5.2.54/sass:1.63.6

Identifiers

import-fresh:3.3.0

Description:

Import a module while bypassing the cache

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/import-fresh:3.3.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/@eslint/eslintrc:2.1.4
  • simplicite-js:5.2.54/cosmiconfig:7.1.0
  • simplicite-js:5.2.54

Identifiers

import-lazy:2.1.0

Description:

Import modules lazily

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/import-lazy:2.1.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/update-notifier:4.1.3
  • simplicite-js:5.2.54

Identifiers

import-lazy:4.0.0

Description:

Import a module lazily

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?stylelint:14.16.1/import-lazy:^4.0.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/update-notifier:6.0.2
  • simplicite-js:5.2.54/stylelint:14.16.1
  • simplicite-js:5.2.54/update-notifier:5.1.0
  • simplicite-js:5.2.54

Identifiers

imurmurhash:0.1.4

Description:

An incremental implementation of MurmurHash3

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?write-file-atomic:4.0.2/imurmurhash:^0.1.4

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/unique-slug:4.0.0
  • simplicite-js:5.2.54/eslint:8.56.0
  • simplicite-js:5.2.54/stylelint:14.16.1
  • simplicite-js:5.2.54/write-file-atomic:4.0.2
  • simplicite-js:5.2.54
  • simplicite-js:5.2.54/write-file-atomic:3.0.3

Identifiers

indent-string:4.0.0

Description:

Indent each line in a string

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?redent:3.0.0/indent-string:^4.0.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/redent:3.0.0
  • simplicite-js:5.2.54/aggregate-error:3.1.0
  • simplicite-js:5.2.54

Identifiers

inflight:1.0.6

Description:

Add callbacks to requests in flight to avoid async duplication

License:

ISC
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/inflight:1.0.6

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/glob:7.2.3
  • simplicite-js:5.2.54

Identifiers

inherits:2.0.4

Description:

Browser-friendly inheritance fully compatible with standard node.js inherits()

License:

ISC
File Path: /var/simplicite/simplicite-5.2/package-lock.json?readable-stream:1.1.14/inherits:~2.0.1

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/bl:4.1.0
  • simplicite-js:5.2.54/glob:7.2.3
  • simplicite-js:5.2.54/readable-stream:2.3.8
  • simplicite-js:5.2.54/readable-stream:3.6.2
  • simplicite-js:5.2.54/readable-stream:1.1.14
  • simplicite-js:5.2.54

Identifiers

ini:1.3.8

Description:

An ini encoder/decoder for node

License:

ISC
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/ini:1.3.8

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/config-chain:1.1.13
  • simplicite-js:5.2.54/rc:1.2.8
  • simplicite-js:5.2.54/global-dirs:2.1.0
  • simplicite-js:5.2.54/global-dirs:3.0.1
  • simplicite-js:5.2.54
  • simplicite-js:5.2.54/global-prefix:3.0.0

Identifiers

ini:2.0.0

Description:

An ini encoder/decoder for node

License:

ISC
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/ini:2.0.0

Referenced In Project/Scope: simplicite-js:5.2.54

Identifiers

ini:4.1.1

Description:

An ini encoder/decoder for node

License:

ISC
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/ini:4.1.1

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/npm-check-updates:16.14.14
  • simplicite-js:5.2.54

Identifiers

inquirer:7.3.3

Description:

A collection of common interactive command line user interfaces.

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?npm-check:6.0.1/inquirer:^7.3.3

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/npm-check:6.0.1
  • simplicite-js:5.2.54

Identifiers

internal-slot:1.0.5

Description:

ES spec-like internal slots

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/internal-slot:1.0.5

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/es-abstract:1.21.2
  • simplicite-js:5.2.54

Identifiers

invariant:2.2.4

Description:

invariant

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?scss-parser:1.0.6/invariant:2.2.4

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/scss-parser:1.0.6
  • simplicite-js:5.2.54
  • simplicite-js:5.2.54/query-ast:1.0.5

Identifiers

ip:2.0.0

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?socks:2.7.1/ip:^2.0.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/socks:2.7.1
  • simplicite-js:5.2.54

Identifiers

is-array-buffer:3.0.2

Description:

Is this value a JS ArrayBuffer?

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/is-array-buffer:3.0.2

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/array-buffer-byte-length:1.0.0
  • simplicite-js:5.2.54/es-abstract:1.21.2
  • simplicite-js:5.2.54

Identifiers

is-arrayish:0.2.1

Description:

Determines if an object can be used as an array

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/is-arrayish:0.2.1

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/error-ex:1.3.2
  • simplicite-js:5.2.54

Identifiers

is-bigint:1.0.4

Description:

Is this value an ES BigInt?

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?which-boxed-primitive:1.0.2/is-bigint:^1.0.1

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54
  • simplicite-js:5.2.54/which-boxed-primitive:1.0.2

Identifiers

is-binary-path:2.1.0

Description:

Check if a file path is a binary file

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/is-binary-path:2.1.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/chokidar:3.5.3
  • simplicite-js:5.2.54

Identifiers

is-boolean-object:1.1.2

Description:

Is this value a JS Boolean? This module works cross-realm/iframe, and despite ES6 @@toStringTag.

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?which-boxed-primitive:1.0.2/is-boolean-object:^1.1.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54
  • simplicite-js:5.2.54/which-boxed-primitive:1.0.2

Identifiers

is-builtin-module:3.2.1

Description:

Check if a string matches the name of a Node.js builtin module

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/is-builtin-module:3.2.1

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/eslint-plugin-jsdoc:48.0.4
  • simplicite-js:5.2.54

Identifiers

is-callable:1.2.7

Description:

Is this JS value callable? Works with Functions and GeneratorFunctions, despite ES6 @@toStringTag.

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/is-callable:1.2.7

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/es-abstract:1.21.2
  • simplicite-js:5.2.54/for-each:0.3.3
  • simplicite-js:5.2.54/es-to-primitive:1.2.1
  • simplicite-js:5.2.54

Identifiers

is-ci:2.0.0

Description:

Detect if the current environment is a CI server

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?update-notifier:4.1.3/is-ci:^2.0.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/npm-check:6.0.1
  • simplicite-js:5.2.54/update-notifier:6.0.2
  • simplicite-js:5.2.54/update-notifier:4.1.3
  • simplicite-js:5.2.54/update-notifier:5.1.0
  • simplicite-js:5.2.54

Identifiers

is-core-module:2.12.1

Description:

Is this specifier a node.js core module?

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?resolve:1.22.2/is-core-module:^2.11.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/normalize-package-data:3.0.3
  • simplicite-js:5.2.54/normalize-package-data:5.0.0
  • simplicite-js:5.2.54
  • simplicite-js:5.2.54/resolve:1.22.2
  • simplicite-js:5.2.54/depcheck:1.4.3

Identifiers

is-date-object:1.0.5

Description:

Is this value a JS Date object? This module works cross-realm/iframe, and despite ES6 @@toStringTag.

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/is-date-object:1.0.5

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/es-to-primitive:1.2.1
  • simplicite-js:5.2.54

Identifiers

is-docker:2.2.1

Description:

Check if the process is running inside a Docker container

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?open:7.4.2/is-docker:^2.0.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/is-wsl:2.2.0
  • simplicite-js:5.2.54/open:7.4.2
  • simplicite-js:5.2.54

Identifiers

is-es2016-keyword:1.0.0

Description:

Determine if string is an ES2016 keyword.

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/is-es2016-keyword:1.0.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54
  • simplicite-js:5.2.54/highlight-es:1.0.3

Identifiers

is-extglob:2.1.1

Description:

Returns true if a string has an extglob.

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?is-glob:4.0.3/is-extglob:^2.1.1

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/is-glob:4.0.3
  • simplicite-js:5.2.54

Identifiers

is-fullwidth-code-point:3.0.0

Description:

Check if the character represented by a given Unicode code point is fullwidth

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?string-width-cjs:4.2.3/is-fullwidth-code-point:^3.0.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/slice-ansi:4.0.0
  • simplicite-js:5.2.54/string-width:4.2.3
  • simplicite-js:5.2.54/string-width-cjs:4.2.3
  • simplicite-js:5.2.54

Identifiers

is-glob:4.0.3

Description:

Returns `true` if the given string looks like a glob pattern or an extglob pattern. This makes it easy to create code that only uses external modules like node-glob when necessary, resulting in much faster code execution and initialization time, and a better user experience.

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/is-glob:4.0.3

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/eslint:8.56.0
  • simplicite-js:5.2.54/chokidar:3.5.3
  • simplicite-js:5.2.54/glob-parent:5.1.2
  • simplicite-js:5.2.54/glob-parent:6.0.2
  • simplicite-js:5.2.54

Identifiers

is-installed-globally:0.3.2

Description:

Check if your package was installed globally

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?update-notifier:4.1.3/is-installed-globally:^0.3.1

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/update-notifier:6.0.2
  • simplicite-js:5.2.54/update-notifier:4.1.3
  • simplicite-js:5.2.54/update-notifier:5.1.0
  • simplicite-js:5.2.54

Identifiers

is-interactive:1.0.0

Description:

Check if stdout or stderr is interactive

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?ora:5.4.1/is-interactive:^1.0.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/ora:5.4.1
  • simplicite-js:5.2.54

Identifiers

is-lambda:1.0.1

Description:

Detect if your code is running on an AWS Lambda server

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?make-fetch-happen:11.1.1/is-lambda:^1.0.1

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/make-fetch-happen:11.1.1
  • simplicite-js:5.2.54

Identifiers

is-negative-zero:2.0.2

Description:

Is this value negative zero? === will lie to you

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/is-negative-zero:2.0.2

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/es-abstract:1.21.2
  • simplicite-js:5.2.54

Identifiers

is-npm:4.0.0

Description:

Check if your code is running as an npm script

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?update-notifier:4.1.3/is-npm:^4.0.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/update-notifier:6.0.2
  • simplicite-js:5.2.54/update-notifier:4.1.3
  • simplicite-js:5.2.54/update-notifier:5.1.0
  • simplicite-js:5.2.54

Identifiers

is-number-object:1.0.7

Description:

Is this value a JS Number object? This module works cross-realm/iframe, and despite ES6 @@toStringTag.

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?which-boxed-primitive:1.0.2/is-number-object:^1.0.4

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54
  • simplicite-js:5.2.54/which-boxed-primitive:1.0.2

Identifiers

is-number:7.0.0

Description:

Returns true if a number or string value is a finite number. Useful for regex matches, parsing, user input, etc.

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?to-regex-range:5.0.1/is-number:^7.0.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/to-regex-range:5.0.1
  • simplicite-js:5.2.54

Identifiers

is-obj:2.0.0

Description:

Check if a value is an object

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?dot-prop:6.0.1/is-obj:^2.0.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/dot-prop:6.0.1
  • simplicite-js:5.2.54
  • simplicite-js:5.2.54/dot-prop:5.3.0

Identifiers

is-path-inside:3.0.3

Description:

Check if a path is inside another path

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?is-installed-globally:0.4.0/is-path-inside:^3.0.2

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/is-installed-globally:0.4.0
  • simplicite-js:5.2.54/eslint:8.56.0
  • simplicite-js:5.2.54/is-installed-globally:0.3.2
  • simplicite-js:5.2.54

Identifiers

is-plain-obj:1.1.0

Description:

Check if a value is a plain object

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?minimist-options:4.1.0/is-plain-obj:^1.1.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54
  • simplicite-js:5.2.54/minimist-options:4.1.0

Identifiers

is-plain-object:2.0.4

Description:

Returns true if an object was created by the `Object` constructor.

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/is-plain-object:2.0.4

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54
  • simplicite-js:5.2.54/clone-deep:4.0.1

Identifiers

is-plain-object:5.0.0

Description:

Returns true if an object was created by the `Object` constructor, or Object.create(null).

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/is-plain-object:5.0.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/stylelint:14.16.1
  • simplicite-js:5.2.54

Identifiers

is-regex:1.1.4

Description:

Is this value a JS regex? Works cross-realm/iframe, and despite ES6 @@toStringTag

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?safe-regex-test:1.0.0/is-regex:^1.1.4

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/es-abstract:1.21.2
  • simplicite-js:5.2.54
  • simplicite-js:5.2.54/safe-regex-test:1.0.0

Identifiers

is-shared-array-buffer:1.0.2

Description:

Is this value a JS SharedArrayBuffer?

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/is-shared-array-buffer:1.0.2

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/es-abstract:1.21.2
  • simplicite-js:5.2.54

Identifiers

is-stream:2.0.1

Description:

Check if something is a Node.js stream

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/is-stream:2.0.1

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/execa:5.1.1
  • simplicite-js:5.2.54

Identifiers

is-string:1.0.7

Description:

Is this value a JS String object or primitive? This module works cross-realm/iframe, and despite ES6 @@toStringTag.

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?which-boxed-primitive:1.0.2/is-string:^1.0.5

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/es-abstract:1.21.2
  • simplicite-js:5.2.54/array.prototype.reduce:1.0.5
  • simplicite-js:5.2.54
  • simplicite-js:5.2.54/which-boxed-primitive:1.0.2

Identifiers

is-symbol:1.0.4

Description:

Determine if a value is an ES6 Symbol or not.

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?which-boxed-primitive:1.0.2/is-symbol:^1.0.3

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/es-to-primitive:1.2.1
  • simplicite-js:5.2.54
  • simplicite-js:5.2.54/which-boxed-primitive:1.0.2

Identifiers

is-typed-array:1.1.10

Description:

Is this value a JS Typed Array? This module works cross-realm/iframe, does not depend on `instanceof` or mutable properties, and despite ES6 Symbol.toStringTag.

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?which-typed-array:1.1.9/is-typed-array:^1.1.10

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/es-abstract:1.21.2
  • simplicite-js:5.2.54/is-array-buffer:3.0.2
  • simplicite-js:5.2.54/typed-array-length:1.0.4
  • simplicite-js:5.2.54/which-typed-array:1.1.9
  • simplicite-js:5.2.54

Identifiers

is-typedarray:1.0.0

Description:

Detect whether or not an object is a Typed Array

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?typedarray-to-buffer:3.1.5/is-typedarray:^1.0.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/typedarray-to-buffer:3.1.5
  • simplicite-js:5.2.54
  • simplicite-js:5.2.54/write-file-atomic:3.0.3

Identifiers

is-unicode-supported:0.1.0

Description:

Detect whether the terminal supports Unicode

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?ora:5.4.1/is-unicode-supported:^0.1.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/log-symbols:4.1.0
  • simplicite-js:5.2.54/ora:5.4.1
  • simplicite-js:5.2.54

Identifiers

is-weakref:1.0.2

Description:

Is this value a JS WeakRef? This module works cross-realm/iframe, and despite ES6 @@toStringTag.

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/is-weakref:1.0.2

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/es-abstract:1.21.2
  • simplicite-js:5.2.54

Identifiers

is-wsl:2.2.0

Description:

Check if the process is running inside Windows Subsystem for Linux (Bash on Windows)

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?open:7.4.2/is-wsl:^2.1.1

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/open:7.4.2
  • simplicite-js:5.2.54

Identifiers

is-yarn-global:0.3.0

Description:

Check if installed by yarn globally without any `fs` calls

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?update-notifier:4.1.3/is-yarn-global:^0.3.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/update-notifier:6.0.2
  • simplicite-js:5.2.54/update-notifier:4.1.3
  • simplicite-js:5.2.54/update-notifier:5.1.0
  • simplicite-js:5.2.54

Identifiers

isarray:0.0.1

Description:

Array#isArray for older browsers

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?readable-stream:1.1.14/isarray:0.0.1

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/readable-stream:2.3.8
  • simplicite-js:5.2.54/readable-stream:1.1.14
  • simplicite-js:5.2.54

Identifiers

isarray:2.0.5

Description:

Array#isArray for older browsers

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/isarray:2.0.5

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/safe-array-concat:1.0.0
  • simplicite-js:5.2.54

Identifiers

isexe:2.0.0

Description:

Minimal module to check if a file is executable.

License:

ISC
File Path: /var/simplicite/simplicite-5.2/package-lock.json?which:2.0.2/isexe:^2.0.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/which:1.3.1
  • simplicite-js:5.2.54/which:2.0.2
  • simplicite-js:5.2.54
  • simplicite-js:5.2.54/which:3.0.1

Identifiers

isobject:3.0.1

Description:

Returns true if the value is an object and not an array or null.

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/isobject:3.0.1

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/is-plain-object:2.0.4
  • simplicite-js:5.2.54

Identifiers

isoparser-1.9.41.7.jar

Description:

A generic parser and writer for all ISO 14496 based files (MP4, Quicktime, DCF, PDCF, ...)

License:

Apache Software License - Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /var/simplicite/.m2/repository/org/tallison/isoparser/1.9.41.7/isoparser-1.9.41.7.jar
MD5: 7e48578f8678f0374593a3d659b4584e
SHA1: 97c87c0ab2c435e16380e6377bbe0c819f7eb9a1
SHA256:81adb55004ec1f126640254428e64b9bcb2dca33515b8280be974fb04edd0b53
Referenced In Project/Scope: Simplicite Platform:compile
isoparser-1.9.41.7.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.apache.tika/tika-parsers@1.27

Identifiers

istack-commons-runtime-3.0.12.jar

Description:

istack common utility code

License:

http://www.eclipse.org/org/documents/edl-v10.php
File Path: /var/simplicite/.m2/repository/com/sun/istack/istack-commons-runtime/3.0.12/istack-commons-runtime-3.0.12.jar
MD5: 1952bd76321f8580cfaa57e332a68287
SHA1: cbbe1a62b0cc6c85972e99d52aaee350153dc530
SHA256:27d85fc134c9271d5c79d3300fc4669668f017e72409727c428f54f2417f04cd
Referenced In Project/Scope: Simplicite Platform:compile
istack-commons-runtime-3.0.12.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.glassfish.jaxb/jaxb-runtime@2.3.4

Identifiers

istack-commons-tools-3.0.12.jar

Description:

istack common utility code

License:

http://www.eclipse.org/org/documents/edl-v10.php
File Path: /var/simplicite/.m2/repository/com/sun/istack/istack-commons-tools/3.0.12/istack-commons-tools-3.0.12.jar
MD5: 466851283328c997fc3c9008ba71b869
SHA1: 7213eee4e9f65972968f03c9dd4df266ce42530b
SHA256:88369766d2f7bf7904595d295d759ef553de47f2b9fc7d0c82a42f602ed70af0
Referenced In Project/Scope: Simplicite Platform:compile
istack-commons-tools-3.0.12.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.glassfish.jaxb/jaxb-xjc@2.3.4

Identifiers

itext-2.1.7.jar

Description:

iText, a free Java-PDF library

License:

Mozilla Public License: http://www.mozilla.org/MPL/MPL-1.1.html
File Path: /var/simplicite/.m2/repository/com/lowagie/itext/2.1.7/itext-2.1.7.jar
MD5: 7587a618197a065eac4a453d173d4ed6
SHA1: 892bfb3e97074a61123b3b2d7caa2db112750864
SHA256:7d82c6b097a31cdf5a6d49a327bf582fdec7304da69308f9f6abf54aa9fd9055
Referenced In Project/Scope: Simplicite Platform:compile
itext-2.1.7.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.simplicite/simplicite@5.2.54

Identifiers

CVE-2017-9096 (OSSINDEX)  

The XML parsers in iText before 5.5.12 and 7.x before 7.0.3 do not disable external entities, which might allow remote attackers to conduct XML external entity (XXE) attacks via a crafted PDF.
CWE-611 Improper Restriction of XML External Entity Reference

CVSSv3:
  • Base Score: HIGH (8.8)
  • Vector: CVSS:/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

References:

Vulnerable Software & Versions (OSSINDEX):

  • cpe:2.3:a:com.lowagie:itext:2.1.7:*:*:*:*:*:*:*

itext-rtf-2.1.7.jar

Description:

iText, a free Java-PDF library (rtf package)

License:

Mozilla Public License: http://www.mozilla.org/MPL/MPL-1.1.html
File Path: /var/simplicite/.m2/repository/com/lowagie/itext-rtf/2.1.7/itext-rtf-2.1.7.jar
MD5: f95d38da50192bc9e3876e3a987f02c1
SHA1: ed1cbe69ff69c6e6fa7645f51c8d25894a177e7b
SHA256:49d3b9df20ccc6565c91b8b18c638ecb018fd528b6eb64991d6d8ba73975c135
Referenced In Project/Scope: Simplicite Platform:compile
itext-rtf-2.1.7.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.simplicite/simplicite@5.2.54

Identifiers

j2objc-annotations-1.3.jar

Description:

    A set of annotations that provide additional information to the J2ObjC
    translator to modify the result of translation.

License:

The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /var/simplicite/.m2/repository/com/google/j2objc/j2objc-annotations/1.3/j2objc-annotations-1.3.jar
MD5: 5fa4ec4ec0c5aa70af8a7d4922df1931
SHA1: ba035118bc8bac37d7eff77700720999acd9986d
SHA256:21af30c92267bd6122c0e0b4d20cccb6641a37eaf956c6540ec471d584e64a7b
Referenced In Project/Scope: Simplicite Platform:compile
j2objc-annotations-1.3.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.google.guava/guava@30.1.1-jre

Identifiers

jackcess-4.0.1.jar

Description:

A pure Java library for reading from and writing to MS Access databases.

License:

http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /var/simplicite/.m2/repository/com/healthmarketscience/jackcess/jackcess/4.0.1/jackcess-4.0.1.jar
MD5: e80402af89e45e11bc79f97e70b35039
SHA1: e9953ac607c1d85647d6bc364579a871ef069441
SHA256:8d2eecb226c6f2ece3d44a96d688e2c03656af557b585804a90713fb67fbd95e
Referenced In Project/Scope: Simplicite Platform:compile
jackcess-4.0.1.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.apache.tika/tika-parsers@1.27

Identifiers

jackcess-encrypt-4.0.1.jar

Description:

An add-on to the Jackcess library for handling encryption in MS Access files.

License:

http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /var/simplicite/.m2/repository/com/healthmarketscience/jackcess/jackcess-encrypt/4.0.1/jackcess-encrypt-4.0.1.jar
MD5: d11b6d2ef809bbbc4f19daf3b99c5693
SHA1: 2fbb076c291767197b5b8202bfebdcd4b4a7199e
SHA256:f3ff03991dbb2b655c06632cc16de2752b4e50201fe101a2acbad63a18b8ff2f
Referenced In Project/Scope: Simplicite Platform:compile
jackcess-encrypt-4.0.1.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.apache.tika/tika-parsers@1.27

Identifiers

jackson-core-2.12.4.jar

Description:

Core Jackson processing abstractions (aka Streaming API), implementation for JSON

License:

The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /var/simplicite/.m2/repository/com/fasterxml/jackson/core/jackson-core/2.12.4/jackson-core-2.12.4.jar
MD5: 58ffcb451f0bf6beb78e306cfe5d46f3
SHA1: 006a1bd259b6c4e3f9219ec8ec0be55ed11eed0c
SHA256:3506ce47ec2604ae2d80d79505f7cb374f718060639415c07d144adadd2d68a3
Referenced In Project/Scope: Simplicite Platform:compile
jackson-core-2.12.4.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.simplicite/simplicite@5.2.54

Identifiers

jackson-core-asl-1.9.13.jar

Description:

Jackson is a high-performance JSON processor (parser, generator)

License:

The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /var/simplicite/.m2/repository/org/codehaus/jackson/jackson-core-asl/1.9.13/jackson-core-asl-1.9.13.jar
MD5: 319c49a4304e3fa9fe3cd8dcfc009d37
SHA1: 3c304d70f42f832e0a86d45bd437f692129299a4
SHA256:440a9cb5ca95b215f953d3a20a6b1a10da1f09b529a9ddea5f8a4905ddab4f5a
Referenced In Project/Scope: Simplicite Platform:compile
jackson-core-asl-1.9.13.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.google.http-client/google-http-client-jackson@1.29.2

Identifiers

jackson-databind-2.12.4.jar

Description:

General data-binding functionality for Jackson: works on core streaming API

License:

The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /var/simplicite/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.12.4/jackson-databind-2.12.4.jar
MD5: 7bf7ed4119602e8a7b23356dc0fba920
SHA1: 069206e02e6a696034f06a59d3ddbfbba5a4cd81
SHA256:e99a7b4b89074bc689aabcd9eb1f2c1318b68cc5c34979daf3e34edc558c7a01
Referenced In Project/Scope: Simplicite Platform:compile
jackson-databind-2.12.4.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.simplicite/simplicite@5.2.54

Identifiers

CVE-2020-36518  

jackson-databind before 2.13.0 allows a Java StackOverflow exception and denial of service via a large depth of nested objects.
CWE-787 Out-of-bounds Write

CVSSv2:
  • Base Score: MEDIUM (5.0)
  • Vector: /AV:N/AC:L/Au:N/C:N/I:N/A:P
CVSSv3:
  • Base Score: HIGH (7.5)
  • Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

References:

Vulnerable Software & Versions: (show all)

CVE-2021-46877  

jackson-databind 2.10.x through 2.12.x before 2.12.6 and 2.13.x before 2.13.1 allows attackers to cause a denial of service (2 GB transient heap usage per read) in uncommon situations involving JsonNode JDK serialization.
CWE-770 Allocation of Resources Without Limits or Throttling

CVSSv3:
  • Base Score: HIGH (7.5)
  • Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

References:

Vulnerable Software & Versions: (show all)

CVE-2022-42003  

In FasterXML jackson-databind before versions 2.13.4.1 and 2.12.17.1, resource exhaustion can occur because of a lack of a check in primitive value deserializers to avoid deep wrapper array nesting, when the UNWRAP_SINGLE_VALUE_ARRAYS feature is enabled.
CWE-502 Deserialization of Untrusted Data

CVSSv3:
  • Base Score: HIGH (7.5)
  • Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

References:

Vulnerable Software & Versions: (show all)

CVE-2022-42004  

In FasterXML jackson-databind before 2.13.4, resource exhaustion can occur because of a lack of a check in BeanDeserializer._deserializeFromArray to prevent use of deeply nested arrays. An application is vulnerable only with certain customized choices for deserialization.
CWE-502 Deserialization of Untrusted Data

CVSSv3:
  • Base Score: HIGH (7.5)
  • Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

References:

Vulnerable Software & Versions: (show all)

CVE-2023-35116  

jackson-databind through 2.15.2 allows attackers to cause a denial of service or other unspecified impact via a crafted object that uses cyclic dependencies. NOTE: the vendor's perspective is that this is not a valid vulnerability report, because the steps of constructing a cyclic data structure and trying to serialize it cannot be achieved by an external attacker.
CWE-770 Allocation of Resources Without Limits or Throttling

CVSSv3:
  • Base Score: MEDIUM (4.7)
  • Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H

References:

Vulnerable Software & Versions:

jackson-dataformat-csv-2.12.4.jar

Description:

Support for reading and writing CSV-encoded data via Jackson
abstractions.

License:

http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /var/simplicite/.m2/repository/com/fasterxml/jackson/dataformat/jackson-dataformat-csv/2.12.4/jackson-dataformat-csv-2.12.4.jar
MD5: 9ffd8d59e1aaa71413c539f2447fbee0
SHA1: 3c224197f67564b62148245a0ff6f36c8e6c878c
SHA256:e1205a19931b8e170d3eff96a2bca3b44d800b4e43538bc2d81dcdc1d4646ffd
Referenced In Project/Scope: Simplicite Platform:compile
jackson-dataformat-csv-2.12.4.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.simplicite/simplicite@5.2.54

Identifiers

jackson-datatype-guava-2.12.4.jar

Description:

Add-on datatype-support module for Jackson (https://github.com/FasterXML/jackson) that handles
Guava (http://code.google.com/p/guava-libraries/) types (currently mostly just collection ones)

License:

http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /var/simplicite/.m2/repository/com/fasterxml/jackson/datatype/jackson-datatype-guava/2.12.4/jackson-datatype-guava-2.12.4.jar
MD5: f3d25b735082c72426f760163260fdf7
SHA1: 40ef5fb094f8c0c2ff1c21ce496bfce94d159a52
SHA256:6b6b3ebadc433463e4c202222ddabb3991d166eb8d0f81d008f061f11506b0f5
Referenced In Project/Scope: Simplicite Platform:compile
jackson-datatype-guava-2.12.4.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.simplicite/simplicite@5.2.54

Identifiers

jackson-datatype-joda-2.12.4.jar

Description:

Add-on module for Jackson (http://github.com/FasterXML/jackson) to support Joda (https://www.joda.org/joda-time/) data types.

License:

http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /var/simplicite/.m2/repository/com/fasterxml/jackson/datatype/jackson-datatype-joda/2.12.4/jackson-datatype-joda-2.12.4.jar
MD5: e26dff4f5c5d1b2900884909a5dfa2bf
SHA1: dcd7bb5f1158914903fae6c61bf0f9a44df480e1
SHA256:0de93d725472df2027c3e869301a3035892e607d94423c589c96964305d51051
Referenced In Project/Scope: Simplicite Platform:compile
jackson-datatype-joda-2.12.4.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.simplicite/simplicite@5.2.54

Identifiers

jackson-jaxrs-base-2.12.4.jar

Description:

Pile of code that is shared by all Jackson-based JAX-RS
providers.

License:

http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /var/simplicite/.m2/repository/com/fasterxml/jackson/jaxrs/jackson-jaxrs-base/2.12.4/jackson-jaxrs-base-2.12.4.jar
MD5: 0a61dd890055bbdd1659010a553b37aa
SHA1: f5ee76196227cbd92452fabfa85d8c76f1f65467
SHA256:4dad3e5798b8c4d063363a8c30cedb1cc36bcd6fdbe5a91c75d6e37b88e813d5
Referenced In Project/Scope: Simplicite Platform:compile
jackson-jaxrs-base-2.12.4.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.simplicite/simplicite@5.2.54

Identifiers

jackson-jaxrs-json-provider-2.12.4.jar

Description:

Functionality to handle JSON input/output for JAX-RS implementations (like Jersey and RESTeasy) using standard Jackson data binding.

License:

http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /var/simplicite/.m2/repository/com/fasterxml/jackson/jaxrs/jackson-jaxrs-json-provider/2.12.4/jackson-jaxrs-json-provider-2.12.4.jar
MD5: 7238aeaf1cd9b480dd6b6050902d3578
SHA1: f29fbd66937fcc8dc6485c64697b1283a37cbda7
SHA256:0dc4ddb9033d3f3e7bfebdb95a11d6ee9b8a85605fd8e8491994eae67a65025c
Referenced In Project/Scope: Simplicite Platform:compile
jackson-jaxrs-json-provider-2.12.4.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.simplicite/simplicite@5.2.54

Identifiers

jackson-jaxrs-xml-provider-2.12.4.jar

Description:

Functionality to handle XML input/output for JAX-RS implementations (like Jersey and RESTeasy) using standard Jackson data binding.

License:

http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /var/simplicite/.m2/repository/com/fasterxml/jackson/jaxrs/jackson-jaxrs-xml-provider/2.12.4/jackson-jaxrs-xml-provider-2.12.4.jar
MD5: 8c2d3701d13137577dbbeedd16f54f91
SHA1: 33756ed83d16003cfc13431ecf576ccb1cc9185b
SHA256:a7f0a5305126cd4f36dc8ed7f4f2418ba1150f23c192f2d1950f8e50448e08ce
Referenced In Project/Scope: Simplicite Platform:compile
jackson-jaxrs-xml-provider-2.12.4.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.simplicite/simplicite@5.2.54

Identifiers

jackson-module-jaxb-annotations-2.12.4.jar

Description:

Support for using JAXB annotations as an alternative to "native" Jackson annotations, for configuring
data-binding.

License:

http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /var/simplicite/.m2/repository/com/fasterxml/jackson/module/jackson-module-jaxb-annotations/2.12.4/jackson-module-jaxb-annotations-2.12.4.jar
MD5: 29ff9647ec16c8e897b29c380b7e87d7
SHA1: 5e43703aae1a9843dfd7df0a0ad6cbfedcaff67f
SHA256:7a6063c76ba26f14f18b808ad50955f87fa20d2a5225a1d8dc5add63ce234f75
Referenced In Project/Scope: Simplicite Platform:compile
jackson-module-jaxb-annotations-2.12.4.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.simplicite/simplicite@5.2.54

Identifiers

jackspeak:2.3.6

Description:

A very strict and proper argument parser.

License:

BlueOak-1.0.0
File Path: /var/simplicite/simplicite-5.2/package-lock.json?glob:10.3.3/jackspeak:^2.0.3

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/glob:10.3.10
  • simplicite-js:5.2.54
  • simplicite-js:5.2.54/glob:10.3.3

Identifiers

jai-imageio-core-1.4.0.jar

Description:

    Java Advanced Imaging Image I/O Tools API core, but without the classes 
    involved with javax.media.jai dependencies, JPEG2000 or 
    codecLibJIIO, meaning that this library can be distributed under the 
    modified BSD license and should be GPL compatible.

License:

BSD 3-clause License w/nuclear disclaimer: LICENSE.txt
File Path: /var/simplicite/.m2/repository/com/github/jai-imageio/jai-imageio-core/1.4.0/jai-imageio-core-1.4.0.jar
MD5: 6978d733bfb55c0a82639f724fe5f3bb
SHA1: fb6d79b929556362a241b2f65a04e538062f0077
SHA256:8ad3c68e9efffb10ac87ff8bc589adf64b04a729c5194c079efd0643607fd72a
Referenced In Project/Scope: Simplicite Platform:compile
jai-imageio-core-1.4.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.apache.tika/tika-parsers@1.27

Identifiers

jakarta.activation-2.0.1.jar

Description:

Jakarta Activation

License:

http://www.eclipse.org/org/documents/edl-v10.php
File Path: /var/simplicite/.m2/repository/com/sun/activation/jakarta.activation/2.0.1/jakarta.activation-2.0.1.jar
MD5: 39228ac67f033514a0ccb3360ac461f3
SHA1: 828b80e886a52bb09fe41ff410b10b342f533ce1
SHA256:b9e24b7dd6e07495562ea96531be3130c96dba4d78e1dfd88adbbdebf4332871
Referenced In Project/Scope: Simplicite Platform:compile
jakarta.activation-2.0.1.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.simplicite/simplicite@5.2.54

Identifiers

jakarta.annotation-api-1.3.5.jar

Description:

Jakarta Annotations API

License:

EPL 2.0: http://www.eclipse.org/legal/epl-2.0
GPL2 w/ CPE: https://www.gnu.org/software/classpath/license.html
File Path: /var/simplicite/.m2/repository/jakarta/annotation/jakarta.annotation-api/1.3.5/jakarta.annotation-api-1.3.5.jar
MD5: 8b165cf58df5f8c2a222f637c0a07c97
SHA1: 59eb84ee0d616332ff44aba065f3888cf002cd2d
SHA256:85fb03fc054cdf4efca8efd9b6712bbb418e1ab98241c4539c8585bbc23e1b8a
Referenced In Project/Scope: Simplicite Platform:provided
jakarta.annotation-api-1.3.5.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.docusign/docusign-esign-java@3.14.0

Identifiers

jakarta.inject-2.6.1.jar

Description:

Injection API (JSR 330) version  repackaged as OSGi bundle

License:

http://www.eclipse.org/legal/epl-2.0, https://www.gnu.org/software/classpath/license.html
File Path: /var/simplicite/.m2/repository/org/glassfish/hk2/external/jakarta.inject/2.6.1/jakarta.inject-2.6.1.jar
MD5: 4d7c80a1e3cd54531af03bef4537f7af
SHA1: 8096ebf722902e75fbd4f532a751e514f02e1eb7
SHA256:5e88c123b3e41bca788b2683118867d9b6dec714247ea91c588aed46a36ee24f
Referenced In Project/Scope: Simplicite Platform:provided
jakarta.inject-2.6.1.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.docusign/docusign-esign-java@3.14.0

Identifiers

jakarta.mail-2.0.1.jar

Description:

Jakarta Mail API

License:

http://www.eclipse.org/legal/epl-2.0, https://www.gnu.org/software/classpath/license.html, http://www.eclipse.org/org/documents/edl-v10.php
File Path: /var/simplicite/.m2/repository/com/sun/mail/jakarta.mail/2.0.1/jakarta.mail-2.0.1.jar
MD5: 8885560796641719f1cc0c9ea17b8bee
SHA1: 96d3645f02a92bcc5e7ae1ff037151e44179f230
SHA256:8988bdbde922ee173db7179e23393dd2258f3b64f708f41082e03f0e0494cc23
Referenced In Project/Scope: Simplicite Platform:compile
jakarta.mail-2.0.1.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.simplicite/simplicite@5.2.54

Identifiers

jakarta.ws.rs-api-2.1.6.jar

Description:

Jakarta RESTful Web Services API

License:

EPL 2.0: http://www.eclipse.org/legal/epl-2.0
GPL2 w/ CPE: https://www.gnu.org/software/classpath/license.html
File Path: /var/simplicite/.m2/repository/jakarta/ws/rs/jakarta.ws.rs-api/2.1.6/jakarta.ws.rs-api-2.1.6.jar
MD5: c3892382aeb5c54085b22b1890511d29
SHA1: 1dcb770bce80a490dff49729b99c7a60e9ecb122
SHA256:4cea299c846c8a6e6470cbfc2f7c391bc29b9caa2f9264ac1064ba91691f4adf
Referenced In Project/Scope: Simplicite Platform:provided
jakarta.ws.rs-api-2.1.6.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.docusign/docusign-esign-java@3.14.0

Identifiers

jakarta.xml.bind-api-2.3.3.jar

Description:

Jakarta XML Binding API 2.3 Design Specification

License:

http://www.eclipse.org/org/documents/edl-v10.php
File Path: /var/simplicite/.m2/repository/jakarta/xml/bind/jakarta.xml.bind-api/2.3.3/jakarta.xml.bind-api-2.3.3.jar
MD5: 61286918ca0192e9f87d1358aef718dd
SHA1: 48e3b9cfc10752fba3521d6511f4165bea951801
SHA256:c04539f472e9a6dd0c7685ea82d677282269ab8e7baca2e14500e381e0c6cec5
Referenced In Project/Scope: Simplicite Platform:compile
jakarta.xml.bind-api-2.3.3.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.glassfish.jaxb/jaxb-runtime@2.3.4

Identifiers

java-jwt-3.18.2.jar

Description:

Java implementation of JSON Web Token (JWT)

License:

The MIT License (MIT): https://raw.githubusercontent.com/auth0/java-jwt/master/LICENSE
File Path: /var/simplicite/.m2/repository/com/auth0/java-jwt/3.18.2/java-jwt-3.18.2.jar
MD5: 574622007c3a0184dd88fc84894142e0
SHA1: 089c1da37cd738d9c3c7176fbf1e291ff2a8b988
SHA256:b5cd12b6db70a39f8c3d688e6fac930bd32d9a7f5d0e584e8a554a3e42cbfbf1
Referenced In Project/Scope: Simplicite Platform:compile
java-jwt-3.18.2.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.simplicite/simplicite@5.2.54

Identifiers

java-libpst-0.9.3.jar

Description:

A library to read PST files with java, without need for external libraries.

License:

The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /var/simplicite/.m2/repository/com/pff/java-libpst/0.9.3/java-libpst-0.9.3.jar
MD5: 26a2227892a5859875c3bf2bdf88bc9e
SHA1: 928a6698850cd89577d28201ff1ac443bb339d2b
SHA256:039cd61635ded94dba67f909d3b1763e13f9c23d02f9750eb6259af10e1dabdb
Referenced In Project/Scope: Simplicite Platform:compile
java-libpst-0.9.3.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.apache.tika/tika-parsers@1.27

Identifiers

java-saml-2.7.0.jar

File Path: /var/simplicite/.m2/repository/com/onelogin/java-saml/2.7.0/java-saml-2.7.0.jar
MD5: 9cc7410f00de4806a7654e40c91c9e29
SHA1: cf109ade576a9823f8c1237aa88b31a9b16c64f9
SHA256:e1da178c2f34f5ddba62a9f84dd2da6e994c27a88717af3a33761029f75904a8
Referenced In Project/Scope: Simplicite Platform:compile
java-saml-2.7.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.simplicite/simplicite@5.2.54

Identifiers

java-saml-core-2.7.0.jar

File Path: /var/simplicite/.m2/repository/com/onelogin/java-saml-core/2.7.0/java-saml-core-2.7.0.jar
MD5: 666fb08176b089416b8c7090897c1b37
SHA1: 942ab18d2e21dcba64eed4628c112860bef263a0
SHA256:efc4c25ffcf6a548a755e55b5324bd1f90fa7e3d01a70d458f97dc8eba380c81
Referenced In Project/Scope: Simplicite Platform:compile
java-saml-core-2.7.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.onelogin/java-saml@2.7.0

Identifiers

javase-3.0.1.jar

Description:

Java SE-specific extensions to core ZXing library

File Path: /var/simplicite/.m2/repository/com/google/zxing/javase/3.0.1/javase-3.0.1.jar
MD5: 04258960339322ce4fb90718899ff4c9
SHA1: 06fa0ae253f5bb2943fb64100c936d6a142832c2
SHA256:83c1e61db240c81b9b9628ea8dd63944cacf2b4f3578b4f3f4d3104506e4d0a4
Referenced In Project/Scope: Simplicite Platform:compile
javase-3.0.1.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.simplicite/simplicite@5.2.54

Identifiers

javassist-3.22.0-CR2.jar

Description:

  	Javassist (JAVA programming ASSISTant) makes Java bytecode manipulation
    simple.  It is a class library for editing bytecodes in Java.

License:

MPL 1.1: http://www.mozilla.org/MPL/MPL-1.1.html
LGPL 2.1: http://www.gnu.org/licenses/lgpl-2.1.html
Apache License 2.0: http://www.apache.org/licenses/
File Path: /var/simplicite/.m2/repository/org/javassist/javassist/3.22.0-CR2/javassist-3.22.0-CR2.jar
MD5: 2c48278c202227d8f3b8382965d41c0f
SHA1: 44eaf0990dea92f4bca4b9931b2239c0e8756ee7
SHA256:230267ffd7bfe404c1b87faf215dd012f607ba3151bd7099562c305c09de6a7a
Referenced In Project/Scope: Simplicite Platform:provided
javassist-3.22.0-CR2.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.docusign/docusign-esign-java@3.14.0

Identifiers

javax.activation-api-1.2.0.jar

Description:

JavaBeans Activation Framework API jar

License:

https://github.com/javaee/activation/blob/master/LICENSE.txt
File Path: /var/simplicite/.m2/repository/javax/activation/javax.activation-api/1.2.0/javax.activation-api-1.2.0.jar
MD5: 5e50e56bcf4a3ef3bc758f69f7643c3b
SHA1: 85262acf3ca9816f9537ca47d5adeabaead7cb16
SHA256:43fdef0b5b6ceb31b0424b208b930c74ab58fac2ceeb7b3f6fd3aeb8b5ca4393
Referenced In Project/Scope: Simplicite Platform:compile
javax.activation-api-1.2.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.simplicite/simplicite@5.2.54

Identifiers

javax.annotation-api-1.3.2.jar

Description:

Common Annotations for the JavaTM Platform API

License:

CDDL + GPLv2 with classpath exception: https://github.com/javaee/javax.annotation/blob/master/LICENSE
File Path: /var/simplicite/.m2/repository/javax/annotation/javax.annotation-api/1.3.2/javax.annotation-api-1.3.2.jar
MD5: 2ab1973eefffaa2aeec47d50b9e40b9d
SHA1: 934c04d3cfef185a8008e7bf34331b79730a9d43
SHA256:e04ba5195bcd555dc95650f7cc614d151e4bcd52d29a10b8aa2197f3ab89ab9b
Referenced In Project/Scope: Simplicite Platform:provided
javax.annotation-api-1.3.2.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.simplicite/simplicite@5.2.54

Identifiers

javax.ejb-api-3.2.2.jar

Description:

Project GlassFish Enterprise JavaBean API

License:

CDDL + GPLv2 with classpath exception: https://oss.oracle.com/licenses/CDDL+GPL-1.1
File Path: /var/simplicite/.m2/repository/javax/ejb/javax.ejb-api/3.2.2/javax.ejb-api-3.2.2.jar
MD5: f7a1ffa8ec359720a01dd09f79f042c3
SHA1: 8921a3e3cb30fe5966531ad53902eef19303123b
SHA256:13ff874c58c32b649077dab6ab23bc93938610adc99e90d63933f6f074805b72
Referenced In Project/Scope: Simplicite Platform:provided
javax.ejb-api-3.2.2.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.simplicite/simplicite@5.2.54

Identifiers

javax.inject-1.jar

Description:

The javax.inject API

License:

The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /var/simplicite/.m2/repository/javax/inject/javax.inject/1/javax.inject-1.jar
MD5: 289075e48b909e9e74e6c915b3631d2e
SHA1: 6975da39a7040257bd51d21a231b76c915872d38
SHA256:91c77044a50c481636c32d916fd89c9118a72195390452c81065080f957de7ff
Referenced In Project/Scope: Simplicite Platform:compile
javax.inject-1.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.apache.jclouds/jclouds-core@2.4.0

Identifiers

javax.jms-api-2.0.1.jar

Description:

Java(TM) Message Service Specification

License:

CDDL + GPLv2 with classpath exception: https://glassfish.java.net/nonav/public/CDDL+GPL_1_1.html
File Path: /var/simplicite/.m2/repository/javax/jms/javax.jms-api/2.0.1/javax.jms-api-2.0.1.jar
MD5: d69d2e02910e97b2478c0105e9b2caab
SHA1: 5faaa3864ff6025ce69809b60d65bda3e358610c
SHA256:aa4a16fac46d949b17b32091036e4d1e3c812ef3b4bd184ec838efffb53ba4f8
Referenced In Project/Scope: Simplicite Platform:compile
javax.jms-api-2.0.1.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.simplicite/simplicite@5.2.54

Identifiers

javax.mail-api-1.6.2.jar

Description:

JavaMail API jar

License:

https://javaee.github.io/javamail/LICENSE
File Path: /var/simplicite/.m2/repository/javax/mail/javax.mail-api/1.6.2/javax.mail-api-1.6.2.jar
MD5: c1df29c4b85433bd2f378b06c323c2d3
SHA1: 17a8151bab44f9c94f34c10db70d95ba3c830eda
SHA256:17489addfc8d7b43afc7775072a56bbaadf32cfb1e9d39fb4b7ece890d6698f1
Referenced In Project/Scope: Simplicite Platform:compile
javax.mail-api-1.6.2.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.simplicite/simplicite@5.2.54

Identifiers

javax.servlet-api-4.0.1.jar

Description:

Java(TM) Servlet 4.0 API Design Specification

License:

CDDL + GPLv2 with classpath exception: https://oss.oracle.com/licenses/CDDL+GPL-1.1
File Path: /var/simplicite/.m2/repository/javax/servlet/javax.servlet-api/4.0.1/javax.servlet-api-4.0.1.jar
MD5: b80414033bf3397de334b95e892a2f44
SHA1: a27082684a2ff0bf397666c3943496c44541d1ca
SHA256:83a03dd877d3674576f0da7b90755c8524af099ccf0607fc61aa971535ad7c60
Referenced In Project/Scope: Simplicite Platform:provided
javax.servlet-api-4.0.1.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.simplicite/simplicite@5.2.54

Identifiers

javax.servlet.jsp-api-2.3.3.jar

Description:

Java.net - The Source for Java Technology Collaboration

License:

CDDL + GPLv2 with classpath exception: ://oss.oracle.com/licenses/CDDL+GPL-1.1
File Path: /var/simplicite/.m2/repository/javax/servlet/jsp/javax.servlet.jsp-api/2.3.3/javax.servlet.jsp-api-2.3.3.jar
MD5: f6676a5961328c41c5e722da5e48d047
SHA1: 81191ab80e342912dc9cea735c30ff4eddc64de3
SHA256:409a534d275ef0958a2c1692472da30e3706bfe6933d56c039376f53f13689b7
Referenced In Project/Scope: Simplicite Platform:provided
javax.servlet.jsp-api-2.3.3.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.simplicite/simplicite@5.2.54

Identifiers

javax.transaction-api-1.3.jar

Description:

Project GlassFish Java Transaction API

License:

CDDL + GPLv2 with classpath exception: https://github.com/javaee/javax.transaction/blob/master/LICENSE
File Path: /var/simplicite/.m2/repository/javax/transaction/javax.transaction-api/1.3/javax.transaction-api-1.3.jar
MD5: 6e9cb1684621821248b6823143ae26c0
SHA1: e006adf5cf3cca2181d16bd640ecb80148ec0fce
SHA256:603df5e4fc1eeae8f5e5d363a8be6c1fa47d0df1df8739a05cbcb9fafd6df2da
Referenced In Project/Scope: Simplicite Platform:provided
javax.transaction-api-1.3.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.simplicite/simplicite@5.2.54

Identifiers

javax.websocket-api-1.1.jar

Description:

JSR 356: Java API for WebSocket

License:

https://glassfish.java.net/public/CDDL+GPL_1_1.html
File Path: /var/simplicite/.m2/repository/javax/websocket/javax.websocket-api/1.1/javax.websocket-api-1.1.jar
MD5: be29e11a4a15742aa6fb418fa46345e3
SHA1: eeeb68631711256418dfbb47b11c731b6c8f6235
SHA256:a260973517bf6411d659b588a719aa27e7e4e47dfbd510fceb5bf1023a2c45e4
Referenced In Project/Scope: Simplicite Platform:provided
javax.websocket-api-1.1.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.simplicite/simplicite@5.2.54

Identifiers

javax.ws.rs-api-2.0.1.jar

Description:

Java API for RESTful Web Services (JAX-RS)

License:

CDDL 1.1: http://glassfish.java.net/public/CDDL+GPL_1_1.html
GPL2 w/ CPE: http://glassfish.java.net/public/CDDL+GPL_1_1.html
File Path: /var/simplicite/.m2/repository/javax/ws/rs/javax.ws.rs-api/2.0.1/javax.ws.rs-api-2.0.1.jar
MD5: edcd111cf4d3ba8ac8e1f326efc37a17
SHA1: 104e9c2b5583cfcfeac0402316221648d6d8ea6b
SHA256:38607d626f2288d8fbc1b1f8a62c369e63806d9a313ac7cbc5f9d6c94f4b466d
Referenced In Project/Scope: Simplicite Platform:compile
javax.ws.rs-api-2.0.1.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.simplicite/simplicite@5.2.54

Identifiers

jawk-1.02.jar

Description:

POM was created from install:install-file

File Path: /var/simplicite/.m2/repository/org/jawk/jawk/1.02/jawk-1.02.jar
MD5: cd04ea3460d71a03ca5f4232c9ee5f0c
SHA1: 7bdd8bb1a1b9adff9b471cc041cba83ef3a2abe6
SHA256:2773c7f47b2ee8f483d6cb30f799c31f81645d23f49910e58ef4cccb2ffe1c7b
Referenced In Project/Scope: Simplicite Platform:compile
jawk-1.02.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.simplicite/simplicite@5.2.54

Identifiers

jaxb-api-2.3.1.jar

Description:

JAXB (JSR 222) API

License:

https://oss.oracle.com/licenses/CDDL+GPL-1.1, https://oss.oracle.com/licenses/CDDL+GPL-1.1
File Path: /var/simplicite/.m2/repository/javax/xml/bind/jaxb-api/2.3.1/jaxb-api-2.3.1.jar
MD5: bcf270d320f645ad19f5edb60091e87f
SHA1: 8531ad5ac454cc2deb9d4d32c40c4d7451939b5d
SHA256:88b955a0df57880a26a74708bc34f74dcaf8ebf4e78843a28b50eae945732b06
Referenced In Project/Scope: Simplicite Platform:compile
jaxb-api-2.3.1.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.simplicite/simplicite@5.2.54

Identifiers

jaxb-impl-2.3.3.jar (shaded: com.sun.istack:istack-commons-runtime:3.0.11)

File Path: /var/simplicite/.m2/repository/com/sun/xml/bind/jaxb-impl/2.3.3/jaxb-impl-2.3.3.jar/META-INF/maven/com.sun.istack/istack-commons-runtime/pom.xml
MD5: 2cf61b2d9ed8b708932ba4d2bdd53025
SHA1: 1c4b0f15c5b1aeb7ba30ba0f6a21c10ee112d2b2
SHA256:ae1c070432a8cc35b92960758175014e991193af982e0ad083e40885611d7e94
Referenced In Project/Scope: Simplicite Platform:compile

Identifiers

jaxb-impl-2.3.3.jar (shaded: org.glassfish.jaxb:jaxb-runtime:2.3.3)

Description:

JAXB (JSR 222) Reference Implementation

File Path: /var/simplicite/.m2/repository/com/sun/xml/bind/jaxb-impl/2.3.3/jaxb-impl-2.3.3.jar/META-INF/maven/org.glassfish.jaxb/jaxb-runtime/pom.xml
MD5: 7612c04cd616dd6d2a471427a3b87518
SHA1: 2efabedb3f95d04c4b1aa6c71beb16d6d1283f95
SHA256:92dfe5a3925a9194f0a348ca7a4d5ae7dc64fca79ceab5bcd04ef947f42f36f4
Referenced In Project/Scope: Simplicite Platform:compile

Identifiers

jaxb-impl-2.3.3.jar (shaded: org.glassfish.jaxb:txw2:2.3.3)

Description:

        TXW is a library that allows you to write XML documents.

File Path: /var/simplicite/.m2/repository/com/sun/xml/bind/jaxb-impl/2.3.3/jaxb-impl-2.3.3.jar/META-INF/maven/org.glassfish.jaxb/txw2/pom.xml
MD5: d500c9f1fa5827030d0ecee5e5b8122b
SHA1: 69002631b1dd2c1205c099feaca71689090e3fa1
SHA256:578621ff5ae4feaf6e41c3e0575ba67db3aa57aeb70ed68611795cddfb4b577f
Referenced In Project/Scope: Simplicite Platform:compile

Identifiers

jaxb-impl-2.3.3.jar

Description:

Old JAXB Runtime module. Contains sources required for runtime processing.

License:

http://www.eclipse.org/org/documents/edl-v10.php
File Path: /var/simplicite/.m2/repository/com/sun/xml/bind/jaxb-impl/2.3.3/jaxb-impl-2.3.3.jar
MD5: 8f59ab4ced2bb2e3a732e924852fac98
SHA1: 3758e8c1664979749e647a9ca8c7ea1cd83c9b1e
SHA256:e5178d0c7948247f75a13c689bf36f4d5d4910a121f712aa3b20ae94377069d8
Referenced In Project/Scope: Simplicite Platform:compile
jaxb-impl-2.3.3.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.apache.jclouds/jclouds-core@2.4.0

Identifiers

jaxb-svg11-1.0.2.jar

Description:

JAXB classes modelling SVG 1.1

License:

Apache 2: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /var/simplicite/.m2/repository/org/plutext/jaxb-svg11/1.0.2/jaxb-svg11-1.0.2.jar
MD5: 91f22bed36295692c384e846dfc460b0
SHA1: 3c0cd54d5691f5b5f8c60ed0c06353ff1db424e1
SHA256:6799f39d49d9dbfef140e76b33d0884d55372935768a3955900eb022576a760d
Referenced In Project/Scope: Simplicite Platform:compile
jaxb-svg11-1.0.2.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.docx4j/docx4j-core@11.2.9

Identifiers

jaxb-xjc-2.3.4.jar

Description:

        JAXB Binding Compiler. Contains source code needed for binding customization files into java sources.
        In other words: the *tool* to generate java classes for the given xml representation.

File Path: /var/simplicite/.m2/repository/org/glassfish/jaxb/jaxb-xjc/2.3.4/jaxb-xjc-2.3.4.jar
MD5: 3dbfc9f439c82f35f5fa2e4e5ba46d1d
SHA1: 2ffd30b67f304df5bd440048469e63be4ab45be5
SHA256:e03c5df079afb7366e8b7d4bf159898e7f646fbe77cd6e3486a51b1113877713
Referenced In Project/Scope: Simplicite Platform:compile
jaxb-xjc-2.3.4.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.simplicite/simplicite@5.2.54

Identifiers

jbig2-imageio-3.0.3.jar

Description:

	Java Image I/O plugin for reading JBIG2-compressed image data. 
	Formerly known as the levigo JBig2 ImageIO plugin (com.levigo.jbig2:levigo-jbig2-imageio).

File Path: /var/simplicite/.m2/repository/org/apache/pdfbox/jbig2-imageio/3.0.3/jbig2-imageio-3.0.3.jar
MD5: 3c19c78788d7669c1caf2ee8ccb84a54
SHA1: 1719861ff0b86162c5b391fb4d1084c05ff72b35
SHA256:c80110fda57128563d3d0656bff78da8bf35a934cf54edfa10e8b76fc6389929
Referenced In Project/Scope: Simplicite Platform:compile
jbig2-imageio-3.0.3.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.simplicite/simplicite@5.2.54

Identifiers

jcip-annotations-1.0.jar

File Path: /var/simplicite/.m2/repository/net/jcip/jcip-annotations/1.0/jcip-annotations-1.0.jar
MD5: 9d5272954896c5a5d234f66b7372b17a
SHA1: afba4942caaeaf46aab0b976afd57cc7c181467e
SHA256:be5805392060c71474bf6c9a67a099471274d30b83eef84bfc4e0889a4f1dcc0
Referenced In Project/Scope: Simplicite Platform:compile
jcip-annotations-1.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.apache.tika/tika-parsers@1.27

Identifiers

jcl-over-slf4j-1.7.32.jar

Description:

JCL 1.2 implemented over SLF4J

License:

Apache License, Version 2.0: https://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /var/simplicite/.m2/repository/org/slf4j/jcl-over-slf4j/1.7.32/jcl-over-slf4j-1.7.32.jar
MD5: 8788169f5d5be6550efc75d3bfffc82c
SHA1: 32c060250bcc5282cdbc1fd7008c12eb4ebad00e
SHA256:60f3bda5922e3912889cca1311d1b227753610bf60cb4e5e914e8b2eaa0326b4
Referenced In Project/Scope: Simplicite Platform:compile
jcl-over-slf4j-1.7.32.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.simplicite/simplicite@5.2.54

Identifiers

jclouds-core-2.4.0.jar

Description:

Core components to access jclouds services

File Path: /var/simplicite/.m2/repository/org/apache/jclouds/jclouds-core/2.4.0/jclouds-core-2.4.0.jar
MD5: c15a0a4da4197a0cc78c03937e3afa91
SHA1: 95bdded2ac8e0391dfc5bce5376f2d68a39c280f
SHA256:d8afd892c2a6aa443d1412e7c8bc938e50c1bbbe2e14538af78e3461c9772215
Referenced In Project/Scope: Simplicite Platform:compile
jclouds-core-2.4.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.simplicite/simplicite@5.2.54

Identifiers

jclouds-core-2.4.0.jar: gson-2.8.5.jar

Description:

Gson JSON library

File Path: /var/simplicite/.m2/repository/org/apache/jclouds/jclouds-core/2.4.0/jclouds-core-2.4.0.jar/lib/gson-2.8.5.jar
MD5: 089104cb90d8b4e1aa00b1f5faef0742
SHA1: f645ed69d595b24d4cf8b3fbb64cc505bede8829
SHA256:233a0149fc365c9f6edbd683cfe266b19bdc773be98eabdaf6b3c924b48e7d81
Referenced In Project/Scope: Simplicite Platform:compile

Identifiers

CVE-2022-25647  

The package com.google.code.gson:gson before 2.8.9 are vulnerable to Deserialization of Untrusted Data via the writeReplace() method in internal classes, which may lead to DoS attacks.
CWE-502 Deserialization of Untrusted Data

CVSSv2:
  • Base Score: MEDIUM (5.0)
  • Vector: /AV:N/AC:L/Au:N/C:N/I:N/A:P
CVSSv3:
  • Base Score: HIGH (7.5)
  • Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

References:

Vulnerable Software & Versions: (show all)

jcommander-1.81.jar

Description:

Command line parsing library for Java

License:

Apache License, Version 2.0: https://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /var/simplicite/.m2/repository/com/beust/jcommander/1.81/jcommander-1.81.jar
MD5: 8fb20390e744cb6902b06005fabc9a9e
SHA1: 9ca9dd27bb28e5990ad01aec5bb2989f50b6ff3e
SHA256:9d8b42979c99f3daa99102fe9ba1fb25f52226cb48cf58bc18acb93132e41a05
Referenced In Project/Scope: Simplicite Platform:compile
jcommander-1.81.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.apache.tika/tika-parsers@1.27

Identifiers

jdom2-2.0.6.jar

Description:

		A complete, Java-based solution for accessing, manipulating, 
		and outputting XML data

License:

Similar to Apache License but with the acknowledgment clause removed: https://raw.github.com/hunterhacker/jdom/master/LICENSE.txt
File Path: /var/simplicite/.m2/repository/org/jdom/jdom2/2.0.6/jdom2-2.0.6.jar
MD5: 86a30c9b1ddc08ca155747890db423b7
SHA1: 6f14738ec2e9dd0011e343717fa624a10f8aab64
SHA256:1345f11ba606d15603d6740551a8c21947c0215640770ec67271fe78bea97cf5
Referenced In Project/Scope: Simplicite Platform:compile
jdom2-2.0.6.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.apache.tika/tika-parsers@1.27

Identifiers

CVE-2021-33813  

An XXE issue in SAXBuilder in JDOM through 2.0.6 allows attackers to cause a denial of service via a crafted HTTP request.
CWE-611 Improper Restriction of XML External Entity Reference

CVSSv2:
  • Base Score: MEDIUM (5.0)
  • Vector: /AV:N/AC:L/Au:N/C:N/I:N/A:P
CVSSv3:
  • Base Score: HIGH (7.5)
  • Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

References:

Vulnerable Software & Versions: (show all)

jedis-3.7.0.jar

Description:

Jedis is a blazingly small and sane Redis java client.

License:

MIT: http://github.com/redis/jedis/raw/master/LICENSE.txt
File Path: /var/simplicite/.m2/repository/redis/clients/jedis/3.7.0/jedis-3.7.0.jar
MD5: 6d0cb033af256883dae5a54832ae299a
SHA1: ef74361bcfec4fdcc63e0141ff744d1774ad809b
SHA256:2bfa2cc3ef6ae1ca14a1d51a5e5f31ab7aeede7da5f1c6fd198a992b27ba9aab
Referenced In Project/Scope: Simplicite Platform:compile
jedis-3.7.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.simplicite/simplicite@5.2.54

Identifiers

jempbox-1.8.16.jar

Description:

    The Apache JempBox library is an open source Java tool that implements Adobe's XMP(TM)
    specification. JempBox is a subproject of Apache PDFBox.

License:

http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /var/simplicite/.m2/repository/org/apache/pdfbox/jempbox/1.8.16/jempbox-1.8.16.jar
MD5: 1cb997cdd8302c7e19131c81ba0b7ee2
SHA1: 1f41de81768ef84ca2d8cda4cb79e9272c8ee966
SHA256:ebef7cca5a5a77768e686972b4a89f0ffce7b46907fd96ac3d4f6ce2fa038055
Referenced In Project/Scope: Simplicite Platform:compile
jempbox-1.8.16.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.apache.tika/tika-parsers@1.27

Identifiers

jersey-common-2.29.1.jar

Description:

Jersey core common packages

License:

EPL 2.0: http://www.eclipse.org/legal/epl-2.0
The GNU General Public License (GPL), Version 2, With Classpath Exception: https://www.gnu.org/software/classpath/license.html
Apache License, 2.0: http://www.apache.org/licenses/LICENSE-2.0.html
Public Domain: https://creativecommons.org/publicdomain/zero/1.0/
File Path: /var/simplicite/.m2/repository/org/glassfish/jersey/core/jersey-common/2.29.1/jersey-common-2.29.1.jar
MD5: acb846e05010206d0673977940da9bee
SHA1: ea60b9ace56f1ae758c2eebbb48e8387d959102f
SHA256:923c7b4af55430c80ce33e39731d6f7b1db6746e8aa6d4009eeb154a3e1e0f32
Referenced In Project/Scope: Simplicite Platform:provided
jersey-common-2.29.1.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.docusign/docusign-esign-java@3.14.0

Identifiers

CVE-2021-28168 (OSSINDEX)  

Eclipse Jersey 2.28 to 2.33 and Eclipse Jersey 3.0.0 to 3.0.1 contains a local information disclosure vulnerability. This is due to the use of the File.createTempFile which creates a file inside of the system temporary directory with the permissions: -rw-r--r--. Thus the contents of this file are viewable by all other users locally on the system. As such, if the contents written is security sensitive, it can be disclosed to other local users.
CWE-378 Creation of Temporary File With Insecure Permissions

CVSSv2:
  • Base Score: MEDIUM (5.5)
  • Vector: /AV:L/AC:L/Au:/C:H/I:N/A:N

References:

Vulnerable Software & Versions (OSSINDEX):

  • cpe:2.3:a:org.glassfish.jersey.core:jersey-common:2.29.1:*:*:*:*:*:*:*

jersey-hk2-2.29.1.jar

Description:

HK2 InjectionManager implementation

License:

http://www.eclipse.org/legal/epl-2.0, https://www.gnu.org/software/classpath/license.html, http://www.eclipse.org/org/documents/edl-v10.php, https://opensource.org/licenses/BSD-2-Clause, http://www.apache.org/licenses/LICENSE-2.0.html, https://creativecommons.org/publicdomain/zero/1.0/, http://asm.objectweb.org/license.html, jquery.org/license, http://www.opensource.org/licenses/mit-license.php, https://www.w3.org/Consortium/Legal/copyright-documents-19990405
File Path: /var/simplicite/.m2/repository/org/glassfish/jersey/inject/jersey-hk2/2.29.1/jersey-hk2-2.29.1.jar
MD5: 39f12392bc8a0ab2b7801dd73056034a
SHA1: 54b316e9f91ac9de1e6900aeb63457505862a296
SHA256:eb74851a7fa38003877ec90dd413c404c862bd3e313b0ab884c74bf16fc76579
Referenced In Project/Scope: Simplicite Platform:provided
jersey-hk2-2.29.1.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.docusign/docusign-esign-java@3.14.0

Identifiers

jfreechart-1.5.3.jar

Description:

        JFreeChart is a class library, written in Java, for generating charts. 
        Utilising the Java2D API, it supports a wide range of chart types including
        bar charts, pie charts, line charts, XY-plots, time series plots, Sankey charts
        and more.

License:

GNU Lesser General Public Licence: http://www.gnu.org/licenses/lgpl.txt
File Path: /var/simplicite/.m2/repository/org/jfree/jfreechart/1.5.3/jfreechart-1.5.3.jar
MD5: b4e3884a30da4b8a36ef4e5ba03f23e2
SHA1: 26c6d7143d8a905a54c7e2296cea6ce4c5ecb417
SHA256:23bd63ece2284d6578ed51f336cd33681c53f817e4595a705690922a3c0f0f44
Referenced In Project/Scope: Simplicite Platform:compile
jfreechart-1.5.3.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.simplicite/simplicite@5.2.54

Identifiers

jhighlight-1.0.3.jar

Description:

    JHighlight is an embeddable pure Java syntax highlighting
    library that supports Java, HTML, XHTML, XML and LZX
    languages and outputs to XHTML.
    
    It also supports RIFE templates tags and highlights them
    clearly so that you can easily identify the difference
    between your RIFE markup and the actual marked up source.

License:

CDDL, v1.0: http://www.opensource.org/licenses/cddl1.php
LGPL, v2.1 or later: http://www.opensource.org/licenses/lgpl-license.php
File Path: /var/simplicite/.m2/repository/org/codelibs/jhighlight/1.0.3/jhighlight-1.0.3.jar
MD5: 318e72a07b2bbe089f0c41df45d2f484
SHA1: 88831dce3d56aa53a1bfcba78518e8939b8d4779
SHA256:34405394e068b5d8c40ed45928ce077f8b5140bf33851a55b9cb53116ded43e5
Referenced In Project/Scope: Simplicite Platform:compile
jhighlight-1.0.3.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.apache.tika/tika-parsers@1.27

Identifiers

jju:1.4.0

Description:

a set of utilities to work with JSON / JSON5 documents

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?json-parse-helpfulerror:1.0.3/jju:^1.1.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/json-parse-helpfulerror:1.0.3
  • simplicite-js:5.2.54

Identifiers

jjwt-api-0.11.2.jar

Description:

JSON Web Token support for the JVM and Android

License:

http://www.apache.org/licenses/LICENSE-2.0
File Path: /var/simplicite/.m2/repository/io/jsonwebtoken/jjwt-api/0.11.2/jjwt-api-0.11.2.jar
MD5: 19d7722419b64944d28b7432e596c94c
SHA1: 57c34dce3e88f2972c5c5465b6291acfb5628084
SHA256:fa340e4c0b81f24c4c0f943c4454343efe9e055f648c600f2b3b637763cf6f28
Referenced In Project/Scope: Simplicite Platform:compile
jjwt-api-0.11.2.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.twilio.sdk/twilio@8.19.1

Identifiers

jjwt-impl-0.11.2.jar

Description:

JSON Web Token support for the JVM and Android

License:

http://www.apache.org/licenses/LICENSE-2.0
File Path: /var/simplicite/.m2/repository/io/jsonwebtoken/jjwt-impl/0.11.2/jjwt-impl-0.11.2.jar
MD5: c467a0094bd3764d749b249b009de656
SHA1: 8fd8acf9d3cb9a2db05bfa484c2a1408cc3507f9
SHA256:cf5896bdb086df7e7451ffde5f5691fb6ae7ec6bffa4e82071d3c5a426b11995
Referenced In Project/Scope: Simplicite Platform:runtime
jjwt-impl-0.11.2.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.twilio.sdk/twilio@8.19.1

Identifiers

jjwt-jackson-0.11.2.jar

Description:

JSON Web Token support for the JVM and Android

License:

http://www.apache.org/licenses/LICENSE-2.0
File Path: /var/simplicite/.m2/repository/io/jsonwebtoken/jjwt-jackson/0.11.2/jjwt-jackson-0.11.2.jar
MD5: 8f35ab366b0ba25447629d0a60264b82
SHA1: bff0b63d4cbace7b38551a70350875e69201ffeb
SHA256:6c200dcf0df3fa3c6ea31dab95a4154708d2c5d01dd1c4d7974fcfe651bee45d
Referenced In Project/Scope: Simplicite Platform:compile
jjwt-jackson-0.11.2.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.twilio.sdk/twilio@8.19.1

Identifiers

jlessc-1.10.jar

Description:

A Less CSS compiler written completely in Java (pure Java).

License:

MIT License: http://www.opensource.org/licenses/mit-license.php
File Path: /var/simplicite/.m2/repository/de/inetsoftware/jlessc/1.10/jlessc-1.10.jar
MD5: bd2d9f6be54058c2e109ebdbce16b3d8
SHA1: be040c43e8d0b032e58706646bdf44e7e4062ec7
SHA256:7d2012d7ca2f529843dcc9db701e3e59d0cbf590fd48c8a6153d2bfa6968018e
Referenced In Project/Scope: Simplicite Platform:compile
jlessc-1.10.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.simplicite/simplicite@5.2.54

Identifiers

jlessc-ant-1.10.jar

Description:

Simple Apache Ant task for JLessC

License:

Apache License, Version 2.0: https://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /var/simplicite/.m2/repository/com/simplicite/ant/jlessc-ant/1.10/jlessc-ant-1.10.jar
MD5: face16e0be54ff562cef7ba12707377f
SHA1: 58e69a229c0390095331edf520c4d547700d18a1
SHA256:094c7c03c77c421e5f6fe750ab11f4162e75487862038dc19b2342e7ebeb56c7
Referenced In Project/Scope: Simplicite Platform:compile
jlessc-ant-1.10.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.simplicite/simplicite@5.2.54

Identifiers

jmatio-1.5.jar

Description:

Matlab's MAT-file I/O API in JAVA. Supports Matlab 5 MAT-flie format reading and writing. Written in pure JAVA.

License:

BSD: http://www.linfo.org/bsdlicense.html
File Path: /var/simplicite/.m2/repository/org/tallison/jmatio/1.5/jmatio-1.5.jar
MD5: 6eccf45b3a4bb3dd0518afcf37b8ed35
SHA1: 517d932cc87a3b564f3f7a07ac347b725b619ab4
SHA256:70db8cf9a1818072f290fd464f14a8369c9c58993e6640128a6e8a6379d67ac7
Referenced In Project/Scope: Simplicite Platform:compile
jmatio-1.5.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.apache.tika/tika-parsers@1.27

Identifiers

jmustache-1.15.jar

Description:

A Java implementation of the Mustache templating language.

License:

The (New) BSD License: http://www.opensource.org/licenses/bsd-license.php
File Path: /var/simplicite/.m2/repository/com/samskivert/jmustache/1.15/jmustache-1.15.jar
MD5: 0b166350b8b372d5caae4f0b692e016f
SHA1: 7b3b15951d13b774c76db2f4e14d977952f8b4d8
SHA256:1aeb96b9dc17bc29540b8c3342e8e91ee974d5c604165ecd469dd76b041c250c
Referenced In Project/Scope: Simplicite Platform:compile
jmustache-1.15.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.simplicite/simplicite@5.2.54

Identifiers

jna-5.8.0.jar

Description:

Java Native Access

License:

LGPL, version 2.1: http://www.gnu.org/licenses/licenses.html
Apache License v2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /var/simplicite/.m2/repository/net/java/dev/jna/jna/5.8.0/jna-5.8.0.jar
MD5: 3e1988240662c4f068e8ff5df505f6a0
SHA1: 3551d8d827e54858214107541d3aff9c615cb615
SHA256:930273cc1c492f25661ea62413a6da3fd7f6e01bf1c4dcc0817fc8696a7b07ac
Referenced In Project/Scope: Simplicite Platform:compile
jna-5.8.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.apache.tika/tika-parsers@1.27

Identifiers

jna-5.8.0.jar: jnidispatch.dll

File Path: /var/simplicite/.m2/repository/net/java/dev/jna/jna/5.8.0/jna-5.8.0.jar/com/sun/jna/win32-aarch64/jnidispatch.dll
MD5: bf93f6b98af1987a7536d69202e0dda9
SHA1: d8b5600b6c8254afd68068f130bc6f75c62f0a7a
SHA256:749e807fa10407e43cf2cf98e885e5ef76a95751c143c0c3326ad1366f3e9179
Referenced In Project/Scope: Simplicite Platform:compile

Identifiers

  • None

jna-5.8.0.jar: jnidispatch.dll

File Path: /var/simplicite/.m2/repository/net/java/dev/jna/jna/5.8.0/jna-5.8.0.jar/com/sun/jna/win32-x86-64/jnidispatch.dll
MD5: a004906b9067501293107be3a92c3401
SHA1: ed9f50de6051aaa1f26e61c64a5c6b0eba407d93
SHA256:76f19b52423774932831dcba0596989ec56213f9b217a0432fbc122f99704a2a
Referenced In Project/Scope: Simplicite Platform:compile

Identifiers

  • None

jna-5.8.0.jar: jnidispatch.dll

File Path: /var/simplicite/.m2/repository/net/java/dev/jna/jna/5.8.0/jna-5.8.0.jar/com/sun/jna/win32-x86/jnidispatch.dll
MD5: 7668f8f21cba1d0d7e2cc39379b8a3c3
SHA1: 332887373846943f479dac9fabfd42fbe58d723a
SHA256:39bab69f5ead37326cb4c032c621dbddbc5093932871f2010120819a4100abdf
Referenced In Project/Scope: Simplicite Platform:compile

Identifiers

  • None

joda-time-2.10.10.jar

Description:

Date and time library to replace JDK date handling

License:

Apache License, Version 2.0: https://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /var/simplicite/.m2/repository/joda-time/joda-time/2.10.10/joda-time-2.10.10.jar
MD5: c2a46de8a73ec7b60011429561ae72e3
SHA1: 29e8126e31f41e5c12b9fe3a7eb02e704c47d70b
SHA256:dd8e7c92185a678d1b7b933f31209b6203c8ffa91e9880475a1be0346b9617e3
Referenced In Project/Scope: Simplicite Platform:compile
joda-time-2.10.10.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.simplicite/simplicite@5.2.54

Identifiers

jose4j-0.7.11.jar

Description:

     The jose.4.j library is a robust and easy to use open source implementation of JSON Web Token (JWT) and the JOSE specification suite (JWS, JWE, and JWK).
     It is written in Java and relies solely on the JCA APIs for cryptography.
     Please see https://bitbucket.org/b_c/jose4j/wiki/Home for more info, examples, etc..

License:

The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /var/simplicite/.m2/repository/org/bitbucket/b_c/jose4j/0.7.11/jose4j-0.7.11.jar
MD5: b0adec9404696821b8eeec8158840a85
SHA1: 2fbe1070816cc5a2e4d010d45cfc3fc921ad36fd
SHA256:383af3e38fd2f21104c0f9a09b11dececd6fb320766d1c796902375b60492bcd
Referenced In Project/Scope: Simplicite Platform:compile
jose4j-0.7.11.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.simplicite/simplicite@5.2.54

Identifiers

CVE-2023-51775 (OSSINDEX)  

The jose4j component before 0.9.4 for Java allows attackers to cause a denial of service (CPU consumption) via a large p2c (aka PBES2 Count) value.

Sonatype's research suggests that this CVE's details differ from those defined at NVD. See https://ossindex.sonatype.org/vulnerability/CVE-2023-51775 for details
CWE-400 Uncontrolled Resource Consumption

CVSSv2:
  • Base Score: HIGH (8.6)
  • Vector: /AV:N/AC:L/Au:/C:N/I:N/A:H

References:

Vulnerable Software & Versions (OSSINDEX):

  • cpe:2.3:a:org.bitbucket.b_c:jose4j:0.7.11:*:*:*:*:*:*:*

CVE-2023-31582  

jose4j before v0.9.3 allows attackers to set a low iteration count of 1000 or less.
CWE-331 Insufficient Entropy

CVSSv3:
  • Base Score: HIGH (7.5)
  • Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

References:

Vulnerable Software & Versions:

jquery:3.6.0

Description:

JavaScript library for DOM operations

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/jquery:3.6.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/bootbox:5.5.2
  • simplicite-js:5.2.54

Identifiers

js-beautify:1.14.0

Description:

beautifier.io for node

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/js-beautify:1.14.0

Referenced In Project/Scope: simplicite-js:5.2.54

Identifiers

js-tokens:4.0.0

Description:

A regex that tokenizes JavaScript.

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/js-tokens:4.0.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/loose-envify:1.4.0
  • simplicite-js:5.2.54/@babel/highlight:7.23.4
  • simplicite-js:5.2.54
  • simplicite-js:5.2.54/highlight-es:1.0.3

Identifiers

js-yaml:3.14.1

Description:

YAML 1.2 parser and serializer

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/js-yaml:3.14.1

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/load-yaml-file:0.2.0
  • simplicite-js:5.2.54
  • simplicite-js:5.2.54/depcheck:1.4.3

Identifiers

js-yaml:4.1.0

Description:

YAML 1.2 parser and serializer

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?rc-config-loader:4.1.3/js-yaml:^4.1.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/rc-config-loader:4.1.3
  • simplicite-js:5.2.54/eslint:8.56.0
  • simplicite-js:5.2.54/@eslint/eslintrc:2.1.4
  • simplicite-js:5.2.54/npm-check-updates:16.14.14
  • simplicite-js:5.2.54

Identifiers

js2xmlparser:4.0.2

Description:

Parses JavaScript objects into XML

License:

Apache-2.0
File Path: /var/simplicite/simplicite-5.2/package-lock.json?jsdoc:4.0.2/js2xmlparser:^4.0.2

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/jsdoc:4.0.2
  • simplicite-js:5.2.54

Identifiers

jsdoc-type-pratt-parser:4.0.0

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/jsdoc-type-pratt-parser:4.0.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54
  • simplicite-js:5.2.54/@es-joy/jsdoccomment:0.41.0

Identifiers

jsdoc:4.0.2

Description:

An API documentation generator for JavaScript.

License:

Apache-2.0
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/jsdoc:4.0.2

Referenced In Project/Scope: simplicite-js:5.2.54

Identifiers

jsesc:0.5.0

Description:

A JavaScript library for escaping JavaScript strings while generating the shortest possible valid output.

File Path: /var/simplicite/simplicite-5.2/package-lock.json?/jsesc:0.5.0

Referenced In Projects/Scopes:

  • simplicite-js:5.2.54/regjsparser:0.9.1
  • simplicite-js:5.2.54

Identifiers

jsesc:2.5.2

Description:

Given some data, jsesc returns the shortest possible stringified & ASCII-safe representation of that data.

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/jsesc:2.5.2

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/@babel/generator:7.23.6
  • simplicite-js:5.2.54

Identifiers

jshint:2.13.1

Description:

Static analysis tool for JavaScript

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/jshint:2.13.1

Referenced In Project/Scope: simplicite-js:5.2.54

Identifiers

json-20211205.jar

Description:

        JSON is a light-weight, language independent, data interchange format.
        See http://www.JSON.org/

        The files in this package implement JSON encoders/decoders in Java.
        It also includes the capability to convert between JSON and XML, HTTP
        headers, Cookies, and CDL.

        This is a reference implementation. There is a large number of JSON packages
        in Java. Perhaps someday the Java community will standardize on one. Until
        then, choose carefully.

        The license includes this restriction: "The software shall be used for good,
        not evil." If your conscience cannot live with that, then choose a different
        package.

License:

The JSON License: http://json.org/license.html
File Path: /var/simplicite/.m2/repository/org/json/json/20211205/json-20211205.jar
MD5: 2aa4313aaabdcf89e1847d5bf6d3535f
SHA1: 47032dcf2f69880f07dab3dc60b4b0ad97318308
SHA256:7f38d61fbb7e2afdc31c6be865720ee4fc8a0c3c14fac4f3ec47fd3deb3939c6
Referenced In Project/Scope: Simplicite Platform:compile
json-20211205.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.simplicite/simplicite@5.2.54

Identifiers

CVE-2022-45688  

A stack overflow in the XML.toJSONObject component of hutool-json v5.8.10 allows attackers to cause a Denial of Service (DoS) via crafted JSON or XML data.
CWE-787 Out-of-bounds Write

CVSSv3:
  • Base Score: HIGH (7.5)
  • Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

References:

Vulnerable Software & Versions: (show all)

CVE-2023-5072  

Denial of Service  in JSON-Java versions up to and including 20230618.  A bug in the parser means that an input string of modest size can lead to indefinite amounts of memory being used. 
CWE-770 Allocation of Resources Without Limits or Throttling

CVSSv3:
  • Base Score: HIGH (7.5)
  • Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

References:

Vulnerable Software & Versions:

json-buffer:3.0.1

Description:

JSON parse & stringify that supports binary via bops & base64

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?keyv:4.5.2/json-buffer:3.0.1

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/keyv:4.5.2
  • simplicite-js:5.2.54
  • simplicite-js:5.2.54/keyv:3.1.0

Identifiers

json-parse-even-better-errors:2.3.1

Description:

JSON.parse with context information on error

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?parse-json:5.2.0/json-parse-even-better-errors:^2.3.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54
  • simplicite-js:5.2.54/parse-json:5.2.0

Identifiers

json-parse-even-better-errors:3.0.0

Description:

JSON.parse with context information on error

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/json-parse-even-better-errors:3.0.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/read-package-json:6.0.4
  • simplicite-js:5.2.54
  • simplicite-js:5.2.54/read-package-json-fast:3.0.2

Identifiers

json-parse-helpfulerror:1.0.3

Description:

A drop-in replacement for JSON.parse that uses `jju` to give helpful errors

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?npm-check-updates:16.14.14/json-parse-helpfulerror:^1.0.3

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/npm-check-updates:16.14.14
  • simplicite-js:5.2.54

Identifiers

json-schema-traverse:0.4.1

Description:

Traverse JSON Schema passing each schema object to callback

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/json-schema-traverse:0.4.1

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/ajv:8.12.0
  • simplicite-js:5.2.54
  • simplicite-js:5.2.54/ajv:6.12.6

Identifiers

json-schema-traverse:1.0.0

Description:

Traverse JSON Schema passing each schema object to callback

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/json-schema-traverse:1.0.0

Referenced In Project/Scope: simplicite-js:5.2.54

Identifiers

json-simple-1.1.1.jar

Description:

A simple Java toolkit for JSON

License:

The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /var/simplicite/.m2/repository/com/googlecode/json-simple/json-simple/1.1.1/json-simple-1.1.1.jar
MD5: 5cc2c478d73e8454b4c369cee66c5bc7
SHA1: c9ad4a0850ab676c5c64461a05ca524cdfff59f1
SHA256:4e69696892b88b41c55d49ab2fdcc21eead92bf54acc588c0050596c3b75199c
Referenced In Project/Scope: Simplicite Platform:compile
json-simple-1.1.1.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.simplicite/simplicite@5.2.54

Identifiers

json-stable-stringify-without-jsonify:1.0.1

Description:

deterministic JSON.stringify() with custom sorting to get deterministic hashes from stringified results, with no public domain dependencies

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/json-stable-stringify-without-jsonify:1.0.1

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/eslint:8.56.0
  • simplicite-js:5.2.54

Identifiers

json5:2.2.3

Description:

JSON for Humans

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?rc-config-loader:4.1.3/json5:^2.2.2

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/rc-config-loader:4.1.3
  • simplicite-js:5.2.54/@babel/core:7.23.9
  • simplicite-js:5.2.54
  • simplicite-js:5.2.54/depcheck:1.4.3

Identifiers

jsonfile:4.0.0

Description:

Easily read/write JSON files.

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/jsonfile:4.0.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/fs-extra:8.1.0
  • simplicite-js:5.2.54

Identifiers

jsonlines:0.1.1

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?npm-check-updates:16.14.14/jsonlines:^0.1.1

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/npm-check-updates:16.14.14
  • simplicite-js:5.2.54

Identifiers

jsonparse:1.3.1

Description:

This is a pure-js JSON streaming parser for node.js

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?minipass-json-stream:1.0.1/jsonparse:^1.3.1

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/minipass-json-stream:1.0.1
  • simplicite-js:5.2.54

Identifiers

jsoup-1.14.3.jar

Description:

jsoup is a Java library for working with real-world HTML. It provides a very convenient API for fetching URLs and extracting and manipulating data, using the best of HTML5 DOM methods and CSS selectors. jsoup implements the WHATWG HTML5 specification, and parses HTML to the same DOM as modern browsers do.

License:

The MIT License: https://jsoup.org/license
File Path: /var/simplicite/.m2/repository/org/jsoup/jsoup/1.14.3/jsoup-1.14.3.jar
MD5: 079f92557fa3577329d498aee5cc25ee
SHA1: c43a81e18e6d0eb71951aa031d55d5c293c531a6
SHA256:92af19ec57cc77637db4490f0f5011f0444d353209ce36083bac428f9b81a39c
Referenced In Project/Scope: Simplicite Platform:compile
jsoup-1.14.3.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.simplicite/simplicite@5.2.54

Identifiers

CVE-2022-36033  

jsoup is a Java HTML parser, built for HTML editing, cleaning, scraping, and cross-site scripting (XSS) safety. jsoup may incorrectly sanitize HTML including `javascript:` URL expressions, which could allow XSS attacks when a reader subsequently clicks that link. If the non-default `SafeList.preserveRelativeLinks` option is enabled, HTML including `javascript:` URLs that have been crafted with control characters will not be sanitized. If the site that this HTML is published on does not set a Content Security Policy, an XSS attack is then possible. This issue is patched in jsoup 1.15.3. Users should upgrade to this version. Additionally, as the unsanitized input may have been persisted, old content should be cleaned again using the updated version. To remediate this issue without immediately upgrading: - disable `SafeList.preserveRelativeLinks`, which will rewrite input URLs as absolute URLs - ensure an appropriate [Content Security Policy](https://developer.mozilla.org/en-US/docs/Web/HTTP/CSP) is defined. (This should be used regardless of upgrading, as a defence-in-depth best practice.)
CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

CVSSv3:
  • Base Score: MEDIUM (6.1)
  • Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

References:

Vulnerable Software & Versions: (show all)

jsr305-3.0.2.jar

Description:

JSR305 Annotations for Findbugs

License:

The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /var/simplicite/.m2/repository/com/google/code/findbugs/jsr305/3.0.2/jsr305-3.0.2.jar
MD5: dd83accb899363c32b07d7a1b2e4ce40
SHA1: 25ea2e8b0c338a877313bd4672d3fe056ea78f0d
SHA256:766ad2a0783f2687962c8ad74ceecc38a28b9f72a2d085ee438b7813e928d0c7
Referenced In Project/Scope: Simplicite Platform:compile
jsr305-3.0.2.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.google.guava/guava@30.1.1-jre

Identifiers

jszip-utils:0.1.0

Description:

A collection of cross-browser utilities to go along with JSZip.

License:

(MIT OR GPL-3.0)
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/jszip-utils:0.1.0

Referenced In Project/Scope: simplicite-js:5.2.54

Identifiers

jszip:3.7.1

Description:

Create, read and edit .zip files with JavaScript http://stuartk.com/jszip

License:

(MIT OR GPL-3.0-or-later)
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/jszip:3.7.1

Referenced In Project/Scope: simplicite-js:5.2.54

Identifiers

CVE-2022-48285  

loadAsync in JSZip before 3.8.0 allows Directory Traversal via a crafted ZIP archive.
CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

CVSSv3:
  • Base Score: HIGH (7.3)
  • Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

References:

Vulnerable Software & Versions:

GHSA-36fh-84j7-cv5h (NPM)  

loadAsync in JSZip before 3.8.0 allows Directory Traversal via a crafted ZIP archive.
CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

CVSSv3:
  • Base Score: HIGH (7.3)
  • Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Unscored:
  • Severity: high

References:

Vulnerable Software & Versions (NPM):

  • cpe:2.3:a:*:jszip:\<3.8.0:*:*:*:*:*:*:*

jtidy-r938.jar

Description:

    JTidy is a Java port of HTML Tidy, a HTML syntax checker and pretty printer. Like its non-Java cousin, JTidy can be
    used as a tool for cleaning up malformed and faulty HTML. In addition, JTidy provides a DOM interface to the
    document that is being processed, which effectively makes you able to use JTidy as a DOM parser for real-world HTML.

License:

Java HTML Tidy License: http://jtidy.svn.sourceforge.net/viewvc/jtidy/trunk/jtidy/LICENSE.txt?revision=95
File Path: /var/simplicite/.m2/repository/net/sf/jtidy/jtidy/r938/jtidy-r938.jar
MD5: 6a9121561b8f98c0a8fb9b6e57f50e6b
SHA1: ab08d87a225a715a69107732b67f21e1da930349
SHA256:6fc03e51e73fa884f06e7eae0761e045e56fdeb4e146a4d952e3023cc9e3fb43
Referenced In Project/Scope: Simplicite Platform:compile
jtidy-r938.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.simplicite/simplicite@5.2.54

Identifiers

CVE-2023-34623  

An issue was discovered jtidy thru r938 allows attackers to cause a denial of service or other unspecified impacts via crafted object that uses cyclic dependencies.
CWE-787 Out-of-bounds Write

CVSSv3:
  • Base Score: HIGH (7.5)
  • Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

References:

Vulnerable Software & Versions:

jul-to-slf4j-1.7.32.jar

Description:

JUL to SLF4J bridge

File Path: /var/simplicite/.m2/repository/org/slf4j/jul-to-slf4j/1.7.32/jul-to-slf4j-1.7.32.jar
MD5: cf36bbee73d82b6b96a6414ef9f54df1
SHA1: 8a055c04ab44e8e8326901cadf89080721348bdb
SHA256:6dee8d85ad6943aff0600f14897c469e64bae0413ee33a15c448af00432c0642
Referenced In Project/Scope: Simplicite Platform:compile
jul-to-slf4j-1.7.32.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.simplicite/simplicite@5.2.54

Identifiers

junit-4.13.2.jar

Description:

JUnit is a unit testing framework for Java, created by Erich Gamma and Kent Beck.

License:

Eclipse Public License 1.0: http://www.eclipse.org/legal/epl-v10.html
File Path: /var/simplicite/.m2/repository/junit/junit/4.13.2/junit-4.13.2.jar
MD5: d98a9a02a99a9acd22d7653cbcc1f31f
SHA1: 8ac9e16d933b6fb43bc7f576336b8f4d7eb5ba12
SHA256:8e495b634469d64fb8acfa3495a065cbacc8a0fff55ce1e31007be4c16dc57d3
Referenced In Project/Scope: Simplicite Platform:compile
junit-4.13.2.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.simplicite/simplicite@5.2.54

Identifiers

juniversalchardet-1.0.3.jar

Description:

Java port of universalchardet

License:

Mozilla Public License 1.1 (MPL 1.1): http://www.mozilla.org/MPL/MPL-1.1.html
File Path: /var/simplicite/.m2/repository/com/googlecode/juniversalchardet/juniversalchardet/1.0.3/juniversalchardet-1.0.3.jar
MD5: d9ea0a9a275336c175b343f2e4cd8f27
SHA1: cd49678784c46aa8789c060538e0154013bb421b
SHA256:757bfe906193b8b651e79dc26cd67d6b55d0770a2cdfb0381591504f779d4a76
Referenced In Project/Scope: Simplicite Platform:compile
juniversalchardet-1.0.3.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.apache.tika/tika-parsers@1.27

Identifiers

junrar-7.4.0.jar

Description:

property 'description'

License:

UnRar License: https://github.com/junrar/junrar/LICENSE.md
File Path: /var/simplicite/.m2/repository/com/github/junrar/junrar/7.4.0/junrar-7.4.0.jar
MD5: 6df7df2ffc0e7c360fbbac6535ec4dcb
SHA1: 32b270b684cc6c7028574edd5fce0f491b06854b
SHA256:7ee9cfc6c86d2953fff11572384dccda8dcdfe999037252739079a8d6d7998da
Referenced In Project/Scope: Simplicite Platform:compile
junrar-7.4.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.apache.tika/tika-parsers@1.27

Identifiers

CVE-2022-23596  

Junrar is an open source java RAR archive library. In affected versions A carefully crafted RAR archive can trigger an infinite loop while extracting said archive. The impact depends solely on how the application uses the library, and whether files can be provided by malignant users. The problem is patched in 7.4.1. There are no known workarounds and users are advised to upgrade as soon as possible.
CWE-835 Loop with Unreachable Exit Condition ('Infinite Loop')

CVSSv2:
  • Base Score: MEDIUM (5.0)
  • Vector: /AV:N/AC:L/Au:N/C:N/I:N/A:P
CVSSv3:
  • Base Score: HIGH (7.5)
  • Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

References:

Vulnerable Software & Versions:

kafka-clients-3.3.1.jar

License:

The Apache License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /var/simplicite/.m2/repository/org/apache/kafka/kafka-clients/3.3.1/kafka-clients-3.3.1.jar
MD5: 989cbfe5c4adcc81966a682bdb306925
SHA1: aea4008ab34761ef8057b13cce6d0ec767397406
SHA256:39d06474e22c6c8f5bd1d67c69a56e43dfb6a21605454c6e7d705c65aafe118c
Referenced In Project/Scope: Simplicite Platform:compile
kafka-clients-3.3.1.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.simplicite/simplicite@5.2.54

Identifiers

CVE-2023-25194 (OSSINDEX)  

A possible security vulnerability has been identified in Apache Kafka Connect API.
This requires access to a Kafka Connect worker, and the ability to create/modify connectors on it with an arbitrary Kafka client SASL JAAS config
and a SASL-based security protocol, which has been possible on Kafka Connect clusters since Apache Kafka Connect 2.3.0.
When configuring the connector via the Kafka Connect REST API, an authenticated operator can set the `sasl.jaas.config`
property for any of the connector's Kafka clients to "com.sun.security.auth.module.JndiLoginModule", which can be done via the
`producer.override.sasl.jaas.config`, `consumer.override.sasl.jaas.config`, or `admin.override.sasl.jaas.config` properties.
This will allow the server to connect to the attacker's LDAP server
and deserialize the LDAP response, which the attacker can use to execute java deserialization gadget chains on the Kafka connect server.
Attacker can cause unrestricted deserialization of untrusted data (or) RCE vulnerability when there are gadgets in the classpath.

Since Apache Kafka 3.0.0, users are allowed to specify these properties in connector configurations for Kafka Connect clusters running with out-of-the-box
configurations. Before Apache Kafka 3.0.0, users may not specify these properties unless the Kafka Connect cluster has been reconfigured with a connector
client override policy that permits them.

Since Apache Kafka 3.4.0, we have added a system property ("-Dorg.apache.kafka.disallowed.login.modules") to disable the problematic login modules usage
in SASL JAAS configuration. Also by default "com.sun.security.auth.module.JndiLoginModule" is disabled in Apache Kafka Connect 3.4.0. 

We advise the Kafka Connect users to validate connector configurations and only allow trusted JNDI configurations. Also examine connector dependencies for 
vulnerable versions and either upgrade their connectors, upgrading that specific dependency, or removing the connectors as options for remediation. Finally,
in addition to leveraging the "org.apache.kafka.disallowed.login.modules" system property, Kafka Connect users can also implement their own connector
client config override policy, which can be used to control which Kafka client properties can be overridden directly in a connector config and which cannot.


Sonatype's research suggests that this CVE's details differ from those defined at NVD. See https://ossindex.sonatype.org/vulnerability/CVE-2023-25194 for details
CWE-502 Deserialization of Untrusted Data

CVSSv2:
  • Base Score: HIGH (8.8)
  • Vector: /AV:N/AC:L/Au:/C:H/I:H/A:H

References:

Vulnerable Software & Versions (OSSINDEX):

  • cpe:2.3:a:org.apache.kafka:kafka-clients:3.3.1:*:*:*:*:*:*:*

keyv:3.1.0

Description:

Simple key-value storage with support for multiple backends

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/keyv:3.1.0

Referenced In Project/Scope: simplicite-js:5.2.54

Identifiers

keyv:4.5.2

Description:

Simple key-value storage with support for multiple backends

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/keyv:4.5.2

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/cacheable-request:6.1.0
  • simplicite-js:5.2.54/cacheable-request:10.2.12
  • simplicite-js:5.2.54

Identifiers

kind-of:6.0.3

Description:

Get the native type of a value.

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?shallow-clone:3.0.1/kind-of:^6.0.2

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/shallow-clone:3.0.1
  • simplicite-js:5.2.54
  • simplicite-js:5.2.54/global-prefix:3.0.0
  • simplicite-js:5.2.54/minimist-options:4.1.0
  • simplicite-js:5.2.54/clone-deep:4.0.1

Identifiers

klaw:3.0.0

Description:

File system walker with Readable stream interface.

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/klaw:3.0.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/jsdoc:4.0.2
  • simplicite-js:5.2.54

Identifiers

kleur:4.1.5

Description:

The fastest Node.js library for formatting terminal text with ANSI colors~!

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?prompts-ncu:3.0.0/kleur:^4.0.1

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/prompts-ncu:3.0.0
  • simplicite-js:5.2.54

Identifiers

known-css-properties:0.26.0

Description:

List of known CSS properties

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?stylelint:14.16.1/known-css-properties:^0.26.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/stylelint:14.16.1
  • simplicite-js:5.2.54

Identifiers

latest-version:5.1.0

Description:

Get the latest version of an npm package

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?update-notifier:4.1.3/latest-version:^5.0.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/update-notifier:6.0.2
  • simplicite-js:5.2.54/update-notifier:4.1.3
  • simplicite-js:5.2.54/update-notifier:5.1.0
  • simplicite-js:5.2.54

Identifiers

leaflet:1.7.1

Description:

JavaScript library for mobile-friendly interactive maps

License:

BSD-2-Clause
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/leaflet:1.7.1

Referenced In Project/Scope: simplicite-js:5.2.54

Identifiers

levn:0.4.1

Description:

Light ECMAScript (JavaScript) Value Notation - human written, concise, typed, flexible

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?optionator:0.9.3/levn:^0.4.1

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/eslint:8.56.0
  • simplicite-js:5.2.54/optionator:0.9.3
  • simplicite-js:5.2.54

Identifiers

libphonenumber-8.12.32.jar

Description:

Google's common Java library for parsing, formatting, storing and validating international phone numbers.    Optimized for running on smartphones.

License:

http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /var/simplicite/.m2/repository/com/googlecode/libphonenumber/libphonenumber/8.12.32/libphonenumber-8.12.32.jar
MD5: 025cea7bdc6d512192f8234da02396ab
SHA1: 6e06d91dcb36eb8ba01a0fab97fc6d1da699b69a
SHA256:f6dfafdfe54c3d13d9e19a55105a85e4bf783efd3a84046a1de9885c2f921874
Referenced In Project/Scope: Simplicite Platform:compile
libphonenumber-8.12.32.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.simplicite/simplicite@5.2.54

Identifiers

license-report:6.5.0

Description:

creates a short report about project's dependencies (license, url etc)

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/license-report:6.5.0

Referenced In Project/Scope: simplicite-js:5.2.54

Identifiers

lie:3.3.0

Description:

A basic but performant promise implementation

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/lie:3.3.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54
  • simplicite-js:5.2.54/jszip:3.7.1

Identifiers

lines-and-columns:1.2.4

Description:

Maps lines and columns to character offsets and back.

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?parse-json:5.2.0/lines-and-columns:^1.1.6

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54
  • simplicite-js:5.2.54/parse-json:5.2.0

Identifiers

linkify-it:3.0.3

Description:

Links recognition library with FULL unicode support

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?markdown-it:12.3.2/linkify-it:^3.0.1

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54
  • simplicite-js:5.2.54/markdown-it:12.3.2

Identifiers

listenablefuture-9999.0-empty-to-avoid-conflict-with-guava.jar

Description:

    An empty artifact that Guava depends on to signal that it is providing
    ListenableFuture -- but is also available in a second "version" that
    contains com.google.common.util.concurrent.ListenableFuture class, without
    any other Guava classes. The idea is:

    - If users want only ListenableFuture, they depend on listenablefuture-1.0.

    - If users want all of Guava, they depend on guava, which, as of Guava
    27.0, depends on
    listenablefuture-9999.0-empty-to-avoid-conflict-with-guava. The 9999.0-...
    version number is enough for some build systems (notably, Gradle) to select
    that empty artifact over the "real" listenablefuture-1.0 -- avoiding a
    conflict with the copy of ListenableFuture in guava itself. If users are
    using an older version of Guava or a build system other than Gradle, they
    may see class conflicts. If so, they can solve them by manually excluding
    the listenablefuture artifact or manually forcing their build systems to
    use 9999.0-....

File Path: /var/simplicite/.m2/repository/com/google/guava/listenablefuture/9999.0-empty-to-avoid-conflict-with-guava/listenablefuture-9999.0-empty-to-avoid-conflict-with-guava.jar
MD5: d094c22570d65e132c19cea5d352e381
SHA1: b421526c5f297295adef1c886e5246c39d4ac629
SHA256:b372a037d4230aa57fbeffdef30fd6123f9c0c2db85d0aced00c91b974f33f99
Referenced In Project/Scope: Simplicite Platform:compile
listenablefuture-9999.0-empty-to-avoid-conflict-with-guava.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.google.guava/guava@30.1.1-jre

Identifiers

load-yaml-file:0.2.0

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?which-pm:2.0.0/load-yaml-file:^0.2.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/which-pm:2.0.0
  • simplicite-js:5.2.54

Identifiers

locate-path:3.0.0

Description:

Get the first path that exists on disk of multiple paths

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/locate-path:3.0.0

Referenced In Project/Scope: simplicite-js:5.2.54

Identifiers

locate-path:5.0.0

Description:

Get the first path that exists on disk of multiple paths

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/locate-path:5.0.0

Referenced In Project/Scope: simplicite-js:5.2.54

Identifiers

locate-path:6.0.0

Description:

Get the first path that exists on disk of multiple paths

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/locate-path:6.0.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/find-up:4.1.0
  • simplicite-js:5.2.54/find-up:3.0.0
  • simplicite-js:5.2.54/find-up:5.0.0
  • simplicite-js:5.2.54

Identifiers

lodash.debounce:4.0.8

Description:

The lodash method `_.debounce` exported as a module.

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/lodash.debounce:4.0.8

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/@babel/helper-define-polyfill-provider:0.5.0
  • simplicite-js:5.2.54

Identifiers

lodash.merge:4.6.2

Description:

The Lodash method `_.merge` exported as a module.

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/lodash.merge:4.6.2

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/eslint:8.56.0
  • simplicite-js:5.2.54

Identifiers

lodash.truncate:4.4.2

Description:

The lodash method `_.truncate` exported as a module.

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?table:6.8.1/lodash.truncate:^4.4.2

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/table:6.8.1
  • simplicite-js:5.2.54

Identifiers

lodash:4.17.21

Description:

Lodash modular utilities.

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?scss-parser:1.0.6/lodash:4.17.21

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/npm-check:6.0.1
  • simplicite-js:5.2.54/node-emoji:1.11.0
  • simplicite-js:5.2.54/catharsis:0.9.0
  • simplicite-js:5.2.54/jshint:2.13.1
  • simplicite-js:5.2.54/callsite-record:4.1.5
  • simplicite-js:5.2.54/scss-parser:1.0.6
  • simplicite-js:5.2.54/@jsdoc/salty:0.2.5
  • simplicite-js:5.2.54/npm-check-updates:16.14.14
  • simplicite-js:5.2.54
  • simplicite-js:5.2.54/query-ast:1.0.5
  • simplicite-js:5.2.54/depcheck:1.4.3
  • simplicite-js:5.2.54/inquirer:7.3.3
  • simplicite-js:5.2.54/requizzle:0.2.4

Identifiers

log-symbols:4.1.0

Description:

Colored symbols for various log levels. Example: `✔︎ Success`

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?ora:5.4.1/log-symbols:^4.1.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/ora:5.4.1
  • simplicite-js:5.2.54

Identifiers

log4j-core-2.19.0.jar

Description:

The Apache Log4j Implementation

License:

https://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /var/simplicite/.m2/repository/org/apache/logging/log4j/log4j-core/2.19.0/log4j-core-2.19.0.jar
MD5: b7f521926226a16531f8e212b1da1ffd
SHA1: 3b6eeb4de4c49c0fe38a4ee27188ff5fee44d0bb
SHA256:b4a1796fab7bfc36df015c1b4052459147997e8d215a7199d71d05f9e747e4f4
Referenced In Project/Scope: Simplicite Platform:compile
log4j-core-2.19.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.simplicite/simplicite@5.2.54

Identifiers

log4j-slf4j-impl-2.19.0.jar

Description:

The Apache Log4j SLF4J API binding to Log4j 2 Core

License:

https://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /var/simplicite/.m2/repository/org/apache/logging/log4j/log4j-slf4j-impl/2.19.0/log4j-slf4j-impl-2.19.0.jar
MD5: fa576fa465880e374c504d21b4481f47
SHA1: 1a0c9615ba9fd5b96db8c1136afbef4394286e93
SHA256:015d5c229f3cd5c0ebf175c1da08d596d94043362ae9d92637d88848c90537c8
Referenced In Project/Scope: Simplicite Platform:compile
log4j-slf4j-impl-2.19.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.simplicite/simplicite@5.2.54

Identifiers

loose-envify:1.4.0

Description:

Fast (and loose) selective `process.env` replacer using js-tokens instead of an AST

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/loose-envify:1.4.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54
  • simplicite-js:5.2.54/invariant:2.2.4

Identifiers

lower-case:2.0.2

Description:

Transforms the string to lower case

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?no-case:3.0.4/lower-case:^2.0.2

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/no-case:3.0.4
  • simplicite-js:5.2.54

Identifiers

lowercase-keys:2.0.0

Description:

Lowercase the keys of an object

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/lowercase-keys:2.0.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/cacheable-request:6.1.0
  • simplicite-js:5.2.54

Identifiers

lowercase-keys:3.0.0

Description:

Lowercase the keys of an object

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?responselike:3.0.0/lowercase-keys:^3.0.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/responselike:1.0.2
  • simplicite-js:5.2.54/got:12.6.1
  • simplicite-js:5.2.54/responselike:3.0.0
  • simplicite-js:5.2.54/got:9.6.0
  • simplicite-js:5.2.54
  • simplicite-js:5.2.54/got:13.0.0

Identifiers

lru-cache:10.0.0

Description:

A cache object that deletes the least-recently-used items.

License:

ISC
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/lru-cache:10.0.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54
  • simplicite-js:5.2.54/path-scurry:1.10.1

Identifiers

lru-cache:4.1.5

Description:

A cache object that deletes the least-recently-used items.

License:

ISC
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/lru-cache:4.1.5

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/editorconfig:0.15.3
  • simplicite-js:5.2.54

Identifiers

lru-cache:5.1.1

Description:

A cache object that deletes the least-recently-used items.

License:

ISC
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/lru-cache:5.1.1

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/@babel/helper-compilation-targets:7.23.6
  • simplicite-js:5.2.54/make-fetch-happen:11.1.1
  • simplicite-js:5.2.54/hosted-git-info:4.1.0
  • simplicite-js:5.2.54/hosted-git-info:5.2.1
  • simplicite-js:5.2.54/cacache:17.1.3
  • simplicite-js:5.2.54/semver:7.5.4
  • simplicite-js:5.2.54/hosted-git-info:6.1.1
  • simplicite-js:5.2.54
  • simplicite-js:5.2.54/semver:7.5.3
  • simplicite-js:5.2.54/@npmcli/git:4.1.0

Identifiers

lru-cache:6.0.0

Description:

A cache object that deletes the least-recently-used items.

License:

ISC
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/lru-cache:6.0.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/semver:7.5.4
  • simplicite-js:5.2.54

Identifiers

lru-cache:7.18.3

Description:

A cache object that deletes the least-recently-used items.

License:

ISC
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/lru-cache:7.18.3

Referenced In Project/Scope: simplicite-js:5.2.54

Identifiers

lucene-core-8.9.0.jar

Description:

Apache Lucene Java Core

File Path: /var/simplicite/.m2/repository/org/apache/lucene/lucene-core/8.9.0/lucene-core-8.9.0.jar
MD5: 7128480b9293b6f225719688eb9bedf8
SHA1: 5c3f72357089f7f0c1ef44bbe7b4c67b6149a5af
SHA256:5b0b8be0f86cc2d8aa9d0790624f7f9b8e895abd32752238829c6f0c69a902b8
Referenced In Project/Scope: Simplicite Platform:compile
lucene-core-8.9.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.simplicite/simplicite@5.2.54

Identifiers

luxon:1.28.1

Description:

Immutable date wrapper

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/luxon:1.28.1

Referenced In Project/Scope: simplicite-js:5.2.54

Identifiers

lz4-java-1.8.0.jar

Description:

Java ports and bindings of the LZ4 compression algorithm and the xxHash hashing algorithm

License:

The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /var/simplicite/.m2/repository/org/lz4/lz4-java/1.8.0/lz4-java-1.8.0.jar
MD5: 936a927700aa8fc3b75d21d7571171f6
SHA1: 4b986a99445e49ea5fbf5d149c4b63f6ed6c6780
SHA256:d74a3334fb35195009b338a951f918203d6bbca3d1d359033dc33edd1cadc9ef
Referenced In Project/Scope: Simplicite Platform:runtime
lz4-java-1.8.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.apache.kafka/kafka-clients@3.3.1

Identifiers

magic-string:0.30.0

Description:

Modify strings, generate sourcemaps

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/magic-string:0.30.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/@vue/compiler-sfc:3.3.4
  • simplicite-js:5.2.54/@vue/reactivity-transform:3.3.4
  • simplicite-js:5.2.54

Identifiers

make-dir:2.1.0

Description:

Make a directory and its parents if needed - Think `mkdir -p`

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/make-dir:2.1.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/find-cache-dir:2.1.0
  • simplicite-js:5.2.54/@babel/cli:7.23.9
  • simplicite-js:5.2.54
  • simplicite-js:5.2.54/@babel/register:7.23.7

Identifiers

make-dir:3.1.0

Description:

Make a directory and its parents if needed - Think `mkdir -p`

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/make-dir:3.1.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54
  • simplicite-js:5.2.54/configstore:5.0.1

Identifiers

make-fetch-happen:11.1.1

Description:

Opinionated, caching, retrying fetch client

License:

ISC
File Path: /var/simplicite/simplicite-5.2/package-lock.json?tuf-js:1.1.7/make-fetch-happen:^11.1.1

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/npm-registry-fetch:14.0.5
  • simplicite-js:5.2.54/sigstore:1.8.0
  • simplicite-js:5.2.54/node-gyp:9.4.0
  • simplicite-js:5.2.54/npm-check-updates:16.14.14
  • simplicite-js:5.2.54/tuf-js:1.1.7
  • simplicite-js:5.2.54

Identifiers

map-obj:1.0.1

Description:

Map object keys and values into a new object

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/map-obj:1.0.1

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54
  • simplicite-js:5.2.54/decamelize-keys:1.1.1

Identifiers

map-obj:4.3.0

Description:

Map object keys and values into a new object

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/map-obj:4.3.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/camelcase-keys:6.2.2
  • simplicite-js:5.2.54

Identifiers

markdown-it-anchor:8.6.7

Description:

Header anchors for markdown-it.

License:

Unlicense
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/markdown-it-anchor:8.6.7

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/jsdoc:4.0.2
  • simplicite-js:5.2.54

Identifiers

markdown-it:12.3.2

Description:

Markdown-it - modern pluggable markdown parser.

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/markdown-it:12.3.2

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/jsdoc:4.0.2
  • simplicite-js:5.2.54

Identifiers

marked:1.2.9

Description:

A markdown parser built for speed

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/marked:1.2.9

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/npm-audit-html:1.5.0
  • simplicite-js:5.2.54

Identifiers

CVE-2021-21306  

Marked is an open-source markdown parser and compiler (npm package "marked"). In marked from version 1.1.1 and before version 2.0.0, there is a Regular expression Denial of Service vulnerability. This vulnerability can affect anyone who runs user generated code through marked. This vulnerability is fixed in version 2.0.0.
CWE-400 Uncontrolled Resource Consumption

CVSSv2:
  • Base Score: MEDIUM (5.0)
  • Vector: /AV:N/AC:L/Au:N/C:N/I:N/A:P
CVSSv3:
  • Base Score: HIGH (7.5)
  • Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

References:

Vulnerable Software & Versions:

CVE-2022-21680  

Marked is a markdown parser and compiler. Prior to version 4.0.10, the regular expression `block.def` may cause catastrophic backtracking against some strings and lead to a regular expression denial of service (ReDoS). Anyone who runs untrusted markdown through a vulnerable version of marked and does not use a worker with a time limit may be affected. This issue is patched in version 4.0.10. As a workaround, avoid running untrusted markdown through marked or run marked on a worker thread and set a reasonable time limit to prevent draining resources.
CWE-1333 Inefficient Regular Expression Complexity

CVSSv2:
  • Base Score: MEDIUM (5.0)
  • Vector: /AV:N/AC:L/Au:N/C:N/I:N/A:P
CVSSv3:
  • Base Score: HIGH (7.5)
  • Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

References:

Vulnerable Software & Versions:

CVE-2022-21681  

Marked is a markdown parser and compiler. Prior to version 4.0.10, the regular expression `inline.reflinkSearch` may cause catastrophic backtracking against some strings and lead to a denial of service (DoS). Anyone who runs untrusted markdown through a vulnerable version of marked and does not use a worker with a time limit may be affected. This issue is patched in version 4.0.10. As a workaround, avoid running untrusted markdown through marked or run marked on a worker thread and set a reasonable time limit to prevent draining resources.
CWE-1333 Inefficient Regular Expression Complexity

CVSSv2:
  • Base Score: MEDIUM (5.0)
  • Vector: /AV:N/AC:L/Au:N/C:N/I:N/A:P
CVSSv3:
  • Base Score: HIGH (7.5)
  • Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

References:

Vulnerable Software & Versions:

GHSA-5v2h-r2cx-5xgj (NPM)  

### Impact

_What kind of vulnerability is it?_

Denial of service.

The regular expression `inline.reflinkSearch` may cause catastrophic backtracking against some strings.
PoC is the following.

```javascript
import * as marked from 'marked';

console.log(marked.parse(`[x]: x

\\[\\](\\[\\](\\[\\](\\[\\](\\[\\](\\[\\](\\[\\](\\[\\](\\[\\](\\[\\](\\[\\](\\[\\](\\[\\](\\[\\](\\[\\](\\[\\](\\[\\](\\[\\](\\[\\](\\[\\](\\[\\](\\[\\](\\[\\](\\[\\](\\[\\](\\[\\](\\[\\](\\[\\](\\[\\](\\[\\](`));
```

_Who is impacted?_

Anyone who runs untrusted markdown through marked and does not use a worker with a time limit.

### Patches

_Has the problem been patched?_

Yes

_What versions should users upgrade to?_

4.0.10

### Workarounds

_Is there a way for users to fix or remediate the vulnerability without upgrading?_

Do not run untrusted markdown through marked or run marked on a [worker](https://marked.js.org/using_advanced#workers) thread and set a reasonable time limit to prevent draining resources.

### References

_Are there any links users can visit to find out more?_

- https://marked.js.org/using_advanced#workers
- https://owasp.org/www-community/attacks/Regular_expression_Denial_of_Service_-_ReDoS

### For more information

If you have any questions or comments about this advisory:

* Open an issue in [marked](https://github.com/markedjs/marked)
CWE-1333 Inefficient Regular Expression Complexity

CVSSv3:
  • Base Score: HIGH (7.5)
  • Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Unscored:
  • Severity: high

References:

Vulnerable Software & Versions (NPM):

  • cpe:2.3:a:*:marked:\<4.0.10:*:*:*:*:*:*:*

GHSA-rrrm-qjm4-v8hf (NPM)  

### Impact

_What kind of vulnerability is it?_

Denial of service.

The regular expression `block.def` may cause catastrophic backtracking against some strings.
PoC is the following.

```javascript
import * as marked from "marked";

marked.parse(`[x]:${' '.repeat(1500)}x ${' '.repeat(1500)} x`);
```

_Who is impacted?_

Anyone who runs untrusted markdown through marked and does not use a worker with a time limit.

### Patches

_Has the problem been patched?_

Yes

_What versions should users upgrade to?_

4.0.10

### Workarounds

_Is there a way for users to fix or remediate the vulnerability without upgrading?_

Do not run untrusted markdown through marked or run marked on a [worker](https://marked.js.org/using_advanced#workers) thread and set a reasonable time limit to prevent draining resources.

### References

_Are there any links users can visit to find out more?_

- https://marked.js.org/using_advanced#workers
- https://owasp.org/www-community/attacks/Regular_expression_Denial_of_Service_-_ReDoS

### For more information

If you have any questions or comments about this advisory:

* Open an issue in [marked](https://github.com/markedjs/marked)
CWE-400 Uncontrolled Resource Consumption, CWE-1333 Inefficient Regular Expression Complexity

CVSSv3:
  • Base Score: HIGH (7.5)
  • Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Unscored:
  • Severity: high

References:

Vulnerable Software & Versions (NPM):

  • cpe:2.3:a:*:marked:\<4.0.10:*:*:*:*:*:*:*

GHSA-4r62-v4vq-hr96 (NPM)  

### Impact
_What kind of vulnerability is it? Who is impacted?_

[Regular expression Denial of Service](https://owasp.org/www-community/attacks/Regular_expression_Denial_of_Service_-_ReDoS)

A Denial of Service attack can affect anyone who runs user generated code through `marked`.

### Patches
_Has the problem been patched? What versions should users upgrade to?_

patched in v2.0.0

### Workarounds
_Is there a way for users to fix or remediate the vulnerability without upgrading?_

None.

### References
_Are there any links users can visit to find out more?_

https://github.com/markedjs/marked/issues/1927
https://owasp.org/www-community/attacks/Regular_expression_Denial_of_Service_-_ReDoS

### For more information
If you have any questions or comments about this advisory:
* Open an issue in [marked](https://github.com/markedjs/marked/issues)
CWE-400 Uncontrolled Resource Consumption

CVSSv3:
  • Base Score: MEDIUM (5.3)
  • Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Unscored:
  • Severity: moderate

References:

Vulnerable Software & Versions (NPM):

  • cpe:2.3:a:*:marked:\>\=1.1.1\<2.0.0:*:*:*:*:*:*:*

marked:3.0.4

Description:

A markdown parser built for speed

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/marked:3.0.4

Referenced In Project/Scope: simplicite-js:5.2.54

Identifiers

CVE-2022-21680  

Marked is a markdown parser and compiler. Prior to version 4.0.10, the regular expression `block.def` may cause catastrophic backtracking against some strings and lead to a regular expression denial of service (ReDoS). Anyone who runs untrusted markdown through a vulnerable version of marked and does not use a worker with a time limit may be affected. This issue is patched in version 4.0.10. As a workaround, avoid running untrusted markdown through marked or run marked on a worker thread and set a reasonable time limit to prevent draining resources.
CWE-1333 Inefficient Regular Expression Complexity

CVSSv2:
  • Base Score: MEDIUM (5.0)
  • Vector: /AV:N/AC:L/Au:N/C:N/I:N/A:P
CVSSv3:
  • Base Score: HIGH (7.5)
  • Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

References:

Vulnerable Software & Versions:

CVE-2022-21681  

Marked is a markdown parser and compiler. Prior to version 4.0.10, the regular expression `inline.reflinkSearch` may cause catastrophic backtracking against some strings and lead to a denial of service (DoS). Anyone who runs untrusted markdown through a vulnerable version of marked and does not use a worker with a time limit may be affected. This issue is patched in version 4.0.10. As a workaround, avoid running untrusted markdown through marked or run marked on a worker thread and set a reasonable time limit to prevent draining resources.
CWE-1333 Inefficient Regular Expression Complexity

CVSSv2:
  • Base Score: MEDIUM (5.0)
  • Vector: /AV:N/AC:L/Au:N/C:N/I:N/A:P
CVSSv3:
  • Base Score: HIGH (7.5)
  • Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

References:

Vulnerable Software & Versions:

marked:4.3.0

Description:

A markdown parser built for speed

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/marked:4.3.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/jsdoc:4.0.2
  • simplicite-js:5.2.54

Identifiers

mathml-tag-names:2.1.3

Description:

List of known MathML tag-names

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?stylelint:14.16.1/mathml-tag-names:^2.1.3

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/stylelint:14.16.1
  • simplicite-js:5.2.54

Identifiers

mbassador-1.3.2.jar

Description:

        Mbassador is a fast and flexible event bus system following the publish subscribe pattern.
        It is designed for ease of use and aims to be feature rich and extensible while preserving resource efficiency
        and performance.
        It provides non-blocking iterators and minimal write contention with low memory footprint.

        Some features:
        declarative handler definition via annotations,
        sync and/or async event delivery,
        weak or strong references,
        configurable event filters,

License:

MIT license: http://www.opensource.org/licenses/mit-license.php
File Path: /var/simplicite/.m2/repository/net/engio/mbassador/1.3.2/mbassador-1.3.2.jar
MD5: 6844d9220e623fa491776e38a61f29a2
SHA1: 4ebb2c5f853bf8a5f87147b186a9758d2e2ec0af
SHA256:469e2e9c68271eadaff12483bbb1abc640ea9973af7fa0519250e04f503aca67
Referenced In Project/Scope: Simplicite Platform:compile
mbassador-1.3.2.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.docx4j/docx4j-core@11.2.9

Identifiers

mchange-commons-java-0.2.19.jar

Description:

mchange-commons-java

License:

GNU Lesser General Public License, Version 2.1: http://www.gnu.org/licenses/lgpl-2.1.html
Eclipse Public License, Version 1.0: http://www.eclipse.org/org/documents/epl-v10.html
File Path: /var/simplicite/.m2/repository/com/mchange/mchange-commons-java/0.2.19/mchange-commons-java-0.2.19.jar
MD5: 795d7e75026388f4d90aa9719666e5db
SHA1: 7a4bee38ea02bd7dee776869b19fb3f6861d6acf
SHA256:03761838ba2a7c9cce56ba84781633f107c8befb4e3607b336ee3010f915165d
Referenced In Project/Scope: Simplicite Platform:compile
mchange-commons-java-0.2.19.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.mchange/c3p0@0.9.5.5

Identifiers

mdurl:1.0.1

Description:

URL utilities for markdown-it

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/mdurl:1.0.1

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54
  • simplicite-js:5.2.54/markdown-it:12.3.2

Identifiers

meow:9.0.0

Description:

CLI app helper

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?stylelint:14.16.1/meow:^9.0.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/npm-check:6.0.1
  • simplicite-js:5.2.54/stylelint:14.16.1
  • simplicite-js:5.2.54

Identifiers

merge-stream:2.0.0

Description:

Create a stream that emits events from multiple other streams

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/merge-stream:2.0.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/execa:5.1.1
  • simplicite-js:5.2.54

Identifiers

merge2:1.4.1

Description:

Merge multiple streams into one stream in sequence or parallel.

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/merge2:1.4.1

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54
  • simplicite-js:5.2.54/globby:11.1.0
  • simplicite-js:5.2.54/fast-glob:3.3.0

Identifiers

metadata-extractor-2.15.0.1.jar

Description:

        This is a fork of com.drewnoakes' metadata-extractor that relocates com.adobe.internal to com.adobe.

        Java library for extracting EXIF, IPTC, XMP, ICC and other metadata from image and video files.

License:

The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /var/simplicite/.m2/repository/org/tallison/metadata-extractor/2.15.0.1/metadata-extractor-2.15.0.1.jar
MD5: 3457db7f82e0be00137425862eab5a5b
SHA1: a50bdbe87196f314917c2dc94f70622b8cf93e56
SHA256:73b7bce2a7c72a118d487cc78fe243367cc48a7a40b2d8629ad5df5bea37cadd
Referenced In Project/Scope: Simplicite Platform:compile
metadata-extractor-2.15.0.1.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.apache.tika/tika-parsers@1.27

Identifiers

CVE-2022-24613  

metadata-extractor up to 2.16.0 can throw various uncaught exceptions while parsing a specially crafted JPEG file, which could result in an application crash. This could be used to mount a denial of service attack against services that use metadata-extractor library.
CWE-755 Improper Handling of Exceptional Conditions

CVSSv2:
  • Base Score: MEDIUM (4.3)
  • Vector: /AV:N/AC:M/Au:N/C:N/I:N/A:P
CVSSv3:
  • Base Score: MEDIUM (5.5)
  • Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

References:

Vulnerable Software & Versions:

CVE-2022-24614  

When reading a specially crafted JPEG file, metadata-extractor up to 2.16.0 can be made to allocate large amounts of memory that finally leads to an out-of-memory error even for very small inputs. This could be used to mount a denial of service attack against services that use metadata-extractor library.
CWE-770 Allocation of Resources Without Limits or Throttling

CVSSv2:
  • Base Score: MEDIUM (4.3)
  • Vector: /AV:N/AC:M/Au:N/C:N/I:N/A:P
CVSSv3:
  • Base Score: MEDIUM (5.5)
  • Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

References:

Vulnerable Software & Versions:

micromatch:4.0.5

Description:

Glob matching for javascript/node.js. A replacement and faster alternative to minimatch and multimatch.

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?stylelint:14.16.1/micromatch:^4.0.5

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/stylelint:14.16.1
  • simplicite-js:5.2.54/find-yarn-workspace-root2:1.2.16
  • simplicite-js:5.2.54
  • simplicite-js:5.2.54/fast-glob:3.3.0

Identifiers

migbase64-2.2.jar

Description:

MiGBase64 is a very fast and small Base64 Codec written in Java

License:

Prior BSD License: http://en.wikipedia.org/wiki/BSD_licenses
File Path: /var/simplicite/.m2/repository/com/brsanthu/migbase64/2.2/migbase64-2.2.jar
MD5: da3ef3a9a9fa358ed789b37a3c780727
SHA1: bcc14967d516e93c527897a6c531ba76b5751faa
SHA256:07224584b6227efbb815e96e3153945786e2a6b1a934620b6130331c2351c129
Referenced In Project/Scope: Simplicite Platform:provided
migbase64-2.2.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.docusign/docusign-esign-java@3.14.0

Identifiers

mimepull-1.9.11.jar

Description:

Provides a streaming API to access attachments parts in a MIME message.

License:

Eclipse Distribution License - v 1.0: http://www.eclipse.org/org/documents/edl-v10.php
File Path: /var/simplicite/.m2/repository/org/jvnet/mimepull/mimepull/1.9.11/mimepull-1.9.11.jar
MD5: 14d04d21f1d41b42438f4be94f6e6057
SHA1: d1cd7921d4c6c77938cefbb16d4f646c74278718
SHA256:58a29baedb4d7affdcc35624f3fd0674b6de3fbb188afb8515ae1b52ffedaf69
Referenced In Project/Scope: Simplicite Platform:provided
mimepull-1.9.11.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.docusign/docusign-esign-java@3.14.0

Identifiers

mimic-fn:2.1.0

Description:

Make a function mimic another one

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?onetime:5.1.2/mimic-fn:^2.1.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/onetime:5.1.2
  • simplicite-js:5.2.54

Identifiers

mimic-response:1.0.1

Description:

Mimic a Node.js HTTP response stream

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/mimic-response:1.0.1

Referenced In Project/Scope: simplicite-js:5.2.54

Identifiers

mimic-response:3.1.0

Description:

Mimic a Node.js HTTP response stream

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/mimic-response:3.1.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/decompress-response:6.0.0
  • simplicite-js:5.2.54

Identifiers

mimic-response:4.0.0

Description:

Mimic a Node.js HTTP response stream

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/mimic-response:4.0.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/decompress-response:3.3.0
  • simplicite-js:5.2.54/cacheable-request:10.2.12
  • simplicite-js:5.2.54/clone-response:1.0.3
  • simplicite-js:5.2.54/got:9.6.0
  • simplicite-js:5.2.54

Identifiers

min-indent:1.0.1

Description:

Get the shortest leading whitespace from lines in a string

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?strip-indent:3.0.0/min-indent:^1.0.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/strip-indent:3.0.0
  • simplicite-js:5.2.54

Identifiers

minimatch:3.1.2

Description:

a glob matcher in javascript

License:

ISC
File Path: /var/simplicite/simplicite-5.2/package-lock.json?npm-check:6.0.1/minimatch:^3.0.2

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/npm-check:6.0.1
  • simplicite-js:5.2.54/glob:7.2.3
  • simplicite-js:5.2.54/multimatch:5.0.0
  • simplicite-js:5.2.54/ignore-walk:6.0.3
  • simplicite-js:5.2.54/@eslint/eslintrc:2.1.4
  • simplicite-js:5.2.54/jshint:2.13.1
  • simplicite-js:5.2.54/npm-check-updates:16.14.14
  • simplicite-js:5.2.54
  • simplicite-js:5.2.54/@humanwhocodes/config-array:0.11.13
  • simplicite-js:5.2.54/depcheck:1.4.3
  • simplicite-js:5.2.54/@tufjs/models:1.0.4
  • simplicite-js:5.2.54/eslint:8.56.0
  • simplicite-js:5.2.54/glob:10.3.10
  • simplicite-js:5.2.54/glob:10.3.3

Identifiers

minimatch:9.0.3

Description:

a glob matcher in javascript

License:

ISC
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/minimatch:9.0.3

Referenced In Project/Scope: simplicite-js:5.2.54

Identifiers

minimist-options:4.1.0

Description:

Pretty options for minimist

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/minimist-options:4.1.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/meow:9.0.0
  • simplicite-js:5.2.54

Identifiers

minimist:1.2.8

Description:

parse argument options

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?split-text-to-chunks:1.0.0/minimist:^1.2.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/rc:1.2.8
  • simplicite-js:5.2.54/split-text-to-chunks:1.0.0
  • simplicite-js:5.2.54/handlebars:4.7.7
  • simplicite-js:5.2.54

Identifiers

minipass-collect:1.0.2

Description:

A Minipass stream that collects all the data into a single chunk

License:

ISC
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/minipass-collect:1.0.2

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/cacache:17.1.3
  • simplicite-js:5.2.54

Identifiers

minipass-fetch:3.0.3

Description:

An implementation of window.fetch in Node.js using Minipass streams

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?npm-registry-fetch:14.0.5/minipass-fetch:^3.0.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/npm-registry-fetch:14.0.5
  • simplicite-js:5.2.54/make-fetch-happen:11.1.1
  • simplicite-js:5.2.54

Identifiers

minipass-flush:1.0.5

Description:

A Minipass stream that calls a flush function before emitting 'end'

License:

ISC
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/minipass-flush:1.0.5

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/make-fetch-happen:11.1.1
  • simplicite-js:5.2.54/cacache:17.1.3
  • simplicite-js:5.2.54

Identifiers

minipass-json-stream:1.0.1

Description:

Like JSONStream, but using Minipass streams

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?npm-registry-fetch:14.0.5/minipass-json-stream:^1.0.1

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/npm-registry-fetch:14.0.5
  • simplicite-js:5.2.54

Identifiers

minipass-pipeline:1.2.4

Description:

create a pipeline of streams using Minipass

License:

ISC
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/minipass-pipeline:1.2.4

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/make-fetch-happen:11.1.1
  • simplicite-js:5.2.54/cacache:17.1.3
  • simplicite-js:5.2.54

Identifiers

minipass-sized:1.0.3

Description:

A Minipass stream that raises an error if you get a different number of bytes than expected

License:

ISC
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/minipass-sized:1.0.3

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/minipass-fetch:3.0.3
  • simplicite-js:5.2.54

Identifiers

minipass:3.3.6

Description:

minimal implementation of a PassThrough stream

License:

ISC
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/minipass:3.3.6

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/minipass-pipeline:1.2.4
  • simplicite-js:5.2.54/fs-minipass:2.1.0
  • simplicite-js:5.2.54/minipass-sized:1.0.3
  • simplicite-js:5.2.54/minipass-json-stream:1.0.1
  • simplicite-js:5.2.54/minizlib:2.1.2
  • simplicite-js:5.2.54/minipass-flush:1.0.5
  • simplicite-js:5.2.54/minipass-collect:1.0.2
  • simplicite-js:5.2.54

Identifiers

minipass:5.0.0

Description:

minimal implementation of a PassThrough stream

License:

ISC
File Path: /var/simplicite/simplicite-5.2/package-lock.json?tar:6.1.15/minipass:^5.0.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/npm-registry-fetch:14.0.5
  • simplicite-js:5.2.54/make-fetch-happen:11.1.1
  • simplicite-js:5.2.54
  • simplicite-js:5.2.54/ssri:10.0.4
  • simplicite-js:5.2.54/path-scurry:1.10.1
  • simplicite-js:5.2.54/fs-minipass:3.0.2
  • simplicite-js:5.2.54/tar:6.1.15
  • simplicite-js:5.2.54/glob:10.3.10
  • simplicite-js:5.2.54/minipass-fetch:3.0.3
  • simplicite-js:5.2.54/cacache:17.1.3
  • simplicite-js:5.2.54/pacote:15.2.0
  • simplicite-js:5.2.54/glob:10.3.3

Identifiers

minizlib:2.1.2

Description:

A small fast zlib stream built on [minipass](http://npm.im/minipass) and Node.js's zlib binding.

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?tar:6.1.15/minizlib:^2.1.1

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/npm-registry-fetch:14.0.5
  • simplicite-js:5.2.54/tar:6.1.15
  • simplicite-js:5.2.54/minipass-fetch:3.0.3
  • simplicite-js:5.2.54

Identifiers

mkdirp:1.0.4

Description:

Recursively mkdir, like `mkdir -p`

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?tar:6.1.15/mkdirp:^1.0.3

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/jsdoc:4.0.2
  • simplicite-js:5.2.54/tar:6.1.15
  • simplicite-js:5.2.54

Identifiers

mockito-core-4.5.1.jar

Description:

Mockito mock objects library core API and implementation

License:

The MIT License: https://github.com/mockito/mockito/blob/main/LICENSE
File Path: /var/simplicite/.m2/repository/org/mockito/mockito-core/4.5.1/mockito-core-4.5.1.jar
MD5: 839f61b6c516e873a28b4830c18a0a06
SHA1: 0ed456e623e5afc6f4cee3ae58144e5c45f3b3bf
SHA256:0b66f11abbb39eaffb05989109892a50fd344d633a3b3587726ef1fe5fc8ab78
Referenced In Project/Scope: Simplicite Platform:compile
mockito-core-4.5.1.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.simplicite/simplicite@5.2.54

Identifiers

moment-timezone:0.5.34

Description:

Parse and display moments in any timezone.

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/moment-timezone:0.5.34

Referenced In Project/Scope: simplicite-js:5.2.54

Identifiers

GHSA-v78c-4p63-2j6c (NPM)  

### Impact

* if Alice uses `grunt data` (or `grunt release`) to prepare a custom-build, moment-timezone with the latest tzdata from IANA's website
* and Mallory intercepts the request to IANA's unencrypted ftp server, Mallory can serve data which might exploit further stages of the moment-timezone tzdata pipeline, or potentially produce a tainted version of moment-timezone (practicality of such attacks is not proved)

### Patches
Problem has been patched in version 0.5.35, patch should be applicable with minor modifications to all affected versions. The patch includes changing the FTP endpoint with an HTTPS endpoint.

### Workarounds
Specify the exact version of tzdata (like `2014d`, full command being `grunt data:2014d`, then run the rest of the release tasks by hand), or just apply the patch before issuing the grunt command.
CWE-319 Cleartext Transmission of Sensitive Information

Unscored:
  • Severity: moderate

References:

Vulnerable Software & Versions (NPM):

  • cpe:2.3:a:*:moment-timezone:\>\=0.1.0\<0.5.35:*:*:*:*:*:*:*

GHSA-56x4-j7p9-fcf9 (NPM)  

### Impact

All versions of moment-timezone from 0.1.0 contain build tasks vulnerable to command injection.

* if Alice uses tzdata pipeline to package moment-timezone on her own (for example via `grunt data:2014d`, where `2014d` stands for the version of the tzdata to be used from IANA's website),
* and Alice let's Mallory select the version (`2014d` in our example), then Mallory can execute arbitrary commands on the machine running the grunt task, with the same privilege as the grunt task

#### Am I affected?

##### Do you build custom versions of moment-timezone with grunt?

If no, you're not affected.

##### Do you allow a third party to specify which particular version you want build?

If yes, you're vulnerable to command injection -- third party may execute arbitrary commands on the system running grunt task with the same privileges as grunt task.

### Description

#### Command Injection via grunt-zdownload.js and MITM on iana's ftp endpoint

The `tasks/data-download.js` script takes in a parameter from grunt and uses it to form a command line which is then executed:

```
6  module.exports = function (grunt) {
7      grunt.registerTask('data-download', '1. Download data from iana.org/time-zones.', function (version) {
8          version = version || 'latest';

10          var done  = this.async(),
11              src   = 'ftp://ftp.iana.org/tz/tzdata-latest.tar.gz',
12              curl  = path.resolve('temp/curl', version, 'data.tar.gz'),
13              dest  = path.resolve('temp/download', version);
...
24          exec('curl ' + src + ' -o ' + curl + ' && cd ' + dest + ' && gzip -dc ' + curl + ' | tar -xf -', function (err) {
```

Ordinarily, one one run this script using something like `grunt data-download:2014d`, in which case version would have the value `2014d`. However, if an attacker were to provide additional content on the command line, they would be able to execute arbitrary code

```
root@e94ba0490b65:/usr/src/app/moment-timezone# grunt 'data-download:2014d ; echo flag>/tmp/foo #'
\Running "data-download:2014d ; echo flag>/tmp/foo #" (data-download) task
>> Downloading https://data.iana.org/time-zones/releases/tzdata2014d ; echo flag>/tmp/foo #.tar.gz
>> Downloaded https://data.iana.org/time-zones/releases/tzdata2014d ; echo flag>/tmp/foo #.tar.gz

Done.
root@e94ba0490b65:/usr/src/app/moment-timezone# cat /tmp/foo
flag
```

#### Command Injection via data-zdump.js

The `tasks/data-zdump.js` script reads a list of files present in a temporary directory (created by previous tasks), and for each one, assembles and executes a command line without sanitization. As a result, an attacker able to influence the contents of that directory could gain code execution. This attack is exacerbated by timezone data being downloaded via cleartext FTP (described above), but beyond that, an attacker at iana.org able to modify the timezone files could disrupt any systems that build moment-timezone.

```
15              files     = grunt.file.expand({ filter : 'isFile', cwd : 'temp/zic/' + version }, '**/*');
...
27          function next () {
...
33              var file = files.pop(),
34                  src  = path.join(zicBase, file),
35                  dest = path.join(zdumpBase, file);
36              exec('zdump -v ' + src, { maxBuffer: 20*1024*1024 }, function (err, stdout) {
```

In this case, an attacker able to add a file to `temp/zic/2014d` (for example) with a filename like `Z; curl www.example.com` would influence the called to exec on line 36 and run arbitrary code. There are a few minor challenges in exploiting this, since the string needs to be a valid filename.

#### Command Injection via data-zic.js

Similar to the vulnerability in /tasks/data-download.js, the /tasks/data-zic.js script takes a version from the command line and uses it as part of a command line, executed without sanitization.

```
10          var done  = this.async(),
11              dest  = path.resolve('temp/zic', version),
...
22              var file = files.shift(),
23                  src = path.resolve('temp/download', version, file);
24
25              exec('zic -d ' + dest + ' ' + src, function (err) {
```

As a result, an attacker able to influence that string can run arbitrary commands. Of course, it requires an attacker able to influence the command passed to grunt, so may be unlikely in practice.

```
root@e94ba0490b65:/usr/src/app/moment-timezone# grunt 'data-zic:2014d; echo hi > /tmp/evil; echo '
Running "data-zic:2014d; echo hi > /tmp/evil; echo " (data-zic) task
exec: zid -d /usr/src/app/moment-timezone/temp/zic/2014d; echo hi > /tmp/evil; echo  /usr/src/app/moment-timezone/temp/download/2014d; echo hi > /tmp/evil; echo /africa
...

root@e94ba0490b65:/usr/src/app/moment-timezone# cat /tmp/evil
hi
```

### Patches

The supplied patch on top of 0.5.34 is applicable with minor tweaks to all affected versions. It switches `exec` to `execFile` so arbitrary bash fragments won't be executed any more.

### References

* https://knowledge-base.secureflag.com/vulnerabilities/code_injection/os_command_injection_nodejs.html
* https://auth0.com/blog/preventing-command-injection-attacks-in-node-js-apps/
Unscored:
  • Severity: low

References:

Vulnerable Software & Versions (NPM):

  • cpe:2.3:a:*:moment-timezone:\>\=0.1.0\<0.5.35:*:*:*:*:*:*:*

moment:2.29.4

Description:

Parse, validate, manipulate, and display dates

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?npm-audit-html:1.5.0/moment:^2.29.1

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/npm-audit-html:1.5.0
  • simplicite-js:5.2.54/chart.js:2.9.4
  • simplicite-js:5.2.54/moment-timezone:0.5.34
  • simplicite-js:5.2.54

Identifiers

mongodb-driver-core-3.12.12.jar

Description:

The Java operations layer for the MongoDB Java Driver.
 Third parties can wrap this layer to provide custom higher-level APIs

License:

The Apache License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /var/simplicite/.m2/repository/org/mongodb/mongodb-driver-core/3.12.12/mongodb-driver-core-3.12.12.jar
MD5: 909a1ce74cb81db2a2686d958fa1ecd0
SHA1: f0ce8a99d1b3705fd2702c3532036bbb68f88221
SHA256:9103fe4e5d95f752614de7f074a2953119a8fba87c5e3dba1c806139c8c42382
Referenced In Project/Scope: Simplicite Platform:compile
mongodb-driver-core-3.12.12.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.mongodb/mongodb-driver@3.12.12

Identifiers

ms:2.1.2

Description:

Tiny millisecond conversion utility

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/ms:2.1.2

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/debug:4.3.4
  • simplicite-js:5.2.54
  • simplicite-js:5.2.54/humanize-ms:1.2.1

Identifiers

mssql-jdbc-12.4.1.jre8.jar

Description:

		Microsoft JDBC Driver for SQL Server.

License:

MIT License: http://www.opensource.org/licenses/mit-license.php
File Path: /var/simplicite/.m2/repository/com/microsoft/sqlserver/mssql-jdbc/12.4.1.jre8/mssql-jdbc-12.4.1.jre8.jar
MD5: 56461011bb8aae30f3f0b8d1ff1a8159
SHA1: 9654deb288383d3048cd907c65ada3832d58ccc0
SHA256:0a2e7d30b539d0397eae652cb57edcfc1740249fc608260ba9ccabc46af683b1
Referenced In Project/Scope: Simplicite Platform:runtime
mssql-jdbc-12.4.1.jre8.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.simplicite/simplicite@5.2.54

Identifiers

multimatch:5.0.0

Description:

Extends `minimatch.match()` with support for multiple patterns

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/multimatch:5.0.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54
  • simplicite-js:5.2.54/depcheck:1.4.3

Identifiers

mustache:4.2.0

Description:

Logic-less {{mustache}} templates with JavaScript

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/mustache:4.2.0

Referenced In Project/Scope: simplicite-js:5.2.54

Identifiers

mute-stream:0.0.8

Description:

Bytes go in, but they don't come out (when muted).

License:

ISC
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/mute-stream:0.0.8

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/inquirer:7.3.3
  • simplicite-js:5.2.54

Identifiers

mysql-connector-j-8.1.0.jar

Description:

JDBC Type 4 driver for MySQL.

License:

The GNU General Public License, v2 with Universal FOSS Exception, v1.0
File Path: /var/simplicite/.m2/repository/com/mysql/mysql-connector-j/8.1.0/mysql-connector-j-8.1.0.jar
MD5: e84fdafa40e6625878f79efc7339d93b
SHA1: 3f78d2963935f44a61edb3961a591cdc392c8941
SHA256:e2e657e9c5ebe06a73485c9739ebd8a18e7bebb852a58d0da287da850beca1c7
Referenced In Project/Scope: Simplicite Platform:runtime
mysql-connector-j-8.1.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.simplicite/simplicite@5.2.54

Identifiers

CVE-2023-22102  

Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/J).  Supported versions that are affected are 8.1.0 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Connectors.  Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in MySQL Connectors, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in takeover of MySQL Connectors. CVSS 3.1 Base Score 8.3 (Confidentiality, Integrity and Availability impacts).  CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H).
NVD-CWE-noinfo

CVSSv3:
  • Base Score: HIGH (8.3)
  • Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H

References:

Vulnerable Software & Versions: (show all)

nanoid:3.3.6

Description:

A tiny (116 bytes), secure URL-friendly unique string ID generator

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?postcss:8.4.24/nanoid:^3.3.6

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/postcss:8.4.24
  • simplicite-js:5.2.54

Identifiers

natural-compare:1.4.0

Description:

Compare strings containing a mix of letters and numbers in the way a human being would in sort order.

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/natural-compare:1.4.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/eslint:8.56.0
  • simplicite-js:5.2.54

Identifiers

negotiator:0.6.3

Description:

HTTP content negotiation

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/negotiator:0.6.3

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/make-fetch-happen:11.1.1
  • simplicite-js:5.2.54

Identifiers

neo-async:2.6.2

Description:

Neo-Async is a drop-in replacement for Async, it almost fully covers its functionality and runs faster

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/neo-async:2.6.2

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/handlebars:4.7.7
  • simplicite-js:5.2.54

Identifiers

netcdf4-4.5.5.jar

File Path: /var/simplicite/.m2/repository/edu/ucar/netcdf4/4.5.5/netcdf4-4.5.5.jar
MD5: 5f14df469295650fd65748a003c9ba56
SHA1: 0675d63ecc857c50dd50858011b670160aa30b62
SHA256:131e3983dcf001677be069a7471797a4a9ad2c9783e88db56e32506cf1039635
Referenced In Project/Scope: Simplicite Platform:compile
netcdf4-4.5.5.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.apache.tika/tika-parsers@1.27

Identifiers

netty-codec-4.1.59.Final.jar

Description:

Netty is an asynchronous event-driven network application framework for    rapid development of maintainable high performance protocol servers and    clients.

License:

https://www.apache.org/licenses/LICENSE-2.0
File Path: /var/simplicite/.m2/repository/io/netty/netty-codec/4.1.59.Final/netty-codec-4.1.59.Final.jar
MD5: f38a8ce1d0a9a7a93032f759ef5af0dd
SHA1: 5e563309b99cf55bdbecc4dab7c417a0167c31aa
SHA256:7f65a27aed141fef0e1601dc6e7172f0d337ca5bdce0162b60a5b07be4929547
Referenced In Project/Scope: Simplicite Platform:compile
netty-codec-4.1.59.Final.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/io.netty/netty-handler@4.1.59.Final

Identifiers

CVE-2021-37136  

The Bzip2 decompression decoder function doesn't allow setting size restrictions on the decompressed output data (which affects the allocation size used during decompression). All users of Bzip2Decoder are affected. The malicious input can trigger an OOME and so a DoS attack
CWE-400 Uncontrolled Resource Consumption

CVSSv2:
  • Base Score: MEDIUM (5.0)
  • Vector: /AV:N/AC:L/Au:N/C:N/I:N/A:P
CVSSv3:
  • Base Score: HIGH (7.5)
  • Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

References:

Vulnerable Software & Versions: (show all)

CVE-2021-37137  

The Snappy frame decoder function doesn't restrict the chunk length which may lead to excessive memory usage. Beside this it also may buffer reserved skippable chunks until the whole chunk was received which may lead to excessive memory usage as well. This vulnerability can be triggered by supplying malicious input that decompresses to a very big size (via a network stream or a file) or by sending a huge skippable chunk.
CWE-400 Uncontrolled Resource Consumption

CVSSv2:
  • Base Score: MEDIUM (5.0)
  • Vector: /AV:N/AC:L/Au:N/C:N/I:N/A:P
CVSSv3:
  • Base Score: HIGH (7.5)
  • Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

References:

Vulnerable Software & Versions: (show all)

CVE-2022-41881  

Netty project is an event-driven asynchronous network application framework. In versions prior to 4.1.86.Final, a StackOverflowError can be raised when parsing a malformed crafted message due to an infinite recursion. This issue is patched in version 4.1.86.Final. There is no workaround, except using a custom HaProxyMessageDecoder.
CWE-674 Uncontrolled Recursion

CVSSv3:
  • Base Score: HIGH (7.5)
  • Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

References:

Vulnerable Software & Versions:

CVE-2023-44487  

CISA Known Exploited Vulnerability:
  • Product: IETF HTTP/2
  • Name: HTTP/2 Rapid Reset Attack Vulnerability
  • Date Added: 2023-10-10
  • Description: HTTP/2 contains a rapid reset vulnerability that allows for a distributed denial-of-service attack (DDoS).
  • Required Action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
  • Due Date: 2023-10-31
  • Notes: https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack/

The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
CWE-400 Uncontrolled Resource Consumption

CVSSv3:
  • Base Score: HIGH (7.5)
  • Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

References:

Vulnerable Software & Versions: (show all)

CVE-2021-43797  

Netty is an asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers & clients. Netty prior to version 4.1.71.Final skips control chars when they are present at the beginning / end of the header name. It should instead fail fast as these are not allowed by the spec and could lead to HTTP request smuggling. Failing to do the validation might cause netty to "sanitize" header names before it forward these to another remote system when used as proxy. This remote system can't see the invalid usage anymore, and therefore does not do the validation itself. Users should upgrade to version 4.1.71.Final.
CWE-444 Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')

CVSSv2:
  • Base Score: MEDIUM (4.3)
  • Vector: /AV:N/AC:M/Au:N/C:N/I:P/A:N
CVSSv3:
  • Base Score: MEDIUM (6.5)
  • Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

References:

Vulnerable Software & Versions: (show all)

CVE-2022-41915 (OSSINDEX)  

Netty project is an event-driven asynchronous network application framework. Starting in version 4.1.83.Final and prior to 4.1.86.Final, when calling `DefaultHttpHeadesr.set` with an _iterator_ of values, header value validation was not performed, allowing malicious header values in the iterator to perform HTTP Response Splitting. This issue has been patched in version 4.1.86.Final. Integrators can work around the issue by changing the `DefaultHttpHeaders.set(CharSequence, Iterator<?>)` call, into a `remove()` call, and call `add()` in a loop over the iterator of values.

Sonatype's research suggests that this CVE's details differ from those defined at NVD. See https://ossindex.sonatype.org/vulnerability/CVE-2022-41915 for details
CWE-113 Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Request/Response Splitting')

CVSSv2:
  • Base Score: MEDIUM (6.5)
  • Vector: /AV:N/AC:L/Au:/C:L/I:L/A:N

References:

Vulnerable Software & Versions (OSSINDEX):

  • cpe:2.3:a:io.netty:netty-codec:4.1.59.Final:*:*:*:*:*:*:*

CVE-2023-34462  

Netty is an asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers & clients. The `SniHandler` can allocate up to 16MB of heap for each channel during the TLS handshake. When the handler or the channel does not have an idle timeout, it can be used to make a TCP server using the `SniHandler` to allocate 16MB of heap. The `SniHandler` class is a handler that waits for the TLS handshake to configure a `SslHandler` according to the indicated server name by the `ClientHello` record. For this matter it allocates a `ByteBuf` using the value defined in the `ClientHello` record. Normally the value of the packet should be smaller than the handshake packet but there are not checks done here and the way the code is written, it is possible to craft a packet that makes the `SslClientHelloHandler`. This vulnerability has been fixed in version 4.1.94.Final.
CWE-400 Uncontrolled Resource Consumption

CVSSv3:
  • Base Score: MEDIUM (6.5)
  • Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

References:

Vulnerable Software & Versions:

CVE-2021-21295  

Netty is an open-source, asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers & clients. In Netty (io.netty:netty-codec-http2) before version 4.1.60.Final there is a vulnerability that enables request smuggling. If a Content-Length header is present in the original HTTP/2 request, the field is not validated by `Http2MultiplexHandler` as it is propagated up. This is fine as long as the request is not proxied through as HTTP/1.1. If the request comes in as an HTTP/2 stream, gets converted into the HTTP/1.1 domain objects (`HttpRequest`, `HttpContent`, etc.) via `Http2StreamFrameToHttpObjectCodec `and then sent up to the child channel's pipeline and proxied through a remote peer as HTTP/1.1 this may result in request smuggling. In a proxy case, users may assume the content-length is validated somehow, which is not the case. If the request is forwarded to a backend channel that is a HTTP/1.1 connection, the Content-Length now has meaning and needs to be checked. An attacker can smuggle requests inside the body as it gets downgraded from HTTP/2 to HTTP/1.1. For an example attack refer to the linked GitHub Advisory. Users are only affected if all of this is true: `HTTP2MultiplexCodec` or `Http2FrameCodec` is used, `Http2StreamFrameToHttpObjectCodec` is used to convert to HTTP/1.1 objects, and these HTTP/1.1 objects are forwarded to another remote peer. This has been patched in 4.1.60.Final As a workaround, the user can do the validation by themselves by implementing a custom `ChannelInboundHandler` that is put in the `ChannelPipeline` behind `Http2StreamFrameToHttpObjectCodec`.
CWE-444 Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')

CVSSv2:
  • Base Score: LOW (2.6)
  • Vector: /AV:N/AC:H/Au:N/C:N/I:P/A:N
CVSSv3:
  • Base Score: MEDIUM (5.9)
  • Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

References:

Vulnerable Software & Versions: (show all)

CVE-2021-21409  

Netty is an open-source, asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers & clients. In Netty (io.netty:netty-codec-http2) before version 4.1.61.Final there is a vulnerability that enables request smuggling. The content-length header is not correctly validated if the request only uses a single Http2HeaderFrame with the endStream set to to true. This could lead to request smuggling if the request is proxied to a remote peer and translated to HTTP/1.1. This is a followup of GHSA-wm47-8v5p-wjpj/CVE-2021-21295 which did miss to fix this one case. This was fixed as part of 4.1.61.Final.
CWE-444 Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')

CVSSv2:
  • Base Score: MEDIUM (4.3)
  • Vector: /AV:N/AC:M/Au:N/C:N/I:P/A:N
CVSSv3:
  • Base Score: MEDIUM (5.9)
  • Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

References:

Vulnerable Software & Versions: (show all)

CVE-2022-24823  

Netty is an open-source, asynchronous event-driven network application framework. The package `io.netty:netty-codec-http` prior to version 4.1.77.Final contains an insufficient fix for CVE-2021-21290. When Netty's multipart decoders are used local information disclosure can occur via the local system temporary directory if temporary storing uploads on the disk is enabled. This only impacts applications running on Java version 6 and lower. Additionally, this vulnerability impacts code running on Unix-like systems, and very old versions of Mac OSX and Windows as they all share the system temporary directory between all users. Version 4.1.77.Final contains a patch for this vulnerability. As a workaround, specify one's own `java.io.tmpdir` when starting the JVM or use DefaultHttpDataFactory.setBaseDir(...) to set the directory to something that is only readable by the current user.
CWE-378 Creation of Temporary File With Insecure Permissions, CWE-379 Creation of Temporary File in Directory with Insecure Permissions, CWE-668 Exposure of Resource to Wrong Sphere

CVSSv2:
  • Base Score: LOW (1.9)
  • Vector: /AV:L/AC:M/Au:N/C:P/I:N/A:N
CVSSv3:
  • Base Score: MEDIUM (5.5)
  • Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

References:

Vulnerable Software & Versions: (show all)

netty-codec-http-4.1.59.Final.jar

Description:

Netty is an asynchronous event-driven network application framework for    rapid development of maintainable high performance protocol servers and    clients.

License:

https://www.apache.org/licenses/LICENSE-2.0
File Path: /var/simplicite/.m2/repository/io/netty/netty-codec-http/4.1.59.Final/netty-codec-http-4.1.59.Final.jar
MD5: 14eb72d0a3b44d64949575ec5e1121d7
SHA1: 766327d675678686a05faa446c4413d8ccb79b5c
SHA256:79cfb3a2bfe87f5f0f3a969bab783724eeee78d1fecef2fe841beddf947336b7
Referenced In Project/Scope: Simplicite Platform:compile
netty-codec-http-4.1.59.Final.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.simplicite/simplicite@5.2.54

Identifiers

CVE-2021-37136  

The Bzip2 decompression decoder function doesn't allow setting size restrictions on the decompressed output data (which affects the allocation size used during decompression). All users of Bzip2Decoder are affected. The malicious input can trigger an OOME and so a DoS attack
CWE-400 Uncontrolled Resource Consumption

CVSSv2:
  • Base Score: MEDIUM (5.0)
  • Vector: /AV:N/AC:L/Au:N/C:N/I:N/A:P
CVSSv3:
  • Base Score: HIGH (7.5)
  • Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

References:

Vulnerable Software & Versions: (show all)

CVE-2021-37137  

The Snappy frame decoder function doesn't restrict the chunk length which may lead to excessive memory usage. Beside this it also may buffer reserved skippable chunks until the whole chunk was received which may lead to excessive memory usage as well. This vulnerability can be triggered by supplying malicious input that decompresses to a very big size (via a network stream or a file) or by sending a huge skippable chunk.
CWE-400 Uncontrolled Resource Consumption

CVSSv2:
  • Base Score: MEDIUM (5.0)
  • Vector: /AV:N/AC:L/Au:N/C:N/I:N/A:P
CVSSv3:
  • Base Score: HIGH (7.5)
  • Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

References:

Vulnerable Software & Versions: (show all)

CVE-2022-41881  

Netty project is an event-driven asynchronous network application framework. In versions prior to 4.1.86.Final, a StackOverflowError can be raised when parsing a malformed crafted message due to an infinite recursion. This issue is patched in version 4.1.86.Final. There is no workaround, except using a custom HaProxyMessageDecoder.
CWE-674 Uncontrolled Recursion

CVSSv3:
  • Base Score: HIGH (7.5)
  • Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

References:

Vulnerable Software & Versions:

CVE-2023-44487  

CISA Known Exploited Vulnerability:
  • Product: IETF HTTP/2
  • Name: HTTP/2 Rapid Reset Attack Vulnerability
  • Date Added: 2023-10-10
  • Description: HTTP/2 contains a rapid reset vulnerability that allows for a distributed denial-of-service attack (DDoS).
  • Required Action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
  • Due Date: 2023-10-31
  • Notes: https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack/

The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
CWE-400 Uncontrolled Resource Consumption

CVSSv3:
  • Base Score: HIGH (7.5)
  • Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

References:

Vulnerable Software & Versions: (show all)

CVE-2021-43797  

Netty is an asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers & clients. Netty prior to version 4.1.71.Final skips control chars when they are present at the beginning / end of the header name. It should instead fail fast as these are not allowed by the spec and could lead to HTTP request smuggling. Failing to do the validation might cause netty to "sanitize" header names before it forward these to another remote system when used as proxy. This remote system can't see the invalid usage anymore, and therefore does not do the validation itself. Users should upgrade to version 4.1.71.Final.
CWE-444 Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')

CVSSv2:
  • Base Score: MEDIUM (4.3)
  • Vector: /AV:N/AC:M/Au:N/C:N/I:P/A:N
CVSSv3:
  • Base Score: MEDIUM (6.5)
  • Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

References:

Vulnerable Software & Versions: (show all)

CVE-2023-34462  

Netty is an asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers & clients. The `SniHandler` can allocate up to 16MB of heap for each channel during the TLS handshake. When the handler or the channel does not have an idle timeout, it can be used to make a TCP server using the `SniHandler` to allocate 16MB of heap. The `SniHandler` class is a handler that waits for the TLS handshake to configure a `SslHandler` according to the indicated server name by the `ClientHello` record. For this matter it allocates a `ByteBuf` using the value defined in the `ClientHello` record. Normally the value of the packet should be smaller than the handshake packet but there are not checks done here and the way the code is written, it is possible to craft a packet that makes the `SslClientHelloHandler`. This vulnerability has been fixed in version 4.1.94.Final.
CWE-400 Uncontrolled Resource Consumption

CVSSv3:
  • Base Score: MEDIUM (6.5)
  • Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

References:

Vulnerable Software & Versions:

CVE-2021-21295  

Netty is an open-source, asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers & clients. In Netty (io.netty:netty-codec-http2) before version 4.1.60.Final there is a vulnerability that enables request smuggling. If a Content-Length header is present in the original HTTP/2 request, the field is not validated by `Http2MultiplexHandler` as it is propagated up. This is fine as long as the request is not proxied through as HTTP/1.1. If the request comes in as an HTTP/2 stream, gets converted into the HTTP/1.1 domain objects (`HttpRequest`, `HttpContent`, etc.) via `Http2StreamFrameToHttpObjectCodec `and then sent up to the child channel's pipeline and proxied through a remote peer as HTTP/1.1 this may result in request smuggling. In a proxy case, users may assume the content-length is validated somehow, which is not the case. If the request is forwarded to a backend channel that is a HTTP/1.1 connection, the Content-Length now has meaning and needs to be checked. An attacker can smuggle requests inside the body as it gets downgraded from HTTP/2 to HTTP/1.1. For an example attack refer to the linked GitHub Advisory. Users are only affected if all of this is true: `HTTP2MultiplexCodec` or `Http2FrameCodec` is used, `Http2StreamFrameToHttpObjectCodec` is used to convert to HTTP/1.1 objects, and these HTTP/1.1 objects are forwarded to another remote peer. This has been patched in 4.1.60.Final As a workaround, the user can do the validation by themselves by implementing a custom `ChannelInboundHandler` that is put in the `ChannelPipeline` behind `Http2StreamFrameToHttpObjectCodec`.
CWE-444 Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')

CVSSv2:
  • Base Score: LOW (2.6)
  • Vector: /AV:N/AC:H/Au:N/C:N/I:P/A:N
CVSSv3:
  • Base Score: MEDIUM (5.9)
  • Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

References:

Vulnerable Software & Versions: (show all)

CVE-2021-21409  

Netty is an open-source, asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers & clients. In Netty (io.netty:netty-codec-http2) before version 4.1.61.Final there is a vulnerability that enables request smuggling. The content-length header is not correctly validated if the request only uses a single Http2HeaderFrame with the endStream set to to true. This could lead to request smuggling if the request is proxied to a remote peer and translated to HTTP/1.1. This is a followup of GHSA-wm47-8v5p-wjpj/CVE-2021-21295 which did miss to fix this one case. This was fixed as part of 4.1.61.Final.
CWE-444 Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')

CVSSv2:
  • Base Score: MEDIUM (4.3)
  • Vector: /AV:N/AC:M/Au:N/C:N/I:P/A:N
CVSSv3:
  • Base Score: MEDIUM (5.9)
  • Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

References:

Vulnerable Software & Versions: (show all)

CVE-2022-24823  

Netty is an open-source, asynchronous event-driven network application framework. The package `io.netty:netty-codec-http` prior to version 4.1.77.Final contains an insufficient fix for CVE-2021-21290. When Netty's multipart decoders are used local information disclosure can occur via the local system temporary directory if temporary storing uploads on the disk is enabled. This only impacts applications running on Java version 6 and lower. Additionally, this vulnerability impacts code running on Unix-like systems, and very old versions of Mac OSX and Windows as they all share the system temporary directory between all users. Version 4.1.77.Final contains a patch for this vulnerability. As a workaround, specify one's own `java.io.tmpdir` when starting the JVM or use DefaultHttpDataFactory.setBaseDir(...) to set the directory to something that is only readable by the current user.
CWE-378 Creation of Temporary File With Insecure Permissions, CWE-379 Creation of Temporary File in Directory with Insecure Permissions, CWE-668 Exposure of Resource to Wrong Sphere

CVSSv2:
  • Base Score: LOW (1.9)
  • Vector: /AV:L/AC:M/Au:N/C:P/I:N/A:N
CVSSv3:
  • Base Score: MEDIUM (5.5)
  • Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

References:

Vulnerable Software & Versions: (show all)

CVE-2024-29025 (OSSINDEX)  

Netty is an asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers & clients. The `HttpPostRequestDecoder` can be tricked to accumulate data. While the decoder can store items on the disk if configured so, there are no limits to the number of fields the form can have, an attacher can send a chunked post consisting of many small fields that will be accumulated in the `bodyListHttpData` list. The decoder cumulates bytes in the `undecodedChunk` buffer until it can decode a field, this field can cumulate data without limits. This vulnerability is fixed in 4.1.108.Final.

Sonatype's research suggests that this CVE's details differ from those defined at NVD. See https://ossindex.sonatype.org/vulnerability/CVE-2024-29025 for details
CWE-770 Allocation of Resources Without Limits or Throttling

CVSSv2:
  • Base Score: MEDIUM (5.3)
  • Vector: /AV:N/AC:L/Au:/C:N/I:N/A:L

References:

Vulnerable Software & Versions (OSSINDEX):

  • cpe:2.3:a:io.netty:netty-codec-http:4.1.59.Final:*:*:*:*:*:*:*

netty-codec-mqtt-4.1.59.Final.jar

Description:

Netty is an asynchronous event-driven network application framework for    rapid development of maintainable high performance protocol servers and    clients.

License:

https://www.apache.org/licenses/LICENSE-2.0
File Path: /var/simplicite/.m2/repository/io/netty/netty-codec-mqtt/4.1.59.Final/netty-codec-mqtt-4.1.59.Final.jar
MD5: 19100012fe39601c746da260a5b7222d
SHA1: 67fc273b306e2b14a83dd7d63cad86031d46c25a
SHA256:2df05770e36cd592db3e98858f858f87f2f3bc3e3d762c11986d99b1e68403c8
Referenced In Project/Scope: Simplicite Platform:compile
netty-codec-mqtt-4.1.59.Final.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.simplicite/simplicite@5.2.54

Identifiers

CVE-2021-37136  

The Bzip2 decompression decoder function doesn't allow setting size restrictions on the decompressed output data (which affects the allocation size used during decompression). All users of Bzip2Decoder are affected. The malicious input can trigger an OOME and so a DoS attack
CWE-400 Uncontrolled Resource Consumption

CVSSv2:
  • Base Score: MEDIUM (5.0)
  • Vector: /AV:N/AC:L/Au:N/C:N/I:N/A:P
CVSSv3:
  • Base Score: HIGH (7.5)
  • Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

References:

Vulnerable Software & Versions: (show all)

CVE-2021-37137  

The Snappy frame decoder function doesn't restrict the chunk length which may lead to excessive memory usage. Beside this it also may buffer reserved skippable chunks until the whole chunk was received which may lead to excessive memory usage as well. This vulnerability can be triggered by supplying malicious input that decompresses to a very big size (via a network stream or a file) or by sending a huge skippable chunk.
CWE-400 Uncontrolled Resource Consumption

CVSSv2:
  • Base Score: MEDIUM (5.0)
  • Vector: /AV:N/AC:L/Au:N/C:N/I:N/A:P
CVSSv3:
  • Base Score: HIGH (7.5)
  • Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

References:

Vulnerable Software & Versions: (show all)

CVE-2022-41881  

Netty project is an event-driven asynchronous network application framework. In versions prior to 4.1.86.Final, a StackOverflowError can be raised when parsing a malformed crafted message due to an infinite recursion. This issue is patched in version 4.1.86.Final. There is no workaround, except using a custom HaProxyMessageDecoder.
CWE-674 Uncontrolled Recursion

CVSSv3:
  • Base Score: HIGH (7.5)
  • Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

References:

Vulnerable Software & Versions:

CVE-2023-44487  

CISA Known Exploited Vulnerability:
  • Product: IETF HTTP/2
  • Name: HTTP/2 Rapid Reset Attack Vulnerability
  • Date Added: 2023-10-10
  • Description: HTTP/2 contains a rapid reset vulnerability that allows for a distributed denial-of-service attack (DDoS).
  • Required Action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
  • Due Date: 2023-10-31
  • Notes: https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack/

The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
CWE-400 Uncontrolled Resource Consumption

CVSSv3:
  • Base Score: HIGH (7.5)
  • Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

References:

Vulnerable Software & Versions: (show all)

CVE-2021-43797  

Netty is an asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers & clients. Netty prior to version 4.1.71.Final skips control chars when they are present at the beginning / end of the header name. It should instead fail fast as these are not allowed by the spec and could lead to HTTP request smuggling. Failing to do the validation might cause netty to "sanitize" header names before it forward these to another remote system when used as proxy. This remote system can't see the invalid usage anymore, and therefore does not do the validation itself. Users should upgrade to version 4.1.71.Final.
CWE-444 Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')

CVSSv2:
  • Base Score: MEDIUM (4.3)
  • Vector: /AV:N/AC:M/Au:N/C:N/I:P/A:N
CVSSv3:
  • Base Score: MEDIUM (6.5)
  • Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

References:

Vulnerable Software & Versions: (show all)

CVE-2023-34462  

Netty is an asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers & clients. The `SniHandler` can allocate up to 16MB of heap for each channel during the TLS handshake. When the handler or the channel does not have an idle timeout, it can be used to make a TCP server using the `SniHandler` to allocate 16MB of heap. The `SniHandler` class is a handler that waits for the TLS handshake to configure a `SslHandler` according to the indicated server name by the `ClientHello` record. For this matter it allocates a `ByteBuf` using the value defined in the `ClientHello` record. Normally the value of the packet should be smaller than the handshake packet but there are not checks done here and the way the code is written, it is possible to craft a packet that makes the `SslClientHelloHandler`. This vulnerability has been fixed in version 4.1.94.Final.
CWE-400 Uncontrolled Resource Consumption

CVSSv3:
  • Base Score: MEDIUM (6.5)
  • Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

References:

Vulnerable Software & Versions:

CVE-2021-21295  

Netty is an open-source, asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers & clients. In Netty (io.netty:netty-codec-http2) before version 4.1.60.Final there is a vulnerability that enables request smuggling. If a Content-Length header is present in the original HTTP/2 request, the field is not validated by `Http2MultiplexHandler` as it is propagated up. This is fine as long as the request is not proxied through as HTTP/1.1. If the request comes in as an HTTP/2 stream, gets converted into the HTTP/1.1 domain objects (`HttpRequest`, `HttpContent`, etc.) via `Http2StreamFrameToHttpObjectCodec `and then sent up to the child channel's pipeline and proxied through a remote peer as HTTP/1.1 this may result in request smuggling. In a proxy case, users may assume the content-length is validated somehow, which is not the case. If the request is forwarded to a backend channel that is a HTTP/1.1 connection, the Content-Length now has meaning and needs to be checked. An attacker can smuggle requests inside the body as it gets downgraded from HTTP/2 to HTTP/1.1. For an example attack refer to the linked GitHub Advisory. Users are only affected if all of this is true: `HTTP2MultiplexCodec` or `Http2FrameCodec` is used, `Http2StreamFrameToHttpObjectCodec` is used to convert to HTTP/1.1 objects, and these HTTP/1.1 objects are forwarded to another remote peer. This has been patched in 4.1.60.Final As a workaround, the user can do the validation by themselves by implementing a custom `ChannelInboundHandler` that is put in the `ChannelPipeline` behind `Http2StreamFrameToHttpObjectCodec`.
CWE-444 Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')

CVSSv2:
  • Base Score: LOW (2.6)
  • Vector: /AV:N/AC:H/Au:N/C:N/I:P/A:N
CVSSv3:
  • Base Score: MEDIUM (5.9)
  • Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

References:

Vulnerable Software & Versions: (show all)

CVE-2021-21409  

Netty is an open-source, asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers & clients. In Netty (io.netty:netty-codec-http2) before version 4.1.61.Final there is a vulnerability that enables request smuggling. The content-length header is not correctly validated if the request only uses a single Http2HeaderFrame with the endStream set to to true. This could lead to request smuggling if the request is proxied to a remote peer and translated to HTTP/1.1. This is a followup of GHSA-wm47-8v5p-wjpj/CVE-2021-21295 which did miss to fix this one case. This was fixed as part of 4.1.61.Final.
CWE-444 Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')

CVSSv2:
  • Base Score: MEDIUM (4.3)
  • Vector: /AV:N/AC:M/Au:N/C:N/I:P/A:N
CVSSv3:
  • Base Score: MEDIUM (5.9)
  • Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

References:

Vulnerable Software & Versions: (show all)

CVE-2022-24823  

Netty is an open-source, asynchronous event-driven network application framework. The package `io.netty:netty-codec-http` prior to version 4.1.77.Final contains an insufficient fix for CVE-2021-21290. When Netty's multipart decoders are used local information disclosure can occur via the local system temporary directory if temporary storing uploads on the disk is enabled. This only impacts applications running on Java version 6 and lower. Additionally, this vulnerability impacts code running on Unix-like systems, and very old versions of Mac OSX and Windows as they all share the system temporary directory between all users. Version 4.1.77.Final contains a patch for this vulnerability. As a workaround, specify one's own `java.io.tmpdir` when starting the JVM or use DefaultHttpDataFactory.setBaseDir(...) to set the directory to something that is only readable by the current user.
CWE-378 Creation of Temporary File With Insecure Permissions, CWE-379 Creation of Temporary File in Directory with Insecure Permissions, CWE-668 Exposure of Resource to Wrong Sphere

CVSSv2:
  • Base Score: LOW (1.9)
  • Vector: /AV:L/AC:M/Au:N/C:P/I:N/A:N
CVSSv3:
  • Base Score: MEDIUM (5.5)
  • Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

References:

Vulnerable Software & Versions: (show all)

netty-common-4.1.59.Final.jar (shaded: org.jctools:jctools-core:3.1.0)

Description:

Java Concurrency Tools Core Library

License:

Apache License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /var/simplicite/.m2/repository/io/netty/netty-common/4.1.59.Final/netty-common-4.1.59.Final.jar/META-INF/maven/org.jctools/jctools-core/pom.xml
MD5: 08e7326c64d7fd6ae4ea32e7eb4e5b79
SHA1: 9deceaba814dea198202b04fe0eec0d2dbf69ea9
SHA256:acaf1b4c366f6794a734288a2c003f16af90a9c479cf4d7daade689764e4fb47
Referenced In Project/Scope: Simplicite Platform:compile

Identifiers

netty-transport-4.1.59.Final.jar

Description:

Netty is an asynchronous event-driven network application framework for    rapid development of maintainable high performance protocol servers and    clients.

License:

https://www.apache.org/licenses/LICENSE-2.0
File Path: /var/simplicite/.m2/repository/io/netty/netty-transport/4.1.59.Final/netty-transport-4.1.59.Final.jar
MD5: 106b6b5e9e73a22a77caae2f5afda8c4
SHA1: 864d20f35ce909e6a7462095cb8f91ee94d1cd4c
SHA256:59b7b84be412683a26cfaa4c85b01ff5c5aeb38f07baeabbd8ca98f6e8b0715e
Referenced In Project/Scope: Simplicite Platform:compile
netty-transport-4.1.59.Final.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.simplicite/simplicite@5.2.54

Identifiers

CVE-2021-37136  

The Bzip2 decompression decoder function doesn't allow setting size restrictions on the decompressed output data (which affects the allocation size used during decompression). All users of Bzip2Decoder are affected. The malicious input can trigger an OOME and so a DoS attack
CWE-400 Uncontrolled Resource Consumption

CVSSv2:
  • Base Score: MEDIUM (5.0)
  • Vector: /AV:N/AC:L/Au:N/C:N/I:N/A:P
CVSSv3:
  • Base Score: HIGH (7.5)
  • Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

References:

Vulnerable Software & Versions: (show all)

CVE-2021-37137  

The Snappy frame decoder function doesn't restrict the chunk length which may lead to excessive memory usage. Beside this it also may buffer reserved skippable chunks until the whole chunk was received which may lead to excessive memory usage as well. This vulnerability can be triggered by supplying malicious input that decompresses to a very big size (via a network stream or a file) or by sending a huge skippable chunk.
CWE-400 Uncontrolled Resource Consumption

CVSSv2:
  • Base Score: MEDIUM (5.0)
  • Vector: /AV:N/AC:L/Au:N/C:N/I:N/A:P
CVSSv3:
  • Base Score: HIGH (7.5)
  • Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

References:

Vulnerable Software & Versions: (show all)

CVE-2022-41881  

Netty project is an event-driven asynchronous network application framework. In versions prior to 4.1.86.Final, a StackOverflowError can be raised when parsing a malformed crafted message due to an infinite recursion. This issue is patched in version 4.1.86.Final. There is no workaround, except using a custom HaProxyMessageDecoder.
CWE-674 Uncontrolled Recursion

CVSSv3:
  • Base Score: HIGH (7.5)
  • Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

References:

Vulnerable Software & Versions:

CVE-2023-44487  

CISA Known Exploited Vulnerability:
  • Product: IETF HTTP/2
  • Name: HTTP/2 Rapid Reset Attack Vulnerability
  • Date Added: 2023-10-10
  • Description: HTTP/2 contains a rapid reset vulnerability that allows for a distributed denial-of-service attack (DDoS).
  • Required Action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
  • Due Date: 2023-10-31
  • Notes: https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack/

The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
CWE-400 Uncontrolled Resource Consumption

CVSSv3:
  • Base Score: HIGH (7.5)
  • Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

References:

Vulnerable Software & Versions: (show all)

CVE-2021-43797  

Netty is an asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers & clients. Netty prior to version 4.1.71.Final skips control chars when they are present at the beginning / end of the header name. It should instead fail fast as these are not allowed by the spec and could lead to HTTP request smuggling. Failing to do the validation might cause netty to "sanitize" header names before it forward these to another remote system when used as proxy. This remote system can't see the invalid usage anymore, and therefore does not do the validation itself. Users should upgrade to version 4.1.71.Final.
CWE-444 Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')

CVSSv2:
  • Base Score: MEDIUM (4.3)
  • Vector: /AV:N/AC:M/Au:N/C:N/I:P/A:N
CVSSv3:
  • Base Score: MEDIUM (6.5)
  • Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

References:

Vulnerable Software & Versions: (show all)

CVE-2023-34462  

Netty is an asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers & clients. The `SniHandler` can allocate up to 16MB of heap for each channel during the TLS handshake. When the handler or the channel does not have an idle timeout, it can be used to make a TCP server using the `SniHandler` to allocate 16MB of heap. The `SniHandler` class is a handler that waits for the TLS handshake to configure a `SslHandler` according to the indicated server name by the `ClientHello` record. For this matter it allocates a `ByteBuf` using the value defined in the `ClientHello` record. Normally the value of the packet should be smaller than the handshake packet but there are not checks done here and the way the code is written, it is possible to craft a packet that makes the `SslClientHelloHandler`. This vulnerability has been fixed in version 4.1.94.Final.
CWE-400 Uncontrolled Resource Consumption

CVSSv3:
  • Base Score: MEDIUM (6.5)
  • Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

References:

Vulnerable Software & Versions:

CVE-2021-21295  

Netty is an open-source, asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers & clients. In Netty (io.netty:netty-codec-http2) before version 4.1.60.Final there is a vulnerability that enables request smuggling. If a Content-Length header is present in the original HTTP/2 request, the field is not validated by `Http2MultiplexHandler` as it is propagated up. This is fine as long as the request is not proxied through as HTTP/1.1. If the request comes in as an HTTP/2 stream, gets converted into the HTTP/1.1 domain objects (`HttpRequest`, `HttpContent`, etc.) via `Http2StreamFrameToHttpObjectCodec `and then sent up to the child channel's pipeline and proxied through a remote peer as HTTP/1.1 this may result in request smuggling. In a proxy case, users may assume the content-length is validated somehow, which is not the case. If the request is forwarded to a backend channel that is a HTTP/1.1 connection, the Content-Length now has meaning and needs to be checked. An attacker can smuggle requests inside the body as it gets downgraded from HTTP/2 to HTTP/1.1. For an example attack refer to the linked GitHub Advisory. Users are only affected if all of this is true: `HTTP2MultiplexCodec` or `Http2FrameCodec` is used, `Http2StreamFrameToHttpObjectCodec` is used to convert to HTTP/1.1 objects, and these HTTP/1.1 objects are forwarded to another remote peer. This has been patched in 4.1.60.Final As a workaround, the user can do the validation by themselves by implementing a custom `ChannelInboundHandler` that is put in the `ChannelPipeline` behind `Http2StreamFrameToHttpObjectCodec`.
CWE-444 Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')

CVSSv2:
  • Base Score: LOW (2.6)
  • Vector: /AV:N/AC:H/Au:N/C:N/I:P/A:N
CVSSv3:
  • Base Score: MEDIUM (5.9)
  • Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

References:

Vulnerable Software & Versions: (show all)

CVE-2021-21409  

Netty is an open-source, asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers & clients. In Netty (io.netty:netty-codec-http2) before version 4.1.61.Final there is a vulnerability that enables request smuggling. The content-length header is not correctly validated if the request only uses a single Http2HeaderFrame with the endStream set to to true. This could lead to request smuggling if the request is proxied to a remote peer and translated to HTTP/1.1. This is a followup of GHSA-wm47-8v5p-wjpj/CVE-2021-21295 which did miss to fix this one case. This was fixed as part of 4.1.61.Final.
CWE-444 Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')

CVSSv2:
  • Base Score: MEDIUM (4.3)
  • Vector: /AV:N/AC:M/Au:N/C:N/I:P/A:N
CVSSv3:
  • Base Score: MEDIUM (5.9)
  • Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

References:

Vulnerable Software & Versions: (show all)

CVE-2022-24823  

Netty is an open-source, asynchronous event-driven network application framework. The package `io.netty:netty-codec-http` prior to version 4.1.77.Final contains an insufficient fix for CVE-2021-21290. When Netty's multipart decoders are used local information disclosure can occur via the local system temporary directory if temporary storing uploads on the disk is enabled. This only impacts applications running on Java version 6 and lower. Additionally, this vulnerability impacts code running on Unix-like systems, and very old versions of Mac OSX and Windows as they all share the system temporary directory between all users. Version 4.1.77.Final contains a patch for this vulnerability. As a workaround, specify one's own `java.io.tmpdir` when starting the JVM or use DefaultHttpDataFactory.setBaseDir(...) to set the directory to something that is only readable by the current user.
CWE-378 Creation of Temporary File With Insecure Permissions, CWE-379 Creation of Temporary File in Directory with Insecure Permissions, CWE-668 Exposure of Resource to Wrong Sphere

CVSSv2:
  • Base Score: LOW (1.9)
  • Vector: /AV:L/AC:M/Au:N/C:P/I:N/A:N
CVSSv3:
  • Base Score: MEDIUM (5.5)
  • Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

References:

Vulnerable Software & Versions: (show all)

netty-transport-native-kqueue-4.1.65.Final-osx-x86_64.jar

Description:

Netty is an asynchronous event-driven network application framework for    rapid development of maintainable high performance protocol servers and    clients.

License:

https://www.apache.org/licenses/LICENSE-2.0
File Path: /var/simplicite/.m2/repository/io/netty/netty-transport-native-kqueue/4.1.65.Final/netty-transport-native-kqueue-4.1.65.Final-osx-x86_64.jar
MD5: 9e3e10aecd5534c7f1c0fece085e11e9
SHA1: 502a18402e38131c669840363ad50fe60a899d0d
SHA256:73a15a9312b591b585da4063f88b2cea6b470008879e647704d83b28a0fb062e
Referenced In Project/Scope: Simplicite Platform:compile
netty-transport-native-kqueue-4.1.65.Final-osx-x86_64.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.apache.qpid/qpid-jms-client@1.1.0

Identifiers

CVE-2021-37136  

The Bzip2 decompression decoder function doesn't allow setting size restrictions on the decompressed output data (which affects the allocation size used during decompression). All users of Bzip2Decoder are affected. The malicious input can trigger an OOME and so a DoS attack
CWE-400 Uncontrolled Resource Consumption

CVSSv2:
  • Base Score: MEDIUM (5.0)
  • Vector: /AV:N/AC:L/Au:N/C:N/I:N/A:P
CVSSv3:
  • Base Score: HIGH (7.5)
  • Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

References:

Vulnerable Software & Versions: (show all)

CVE-2021-37137  

The Snappy frame decoder function doesn't restrict the chunk length which may lead to excessive memory usage. Beside this it also may buffer reserved skippable chunks until the whole chunk was received which may lead to excessive memory usage as well. This vulnerability can be triggered by supplying malicious input that decompresses to a very big size (via a network stream or a file) or by sending a huge skippable chunk.
CWE-400 Uncontrolled Resource Consumption

CVSSv2:
  • Base Score: MEDIUM (5.0)
  • Vector: /AV:N/AC:L/Au:N/C:N/I:N/A:P
CVSSv3:
  • Base Score: HIGH (7.5)
  • Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

References:

Vulnerable Software & Versions: (show all)

CVE-2022-41881  

Netty project is an event-driven asynchronous network application framework. In versions prior to 4.1.86.Final, a StackOverflowError can be raised when parsing a malformed crafted message due to an infinite recursion. This issue is patched in version 4.1.86.Final. There is no workaround, except using a custom HaProxyMessageDecoder.
CWE-674 Uncontrolled Recursion

CVSSv3:
  • Base Score: HIGH (7.5)
  • Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

References:

Vulnerable Software & Versions:

CVE-2023-44487  

CISA Known Exploited Vulnerability:
  • Product: IETF HTTP/2
  • Name: HTTP/2 Rapid Reset Attack Vulnerability
  • Date Added: 2023-10-10
  • Description: HTTP/2 contains a rapid reset vulnerability that allows for a distributed denial-of-service attack (DDoS).
  • Required Action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
  • Due Date: 2023-10-31
  • Notes: https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack/

The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
CWE-400 Uncontrolled Resource Consumption

CVSSv3:
  • Base Score: HIGH (7.5)
  • Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

References:

Vulnerable Software & Versions: (show all)

CVE-2021-43797  

Netty is an asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers & clients. Netty prior to version 4.1.71.Final skips control chars when they are present at the beginning / end of the header name. It should instead fail fast as these are not allowed by the spec and could lead to HTTP request smuggling. Failing to do the validation might cause netty to "sanitize" header names before it forward these to another remote system when used as proxy. This remote system can't see the invalid usage anymore, and therefore does not do the validation itself. Users should upgrade to version 4.1.71.Final.
CWE-444 Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')

CVSSv2:
  • Base Score: MEDIUM (4.3)
  • Vector: /AV:N/AC:M/Au:N/C:N/I:P/A:N
CVSSv3:
  • Base Score: MEDIUM (6.5)
  • Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

References:

Vulnerable Software & Versions: (show all)

CVE-2023-34462  

Netty is an asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers & clients. The `SniHandler` can allocate up to 16MB of heap for each channel during the TLS handshake. When the handler or the channel does not have an idle timeout, it can be used to make a TCP server using the `SniHandler` to allocate 16MB of heap. The `SniHandler` class is a handler that waits for the TLS handshake to configure a `SslHandler` according to the indicated server name by the `ClientHello` record. For this matter it allocates a `ByteBuf` using the value defined in the `ClientHello` record. Normally the value of the packet should be smaller than the handshake packet but there are not checks done here and the way the code is written, it is possible to craft a packet that makes the `SslClientHelloHandler`. This vulnerability has been fixed in version 4.1.94.Final.
CWE-400 Uncontrolled Resource Consumption

CVSSv3:
  • Base Score: MEDIUM (6.5)
  • Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

References:

Vulnerable Software & Versions:

CVE-2022-24823  

Netty is an open-source, asynchronous event-driven network application framework. The package `io.netty:netty-codec-http` prior to version 4.1.77.Final contains an insufficient fix for CVE-2021-21290. When Netty's multipart decoders are used local information disclosure can occur via the local system temporary directory if temporary storing uploads on the disk is enabled. This only impacts applications running on Java version 6 and lower. Additionally, this vulnerability impacts code running on Unix-like systems, and very old versions of Mac OSX and Windows as they all share the system temporary directory between all users. Version 4.1.77.Final contains a patch for this vulnerability. As a workaround, specify one's own `java.io.tmpdir` when starting the JVM or use DefaultHttpDataFactory.setBaseDir(...) to set the directory to something that is only readable by the current user.
CWE-378 Creation of Temporary File With Insecure Permissions, CWE-379 Creation of Temporary File in Directory with Insecure Permissions, CWE-668 Exposure of Resource to Wrong Sphere

CVSSv2:
  • Base Score: LOW (1.9)
  • Vector: /AV:L/AC:M/Au:N/C:P/I:N/A:N
CVSSv3:
  • Base Score: MEDIUM (5.5)
  • Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

References:

Vulnerable Software & Versions: (show all)

no-case:3.0.4

Description:

Transform into a lower cased string with spaces between words

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?sentence-case:3.0.4/no-case:^3.0.4

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/sentence-case:3.0.4
  • simplicite-js:5.2.54

Identifiers

node-emoji:1.11.0

Description:

simple emoji support for node.js projects

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?npm-check:6.0.1/node-emoji:^1.10.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/npm-check:6.0.1
  • simplicite-js:5.2.54

Identifiers

node-environment-flags:1.0.6

License:

Apache-2.0
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/node-environment-flags:1.0.6

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/@babel/node:7.23.9
  • simplicite-js:5.2.54

Identifiers

node-gyp:9.4.0

Description:

Node.js native addon build tool

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/node-gyp:9.4.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/@npmcli/run-script:6.0.2
  • simplicite-js:5.2.54

Identifiers

node-releases:2.0.14

Description:

Node.js releases data

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/node-releases:2.0.14

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/browserslist:4.22.3
  • simplicite-js:5.2.54

Identifiers

nopt:5.0.0

Description:

Option parsing for Node, supporting types, shorthands, etc. Used by npm.

License:

ISC
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/nopt:5.0.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/js-beautify:1.14.0
  • simplicite-js:5.2.54

Identifiers

nopt:6.0.0

Description:

Option parsing for Node, supporting types, shorthands, etc. Used by npm.

License:

ISC
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/nopt:6.0.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/node-gyp:9.4.0
  • simplicite-js:5.2.54

Identifiers

normalize-package-data:2.5.0

Description:

Normalizes data that can be found in package.json files.

License:

BSD-2-Clause
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/normalize-package-data:2.5.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/read-pkg:5.2.0
  • simplicite-js:5.2.54

Identifiers

normalize-package-data:3.0.3

Description:

Normalizes data that can be found in package.json files.

License:

BSD-2-Clause
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/normalize-package-data:3.0.3

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/meow:9.0.0
  • simplicite-js:5.2.54

Identifiers

normalize-package-data:5.0.0

Description:

Normalizes data that can be found in package.json files.

License:

BSD-2-Clause
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/normalize-package-data:5.0.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/read-package-json:6.0.4
  • simplicite-js:5.2.54

Identifiers

normalize-path:3.0.0

Description:

Normalize slashes in a file path to be posix/unix-like forward slashes. Also condenses repeat slashes to a single slash and removes and trailing slashes, unless disabled.

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?stylelint:14.16.1/normalize-path:^3.0.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/anymatch:3.1.3
  • simplicite-js:5.2.54/stylelint:14.16.1
  • simplicite-js:5.2.54/chokidar:3.5.3
  • simplicite-js:5.2.54

Identifiers

normalize-url:4.5.1

Description:

Normalize a URL

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/normalize-url:4.5.1

Referenced In Project/Scope: simplicite-js:5.2.54

Identifiers

normalize-url:8.0.0

Description:

Normalize a URL

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/normalize-url:8.0.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/cacheable-request:6.1.0
  • simplicite-js:5.2.54/cacheable-request:10.2.12
  • simplicite-js:5.2.54

Identifiers

npm-audit-html:1.5.0

Description:

Generate a HTML report for NPM Audit

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/npm-audit-html:1.5.0

Referenced In Project/Scope: simplicite-js:5.2.54

Identifiers

npm-bundled:3.0.0

Description:

list things in node_modules that are bundledDependencies, or transitive dependencies thereof

License:

ISC
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/npm-bundled:3.0.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/@npmcli/installed-package-contents:2.0.2
  • simplicite-js:5.2.54

Identifiers

npm-check-updates:16.14.14

Description:

Find newer versions of dependencies than what your package.json allows

License:

Apache-2.0
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/npm-check-updates:16.14.14

Referenced In Project/Scope: simplicite-js:5.2.54

Identifiers

npm-check:6.0.1

Description:

Check for outdated, incorrect, and unused dependencies.

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/npm-check:6.0.1

Referenced In Project/Scope: simplicite-js:5.2.54

Identifiers

npm-install-checks:6.1.1

Description:

Check the engines and platform fields in package.json

License:

BSD-2-Clause
File Path: /var/simplicite/simplicite-5.2/package-lock.json?npm-pick-manifest:8.0.2/npm-install-checks:^6.0.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54
  • simplicite-js:5.2.54/npm-pick-manifest:8.0.2

Identifiers

npm-normalize-package-bin:3.0.1

Description:

Turn any flavor of allowable package.json bin into a normalized object

License:

ISC
File Path: /var/simplicite/simplicite-5.2/package-lock.json?read-package-json-fast:3.0.2/npm-normalize-package-bin:^3.0.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/read-package-json:6.0.4
  • simplicite-js:5.2.54/@npmcli/installed-package-contents:2.0.2
  • simplicite-js:5.2.54/read-package-json-fast:3.0.2
  • simplicite-js:5.2.54
  • simplicite-js:5.2.54/npm-bundled:3.0.0
  • simplicite-js:5.2.54/npm-pick-manifest:8.0.2

Identifiers

npm-package-arg:10.1.0

Description:

Parse the things that can be arguments to `npm install`

License:

ISC
File Path: /var/simplicite/simplicite-5.2/package-lock.json?pacote:15.2.0/npm-package-arg:^10.0.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/npm-registry-fetch:14.0.5
  • simplicite-js:5.2.54/pacote:15.2.0
  • simplicite-js:5.2.54
  • simplicite-js:5.2.54/npm-pick-manifest:8.0.2

Identifiers

npm-packlist:7.0.4

Description:

Get a list of the files to add from a folder into an npm package

License:

ISC
File Path: /var/simplicite/simplicite-5.2/package-lock.json?pacote:15.2.0/npm-packlist:^7.0.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/pacote:15.2.0
  • simplicite-js:5.2.54

Identifiers

npm-pick-manifest:8.0.2

Description:

Resolves a matching manifest from a package metadata document according to standard npm semver resolution rules.

License:

ISC
File Path: /var/simplicite/simplicite-5.2/package-lock.json?pacote:15.2.0/npm-pick-manifest:^8.0.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/pacote:15.2.0
  • simplicite-js:5.2.54
  • simplicite-js:5.2.54/@npmcli/git:4.1.0

Identifiers

npm-registry-fetch:14.0.5

Description:

Fetch-based http client for use with npm registry APIs

License:

ISC
File Path: /var/simplicite/simplicite-5.2/package-lock.json?pacote:15.2.0/npm-registry-fetch:^14.0.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/pacote:15.2.0
  • simplicite-js:5.2.54

Identifiers

npm-run-path:4.0.1

Description:

Get your PATH prepended with locally installed binaries

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/npm-run-path:4.0.1

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/execa:5.1.1
  • simplicite-js:5.2.54

Identifiers

npmlog:6.0.2

Description:

logger for npm

License:

ISC
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/npmlog:6.0.2

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/node-gyp:9.4.0
  • simplicite-js:5.2.54

Identifiers

numeral:2.0.6

Description:

Format and manipulate numbers.

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/numeral:2.0.6

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/npm-audit-html:1.5.0
  • simplicite-js:5.2.54

Identifiers

oauth-2.4.0.jar

Description:

jclouds components to access OAuth

File Path: /var/simplicite/.m2/repository/org/apache/jclouds/api/oauth/2.4.0/oauth-2.4.0.jar
MD5: 4dc6a5fbca4a566ee89f4da98cf729b1
SHA1: eab326c93b3301a758852ff96727bfa5616d2c89
SHA256:a34db1cda4a4087a9b17116f12110cb63c24fcf8aca95bcb09279de15ec7a05f
Referenced In Project/Scope: Simplicite Platform:compile
oauth-2.4.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.apache.jclouds.provider/azureblob@2.4.0

Identifiers

object-inspect:1.12.3

Description:

string representations of objects in node and the browser

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?side-channel:1.0.4/object-inspect:^1.9.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/es-abstract:1.21.2
  • simplicite-js:5.2.54/side-channel:1.0.4
  • simplicite-js:5.2.54

Identifiers

object-keys:1.1.1

Description:

An Object.keys replacement, in case Object.keys is not available. From https://github.com/es-shims/es5-shim

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?object.assign:4.1.4/object-keys:^1.1.1

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/es-abstract:1.21.2
  • simplicite-js:5.2.54/define-properties:1.2.0
  • simplicite-js:5.2.54
  • simplicite-js:5.2.54/object.assign:4.1.4

Identifiers

object.assign:4.1.4

Description:

ES6 spec-compliant Object.assign shim. From https://github.com/es-shims/es6-shim

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/object.assign:4.1.4

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/es-abstract:1.21.2
  • simplicite-js:5.2.54

Identifiers

object.getownpropertydescriptors:2.1.6

Description:

ES2017 spec-compliant shim for `Object.getOwnPropertyDescriptors` that works in ES5.

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/object.getownpropertydescriptors:2.1.6

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/node-environment-flags:1.0.6
  • simplicite-js:5.2.54

Identifiers

objenesis-3.2.jar

Description:

A library for instantiating Java objects

License:

http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /var/simplicite/.m2/repository/org/objenesis/objenesis/3.2/objenesis-3.2.jar
MD5: 5c1ee20481a06561af295034ea89c4b4
SHA1: 7fadf57620c8b8abdf7519533e5527367cb51f09
SHA256:03d960bd5aef03c653eb000413ada15eb77cdd2b8e4448886edf5692805e35f3
Referenced In Project/Scope: Simplicite Platform:runtime
objenesis-3.2.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.mockito/mockito-core@4.5.1

Identifiers

ojdbc8-23.2.0.0.jar

Description:

 Oracle JDBC Driver compatible with JDK8, JDK11, JDK12, JDK13, JDK14 and JDK15

License:

Oracle Free Use Terms and Conditions (FUTC): https://www.oracle.com/downloads/licenses/oracle-free-license.html
File Path: /var/simplicite/.m2/repository/com/oracle/database/jdbc/ojdbc8/23.2.0.0/ojdbc8-23.2.0.0.jar
MD5: 26b4d74defb08bc6b2c4cfb70ee8a00b
SHA1: 49acfb33ee776e43d2085e2fcc838778202a9128
SHA256:233c0e33ab58e516d7c91d5cef6bf6272fa518e4ea29e9123cc8fe8a70ea39c9
Referenced In Project/Scope: Simplicite Platform:runtime
ojdbc8-23.2.0.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.simplicite/simplicite@5.2.54

Identifiers

okhttp-2.7.5.jar

File Path: /var/simplicite/.m2/repository/com/squareup/okhttp/okhttp/2.7.5/okhttp-2.7.5.jar
MD5: 1943a0ecbb1c503874c8c483284377e4
SHA1: 7a15a7db50f86c4b64aa3367424a60e3a325b8f1
SHA256:88ac9fd1bb51f82bcc664cc1eb9c225c90dc4389d660231b4cc737bebfe7d0aa
Referenced In Project/Scope: Simplicite Platform:compile
okhttp-2.7.5.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.apache.commons/commons-vfs2@2.9.0

Identifiers

CVE-2021-0341 (OSSINDEX)  

In verifyHostName of OkHostnameVerifier.java, there is a possible way to accept a certificate for the wrong domain due to improperly used crypto. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.1 Android-9 Android-10 Android-11Android ID: A-171980069
CWE-295 Improper Certificate Validation

CVSSv2:
  • Base Score: HIGH (7.5)
  • Vector: /AV:N/AC:L/Au:/C:H/I:N/A:N

References:

Vulnerable Software & Versions (OSSINDEX):

  • cpe:2.3:a:com.squareup.okhttp:okhttp:2.7.5:*:*:*:*:*:*:*

CVE-2023-0833  

A flaw was found in Red Hat's AMQ-Streams, which ships a version of the OKHttp component with an information disclosure flaw via an exception triggered by a header containing an illegal value. This issue could allow an authenticated attacker to access information outside of their regular permissions.
CWE-209 Generation of Error Message Containing Sensitive Information

CVSSv3:
  • Base Score: MEDIUM (5.5)
  • Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

References:

Vulnerable Software & Versions: (show all)

okio-1.6.0.jar

File Path: /var/simplicite/.m2/repository/com/squareup/okio/okio/1.6.0/okio-1.6.0.jar
MD5: 164d1c28c323cf6e2a917d60374c5718
SHA1: 98476622f10715998eacf9240d6b479f12c66143
SHA256:114bdc1f47338a68bcbc95abf2f5cdc72beeec91812f2fcd7b521c1937876266
Referenced In Project/Scope: Simplicite Platform:compile
okio-1.6.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.apache.commons/commons-vfs2@2.9.0

Identifiers

CVE-2023-3635  

GzipSource does not handle an exception that might be raised when parsing a malformed gzip buffer. This may lead to denial of service of the Okio client when handling a crafted GZIP archive, by using the GzipSource class.
CWE-681 Incorrect Conversion between Numeric Types

CVSSv3:
  • Base Score: HIGH (7.5)
  • Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

References:

Vulnerable Software & Versions: (show all)

once:1.4.0

Description:

Run a function exactly one time

License:

ISC
File Path: /var/simplicite/simplicite-5.2/package-lock.json?pump:3.0.0/once:^1.3.1

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/glob:7.2.3
  • simplicite-js:5.2.54/inflight:1.0.6
  • simplicite-js:5.2.54/end-of-stream:1.4.4
  • simplicite-js:5.2.54/pump:3.0.0
  • simplicite-js:5.2.54

Identifiers

onetime:5.1.2

Description:

Ensure a function is only called once

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?restore-cursor:3.1.0/onetime:^5.1.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/restore-cursor:3.1.0
  • simplicite-js:5.2.54/execa:5.1.1
  • simplicite-js:5.2.54

Identifiers

open:7.4.2

Description:

Open stuff like URLs, files, executables. Cross-platform.

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/open:7.4.2

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/npm-audit-html:1.5.0
  • simplicite-js:5.2.54

Identifiers

opencensus-api-0.28.0.jar

Description:

null

License:

The Apache License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /var/simplicite/.m2/repository/io/opencensus/opencensus-api/0.28.0/opencensus-api-0.28.0.jar
MD5: 5fc00658b2b2b6b2f90028078888b06e
SHA1: 0fc0d06a9d975a38c581dff59b99cf31db78bd99
SHA256:0c1723f3f6d3061323845ce8b88b35fdda500812e0a75b8eb5fcc4ad8c871a95
Referenced In Project/Scope: Simplicite Platform:compile
opencensus-api-0.28.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.google.http-client/google-http-client@1.40.0

Identifiers

opencensus-contrib-grpc-util-0.28.0.jar

Description:

null

License:

The Apache License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /var/simplicite/.m2/repository/io/opencensus/opencensus-contrib-grpc-util/0.28.0/opencensus-contrib-grpc-util-0.28.0.jar
MD5: 686921311cfe29a47147d1f48eb737ff
SHA1: e70da9aae4aedd13383d4201bcb794b62d9e7d5f
SHA256:b9168346e6af6593300a1bc27ef74254aa1f24019885938dd8fb852b877d55f0
Referenced In Project/Scope: Simplicite Platform:compile
opencensus-contrib-grpc-util-0.28.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.google.firebase/firebase-admin@8.0.1

Identifiers

opencensus-contrib-http-util-0.28.0.jar

Description:

null

License:

The Apache License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /var/simplicite/.m2/repository/io/opencensus/opencensus-contrib-http-util/0.28.0/opencensus-contrib-http-util-0.28.0.jar
MD5: c582fce59defa7babdd6faa80c0879a0
SHA1: f6cb276330197d51dd65327fc305a3df7e622705
SHA256:49c3db2a29f1fdb2f73928cbea969bd1d40fab7cc5bb6273022babd96f7a789b
Referenced In Project/Scope: Simplicite Platform:compile
opencensus-contrib-http-util-0.28.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.google.http-client/google-http-client@1.40.0

Identifiers

openhtmltopdf-core-1.0.10.jar

Description:

Open HTML to PDF is a CSS 2.1 renderer written in Java.  This artifact contains the core rendering and layout code.

License:

GNU Lesser General Public License (LGPL), version 2.1 or later: http://www.gnu.org/licenses/lgpl.html
File Path: /var/simplicite/.m2/repository/com/openhtmltopdf/openhtmltopdf-core/1.0.10/openhtmltopdf-core-1.0.10.jar
MD5: 3a71c751b039576e64db702941185600
SHA1: cab5dcb31834bd86ffb1b1f82811a37fcea63cd2
SHA256:3e6fd2250d833d500b7cd48b7a896700d0c33bd9f77a219e820493b01566eda3
Referenced In Project/Scope: Simplicite Platform:compile
openhtmltopdf-core-1.0.10.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.openhtmltopdf/openhtmltopdf-pdfbox@1.0.10

Identifiers

openhtmltopdf-pdfbox-1.0.10.jar

Description:

Openhtmltopdf is a CSS 2.1 renderer written in Java. This artifact supports PDF output with Apache PDF-BOX 2.

License:

GNU Lesser General Public License (LGPL), version 2.1 or later: http://www.gnu.org/licenses/lgpl.html
File Path: /var/simplicite/.m2/repository/com/openhtmltopdf/openhtmltopdf-pdfbox/1.0.10/openhtmltopdf-pdfbox-1.0.10.jar
MD5: 1a0db19be8e308ae5326833e7e08b674
SHA1: 4041442fda47e760985cea8005d51a830031420f
SHA256:7de90df1b3ecf84e6f0daf808d724c11142007a2f22bff1936479bf17251d31a
Referenced In Project/Scope: Simplicite Platform:compile
openhtmltopdf-pdfbox-1.0.10.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.simplicite/simplicite@5.2.54

Identifiers

openjson-1.0.12.jar

Description:

A clean-room Apache-licensed implementation of simple JSON processing

License:

The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /var/simplicite/.m2/repository/com/github/openjson/openjson/1.0.12/openjson-1.0.12.jar
MD5: a4c968095bf1930b82a2493c457cee14
SHA1: 9c0663c10b48a889709a2d125580a3f22b975769
SHA256:6b2bf77baa2349792fe6076810b2a58046c2dc210c8c88b0af9b0bf078e37441
Referenced In Project/Scope: Simplicite Platform:compile
openjson-1.0.12.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.apache.tika/tika-parsers@1.27

Identifiers

opennlp-tools-1.9.3.jar

Description:

The Apache Software Foundation provides support for the Apache community of open-source software projects.    The Apache projects are characterized by a collaborative, consensus based development process, an open and    pragmatic software license, and a desire to create high quality software that leads the way in its field.    We consider ourselves not simply a group of projects sharing a server, but rather a community of developers    and users.

License:

https://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /var/simplicite/.m2/repository/org/apache/opennlp/opennlp-tools/1.9.3/opennlp-tools-1.9.3.jar
MD5: a2c6a0629cf557ec1f1362852fe84c41
SHA1: 7c54b10c830af892c1d6bbbd6f1bcf1bec07bff7
SHA256:95b1b13d57dd9ac14d0131b8c12f206c6409be384523e354d64e603b10d93ceb
Referenced In Project/Scope: Simplicite Platform:compile
opennlp-tools-1.9.3.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.apache.tika/tika-parsers@1.27

Identifiers

openstack-keystone-2.4.0.jar

Description:

jclouds components to access an implementation of OpenStack Keystone

File Path: /var/simplicite/.m2/repository/org/apache/jclouds/api/openstack-keystone/2.4.0/openstack-keystone-2.4.0.jar
MD5: ae9b025700ea731061ed08b3b48243cc
SHA1: 4f47a6b485371d357827b6a517ba54d073dc7b8b
SHA256:00ad7bb98a976383b6662b48d46262fffd695f01a811ffc327df71dd8b77f862
Referenced In Project/Scope: Simplicite Platform:compile
openstack-keystone-2.4.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.apache.jclouds.api/openstack-swift@2.4.0

Identifiers

CVE-2020-12689  

An issue was discovered in OpenStack Keystone before 15.0.1, and 16.0.0. Any user authenticated within a limited scope (trust/oauth/application credential) can create an EC2 credential with an escalated permission, such as obtaining admin while the user is on a limited viewer role. This potentially allows a malicious user to act as the admin on a project another user has the admin role on, which can effectively grant that user global admin privileges.
CWE-269 Improper Privilege Management

CVSSv2:
  • Base Score: MEDIUM (6.5)
  • Vector: /AV:N/AC:L/Au:S/C:P/I:P/A:P
CVSSv3:
  • Base Score: HIGH (8.8)
  • Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

References:

Vulnerable Software & Versions: (show all)

CVE-2020-12690  

An issue was discovered in OpenStack Keystone before 15.0.1, and 16.0.0. The list of roles provided for an OAuth1 access token is silently ignored. Thus, when an access token is used to request a keystone token, the keystone token contains every role assignment the creator had for the project. This results in the provided keystone token having more role assignments than the creator intended, possibly giving unintended escalated access.
CWE-613 Insufficient Session Expiration

CVSSv2:
  • Base Score: MEDIUM (6.5)
  • Vector: /AV:N/AC:L/Au:S/C:P/I:P/A:P
CVSSv3:
  • Base Score: HIGH (8.8)
  • Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

References:

Vulnerable Software & Versions: (show all)

CVE-2020-12691  

An issue was discovered in OpenStack Keystone before 15.0.1, and 16.0.0. Any authenticated user can create an EC2 credential for themselves for a project that they have a specified role on, and then perform an update to the credential user and project, allowing them to masquerade as another user. This potentially allows a malicious user to act as the admin on a project another user has the admin role on, which can effectively grant that user global admin privileges.
CWE-863 Incorrect Authorization

CVSSv2:
  • Base Score: MEDIUM (6.5)
  • Vector: /AV:N/AC:L/Au:S/C:P/I:P/A:P
CVSSv3:
  • Base Score: HIGH (8.8)
  • Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

References:

Vulnerable Software & Versions: (show all)

CVE-2021-3563  

A flaw was found in openstack-keystone. Only the first 72 characters of an application secret are verified allowing attackers bypass some password complexity which administrators may be counting on. The highest threat from this vulnerability is to data confidentiality and integrity.
CWE-863 Incorrect Authorization

CVSSv3:
  • Base Score: HIGH (7.4)
  • Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N

References:

Vulnerable Software & Versions: (show all)

CVE-2020-12692  

An issue was discovered in OpenStack Keystone before 15.0.1, and 16.0.0. The EC2 API doesn't have a signature TTL check for AWS Signature V4. An attacker can sniff the Authorization header, and then use it to reissue an OpenStack token an unlimited number of times.
CWE-347 Improper Verification of Cryptographic Signature, CWE-294 Authentication Bypass by Capture-replay

CVSSv2:
  • Base Score: MEDIUM (5.5)
  • Vector: /AV:N/AC:L/Au:S/C:P/I:P/A:N
CVSSv3:
  • Base Score: MEDIUM (5.4)
  • Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N

References:

Vulnerable Software & Versions: (show all)

CVE-2018-14432  

In the Federation component of OpenStack Keystone before 11.0.4, 12.0.0, and 13.0.0, an authenticated "GET /v3/OS-FEDERATION/projects" request may bypass intended access restrictions on listing projects. An authenticated user may discover projects they have no authority to access, leaking all projects in the deployment and their attributes. Only Keystone with the /v3/OS-FEDERATION endpoint enabled via policy.json is affected.
CWE-200 Exposure of Sensitive Information to an Unauthorized Actor

CVSSv2:
  • Base Score: LOW (3.5)
  • Vector: /AV:N/AC:M/Au:S/C:P/I:N/A:N
CVSSv3:
  • Base Score: MEDIUM (5.3)
  • Vector: CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N

References:

Vulnerable Software & Versions: (show all)

CVE-2018-20170  

OpenStack Keystone through 14.0.1 has a user enumeration vulnerability because invalid usernames have much faster responses than valid ones for a POST /v3/auth/tokens request. NOTE: the vendor's position is that this is a hardening opportunity, and not necessarily an issue that should have an OpenStack Security Advisory
CWE-200 Exposure of Sensitive Information to an Unauthorized Actor

CVSSv2:
  • Base Score: MEDIUM (5.0)
  • Vector: /AV:N/AC:L/Au:N/C:P/I:N/A:N
CVSSv3:
  • Base Score: MEDIUM (5.3)
  • Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

References:

Vulnerable Software & Versions:

openstack-swift-2.4.0.jar

Description:

jclouds components to access an implementation of OpenStack Swift

File Path: /var/simplicite/.m2/repository/org/apache/jclouds/api/openstack-swift/2.4.0/openstack-swift-2.4.0.jar
MD5: 74c0129c880af626ef6ec8931c4b98ea
SHA1: 3f8f54bbcb73608ac8b66f186a824b75065eb413
SHA256:ae044e061a1842724eeb7cb9493cabe83ea781f523b75853472f22de966e6be0
Referenced In Project/Scope: Simplicite Platform:compile
openstack-swift-2.4.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.simplicite/simplicite@5.2.54

Identifiers

CVE-2017-16613  

An issue was discovered in middleware.py in OpenStack Swauth through 1.2.0 when used with OpenStack Swift through 2.15.1. The Swift object store and proxy server are saving (unhashed) tokens retrieved from the Swauth middleware authentication mechanism to a log file as part of a GET URI. This allows attackers to bypass authentication by inserting a token into an X-Auth-Token header of a new request. NOTE: github.com/openstack/swauth URLs do not mean that Swauth is maintained by an official OpenStack project team.
CWE-287 Improper Authentication

CVSSv2:
  • Base Score: HIGH (7.5)
  • Vector: /AV:N/AC:L/Au:N/C:P/I:P/A:P
CVSSv3:
  • Base Score: CRITICAL (9.8)
  • Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

References:

Vulnerable Software & Versions: (show all)

CVE-2016-0738  

OpenStack Object Storage (Swift) before 2.3.1 (Kilo), 2.4.x, and 2.5.x before 2.5.1 (Liberty) do not properly close server connections, which allows remote attackers to cause a denial of service (proxy-server resource consumption) via a series of interrupted requests to a Large Object URL.
CWE-399 Resource Management Errors

CVSSv2:
  • Base Score: MEDIUM (5.0)
  • Vector: /AV:N/AC:L/Au:N/C:N/I:N/A:P
CVSSv3:
  • Base Score: HIGH (7.5)
  • Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

References:

Vulnerable Software & Versions: (show all)

CVE-2022-47950  

An issue was discovered in OpenStack Swift before 2.28.1, 2.29.x before 2.29.2, and 2.30.0. By supplying crafted XML files, an authenticated user may coerce the S3 API into returning arbitrary file contents from the host server, resulting in unauthorized read access to potentially sensitive data. This impacts both s3api deployments (Rocky or later), and swift3 deployments (Queens and earlier, no longer actively developed).
CWE-552 Files or Directories Accessible to External Parties

CVSSv3:
  • Base Score: MEDIUM (6.5)
  • Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

References:

Vulnerable Software & Versions: (show all)

CVE-2017-8761  

In OpenStack Swift through 2.10.1, 2.11.0 through 2.13.0, and 2.14.0, the proxy-server logs full tempurl paths, potentially leaking reusable tempurl signatures to anyone with read access to these logs. All Swift deployments using the tempurl middleware are affected.
CWE-200 Exposure of Sensitive Information to an Unauthorized Actor

CVSSv2:
  • Base Score: MEDIUM (4.0)
  • Vector: /AV:N/AC:L/Au:S/C:P/I:N/A:N
CVSSv3:
  • Base Score: MEDIUM (4.3)
  • Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

References:

Vulnerable Software & Versions: (show all)

optionator:0.9.3

Description:

option parsing and help generation

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/optionator:0.9.3

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/eslint:8.56.0
  • simplicite-js:5.2.54

Identifiers

ora:5.4.1

Description:

Elegant terminal spinner

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/ora:5.4.1

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/npm-check:6.0.1
  • simplicite-js:5.2.54

Identifiers

org.apache.oltu.oauth2.client-1.0.2.jar

Description:

Apache Oltu is an OAuth protocol implementation in Java.

License:

http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /var/simplicite/.m2/repository/org/apache/oltu/oauth2/org.apache.oltu.oauth2.client/1.0.2/org.apache.oltu.oauth2.client-1.0.2.jar
MD5: 433638a5fab67c3a8f111d58c1fec0a0
SHA1: b34e09d1cb84c4b63cedb65c5346ac44eecc22c5
SHA256:ebbe0095c829ecbbb29b5ab572277ff11b9e3969114e6f1bac5d23a8c97e7708
Referenced In Project/Scope: Simplicite Platform:compile
org.apache.oltu.oauth2.client-1.0.2.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.simplicite/simplicite@5.2.54

Identifiers

org.apache.oltu.oauth2.common-1.0.2.jar

Description:

OAuth 2.0 library - Common

License:

http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /var/simplicite/.m2/repository/org/apache/oltu/oauth2/org.apache.oltu.oauth2.common/1.0.2/org.apache.oltu.oauth2.common-1.0.2.jar
MD5: 48d5e8f17d2f292b32788d2b98b1aebd
SHA1: a82fff95276f4c6feadc7993670e659076e43260
SHA256:5e7ce01db88b361543e75644269c9447a059a5fecc23a15f3546eff8680ec968
Referenced In Project/Scope: Simplicite Platform:compile
org.apache.oltu.oauth2.common-1.0.2.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.apache.oltu.oauth2/org.apache.oltu.oauth2.client@1.0.2

Identifiers

org.eclipse.jgit.http.server-6.1.0.202203080745-r.jar

Description:

    Git aware HTTP server implementation.

File Path: /var/simplicite/.m2/repository/org/eclipse/jgit/org.eclipse.jgit.http.server/6.1.0.202203080745-r/org.eclipse.jgit.http.server-6.1.0.202203080745-r.jar
MD5: e98293841bce4f122bca2b0cf2e78fa0
SHA1: 8c61b038cc12c78da107701e6a443bb9a88aa8ad
SHA256:c206f4eba35dba8aaa76a26fd19ae7dbcb4b2cd862cfb7b12c95cd0150a36449
Referenced In Project/Scope: Simplicite Platform:compile
org.eclipse.jgit.http.server-6.1.0.202203080745-r.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.simplicite/simplicite@5.2.54

Identifiers

CVE-2023-4759  

Arbitrary File Overwrite in Eclipse JGit <= 6.6.0

In Eclipse JGit, all versions <= 6.6.0.202305301015-r, a symbolic link present in a specially crafted git repository can be used to write a file to locations outside the working tree when this repository is cloned with JGit to a case-insensitive filesystem, or when a checkout from a clone of such a repository is performed on a case-insensitive filesystem.

This can happen on checkout (DirCacheCheckout), merge (ResolveMerger via its WorkingTreeUpdater), pull (PullCommand using merge), and when applying a patch (PatchApplier). This can be exploited for remote code execution (RCE), for instance if the file written outside the working tree is a git filter that gets executed on a subsequent git command.

The issue occurs only on case-insensitive filesystems, like the default filesystems on Windows and macOS. The user performing the clone or checkout must have the rights to create symbolic links for the problem to occur, and symbolic links must be enabled in the git configuration.

Setting git configuration option core.symlinks = false before checking out avoids the problem.

The issue was fixed in Eclipse JGit version 6.6.1.202309021850-r and 6.7.0.202309050840-r, available via  Maven Central https://repo1.maven.org/maven2/org/eclipse/jgit/  and  repo.eclipse.org https://repo.eclipse.org/content/repositories/jgit-releases/ . A backport is available in 5.13.3 starting from  5.13.3.202401111512-r.


The JGit maintainers would like to thank RyotaK for finding and reporting this issue.
CWE-59 Improper Link Resolution Before File Access ('Link Following'), CWE-178 Improper Handling of Case Sensitivity

CVSSv3:
  • Base Score: HIGH (8.8)
  • Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

References:

Vulnerable Software & Versions: (show all)

org.eclipse.paho.client.mqttv3-1.2.5.jar

File Path: /var/simplicite/.m2/repository/org/eclipse/paho/org.eclipse.paho.client.mqttv3/1.2.5/org.eclipse.paho.client.mqttv3-1.2.5.jar
MD5: eb09d20835460ad2de7b6d46e77ad113
SHA1: 1546cfc794449c39ad569853843a930104fdc297
SHA256:59914287adac506a28d5e8172eed262a22605f3df4d426b9d92f41dae2448185
Referenced In Project/Scope: Simplicite Platform:compile
org.eclipse.paho.client.mqttv3-1.2.5.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.simplicite/simplicite@5.2.54

Identifiers

os-tmpdir:1.0.2

Description:

Node.js os.tmpdir() ponyfill

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?tmp:0.0.33/os-tmpdir:~1.0.2

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/tmp:0.0.33
  • simplicite-js:5.2.54

Identifiers

osgi-resource-locator-1.0.3.jar

Description:

Used by various API providers that rely on META-INF/services mechanism to locate providers.

License:

EPL 2.0: http://www.eclipse.org/legal/epl-2.0
GPL2 w/ CPE: https://www.gnu.org/software/classpath/license.html
File Path: /var/simplicite/.m2/repository/org/glassfish/hk2/osgi-resource-locator/1.0.3/osgi-resource-locator-1.0.3.jar
MD5: e7e82b82118c5387ae45f7bf3892909b
SHA1: de3b21279df7e755e38275137539be5e2c80dd58
SHA256:aab5d7849f7cfcda2cc7c541ba1bd365151d42276f151c825387245dfde3dd74
Referenced In Project/Scope: Simplicite Platform:provided
osgi-resource-locator-1.0.3.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.docusign/docusign-esign-java@3.14.0

Identifiers

p-cancelable:1.1.0

Description:

Create a promise that can be canceled

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/p-cancelable:1.1.0

Referenced In Project/Scope: simplicite-js:5.2.54

Identifiers

p-cancelable:3.0.0

Description:

Create a promise that can be canceled

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/p-cancelable:3.0.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/got:12.6.1
  • simplicite-js:5.2.54/got:9.6.0
  • simplicite-js:5.2.54
  • simplicite-js:5.2.54/got:13.0.0

Identifiers

p-limit:3.1.0

Description:

Run multiple promise-returning & async functions with limited concurrency

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?p-locate:5.0.0/p-limit:^3.0.2

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/p-locate:3.0.0
  • simplicite-js:5.2.54/p-locate:5.0.0
  • simplicite-js:5.2.54/p-locate:4.1.0
  • simplicite-js:5.2.54

Identifiers

p-locate:3.0.0

Description:

Get the first fulfilled promise that satisfies the provided testing function

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/p-locate:3.0.0

Referenced In Project/Scope: simplicite-js:5.2.54

Identifiers

p-locate:4.1.0

Description:

Get the first fulfilled promise that satisfies the provided testing function

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/p-locate:4.1.0

Referenced In Project/Scope: simplicite-js:5.2.54

Identifiers

p-locate:5.0.0

Description:

Get the first fulfilled promise that satisfies the provided testing function

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/p-locate:5.0.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/locate-path:5.0.0
  • simplicite-js:5.2.54/locate-path:6.0.0
  • simplicite-js:5.2.54/locate-path:3.0.0
  • simplicite-js:5.2.54

Identifiers

p-map:4.0.0

Description:

Map over promises concurrently

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/p-map:4.0.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/cacache:17.1.3
  • simplicite-js:5.2.54/npm-check-updates:16.14.14
  • simplicite-js:5.2.54

Identifiers

p-try:2.2.0

Description:

`Start a promise chain

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?p-limit:2.3.0/p-try:^2.0.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/p-limit:2.3.0
  • simplicite-js:5.2.54

Identifiers

package-json:6.5.0

Description:

Get metadata of a package from the npm registry

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/package-json:6.5.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/latest-version:7.0.0
  • simplicite-js:5.2.54/npm-check:6.0.1
  • simplicite-js:5.2.54
  • simplicite-js:5.2.54/latest-version:5.1.0

Identifiers

package-json:8.1.1

Description:

Get metadata of a package from the npm registry

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/package-json:8.1.1

Referenced In Project/Scope: simplicite-js:5.2.54

Identifiers

pacote:15.2.0

Description:

JavaScript package downloader

License:

ISC
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/pacote:15.2.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/npm-check-updates:16.14.14
  • simplicite-js:5.2.54

Identifiers

pako:1.0.11

Description:

zlib port to javascript - fast, modularized, with browser support

License:

(MIT AND Zlib)
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/pako:1.0.11

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54
  • simplicite-js:5.2.54/jszip:3.7.1

Identifiers

parent-module:1.0.1

Description:

Get the path of the parent module

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/parent-module:1.0.1

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/import-fresh:3.3.0
  • simplicite-js:5.2.54

Identifiers

parse-github-url:1.0.2

Description:

Parse a github URL into an object.

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/parse-github-url:1.0.2

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/npm-check-updates:16.14.14
  • simplicite-js:5.2.54

Identifiers

parse-json:5.2.0

Description:

Parse JSON with more helpful errors

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?read-pkg:5.2.0/parse-json:^5.0.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/read-pkg:5.2.0
  • simplicite-js:5.2.54/cosmiconfig:7.1.0
  • simplicite-js:5.2.54

Identifiers

  • pkg:npm/parse-json@5.2.0  (Confidence:Highest)
  • cpe:2.3:a:parsejson_project:parsejson:5.2.0:*:*:*:*:*:*:*  (Confidence:Low)  

parse-passwd:1.0.0

Description:

Parse a passwd file into a list of users.

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/parse-passwd:1.0.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/homedir-polyfill:1.0.3
  • simplicite-js:5.2.54

Identifiers

parso-2.0.14.jar

Description:

Parso is a lightweight Java library designed to read SAS7BDAT datasets. The Parso interfaces
        are analogous to libraries designed to read table-storing files, for example, CSVReader library.
        Despite its small size, the Parso library is the only full-featured open-source solution to process SAS7BDAT
        datasets, both uncompressed, CHAR-compressed and BIN-compressed. It is effective in processing clinical and
        statistical data often stored in SAS7BDAT format. Parso allows converting data into CSV format.

License:

Apache License v2: http://www.apache.org/licenses/LICENSE-2.0.html
File Path: /var/simplicite/.m2/repository/com/epam/parso/2.0.14/parso-2.0.14.jar
MD5: bcc5179208e31ecddd8ec1cd2f5fca10
SHA1: a02ea1b198c410a105d261efd2d7043739aecd8e
SHA256:3b7e7a32915e04caed5dba31be1430aa57b4f9fa2b3d0ab0ed29067510d16575
Referenced In Project/Scope: Simplicite Platform:compile
parso-2.0.14.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.apache.tika/tika-parsers@1.27

Identifiers

path-exists:3.0.0

Description:

Check if a path exists

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/path-exists:3.0.0

Referenced In Project/Scope: simplicite-js:5.2.54

Identifiers

path-exists:4.0.0

Description:

Check if a path exists

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?which-pm:2.0.0/path-exists:^4.0.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/find-up:4.1.0
  • simplicite-js:5.2.54/npm-check:6.0.1
  • simplicite-js:5.2.54/find-up:5.0.0
  • simplicite-js:5.2.54/preferred-pm:3.0.3
  • simplicite-js:5.2.54/locate-path:3.0.0
  • simplicite-js:5.2.54/which-pm:2.0.0
  • simplicite-js:5.2.54

Identifiers

path-is-absolute:1.0.1

Description:

Node.js 0.12 path.isAbsolute() ponyfill

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/path-is-absolute:1.0.1

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/glob:7.2.3
  • simplicite-js:5.2.54

Identifiers

path-key:3.1.1

Description:

Get the PATH environment variable key cross-platform

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/path-key:3.1.1

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/npm-run-path:4.0.1
  • simplicite-js:5.2.54/cross-spawn:7.0.3
  • simplicite-js:5.2.54

Identifiers

path-parse:1.0.7

Description:

Node.js path.parse() ponyfill

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?resolve:1.22.2/path-parse:^1.0.7

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54
  • simplicite-js:5.2.54/resolve:1.22.2

Identifiers

path-scurry:1.10.1

Description:

walk paths fast and efficiently

License:

BlueOak-1.0.0
File Path: /var/simplicite/simplicite-5.2/package-lock.json?glob:10.3.3/path-scurry:^1.10.1

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/glob:10.3.10
  • simplicite-js:5.2.54
  • simplicite-js:5.2.54/glob:10.3.3

Identifiers

path-type:4.0.0

Description:

Check if a path is a file, directory, or symlink

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/path-type:4.0.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/dir-glob:3.0.1
  • simplicite-js:5.2.54/cosmiconfig:7.1.0
  • simplicite-js:5.2.54

Identifiers

pdfbox-2.0.23.jar

Description:

        The Apache PDFBox library is an open source Java tool for working with PDF documents.

License:

https://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /var/simplicite/.m2/repository/org/apache/pdfbox/pdfbox/2.0.23/pdfbox-2.0.23.jar
MD5: 6b71c42c567d419f068f46f410dcc3a5
SHA1: b89643d162c4e30b4fe39cfa265546cc506d4d18
SHA256:d465edb2a805ec69dd7425d4e26968cfb23b471d885f475e0e6154744e3387a7
Referenced In Project/Scope: Simplicite Platform:compile
pdfbox-2.0.23.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.simplicite/simplicite@5.2.54

Identifiers

CVE-2021-31811  

In Apache PDFBox, a carefully crafted PDF file can trigger an OutOfMemory-Exception while loading the file. This issue affects Apache PDFBox version 2.0.23 and prior 2.0.x versions.
CWE-770 Allocation of Resources Without Limits or Throttling

CVSSv2:
  • Base Score: MEDIUM (4.3)
  • Vector: /AV:N/AC:M/Au:N/C:N/I:N/A:P
CVSSv3:
  • Base Score: MEDIUM (5.5)
  • Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

References:

Vulnerable Software & Versions: (show all)

CVE-2021-31812  

In Apache PDFBox, a carefully crafted PDF file can trigger an infinite loop while loading the file. This issue affects Apache PDFBox version 2.0.23 and prior 2.0.x versions.
CWE-835 Loop with Unreachable Exit Condition ('Infinite Loop')

CVSSv2:
  • Base Score: MEDIUM (4.3)
  • Vector: /AV:N/AC:M/Au:N/C:N/I:N/A:P
CVSSv3:
  • Base Score: MEDIUM (5.5)
  • Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

References:

Vulnerable Software & Versions: (show all)

perfmark-api-0.23.0.jar

Description:

PerfMark API

License:

Apache 2.0: https://opensource.org/licenses/Apache-2.0
File Path: /var/simplicite/.m2/repository/io/perfmark/perfmark-api/0.23.0/perfmark-api-0.23.0.jar
MD5: 571d67b7639e3aa95e6f2b887ca53357
SHA1: 0b813b7539fae6550541da8caafd6add86d4e22f
SHA256:c705b5c10c18ff3032b9e81742bc2f6b0e5607f6a6dfc0c8ad0cff75d4913042
Referenced In Project/Scope: Simplicite Platform:runtime
perfmark-api-0.23.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.google.cloud/google-cloud-pubsub@1.114.4

Identifiers

picocolors:1.0.0

Description:

The tiniest and the fastest library for terminal output formatting with ANSI colors

License:

ISC
File Path: /var/simplicite/simplicite-5.2/package-lock.json?update-browserslist-db:1.0.13/picocolors:^1.0.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/postcss:8.4.24
  • simplicite-js:5.2.54/stylelint:14.16.1
  • simplicite-js:5.2.54
  • simplicite-js:5.2.54/update-browserslist-db:1.0.13

Identifiers

picomatch:2.3.1

Description:

Blazing fast and accurate glob matcher written in JavaScript, with no dependencies and full support for standard and extended Bash glob features, including braces, extglobs, POSIX brackets, and regular expressions.

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?readdirp:3.6.0/picomatch:^2.2.1

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/anymatch:3.1.3
  • simplicite-js:5.2.54/readdirp:3.6.0
  • simplicite-js:5.2.54
  • simplicite-js:5.2.54/micromatch:4.0.5

Identifiers

pify:4.0.1

Description:

Promisify a callback-style function

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/pify:4.0.1

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/load-yaml-file:0.2.0
  • simplicite-js:5.2.54
  • simplicite-js:5.2.54/make-dir:2.1.0

Identifiers

pinkie-promise:2.0.1

Description:

ES2015 Promise ponyfill

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/pinkie-promise:2.0.1

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/callsite-record:4.1.5
  • simplicite-js:5.2.54

Identifiers

pinkie:2.0.4

Description:

Itty bitty little widdle twinkie pinkie ES2015 Promise implementation

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?pinkie-promise:2.0.1/pinkie:^2.0.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/pinkie-promise:2.0.1
  • simplicite-js:5.2.54

Identifiers

pirates:4.0.6

Description:

Properly hijack require, i.e., properly define require hooks and customizations

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/pirates:4.0.6

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54
  • simplicite-js:5.2.54/@babel/register:7.23.7

Identifiers

pkg-dir:3.0.0

Description:

Find the root directory of a Node.js project or npm package

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/pkg-dir:3.0.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/find-cache-dir:2.1.0
  • simplicite-js:5.2.54

Identifiers

pkg-dir:4.2.0

Description:

Find the root directory of a Node.js project or npm package

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/pkg-dir:4.2.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/find-yarn-workspace-root2:1.2.16
  • simplicite-js:5.2.54

Identifiers

pkg-dir:5.0.0

Description:

Find the root directory of a Node.js project or npm package

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/pkg-dir:5.0.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/npm-check:6.0.1
  • simplicite-js:5.2.54

Identifiers

please-upgrade-node:3.2.0

Description:

Displays a beginner-friendly message telling your user to upgrade their version of Node

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/please-upgrade-node:3.2.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54
  • simplicite-js:5.2.54/depcheck:1.4.3

Identifiers

poi-4.1.2.jar

Description:

Apache POI - Java API To Access Microsoft Format Files

License:

Apache License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /var/simplicite/.m2/repository/org/apache/poi/poi/4.1.2/poi-4.1.2.jar
MD5: e9a7c049c62c41c70354669bcd448212
SHA1: 964bf41cf68bce08e4ef6b2279b559fdf8d454f4
SHA256:ab1612406541968434044b2defad58aa8b657cad073baa22a04faaf9d7fb9d1c
Referenced In Project/Scope: Simplicite Platform:compile
poi-4.1.2.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.simplicite/simplicite@5.2.54

Identifiers

CVE-2022-26336  

A shortcoming in the HMEF package of poi-scratchpad (Apache POI) allows an attacker to cause an Out of Memory exception. This package is used to read TNEF files (Microsoft Outlook and Microsoft Exchange Server). If an application uses poi-scratchpad to parse TNEF files and the application allows untrusted users to supply them, then a carefully crafted file can cause an Out of Memory exception. This issue affects poi-scratchpad version 5.2.0 and prior versions. Users are recommended to upgrade to poi-scratchpad 5.2.1.
CWE-20 Improper Input Validation, CWE-770 Allocation of Resources Without Limits or Throttling

CVSSv2:
  • Base Score: MEDIUM (4.3)
  • Vector: /AV:N/AC:M/Au:N/C:N/I:N/A:P
CVSSv3:
  • Base Score: MEDIUM (5.5)
  • Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

References:

Vulnerable Software & Versions: (show all)

popper.js:1.16.1

Description:

A kickass library to manage your poppers

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/popper.js:1.16.1

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/bootbox:5.5.2
  • simplicite-js:5.2.54

Identifiers

postcss-less:6.0.0

Description:

LESS parser for PostCSS

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/postcss-less:6.0.0

Referenced In Project/Scope: simplicite-js:5.2.54

Identifiers

postcss-media-query-parser:0.2.3

Description:

A tool for parsing media query lists.

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?stylelint:14.16.1/postcss-media-query-parser:^0.2.3

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/stylelint:14.16.1
  • simplicite-js:5.2.54

Identifiers

postcss-resolve-nested-selector:0.1.1

Description:

Resolve a nested selector in a PostCSS AST

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?stylelint:14.16.1/postcss-resolve-nested-selector:^0.1.1

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/stylelint:14.16.1
  • simplicite-js:5.2.54

Identifiers

postcss-safe-parser:6.0.0

Description:

Fault-tolerant CSS parser for PostCSS

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?stylelint:14.16.1/postcss-safe-parser:^6.0.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/stylelint:14.16.1
  • simplicite-js:5.2.54

Identifiers

postcss-selector-parser:6.0.13

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?stylelint:14.16.1/postcss-selector-parser:^6.0.11

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/stylelint:14.16.1
  • simplicite-js:5.2.54

Identifiers

postcss-value-parser:4.2.0

Description:

Transforms css values and at-rule params into the tree

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?stylelint:14.16.1/postcss-value-parser:^4.2.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/stylelint:14.16.1
  • simplicite-js:5.2.54

Identifiers

postcss:8.4.24

Description:

Tool for transforming styles with JS plugins

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?stylelint:14.16.1/postcss:^8.4.19

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/@vue/compiler-sfc:3.3.4
  • simplicite-js:5.2.54/stylelint:14.16.1
  • simplicite-js:5.2.54

Identifiers

CVE-2023-44270  

An issue was discovered in PostCSS before 8.4.31. The vulnerability affects linters using PostCSS to parse external untrusted CSS. An attacker can prepare CSS in such a way that it will contains parts parsed by PostCSS as a CSS comment. After processing by PostCSS, it will be included in the PostCSS output in CSS nodes (rules, properties) despite being included in a comment.
CWE-74 Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

CVSSv3:
  • Base Score: MEDIUM (5.3)
  • Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

References:

Vulnerable Software & Versions:

postgresql-42.6.0.jar

Description:

PostgreSQL JDBC Driver Postgresql

License:

BSD-2-Clause: https://jdbc.postgresql.org/about/license.html
File Path: /var/simplicite/.m2/repository/org/postgresql/postgresql/42.6.0/postgresql-42.6.0.jar
MD5: 527f2c51d65f6a78d6548c51a35556aa
SHA1: 7614cfce466145b84972781ab0079b8dea49e363
SHA256:b817c67a40c94249fd59d4e686e3327ed0d3d3fae426b20da0f1e75652cfc461
Referenced In Project/Scope: Simplicite Platform:runtime
postgresql-42.6.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.simplicite/simplicite@5.2.54

Identifiers

CVE-2024-1597  

pgjdbc, the PostgreSQL JDBC Driver, allows attacker to inject SQL if using PreferQueryMode=SIMPLE. Note this is not the default. In the default mode there is no vulnerability. A placeholder for a numeric value must be immediately preceded by a minus. There must be a second placeholder for a string value after the first placeholder; both must be on the same line. By constructing a matching string payload, the attacker can inject SQL to alter the query,bypassing the protections that parameterized queries bring against SQL Injection attacks. Versions before 42.7.2, 42.6.1, 42.5.5, 42.4.4, 42.3.9, and 42.2.8 are affected.
CWE-89 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

CVSSv3:
  • Base Score: CRITICAL (9.8)
  • Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

References:

Vulnerable Software & Versions: (show all)

preact:10.15.1

Description:

Fast 3kb React-compatible Virtual DOM library.

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/preact:10.15.1

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/@fullcalendar/core:5.11.0
  • simplicite-js:5.2.54

Identifiers

preferred-pm:3.0.3

Description:

Detects what package manager was used for installation

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/preferred-pm:3.0.3

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/npm-check:6.0.1
  • simplicite-js:5.2.54

Identifiers

preflight-2.0.23.jar

Description:

      The Apache Preflight library is an open source Java tool that implements 
      a parser compliant with the ISO-19005 (PDF/A) specification. Preflight is a 
      subproject of Apache PDFBox.

License:

https://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /var/simplicite/.m2/repository/org/apache/pdfbox/preflight/2.0.23/preflight-2.0.23.jar
MD5: d297d9afec757a6f405575be83626a04
SHA1: c862a2ca119e37280a1658420e3349b9f295f177
SHA256:a5c0812996f38e798356fa92e5ec2c0220c619242dfd884b62af463be1460990
Referenced In Project/Scope: Simplicite Platform:compile
preflight-2.0.23.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.simplicite/simplicite@5.2.54

Identifiers

CVE-2021-31811  

In Apache PDFBox, a carefully crafted PDF file can trigger an OutOfMemory-Exception while loading the file. This issue affects Apache PDFBox version 2.0.23 and prior 2.0.x versions.
CWE-770 Allocation of Resources Without Limits or Throttling

CVSSv2:
  • Base Score: MEDIUM (4.3)
  • Vector: /AV:N/AC:M/Au:N/C:N/I:N/A:P
CVSSv3:
  • Base Score: MEDIUM (5.5)
  • Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

References:

Vulnerable Software & Versions: (show all)

CVE-2021-31812  

In Apache PDFBox, a carefully crafted PDF file can trigger an infinite loop while loading the file. This issue affects Apache PDFBox version 2.0.23 and prior 2.0.x versions.
CWE-835 Loop with Unreachable Exit Condition ('Infinite Loop')

CVSSv2:
  • Base Score: MEDIUM (4.3)
  • Vector: /AV:N/AC:M/Au:N/C:N/I:N/A:P
CVSSv3:
  • Base Score: MEDIUM (5.5)
  • Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

References:

Vulnerable Software & Versions: (show all)

prelude-ls:1.2.1

Description:

prelude.ls is a functionally oriented utility library. It is powerful and flexible. Almost all of its functions are curried. It is written in, and is the recommended base library for, LiveScript.

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?type-check:0.4.0/prelude-ls:^1.2.1

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/levn:0.4.1
  • simplicite-js:5.2.54/type-check:0.4.0
  • simplicite-js:5.2.54/optionator:0.9.3
  • simplicite-js:5.2.54

Identifiers

prepend-http:2.0.0

Description:

Prepend `http://` to humanized URLs like todomvc.com and localhost

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?url-parse-lax:3.0.0/prepend-http:^2.0.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/url-parse-lax:3.0.0
  • simplicite-js:5.2.54

Identifiers

proc-log:3.0.0

Description:

just emit 'log' events on the process object

License:

ISC
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/proc-log:3.0.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/npm-registry-fetch:14.0.5
  • simplicite-js:5.2.54/npm-package-arg:10.1.0
  • simplicite-js:5.2.54/pacote:15.2.0
  • simplicite-js:5.2.54
  • simplicite-js:5.2.54/@npmcli/git:4.1.0

Identifiers

process-nextick-args:2.0.1

Description:

process.nextTick but always with args

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/process-nextick-args:2.0.1

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/readable-stream:2.3.8
  • simplicite-js:5.2.54

Identifiers

progress:2.0.3

Description:

Flexible ascii progress bar

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/progress:2.0.3

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/npm-check-updates:16.14.14
  • simplicite-js:5.2.54

Identifiers

promise-inflight:1.0.1

Description:

One promise for multiple requests in flight to avoid async duplication

License:

ISC
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/promise-inflight:1.0.1

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54
  • simplicite-js:5.2.54/@npmcli/git:4.1.0

Identifiers

promise-retry:2.0.1

Description:

Retries a function that returns a promise, leveraging the power of the retry module.

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/promise-retry:2.0.1

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/make-fetch-happen:11.1.1
  • simplicite-js:5.2.54/pacote:15.2.0
  • simplicite-js:5.2.54
  • simplicite-js:5.2.54/@npmcli/git:4.1.0

Identifiers

prompts-ncu:3.0.0

Description:

Lightweight, beautiful and user-friendly prompts

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/prompts-ncu:3.0.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/npm-check-updates:16.14.14
  • simplicite-js:5.2.54

Identifiers

proto-google-cloud-firestore-bundle-v1-2.6.1.jar

Description:

PROTO library for proto-google-cloud-firestore-bundle-v1

License:

Apache-2.0: https://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /var/simplicite/.m2/repository/com/google/cloud/proto-google-cloud-firestore-bundle-v1/2.6.1/proto-google-cloud-firestore-bundle-v1-2.6.1.jar
MD5: 4a591fdc3bcf11a83dfa5bfc65226ee2
SHA1: 006216edf565c63f10a84c24da880c05ab7de176
SHA256:d2fb95180c4a310b5f99c2fb4da35d093a5570fe6ad027a25f8f062ffef9b28a
Referenced In Project/Scope: Simplicite Platform:compile
proto-google-cloud-firestore-bundle-v1-2.6.1.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.google.firebase/firebase-admin@8.0.1

Identifiers

proto-google-cloud-firestore-v1-2.6.1.jar

Description:

PROTO library for proto-google-cloud-firestore-v1

License:

Apache-2.0: https://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /var/simplicite/.m2/repository/com/google/api/grpc/proto-google-cloud-firestore-v1/2.6.1/proto-google-cloud-firestore-v1-2.6.1.jar
MD5: 571f1da3a245ddae2d5c196f6ae90152
SHA1: dd2336241c125e9247e133eb322a49d0cd29a35d
SHA256:908bc1b9b565c67a6dd80afcb57d9d4926fc240aa31b2a800e1337fbd72d8b66
Referenced In Project/Scope: Simplicite Platform:compile
proto-google-cloud-firestore-v1-2.6.1.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.google.firebase/firebase-admin@8.0.1

Identifiers

proto-google-cloud-pubsub-v1-1.96.4.jar

Description:

PROTO library for proto-google-cloud-pubsub-v1

License:

Apache-2.0: https://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /var/simplicite/.m2/repository/com/google/api/grpc/proto-google-cloud-pubsub-v1/1.96.4/proto-google-cloud-pubsub-v1-1.96.4.jar
MD5: d90d48721db6e741e96df250f86c1e75
SHA1: b61eabc42d47233958d567de7fdd16af14312e1d
SHA256:63e2b79053dc99c60ab740e3a896de7ceb8decb087ab81a2f3a892d589272d66
Referenced In Project/Scope: Simplicite Platform:compile
proto-google-cloud-pubsub-v1-1.96.4.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.google.cloud/google-cloud-pubsub@1.114.4

Identifiers

proto-google-common-protos-2.5.0.jar

Description:

PROTO library for proto-google-common-protos

License:

Apache-2.0: https://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /var/simplicite/.m2/repository/com/google/api/grpc/proto-google-common-protos/2.5.0/proto-google-common-protos-2.5.0.jar
MD5: bbe9eacf64a3147bf79bdf1b11cd7e5a
SHA1: 2cd33848b8444b961be71b29245d749ed8fa01bb
SHA256:f539166a810a83bea91ef86e7d0208bf9b0bf477ebe937eacdd59e8e3e6bc74e
Referenced In Project/Scope: Simplicite Platform:compile
proto-google-common-protos-2.5.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.google.cloud/google-cloud-storage@2.1.4

Identifiers

proto-google-iam-v1-1.1.0.jar

Description:

PROTO library for proto-google-iam-v1

License:

Apache-2.0: https://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /var/simplicite/.m2/repository/com/google/api/grpc/proto-google-iam-v1/1.1.0/proto-google-iam-v1-1.1.0.jar
MD5: da3a64253808e46deb8d780deae8f721
SHA1: 2d661d95041e27cec26235c51f63117dd9bf4dbc
SHA256:2ca9b9891ceb013ad5e300e6c57226593f41116799abd50d13006e0f846ab49c
Referenced In Project/Scope: Simplicite Platform:compile
proto-google-iam-v1-1.1.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.google.cloud/google-cloud-storage@2.1.4

Identifiers

proto-list:1.2.4

Description:

A utility for managing a prototype chain

License:

ISC
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/proto-list:1.2.4

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/config-chain:1.1.13
  • simplicite-js:5.2.54

Identifiers

protobuf-java-3.17.3.jar

Description:

    Core Protocol Buffers library. Protocol Buffers are a way of encoding structured data in an
    efficient yet extensible format.

License:

https://opensource.org/licenses/BSD-3-Clause
File Path: /var/simplicite/.m2/repository/com/google/protobuf/protobuf-java/3.17.3/protobuf-java-3.17.3.jar
MD5: cd233934a824c6eb401aef8ff4e4448b
SHA1: 313b1861fa9312dd71e1033a77c2e64fb1a94dd3
SHA256:4ac549b192694141958049f060a1c826a33342f619e108ced8c17d9877f5e3ed
Referenced In Project/Scope: Simplicite Platform:compile
protobuf-java-3.17.3.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.simplicite/simplicite@5.2.54

Identifiers

CVE-2022-3171  

A parsing issue with binary data in protobuf-java core and lite versions prior to 3.21.7, 3.20.3, 3.19.6 and 3.16.3 can lead to a denial of service attack. Inputs containing multiple instances of non-repeated embedded messages with repeated or unknown fields causes objects to be converted back-n-forth between mutable and immutable forms, resulting in potentially long garbage collection pauses. We recommend updating to the versions mentioned above.
NVD-CWE-noinfo

CVSSv3:
  • Base Score: HIGH (7.5)
  • Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

References:

Vulnerable Software & Versions: (show all)

CVE-2022-3509 (OSSINDEX)  

A parsing issue similar to CVE-2022-3171, but with textformat in protobuf-java core and lite versions prior to 3.21.7, 3.20.3, 3.19.6 and 3.16.3 can lead to a denial of service attack. Inputs containing multiple instances of non-repeated embedded messages with repeated or unknown fields causes objects to be converted back-n-forth between mutable and immutable forms, resulting in potentially long garbage collection pauses. We recommend updating to the versions mentioned above.
CWE-20 Improper Input Validation

CVSSv2:
  • Base Score: HIGH (7.5)
  • Vector: /AV:N/AC:L/Au:/C:N/I:N/A:H

References:

Vulnerable Software & Versions (OSSINDEX):

  • cpe:2.3:a:com.google.protobuf:protobuf-java:3.17.3:*:*:*:*:*:*:*

CVE-2021-22569 (OSSINDEX)  

An issue in protobuf-java allowed the interleaving of com.google.protobuf.UnknownFieldSet fields in such a way that would be processed out of order. A small malicious payload can occupy the parser for several minutes by creating large numbers of short-lived objects that cause frequent, repeated pauses. We recommend upgrading libraries beyond the vulnerable versions.

Sonatype's research suggests that this CVE's details differ from those defined at NVD. See https://ossindex.sonatype.org/vulnerability/CVE-2021-22569 for details
CWE-noinfo

CVSSv2:
  • Base Score: MEDIUM (5.5)
  • Vector: /AV:L/AC:L/Au:/C:N/I:N/A:H

References:

Vulnerable Software & Versions (OSSINDEX):

  • cpe:2.3:a:com.google.protobuf:protobuf-java:3.17.3:*:*:*:*:*:*:*

protobuf-java-util-3.17.3.jar

Description:

Utilities for Protocol Buffers

License:

https://opensource.org/licenses/BSD-3-Clause
File Path: /var/simplicite/.m2/repository/com/google/protobuf/protobuf-java-util/3.17.3/protobuf-java-util-3.17.3.jar
MD5: 2622e6f183581d74e6e89cac23d7e44a
SHA1: 4340f06a346f46eab1b38feb066e4a2d30aed3b7
SHA256:bf320ed076000e1d8c7cbf7601b056acaecab80f75b9a659b9f6398d0d7e3f79
Referenced In Project/Scope: Simplicite Platform:compile
protobuf-java-util-3.17.3.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.simplicite/simplicite@5.2.54

Identifiers

CVE-2022-3171  

A parsing issue with binary data in protobuf-java core and lite versions prior to 3.21.7, 3.20.3, 3.19.6 and 3.16.3 can lead to a denial of service attack. Inputs containing multiple instances of non-repeated embedded messages with repeated or unknown fields causes objects to be converted back-n-forth between mutable and immutable forms, resulting in potentially long garbage collection pauses. We recommend updating to the versions mentioned above.
NVD-CWE-noinfo

CVSSv3:
  • Base Score: HIGH (7.5)
  • Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

References:

Vulnerable Software & Versions: (show all)

proton-j-0.33.8.jar

Description:

Proton is a library for speaking AMQP.

License:

https://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /var/simplicite/.m2/repository/org/apache/qpid/proton-j/0.33.8/proton-j-0.33.8.jar
MD5: cd1f6987b69e8f5bfc2847fe8695fd79
SHA1: f7e503d4505d73c604c3a4a8e190d461136c9797
SHA256:2181e51532fcd1d5fcc7bddea8bf1b4e69cc028346777780011b30faea8d70cb
Referenced In Project/Scope: Simplicite Platform:compile
proton-j-0.33.8.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.apache.qpid/qpid-jms-client@1.1.0

Identifiers

pseudomap:1.0.2

Description:

A thing that is a lot like ES6 `Map`, but without iterators, for use in environments where `for..of` syntax and `Map` are not available.

License:

ISC
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/pseudomap:1.0.2

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/lru-cache:4.1.5
  • simplicite-js:5.2.54

Identifiers

pump:3.0.0

Description:

pipe streams together and close all of them if one of them closes

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/pump:3.0.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/get-stream:5.2.0
  • simplicite-js:5.2.54/get-stream:4.1.0
  • simplicite-js:5.2.54

Identifiers

punycode:2.3.0

Description:

A robust Punycode converter that fully complies to RFC 3492 and RFC 5891, and works on nearly all JavaScript platforms.

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?uri-js:4.4.1/punycode:^2.1.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/uri-js:4.4.1
  • simplicite-js:5.2.54

Identifiers

pupa:2.1.1

Description:

Simple micro templating

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?update-notifier:4.1.3/pupa:^2.0.1

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/update-notifier:6.0.2
  • simplicite-js:5.2.54/update-notifier:4.1.3
  • simplicite-js:5.2.54/update-notifier:5.1.0
  • simplicite-js:5.2.54

Identifiers

qpid-jms-client-1.1.0.jar

Description:

The core JMS Client implementation

License:

https://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /var/simplicite/.m2/repository/org/apache/qpid/qpid-jms-client/1.1.0/qpid-jms-client-1.1.0.jar
MD5: 50603ba8c2efa1fc9ba66259af3293ae
SHA1: 7b0201557bb76108f43282aeac523f8c3b11f7e8
SHA256:84523481e3374b53b1a45b6de5835c09975a10b29f446a7e83cb14124bdf1872
Referenced In Project/Scope: Simplicite Platform:compile
qpid-jms-client-1.1.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.simplicite/simplicite@5.2.54

Identifiers

qrgen-1.4.jar

Description:

a simple QRCode generation api for java built on top ZXING

License:

Apache License v2: http://www.apache.org/licenses/LICENSE-2.0.html
File Path: /var/simplicite/.m2/repository/net/glxn/qrgen/1.4/qrgen-1.4.jar
MD5: 22aedd5cea2b5d4edc650ab1e08a1ff9
SHA1: fbb2465ec16db786a164e66f2a1e67e2e9254303
SHA256:4985f423c0ced38a1b60ac0f2b76e9a260fe54a276ed313c362ae85fdbe39c35
Referenced In Project/Scope: Simplicite Platform:compile
qrgen-1.4.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.simplicite/simplicite@5.2.54

Identifiers

quartz-2.3.2.jar

Description:

Enterprise Job Scheduler

License:

http://www.apache.org/licenses/LICENSE-2.0.txt
Apache Software License, Version 2.0
File Path: /var/simplicite/.m2/repository/org/quartz-scheduler/quartz/2.3.2/quartz-2.3.2.jar
MD5: d7299dbaec0e0ed7af281b07cc40c8c1
SHA1: 18a6d6b5a40b77bd060b34cb9f2acadc4bae7c8a
SHA256:639c6a675bc472e1568df9d8c954ff702da6f83ed27da0ff9a7bd12ed73b8bf0
Referenced In Project/Scope: Simplicite Platform:compile
quartz-2.3.2.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.simplicite/simplicite@5.2.54

Identifiers

CVE-2023-39017  

quartz-jobs 2.3.2 and below was discovered to contain a code injection vulnerability in the component org.quartz.jobs.ee.jms.SendQueueMessageJob.execute. This vulnerability is exploited via passing an unchecked argument. NOTE: this is disputed by multiple parties because it is not plausible that untrusted user input would reach the code location where injection must occur.
CWE-94 Improper Control of Generation of Code ('Code Injection')

CVSSv3:
  • Base Score: CRITICAL (9.8)
  • Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

References:

Vulnerable Software & Versions:

query-ast:1.0.5

Description:

A library to traverse/modify an AST

License:

BSD-3-Clause
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/query-ast:1.0.5

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54
  • simplicite-js:5.2.54/depcheck:1.4.3

Identifiers

queue-microtask:1.2.3

Description:

fast, tiny `queueMicrotask` shim for modern engines

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?run-parallel:1.2.0/queue-microtask:^1.2.2

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/run-parallel:1.2.0
  • simplicite-js:5.2.54

Identifiers

quick-lru:4.0.1

Description:

Simple "Least Recently Used" (LRU) cache

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/quick-lru:4.0.1

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/camelcase-keys:6.2.2
  • simplicite-js:5.2.54

Identifiers

quick-lru:5.1.1

Description:

Simple “Least Recently Used” (LRU) cache

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/quick-lru:5.1.1

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/http2-wrapper:2.2.0
  • simplicite-js:5.2.54

Identifiers

rc-config-loader:4.1.3

Description:

load config file from .{product}rc.{json,yml,js}

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/rc-config-loader:4.1.3

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/npm-check:6.0.1
  • simplicite-js:5.2.54/npm-check-updates:16.14.14
  • simplicite-js:5.2.54

Identifiers

rc:1.2.8

Description:

hardwired configuration loader

License:

(BSD-2-Clause OR MIT OR Apache-2.0)
File Path: /var/simplicite/simplicite-5.2/package-lock.json?registry-url:5.1.0/rc:^1.2.8

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/registry-url:5.1.0
  • simplicite-js:5.2.54/registry-auth-token:4.2.2
  • simplicite-js:5.2.54/license-report:6.5.0
  • simplicite-js:5.2.54
  • simplicite-js:5.2.54/registry-url:6.0.1

Identifiers

read-package-json-fast:3.0.2

Description:

Like read-package-json, but faster

License:

ISC
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/read-package-json-fast:3.0.2

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/@npmcli/run-script:6.0.2
  • simplicite-js:5.2.54/pacote:15.2.0
  • simplicite-js:5.2.54

Identifiers

read-package-json:6.0.4

Description:

The thing npm uses to read package.json files with semantics and defaults and validation

License:

ISC
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/read-package-json:6.0.4

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/pacote:15.2.0
  • simplicite-js:5.2.54

Identifiers

read-pkg-up:7.0.1

Description:

Read the closest package.json file

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/read-pkg-up:7.0.1

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/meow:9.0.0
  • simplicite-js:5.2.54

Identifiers

read-pkg:5.2.0

Description:

Read a package.json file

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?read-pkg-up:7.0.1/read-pkg:^5.2.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/read-pkg-up:7.0.1
  • simplicite-js:5.2.54

Identifiers

readable-stream:1.1.14

Description:

Streams3, a user-land copy of the stream library from Node.js v0.11.x

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/readable-stream:1.1.14

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/htmlparser2:3.8.3
  • simplicite-js:5.2.54

Identifiers

readable-stream:2.3.8

Description:

Streams3, a user-land copy of the stream library from Node.js

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/readable-stream:2.3.8

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54
  • simplicite-js:5.2.54/jszip:3.7.1

Identifiers

readable-stream:3.6.2

Description:

Streams3, a user-land copy of the stream library from Node.js

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/readable-stream:3.6.2

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/bl:4.1.0
  • simplicite-js:5.2.54/are-we-there-yet:3.0.1
  • simplicite-js:5.2.54

Identifiers

readdirp:3.6.0

Description:

Recursive version of fs.readdir with streaming API.

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/readdirp:3.6.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/chokidar:3.5.3
  • simplicite-js:5.2.54
  • simplicite-js:5.2.54/depcheck:1.4.3

Identifiers

redent:3.0.0

Description:

Strip redundant indentation and indent the string

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/redent:3.0.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/meow:9.0.0
  • simplicite-js:5.2.54

Identifiers

regenerate-unicode-properties:10.1.0

Description:

Regenerate sets for Unicode properties and values.

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?regexpu-core:5.3.2/regenerate-unicode-properties:^10.1.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/regexpu-core:5.3.2
  • simplicite-js:5.2.54

Identifiers

regenerate:1.4.2

Description:

Generate JavaScript-compatible regular expressions based on a given set of Unicode symbols or code points.

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?regexpu-core:5.3.2/regenerate:^1.4.2

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/regexpu-core:5.3.2
  • simplicite-js:5.2.54
  • simplicite-js:5.2.54/regenerate-unicode-properties:10.1.0

Identifiers

regenerator-runtime:0.14.0

Description:

Runtime for Regenerator-compiled generator and async functions.

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/regenerator-runtime:0.14.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/@babel/node:7.23.9
  • simplicite-js:5.2.54/@babel/runtime:7.23.9
  • simplicite-js:5.2.54

Identifiers

regenerator-transform:0.15.2

Description:

Explode async and generator functions into a state machine.

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/regenerator-transform:0.15.2

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/@babel/plugin-transform-regenerator:7.23.3
  • simplicite-js:5.2.54

Identifiers

regexp.prototype.flags:1.5.0

Description:

ES6 spec-compliant RegExp.prototype.flags shim.

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/regexp.prototype.flags:1.5.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/es-abstract:1.21.2
  • simplicite-js:5.2.54

Identifiers

regexpu-core:5.3.2

Description:

regexpu’s core functionality (i.e. `rewritePattern(pattern, flag)`), capable of translating ES6 Unicode regular expressions to ES5.

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/regexpu-core:5.3.2

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/@babel/helper-create-regexp-features-plugin:7.22.15
  • simplicite-js:5.2.54

Identifiers

registry-auth-token:4.2.2

Description:

Get the auth token set for an npm registry (if any)

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/registry-auth-token:4.2.2

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/package-json:8.1.1
  • simplicite-js:5.2.54
  • simplicite-js:5.2.54/package-json:6.5.0

Identifiers

registry-auth-token:5.0.2

Description:

Get the auth token set for an npm registry (if any)

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/registry-auth-token:5.0.2

Referenced In Project/Scope: simplicite-js:5.2.54

Identifiers

registry-url:5.1.0

Description:

Get the set npm registry URL

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/registry-url:5.1.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/package-json:8.1.1
  • simplicite-js:5.2.54
  • simplicite-js:5.2.54/package-json:6.5.0

Identifiers

registry-url:6.0.1

Description:

Get the set npm registry URL

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/registry-url:6.0.1

Referenced In Project/Scope: simplicite-js:5.2.54

Identifiers

regjsparser:0.9.1

License:

BSD-2-Clause
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/regjsparser:0.9.1

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/regexpu-core:5.3.2
  • simplicite-js:5.2.54

Identifiers

relaxng-datatype-2.3.4.jar

Description:

RelaxNG Datatype library.

License:

http://www.eclipse.org/org/documents/edl-v10.php
File Path: /var/simplicite/.m2/repository/com/sun/xml/bind/external/relaxng-datatype/2.3.4/relaxng-datatype-2.3.4.jar
MD5: 16bc84c029a2ea1350d86be887178615
SHA1: 5b2712a7a9fc1947640a45bb7b519d8d13196854
SHA256:8b8819d440a5fb1e6b3d5fe525128f15ddf8ee35414bd7ceda28981e1f3ffed4
Referenced In Project/Scope: Simplicite Platform:compile
relaxng-datatype-2.3.4.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.glassfish.jaxb/jaxb-xjc@2.3.4

Identifiers

remote-git-tags:3.0.0

Description:

Get tags from a remote Git repo

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/remote-git-tags:3.0.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/npm-check-updates:16.14.14
  • simplicite-js:5.2.54

Identifiers

require-directory:2.1.1

Description:

Recursively iterates over specified directory, require()'ing each file, and returning a nested hash structure containing those modules.

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?yargs:16.2.0/require-directory:^2.1.1

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/yargs:16.2.0
  • simplicite-js:5.2.54

Identifiers

require-from-string:2.0.2

Description:

Require module from string

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?ajv:8.12.0/require-from-string:^2.0.2

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/rc-config-loader:4.1.3
  • simplicite-js:5.2.54/ajv:8.12.0
  • simplicite-js:5.2.54

Identifiers

require-package-name:2.0.1

Description:

gets the package name for a require statement

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/require-package-name:2.0.1

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54
  • simplicite-js:5.2.54/depcheck:1.4.3

Identifiers

requizzle:0.2.4

Description:

Swizzle a little something into your require() calls.

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/requizzle:0.2.4

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/jsdoc:4.0.2
  • simplicite-js:5.2.54

Identifiers

resolve-alpn:1.2.1

Description:

Detects the ALPN protocol

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/resolve-alpn:1.2.1

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/http2-wrapper:2.2.0
  • simplicite-js:5.2.54

Identifiers

resolve-from:4.0.0

Description:

Resolve the path of a module like `require.resolve()` but from a given path

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/resolve-from:4.0.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/import-fresh:3.3.0
  • simplicite-js:5.2.54

Identifiers

resolve-from:5.0.0

Description:

Resolve the path of a module like `require.resolve()` but from a given path

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/resolve-from:5.0.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/stylelint:14.16.1
  • simplicite-js:5.2.54

Identifiers

resolve:1.22.2

Description:

resolve like require.resolve() on behalf of files asynchronously and synchronously

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/resolve:1.22.2

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/normalize-package-data:2.5.0
  • simplicite-js:5.2.54/@babel/helper-define-polyfill-provider:0.5.0
  • simplicite-js:5.2.54
  • simplicite-js:5.2.54/depcheck:1.4.3

Identifiers

responselike:1.0.2

Description:

A response-like object for mocking a Node.js HTTP response stream

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/responselike:1.0.2

Referenced In Project/Scope: simplicite-js:5.2.54

Identifiers

responselike:3.0.0

Description:

A response-like object for mocking a Node.js HTTP response stream

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/responselike:3.0.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/cacheable-request:6.1.0
  • simplicite-js:5.2.54/cacheable-request:10.2.12
  • simplicite-js:5.2.54/got:12.6.1
  • simplicite-js:5.2.54
  • simplicite-js:5.2.54/got:13.0.0

Identifiers

restore-cursor:3.1.0

Description:

Gracefully restore the CLI cursor on exit

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/restore-cursor:3.1.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/cli-cursor:3.1.0
  • simplicite-js:5.2.54

Identifiers

retry:0.12.0

Description:

Abstraction for exponential and custom retry strategies for failed operations.

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/retry:0.12.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54
  • simplicite-js:5.2.54/promise-retry:2.0.1

Identifiers

reusify:1.0.4

Description:

Reuse objects and functions with style

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/reusify:1.0.4

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/fastq:1.15.0
  • simplicite-js:5.2.54

Identifiers

rhino-1.7.13.jar

Description:

    Rhino is an open-source implementation of JavaScript written entirely in Java.
    It is typically embedded into Java applications to provide scripting to end users.

License:

Mozilla Public License, Version 2.0: http://www.mozilla.org/MPL/2.0/index.txt
File Path: /var/simplicite/.m2/repository/org/mozilla/rhino/1.7.13/rhino-1.7.13.jar
MD5: 17d7bed97d9c03a77578ec16e26bfc2f
SHA1: e6b2e12dc79fbdc58d8bf62a583705a551ec37d6
SHA256:931dda33789d8e004ff5b5478ee3d6d224305de330c48266df7c3e49d52fc606
Referenced In Project/Scope: Simplicite Platform:compile
rhino-1.7.13.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.simplicite/simplicite@5.2.54

Identifiers

rhino-1.7.13.jar: test.js

File Path: /var/simplicite/.m2/repository/org/mozilla/rhino/1.7.13/rhino-1.7.13.jar/org/mozilla/javascript/tools/debugger/test.js
MD5: 3f4137118304ccd25816067cf8d1edd6
SHA1: d3c7ae4c10cb6c7ac191cb65a39e53ba6a4e6cfb
SHA256:950d2db0a646488500b58ba76a02c33501a048708c083e3b743b73b16e105331
Referenced In Project/Scope: Simplicite Platform:compile

Identifiers

  • None

rhino-js-engine-1.7.10.jar

Description:

A js-engine.jar that provides a script engine "rhino" with old Rhino JavaScript.

The source code for js-engine comes from https://java.net/projects/Scripting.

The Rhino engine itself is pulled by maven. Its source is at https://github.com/mozilla/rhino.

License:

The BSD 3-Clause License: https://opensource.org/licenses/BSD-3-Clause
File Path: /var/simplicite/.m2/repository/cat/inspiracio/rhino-js-engine/1.7.10/rhino-js-engine-1.7.10.jar
MD5: 5543d39bea21e5c9515e8d967a61e1b1
SHA1: 09cc9336acf7bd2f370ae812d5713e90463edc33
SHA256:b47d73c223c86fd3f70470a9a8269626dbb6e9cb0195d062ba53171a2df7ff44
Referenced In Project/Scope: Simplicite Platform:compile
rhino-js-engine-1.7.10.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.simplicite/simplicite@5.2.54

Identifiers

rhino-js-engine-1.7.10.jar: toplevel.js

File Path: /var/simplicite/.m2/repository/cat/inspiracio/rhino-js-engine/1.7.10/rhino-js-engine-1.7.10.jar/META-INF/toplevel.js
MD5: 491854ddbf3787e63aec2d77d4aad938
SHA1: 0cc36fe5c5269749b8d94252d7490d2d82bda8ed
SHA256:511041250766b0811a7767801a1bec1be89a5bddbbe9e455ad7ea2057ba473f7
Referenced In Project/Scope: Simplicite Platform:compile

Identifiers

  • None

rimraf:3.0.2

Description:

A deep deletion module for node (like `rm -rf`)

License:

ISC
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/rimraf:3.0.2

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/flat-cache:3.0.4
  • simplicite-js:5.2.54/node-gyp:9.4.0
  • simplicite-js:5.2.54

Identifiers

rimraf:5.0.5

Description:

A deep deletion module for node (like `rm -rf`)

License:

ISC
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/rimraf:5.0.5

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/npm-check-updates:16.14.14
  • simplicite-js:5.2.54

Identifiers

rngom-2.3.4.jar

Description:

        RNGOM is a RelaxNG Object model library (XSOM for RelaxNG).

License:

http://www.eclipse.org/org/documents/edl-v10.php
File Path: /var/simplicite/.m2/repository/com/sun/xml/bind/external/rngom/2.3.4/rngom-2.3.4.jar
MD5: 42f6df97140d71c05db8d17f22bedfb7
SHA1: 3ccfeb42b0ec2432f6a940cc32163d4479685093
SHA256:4630528cc9361a1ad9b8208dfd157b3d0d9c3f5d5edda4245f705e081e1498c5
Referenced In Project/Scope: Simplicite Platform:compile
rngom-2.3.4.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.glassfish.jaxb/jaxb-xjc@2.3.4

Identifiers

rome-1.15.0.jar

Description:

All Roads Lead to ROME. ROME is a set of Atom/RSS Java utilities that make it
        easy to work in Java with most syndication formats. Today it accepts all flavors of RSS
        (0.90, 0.91, 0.92, 0.93, 0.94, 1.0 and 2.0), Atom 0.3 and Atom 1.0 feeds. Rome includes
        a set of parsers and generators for the various flavors of feeds, as well as converters
        to convert from one format to another. The parsers can give you back Java objects that
        are either specific for the format you want to work with, or a generic normalized
        SyndFeed object that lets you work on with the data without bothering about the
        underlying format.

License:

http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /var/simplicite/.m2/repository/com/rometools/rome/1.15.0/rome-1.15.0.jar
MD5: fb19e4055bbf68e833bc627a0c28b0ef
SHA1: d3614542b857eccc0555d1ee8dfc36d2043d9c1f
SHA256:51cbcedae56ee0c32f25f3a367a6a9dadeef0f591d2f23d03486aec272e4d3f9
Referenced In Project/Scope: Simplicite Platform:compile
rome-1.15.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.apache.tika/tika-parsers@1.27

Identifiers

rome-utils-1.15.0.jar

Description:

Utility classes for ROME projects

File Path: /var/simplicite/.m2/repository/com/rometools/rome-utils/1.15.0/rome-utils-1.15.0.jar
MD5: 0caa762286674758448753c9a8f46803
SHA1: ab1cb95382bf9a8dec81165d328bcbbf1acfb3ae
SHA256:2aaa1e95e0630ba5f4c183201f5ca6af8cecebcbf3494e7d11b903c9d1277cb8
Referenced In Project/Scope: Simplicite Platform:compile
rome-utils-1.15.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.apache.tika/tika-parsers@1.27

Identifiers

rrule:2.8.1

Description:

JavaScript library for working with recurrence rules for calendar dates.

License:

BSD-3-Clause
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/rrule:2.8.1

Referenced In Project/Scope: simplicite-js:5.2.54

Identifiers

run-async:2.4.1

Description:

Utility method to run function either synchronously or asynchronously using the common `this.async()` style.

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/run-async:2.4.1

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/inquirer:7.3.3
  • simplicite-js:5.2.54

Identifiers

run-parallel:1.2.0

Description:

Run an array of functions in parallel

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/run-parallel:1.2.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54
  • simplicite-js:5.2.54/@nodelib/fs.scandir:2.1.5

Identifiers

rxjs:6.6.7

Description:

Reactive Extensions for modern JavaScript

License:

Apache-2.0
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/rxjs:6.6.7

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/inquirer:7.3.3
  • simplicite-js:5.2.54

Identifiers

s3-2.4.0.jar

Description:

jclouds components to access an implementation of S3

File Path: /var/simplicite/.m2/repository/org/apache/jclouds/api/s3/2.4.0/s3-2.4.0.jar
MD5: 329947d3abf02bebca800c333a9bd7f9
SHA1: ec47a6df763be88ac6867581fca08c044e808ef7
SHA256:a0e06a346fe16d84629f10e5f285a56c90b98b6b15df9d1f32d1d581093accca
Referenced In Project/Scope: Simplicite Platform:compile
s3-2.4.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.apache.jclouds.provider/aws-s3@2.4.0

Identifiers

safe-array-concat:1.0.0

Description:

`Array.prototype.concat`, but made safe by ignoring Symbol.isConcatSpreadable

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/safe-array-concat:1.0.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/object.getownpropertydescriptors:2.1.6
  • simplicite-js:5.2.54

Identifiers

safe-buffer:5.2.1

Description:

Safer Node.js Buffer API

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/safe-buffer:5.2.1

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/readable-stream:2.3.8
  • simplicite-js:5.2.54/string_decoder:1.3.0
  • simplicite-js:5.2.54/string_decoder:1.1.1
  • simplicite-js:5.2.54

Identifiers

safe-regex-test:1.0.0

Description:

Give a regex, get a robust predicate function that tests it against a string.

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/safe-regex-test:1.0.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/es-abstract:1.21.2
  • simplicite-js:5.2.54

Identifiers

safer-buffer:2.1.2

Description:

Modern Buffer API polyfill without footguns

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/safer-buffer:2.1.2

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/iconv-lite:0.6.3
  • simplicite-js:5.2.54
  • simplicite-js:5.2.54/iconv-lite:0.4.24

Identifiers

sass:1.63.6

Description:

A pure JavaScript implementation of Sass.

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/sass:1.63.6

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54
  • simplicite-js:5.2.54/depcheck:1.4.3

Identifiers

scss-parser:1.0.6

Description:

A library to parse/stringify SCSS

License:

SEE LICENSE IN README
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/scss-parser:1.0.6

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54
  • simplicite-js:5.2.54/depcheck:1.4.3

Identifiers

select2-theme-bootstrap4:1.0.0

Description:

A theme for Select2 v4 and Bootstrap 4.

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/select2-theme-bootstrap4:1.0.0

Referenced In Project/Scope: simplicite-js:5.2.54

Identifiers

select2:4.0.13

Description:

Select2 is a jQuery based replacement for select boxes. It supports searching, remote data sets, and infinite scrolling of results.

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/select2:4.0.13

Referenced In Project/Scope: simplicite-js:5.2.54

Identifiers

semver-compare:1.0.0

Description:

compare two semver version strings, returning -1, 0, or 1

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/semver-compare:1.0.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/please-upgrade-node:3.2.0
  • simplicite-js:5.2.54

Identifiers

semver-diff:3.1.1

Description:

Get the diff type of two semver versions: 0.0.1 0.0.2 → patch

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?update-notifier:4.1.3/semver-diff:^3.1.1

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/npm-check:6.0.1
  • simplicite-js:5.2.54/update-notifier:6.0.2
  • simplicite-js:5.2.54/update-notifier:4.1.3
  • simplicite-js:5.2.54/update-notifier:5.1.0
  • simplicite-js:5.2.54

Identifiers

semver-utils:1.1.4

Description:

Tools for manipulating semver strings and objects

License:

APACHEv2
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/semver-utils:1.1.4

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/npm-check-updates:16.14.14
  • simplicite-js:5.2.54

Identifiers

semver:5.7.1

Description:

The semantic version parser used by npm.

License:

ISC
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/semver:5.7.1

Referenced In Project/Scope: simplicite-js:5.2.54

Identifiers

CVE-2022-25883 (OSSINDEX)  

Versions of the package semver before 7.5.2 are vulnerable to Regular Expression Denial of Service (ReDoS) via the function new Range, when untrusted user data is provided as a range.



Sonatype's research suggests that this CVE's details differ from those defined at NVD. See https://ossindex.sonatype.org/vulnerability/CVE-2022-25883 for details
CWE-1333 Inefficient Regular Expression Complexity

CVSSv2:
  • Base Score: HIGH (7.5)
  • Vector: /AV:N/AC:L/Au:/C:N/I:N/A:H

References:

Vulnerable Software & Versions (OSSINDEX):

  • cpe:2.3:a:*:semver:5.7.1:*:*:*:*:*:*:*

semver:6.3.1

Description:

The semantic version parser used by npm.

License:

ISC
File Path: /var/simplicite/simplicite-5.2/package-lock.json?semver-diff:3.1.1/semver:^6.3.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/normalize-package-data:3.0.3
  • simplicite-js:5.2.54/babel-plugin-polyfill-corejs2:0.4.8
  • simplicite-js:5.2.54/npm-install-checks:6.1.1
  • simplicite-js:5.2.54/semver-diff:4.0.0
  • simplicite-js:5.2.54/@babel/helper-create-class-features-plugin:7.23.10
  • simplicite-js:5.2.54/node-gyp:9.4.0
  • simplicite-js:5.2.54/editorconfig:0.15.3
  • simplicite-js:5.2.54/license-report:6.5.0
  • simplicite-js:5.2.54/npm-check-updates:16.14.14
  • simplicite-js:5.2.54/make-dir:3.1.0
  • simplicite-js:5.2.54/depcheck:1.4.3
  • simplicite-js:5.2.54/normalize-package-data:2.5.0
  • simplicite-js:5.2.54/builtins:5.0.1
  • simplicite-js:5.2.54/semver-diff:3.1.1
  • simplicite-js:5.2.54/eslint-plugin-jsdoc:48.0.4
  • simplicite-js:5.2.54/npm-package-arg:10.1.0
  • simplicite-js:5.2.54/@babel/preset-env:7.23.9
  • simplicite-js:5.2.54/npm-pick-manifest:8.0.2
  • simplicite-js:5.2.54/make-dir:2.1.0
  • simplicite-js:5.2.54/npm-check:6.0.1
  • simplicite-js:5.2.54/package-json:8.1.1
  • simplicite-js:5.2.54/@babel/helper-create-regexp-features-plugin:7.22.15
  • simplicite-js:5.2.54/update-notifier:5.1.0
  • simplicite-js:5.2.54/@npmcli/fs:3.1.0
  • simplicite-js:5.2.54/@babel/core:7.23.9
  • simplicite-js:5.2.54
  • simplicite-js:5.2.54/normalize-package-data:5.0.0
  • simplicite-js:5.2.54/node-environment-flags:1.0.6
  • simplicite-js:5.2.54/@babel/helper-compilation-targets:7.23.6
  • simplicite-js:5.2.54/update-notifier:6.0.2
  • simplicite-js:5.2.54/package-json:6.5.0
  • simplicite-js:5.2.54/@npmcli/git:4.1.0

Identifiers

semver:7.5.4

Description:

The semantic version parser used by npm.

License:

ISC
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/semver:7.5.4

Referenced In Project/Scope: simplicite-js:5.2.54

Identifiers

sentence-case:3.0.4

Description:

Transform into a lower case with spaces between words, then capitalize the string

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?tablemark:3.0.0/sentence-case:^3.0.4

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/tablemark:3.0.0
  • simplicite-js:5.2.54

Identifiers

sentiment-analysis-parser-0.1.jar

Description:

Combines Apache OpenNLP and Apache Tika and provides facilities for automatically deriving sentiment from text.

License:

The Apache License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /var/simplicite/.m2/repository/edu/usc/ir/sentiment-analysis-parser/0.1/sentiment-analysis-parser-0.1.jar
MD5: 69727e01cb8165e2e5d637e527ea82d4
SHA1: 20d1524a1270c1d26e3314d2ee71a12e6a29a27d
SHA256:035a28b4d65993b405ddcc98b4bb67cd038d4617e5c8e5c2f4d16d34c8f49e2b
Referenced In Project/Scope: Simplicite Platform:compile
sentiment-analysis-parser-0.1.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.apache.tika/tika-parsers@1.27

Identifiers

serializer-2.7.2.jar

Description:

    Serializer to write out XML, HTML etc. as a stream of characters from an input DOM or from input
    SAX events.

File Path: /var/simplicite/.m2/repository/xalan/serializer/2.7.2/serializer-2.7.2.jar
MD5: e8325763fd4235f174ab7b72ed815db1
SHA1: 24247f3bb052ee068971393bdb83e04512bb1c3c
SHA256:e8f5b4340d3b12a0cfa44ac2db4be4e0639e479ae847df04c4ed8b521734bb4a
Referenced In Project/Scope: Simplicite Platform:compile
serializer-2.7.2.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/xalan/xalan@2.7.2

Identifiers

CVE-2022-34169  

The Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets. This can be used to corrupt Java class files generated by the internal XSLTC compiler and execute arbitrary Java bytecode. Users are recommended to update to version 2.7.3 or later. Note: Java runtimes (such as OpenJDK) include repackaged copies of Xalan.
CWE-681 Incorrect Conversion between Numeric Types

CVSSv3:
  • Base Score: HIGH (7.5)
  • Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

References:

Vulnerable Software & Versions: (show all)

set-blocking:2.0.0

Description:

set blocking stdio and stderr ensuring that terminal output does not truncate

License:

ISC
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/set-blocking:2.0.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/npmlog:6.0.2
  • simplicite-js:5.2.54

Identifiers

set-immediate-shim:1.0.1

Description:

Simple setImmediate shim

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/set-immediate-shim:1.0.1

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54
  • simplicite-js:5.2.54/jszip:3.7.1

Identifiers

shallow-clone:3.0.1

Description:

Creates a shallow clone of any JavaScript value.

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/shallow-clone:3.0.1

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54
  • simplicite-js:5.2.54/clone-deep:4.0.1

Identifiers

shebang-command:2.0.0

Description:

Get the command from a shebang

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/shebang-command:2.0.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/cross-spawn:7.0.3
  • simplicite-js:5.2.54

Identifiers

shebang-regex:3.0.0

Description:

Regular expression for matching a shebang line

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/shebang-regex:3.0.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/shebang-command:2.0.0
  • simplicite-js:5.2.54

Identifiers

shelljs:0.3.0

Description:

Portable Unix shell commands for Node.js

License:

BSD*
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/shelljs:0.3.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/jshint:2.13.1
  • simplicite-js:5.2.54

Identifiers

CVE-2022-0144  

shelljs is vulnerable to Improper Privilege Management
CWE-269 Improper Privilege Management

CVSSv2:
  • Base Score: LOW (3.6)
  • Vector: /AV:L/AC:L/Au:N/C:P/I:N/A:P
CVSSv3:
  • Base Score: HIGH (7.1)
  • Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H

References:

Vulnerable Software & Versions:

side-channel:1.0.4

Description:

Store information about any JS value in a side channel. Uses WeakMap if available.

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/side-channel:1.0.4

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/internal-slot:1.0.5
  • simplicite-js:5.2.54

Identifiers

sigmund:1.0.1

Description:

Quick and dirty signatures for Objects.

License:

ISC
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/sigmund:1.0.1

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/editorconfig:0.15.3
  • simplicite-js:5.2.54

Identifiers

signal-exit:3.0.7

Description:

when you want to fire an event no matter how a process exits.

License:

ISC
File Path: /var/simplicite/simplicite-5.2/package-lock.json?write-file-atomic:4.0.2/signal-exit:^3.0.7

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/restore-cursor:3.1.0
  • simplicite-js:5.2.54/gauge:4.0.4
  • simplicite-js:5.2.54/execa:5.1.1
  • simplicite-js:5.2.54/write-file-atomic:4.0.2
  • simplicite-js:5.2.54
  • simplicite-js:5.2.54/write-file-atomic:3.0.3

Identifiers

signal-exit:4.0.2

Description:

when you want to fire an event no matter how a process exits.

License:

ISC
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/signal-exit:4.0.2

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/foreground-child:3.1.1
  • simplicite-js:5.2.54

Identifiers

signature_pad:2.3.2

Description:

Library for drawing smooth signatures.

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/signature_pad:2.3.2

Referenced In Project/Scope: simplicite-js:5.2.54

Identifiers

sigstore:1.8.0

Description:

code-signing for npm packages

License:

Apache-2.0
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/sigstore:1.8.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/pacote:15.2.0
  • simplicite-js:5.2.54

Identifiers

simplicite-bootstrap-datetimepicker:1.0.6

Description:

Bootstrap date and time picker adapted and refactored for Bootstrap 4 from archived https://github.com/smalot/bootstrap-datetimepicker

License:

Apache-2.0
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/simplicite-bootstrap-datetimepicker:1.0.6

Referenced In Project/Scope: simplicite-js:5.2.54

Identifiers

simplicite:3.0.1

Description:

Simplicite(R) platform Javascript API (for node.js and browser)

License:

Apache-2.0
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/simplicite:3.0.1

Referenced In Project/Scope: simplicite-js:5.2.54

Identifiers

sis-feature-1.0.jar

Description:

    Representations of geographic features.
    Includes access to both vector and raster data.

File Path: /var/simplicite/.m2/repository/org/apache/sis/core/sis-feature/1.0/sis-feature-1.0.jar
MD5: 9dd6c6f6054d25b499d449c3c5643cac
SHA1: 4178a349ce0c14bc442d97ed43c13a9f6b6b53e8
SHA256:3049c514fc9bc815781b0c7d0b56e2c61e6d4d680cf14ec1adb7da6f591440c6
Referenced In Project/Scope: Simplicite Platform:compile
sis-feature-1.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.apache.tika/tika-parsers@1.27

Identifiers

sis-metadata-1.0.jar

Description:

    Implementations of metadata derived from ISO 19115. This module provides both an implementation
    of the metadata interfaces defined in GeoAPI, and a framework for handling those metadata through
    Java reflection.

File Path: /var/simplicite/.m2/repository/org/apache/sis/core/sis-metadata/1.0/sis-metadata-1.0.jar
MD5: 289e5e47d5045d0bbb788d001aaefb27
SHA1: 8a31d969f98a539cc35ef86b1b7f28d364792393
SHA256:382ac1d5d53a363f7aab26121ce5093b2a1db9d359b7f3409ec95dc131968b6a
Referenced In Project/Scope: Simplicite Platform:compile
sis-metadata-1.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.apache.tika/tika-parsers@1.27

Identifiers

sis-netcdf-1.0.jar

Description:

    Bridge between netCDF Climate and Forecast (CF) convention and ISO 19115 metadata.

File Path: /var/simplicite/.m2/repository/org/apache/sis/storage/sis-netcdf/1.0/sis-netcdf-1.0.jar
MD5: 9582d3b6db23ee114dca7fb1137bbf93
SHA1: aa181ec5975feaebb38bfaeef295550bdec48bde
SHA256:acfb71b94a5df80cf8e66389dc41a2ee347bcd2078f86320ffaf2c11f4ca87a0
Referenced In Project/Scope: Simplicite Platform:compile
sis-netcdf-1.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.apache.tika/tika-parsers@1.27

Identifiers

sis-referencing-1.0.jar

Description:

    Implementations of Coordinate Reference Systems (CRS),
    conversion and transformation services derived from ISO 19111.

File Path: /var/simplicite/.m2/repository/org/apache/sis/core/sis-referencing/1.0/sis-referencing-1.0.jar
MD5: f2db942fea46bd4b3aa1f17f63066030
SHA1: cc09bc1cc25222a47660e3a217762fa8b4c66f36
SHA256:2225d3c5989f53d696b9c60958c7c181e3b5f493e0bd5ed54b829cbf6fbeb442
Referenced In Project/Scope: Simplicite Platform:compile
sis-referencing-1.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.apache.tika/tika-parsers@1.27

Identifiers

sis-storage-1.0.jar

Description:

    Provides the interfaces and base classes to be implemented by various storage formats.

File Path: /var/simplicite/.m2/repository/org/apache/sis/storage/sis-storage/1.0/sis-storage-1.0.jar
MD5: 7a78861b4d4fe256a344cfecacbec7d0
SHA1: 7604108ad33b9c0d70b90518a265b9bacc37c4c6
SHA256:f4563d827db841163707ec0d772cbfbb70c6973237498309975d8e732cffc4f2
Referenced In Project/Scope: Simplicite Platform:compile
sis-storage-1.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.apache.tika/tika-parsers@1.27

Identifiers

sis-utility-1.0.jar

Description:

    Miscellaneous utilities.

File Path: /var/simplicite/.m2/repository/org/apache/sis/core/sis-utility/1.0/sis-utility-1.0.jar
MD5: a19ef6fcc5f530ad8c6d7dcbb75b0289
SHA1: 37f59318fa1e5093f5131abf6e5ee8be0ebdb214
SHA256:2b082d4e6f5e723141d541787a7bd096b0d4e489a3cca906a473632eee217732
Referenced In Project/Scope: Simplicite Platform:compile
sis-utility-1.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.apache.tika/tika-parsers@1.27

Identifiers

sisteransi:1.0.5

Description:

ANSI escape codes for some terminal swag

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/sisteransi:1.0.5

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54
  • simplicite-js:5.2.54/prompts-ncu:3.0.0

Identifiers

slash:2.0.0

Description:

Convert Windows backslash paths to slash paths

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/slash:2.0.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/@babel/cli:7.23.9
  • simplicite-js:5.2.54

Identifiers

slash:3.0.0

Description:

Convert Windows backslash paths to slash paths

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/slash:3.0.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54
  • simplicite-js:5.2.54/globby:11.1.0

Identifiers

slf4j-api-1.7.32.jar

Description:

The slf4j API

File Path: /var/simplicite/.m2/repository/org/slf4j/slf4j-api/1.7.32/slf4j-api-1.7.32.jar
MD5: fbcf58513bc25b80f075d812aad3e3cf
SHA1: cdcff33940d9f2de763bc41ea05a0be5941176c3
SHA256:3624f8474c1af46d75f98bc097d7864a323c81b3808aa43689a6e1c601c027be
Referenced In Project/Scope: Simplicite Platform:compile
slf4j-api-1.7.32.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.simplicite/simplicite@5.2.54

Identifiers

slice-ansi:4.0.0

Description:

Slice a string with ANSI escape codes

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?table:6.8.1/slice-ansi:^4.0.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/table:6.8.1
  • simplicite-js:5.2.54

Identifiers

smart-buffer:4.2.0

Description:

smart-buffer is a Buffer wrapper that adds automatic read & write offset tracking, string operations, data insertions, and more.

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?socks:2.7.1/smart-buffer:^4.2.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/socks:2.7.1
  • simplicite-js:5.2.54

Identifiers

snakeyaml-1.29.jar

Description:

YAML 1.1 parser and emitter for Java

License:

Apache License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /var/simplicite/.m2/repository/org/yaml/snakeyaml/1.29/snakeyaml-1.29.jar
MD5: 5bdf841bc5abda0507fa5ce91c44cc86
SHA1: 6d0cdafb2010f1297e574656551d7145240f6e25
SHA256:89c5f029811b08c878f0b81dbb05e9626624c1fda4087a26871101e499a217ab
Referenced In Project/Scope: Simplicite Platform:compile
snakeyaml-1.29.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.simplicite/simplicite@5.2.54

Identifiers

CVE-2022-1471  

SnakeYaml's Constructor() class does not restrict types which can be instantiated during deserialization. Deserializing yaml content provided by an attacker can lead to remote code execution. We recommend using SnakeYaml's SafeConsturctor when parsing untrusted content to restrict deserialization. We recommend upgrading to version 2.0 and beyond.
CWE-502 Deserialization of Untrusted Data

CVSSv3:
  • Base Score: CRITICAL (9.8)
  • Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

References:

Vulnerable Software & Versions:

CVE-2022-25857  

The package org.yaml:snakeyaml from 0 and before 1.31 are vulnerable to Denial of Service (DoS) due missing to nested depth limitation for collections.
CWE-776 Improper Restriction of Recursive Entity References in DTDs ('XML Entity Expansion')

CVSSv3:
  • Base Score: HIGH (7.5)
  • Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

References:

Vulnerable Software & Versions:

CVE-2022-38749  

Using snakeYAML to parse untrusted YAML files may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stackoverflow.
CWE-787 Out-of-bounds Write

CVSSv3:
  • Base Score: MEDIUM (6.5)
  • Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

References:

Vulnerable Software & Versions:

CVE-2022-38751  

Using snakeYAML to parse untrusted YAML files may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stackoverflow.
CWE-787 Out-of-bounds Write

CVSSv3:
  • Base Score: MEDIUM (6.5)
  • Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

References:

Vulnerable Software & Versions:

CVE-2022-38752  

Using snakeYAML to parse untrusted YAML files may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stack-overflow.
CWE-787 Out-of-bounds Write

CVSSv3:
  • Base Score: MEDIUM (6.5)
  • Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

References:

Vulnerable Software & Versions:

CVE-2022-41854  

Those using Snakeyaml to parse untrusted YAML files may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stack overflow. This effect may support a denial of service attack.
CWE-787 Out-of-bounds Write

CVSSv3:
  • Base Score: MEDIUM (6.5)
  • Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

References:

Vulnerable Software & Versions:

CVE-2022-38750  

Using snakeYAML to parse untrusted YAML files may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stackoverflow.
CWE-787 Out-of-bounds Write

CVSSv3:
  • Base Score: MEDIUM (5.5)
  • Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

References:

Vulnerable Software & Versions:

snappy-java-1.1.8.4.jar

Description:

snappy-java: A fast compression/decompression library

License:

Apache-2.0: https://www.apache.org/licenses/LICENSE-2.0.html
File Path: /var/simplicite/.m2/repository/org/xerial/snappy/snappy-java/1.1.8.4/snappy-java-1.1.8.4.jar
MD5: 3aca6cae2cada8442809bc79be3df269
SHA1: 66f0d56454509f6e36175f2331572e250e04a6cc
SHA256:24c4d1fc1e89e078331ab8f401a99cad68599bde4a2e4516042cb548c51b1c3e
Referenced In Project/Scope: Simplicite Platform:runtime
snappy-java-1.1.8.4.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.apache.kafka/kafka-clients@3.3.1

Identifiers

CVE-2023-34453  

snappy-java is a fast compressor/decompressor for Java. Due to unchecked multiplications, an integer overflow may occur in versions prior to 1.1.10.1, causing a fatal error.

The function `shuffle(int[] input)` in the file `BitShuffle.java` receives an array of integers and applies a bit shuffle on it. It does so by multiplying the length by 4 and passing it to the natively compiled shuffle function. Since the length is not tested, the multiplication by four can cause an integer overflow and become a smaller value than the true size, or even zero or negative. In the case of a negative value, a `java.lang.NegativeArraySizeException` exception will raise, which can crash the program. In a case of a value that is zero or too small, the code that afterwards references the shuffled array will assume a bigger size of the array, which might cause exceptions such as `java.lang.ArrayIndexOutOfBoundsException`.

The same issue exists also when using the `shuffle` functions that receive a double, float, long and short, each using a different multiplier that may cause the same issue.

Version 1.1.10.1 contains a patch for this vulnerability.
CWE-190 Integer Overflow or Wraparound

CVSSv3:
  • Base Score: HIGH (7.5)
  • Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

References:

Vulnerable Software & Versions:

CVE-2023-34454  

snappy-java is a fast compressor/decompressor for Java. Due to unchecked multiplications, an integer overflow may occur in versions prior to 1.1.10.1, causing an unrecoverable fatal error.

The function `compress(char[] input)` in the file `Snappy.java` receives an array of characters and compresses it. It does so by multiplying the length by 2 and passing it to the rawCompress` function.

Since the length is not tested, the multiplication by two can cause an integer overflow and become negative. The rawCompress function then uses the received length and passes it to the natively compiled maxCompressedLength function, using the returned value to allocate a byte array.

Since the maxCompressedLength function treats the length as an unsigned integer, it doesn’t care that it is negative, and it returns a valid value, which is casted to a signed integer by the Java engine. If the result is negative, a `java.lang.NegativeArraySizeException` exception will be raised while trying to allocate the array `buf`. On the other side, if the result is positive, the `buf` array will successfully be allocated, but its size might be too small to use for the compression, causing a fatal Access Violation error.

The same issue exists also when using the `compress` functions that receive double, float, int, long and short, each using a different multiplier that may cause the same issue. The issue most likely won’t occur when using a byte array, since creating a byte array of size 0x80000000 (or any other negative value) is impossible in the first place.

Version 1.1.10.1 contains a patch for this issue.
CWE-190 Integer Overflow or Wraparound

CVSSv3:
  • Base Score: HIGH (7.5)
  • Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

References:

Vulnerable Software & Versions:

CVE-2023-34455  

snappy-java is a fast compressor/decompressor for Java. Due to use of an unchecked chunk length, an unrecoverable fatal error can occur in versions prior to 1.1.10.1.

The code in the function hasNextChunk in the fileSnappyInputStream.java checks if a given stream has more chunks to read. It does that by attempting to read 4 bytes. If it wasn’t possible to read the 4 bytes, the function returns false. Otherwise, if 4 bytes were available, the code treats them as the length of the next chunk.

In the case that the `compressed` variable is null, a byte array is allocated with the size given by the input data. Since the code doesn’t test the legality of the `chunkSize` variable, it is possible to pass a negative number (such as 0xFFFFFFFF which is -1), which will cause the code to raise a `java.lang.NegativeArraySizeException` exception. A worse case would happen when passing a huge positive value (such as 0x7FFFFFFF), which would raise the fatal `java.lang.OutOfMemoryError` error.

Version 1.1.10.1 contains a patch for this issue.
CWE-770 Allocation of Resources Without Limits or Throttling

CVSSv3:
  • Base Score: HIGH (7.5)
  • Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

References:

Vulnerable Software & Versions:

CVE-2023-43642  

snappy-java is a Java port of the snappy, a fast C++ compresser/decompresser developed by Google. The SnappyInputStream was found to be vulnerable to Denial of Service (DoS) attacks when decompressing data with a too large chunk size. Due to missing upper bound check on chunk length, an unrecoverable fatal error can occur. All versions of snappy-java including the latest released version 1.1.10.3 are vulnerable to this issue. A fix has been introduced in commit `9f8c3cf74` which will be included in the 1.1.10.4 release. Users are advised to upgrade. Users unable to upgrade should only accept compressed data from trusted sources.
CWE-770 Allocation of Resources Without Limits or Throttling

CVSSv3:
  • Base Score: HIGH (7.5)
  • Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

References:

Vulnerable Software & Versions:

snappy-java-1.1.8.4.jar: snappyjava.dll

File Path: /var/simplicite/.m2/repository/org/xerial/snappy/snappy-java/1.1.8.4/snappy-java-1.1.8.4.jar/org/xerial/snappy/native/Windows/x86/snappyjava.dll
MD5: 10d5fed1e53436b1eaebd5af74411ab9
SHA1: a7e426427985ed03e37b7e2198cecbe0be95b92d
SHA256:d2d922984b4487a4d9117137db6072bebd37b82a33adee02d0d57bcd8c723da8
Referenced In Project/Scope: Simplicite Platform:runtime

Identifiers

  • None

snappy-java-1.1.8.4.jar: snappyjava.dll

File Path: /var/simplicite/.m2/repository/org/xerial/snappy/snappy-java/1.1.8.4/snappy-java-1.1.8.4.jar/org/xerial/snappy/native/Windows/x86_64/snappyjava.dll
MD5: 9c14838fdac91cc0666eab07bfc21bc8
SHA1: 1a439f0d589c48cfb3e3e17499e4961cdcda7bb9
SHA256:ba2eb1fc7d6b209bae559f0091dd85a899db422b8824b6bd25ff147b725a4ae3
Referenced In Project/Scope: Simplicite Platform:runtime

Identifiers

  • None

socks-proxy-agent:7.0.0

Description:

A SOCKS proxy `http.Agent` implementation for HTTP and HTTPS

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/socks-proxy-agent:7.0.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/make-fetch-happen:11.1.1
  • simplicite-js:5.2.54

Identifiers

socks:2.7.1

Description:

Fully featured SOCKS proxy client supporting SOCKSv4, SOCKSv4a, and SOCKSv5. Includes Bind and Associate functionality.

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?socks-proxy-agent:7.0.0/socks:^2.6.2

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/socks-proxy-agent:7.0.0
  • simplicite-js:5.2.54

Identifiers

source-map-js:1.0.2

Description:

Generates and consumes source maps

License:

BSD-3-Clause
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/source-map-js:1.0.2

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/postcss:8.4.24
  • simplicite-js:5.2.54/@vue/compiler-sfc:3.3.4
  • simplicite-js:5.2.54/@vue/compiler-core:3.3.4
  • simplicite-js:5.2.54
  • simplicite-js:5.2.54/sass:1.63.6

Identifiers

source-map-support:0.5.21

Description:

Fixes stack traces for files with source maps

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/source-map-support:0.5.21

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/npm-check-updates:16.14.14
  • simplicite-js:5.2.54
  • simplicite-js:5.2.54/@babel/register:7.23.7

Identifiers

source-map:0.6.1

Description:

Generates and consumes source maps

License:

BSD-3-Clause
File Path: /var/simplicite/simplicite-5.2/package-lock.json?source-map-support:0.5.21/source-map:^0.6.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/handlebars:4.7.7
  • simplicite-js:5.2.54/source-map-support:0.5.21
  • simplicite-js:5.2.54

Identifiers

spawn-please:2.0.2

Description:

Promisified child_process.spawn. *Supports stdin* *Rejects on stderr*

License:

ISC
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/spawn-please:2.0.2

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/npm-check-updates:16.14.14
  • simplicite-js:5.2.54

Identifiers

spdx-correct:3.2.0

Description:

correct invalid SPDX expressions

License:

Apache-2.0
File Path: /var/simplicite/simplicite-5.2/package-lock.json?validate-npm-package-license:3.0.4/spdx-correct:^3.0.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/validate-npm-package-license:3.0.4
  • simplicite-js:5.2.54

Identifiers

spdx-exceptions:2.3.0

Description:

list of SPDX standard license exceptions

License:

CC-BY-3.0
File Path: /var/simplicite/simplicite-5.2/package-lock.json?spdx-expression-parse:3.0.1/spdx-exceptions:^2.1.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/spdx-expression-parse:3.0.1
  • simplicite-js:5.2.54/spdx-expression-parse:4.0.0
  • simplicite-js:5.2.54

Identifiers

spdx-expression-parse:3.0.1

Description:

parse SPDX license expressions

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?validate-npm-package-license:3.0.4/spdx-expression-parse:^3.0.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/spdx-correct:3.2.0
  • simplicite-js:5.2.54/validate-npm-package-license:3.0.4
  • simplicite-js:5.2.54

Identifiers

spdx-expression-parse:4.0.0

Description:

parse SPDX license expressions

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/spdx-expression-parse:4.0.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/eslint-plugin-jsdoc:48.0.4
  • simplicite-js:5.2.54

Identifiers

spdx-license-ids:3.0.13

Description:

A list of SPDX license identifiers

License:

CC0-1.0
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/spdx-license-ids:3.0.13

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/spdx-correct:3.2.0
  • simplicite-js:5.2.54/spdx-expression-parse:3.0.1
  • simplicite-js:5.2.54/spdx-expression-parse:4.0.0
  • simplicite-js:5.2.54

Identifiers

spectrum-colorpicker:1.8.1

Description:

Spectrum: the no hassle jQuery colorpicker

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/spectrum-colorpicker:1.8.1

Referenced In Project/Scope: simplicite-js:5.2.54

Identifiers

split-text-to-chunks:1.0.0

Description:

Split a text string to chunks for e.g. word wrapping

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?tablemark:3.0.0/split-text-to-chunks:^1.0.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/tablemark:3.0.0
  • simplicite-js:5.2.54

Identifiers

sprintf-js:1.0.3

Description:

JavaScript sprintf implementation

License:

BSD-3-Clause
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/sprintf-js:1.0.3

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/argparse:1.0.10
  • simplicite-js:5.2.54

Identifiers

sshd-osgi-2.8.0.jar

Description:

The Apache Software Foundation provides support for the Apache community of open-source software projects.    The Apache projects are characterized by a collaborative, consensus based development process, an open and    pragmatic software license, and a desire to create high quality software that leads the way in its field.    We consider ourselves not simply a group of projects sharing a server, but rather a community of developers    and users.

License:

https://www.apache.org/licenses/LICENSE-2.0
File Path: /var/simplicite/.m2/repository/org/apache/sshd/sshd-osgi/2.8.0/sshd-osgi-2.8.0.jar
MD5: 15b16cddad3c6d3bc9d45a74585e2f6e
SHA1: b2a59b73c045f40d5722b9160d4f909a646d86c9
SHA256:734ee51c6babaf0fdfebfc9f38c148a38b8a1d8bce03d0bad26b3fba21a48463
Referenced In Project/Scope: Simplicite Platform:compile
sshd-osgi-2.8.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.eclipse.jgit/org.eclipse.jgit.ssh.apache@6.1.0.202203080745-r

Identifiers

CVE-2022-45047  

Class org.apache.sshd.server.keyprovider.SimpleGeneratorHostKeyProvider in Apache MINA SSHD <= 2.9.1 uses Java deserialization to load a serialized java.security.PrivateKey. The class is one of several implementations that an implementor using Apache MINA SSHD can choose for loading the host keys of an SSH server.
CWE-502 Deserialization of Untrusted Data

CVSSv3:
  • Base Score: CRITICAL (9.8)
  • Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

References:

Vulnerable Software & Versions:

CVE-2023-48795  

The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets are omitted (from the extension negotiation message), and a client and server may consequently end up with a connection for which some security features have been downgraded or disabled, aka a Terrapin attack. This occurs because the SSH Binary Packet Protocol (BPP), implemented by these extensions, mishandles the handshake phase and mishandles use of sequence numbers. For example, there is an effective attack against SSH's use of ChaCha20-Poly1305 (and CBC with Encrypt-then-MAC). The bypass occurs in chacha20-poly1305@openssh.com and (if CBC is used) the -etm@openssh.com MAC algorithms. This also affects Maverick Synergy Java SSH API before 3.1.0-SNAPSHOT, Dropbear through 2022.83, Ssh before 5.1.1 in Erlang/OTP, PuTTY before 0.80, AsyncSSH before 2.14.2, golang.org/x/crypto before 0.17.0, libssh before 0.10.6, libssh2 through 1.11.0, Thorn Tech SFTP Gateway before 3.4.6, Tera Term before 5.1, Paramiko before 3.4.0, jsch before 0.2.15, SFTPGo before 2.5.6, Netgate pfSense Plus through 23.09.1, Netgate pfSense CE through 2.7.2, HPN-SSH through 18.2.0, ProFTPD before 1.3.8b (and before 1.3.9rc2), ORYX CycloneSSH before 2.3.4, NetSarang XShell 7 before Build 0144, CrushFTP before 10.6.0, ConnectBot SSH library before 2.2.22, Apache MINA sshd through 2.11.0, sshj through 0.37.0, TinySSH through 20230101, trilead-ssh2 6401, LANCOM LCOS and LANconfig, FileZilla before 3.66.4, Nova before 11.8, PKIX-SSH before 14.4, SecureCRT before 9.4.3, Transmit5 before 5.10.4, Win32-OpenSSH before 9.5.0.0p1-Beta, WinSCP before 6.2.2, Bitvise SSH Server before 9.32, Bitvise SSH Client before 9.33, KiTTY through 0.76.1.13, the net-ssh gem 7.2.0 for Ruby, the mscdex ssh2 module before 1.15.0 for Node.js, the thrussh library before 0.35.1 for Rust, and the Russh crate before 0.40.2 for Rust.
CWE-354 Improper Validation of Integrity Check Value

CVSSv3:
  • Base Score: MEDIUM (5.9)
  • Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

References:

Vulnerable Software & Versions: (show all)

CVE-2023-35887  

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache Software Foundation Apache MINA.

In SFTP servers implemented using Apache MINA SSHD that use a RootedFileSystem, logged users may be able to discover "exists/does not exist" information about items outside the rooted tree via paths including parent navigation ("..") beyond the root, or involving symlinks.

This issue affects Apache MINA: from 1.0 before 2.10. Users are recommended to upgrade to 2.10
CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

CVSSv3:
  • Base Score: MEDIUM (4.3)
  • Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

References:

Vulnerable Software & Versions:

ssri:10.0.4

Description:

Standard Subresource Integrity library -- parses, serializes, generates, and verifies integrity metadata according to the SRI spec.

License:

ISC
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/ssri:10.0.4

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/make-fetch-happen:11.1.1
  • simplicite-js:5.2.54/cacache:17.1.3
  • simplicite-js:5.2.54/pacote:15.2.0
  • simplicite-js:5.2.54

Identifiers

stackframe:1.3.4

Description:

JS Object representation of a stack frame

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/stackframe:1.3.4

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/@devexpress/error-stack-parser:2.0.6
  • simplicite-js:5.2.54

Identifiers

stax2-api-4.2.jar

Description:

tax2 API is an extension to basic Stax 1.0 API that adds significant new functionality, such as full-featured bi-direction validation interface and high-performance Typed Access API.

License:

The BSD License: http://www.opensource.org/licenses/bsd-license.php
File Path: /var/simplicite/.m2/repository/org/codehaus/woodstox/stax2-api/4.2/stax2-api-4.2.jar
MD5: 5d22fe6dbb276d1fd6dab40c386a4f0a
SHA1: 13c2b30926bca0429c704c4b4ca0b5d0432b69cd
SHA256:badf6081a0bb526fd2c01951dfefad91b6846b6dd0eb0048587e30d1dd334e68
Referenced In Project/Scope: Simplicite Platform:compile
stax2-api-4.2.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.fasterxml.jackson.jaxrs/jackson-jaxrs-xml-provider@2.12.4

Identifiers

string-width:4.2.3

Description:

Get the visual width of a string - the number of columns required to display it

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?yargs:16.2.0/string-width:^4.2.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/cliui:7.0.4
  • simplicite-js:5.2.54/widest-line:3.1.0
  • simplicite-js:5.2.54/gauge:4.0.4
  • simplicite-js:5.2.54/cli-table3:0.6.3
  • simplicite-js:5.2.54/wrap-ansi:8.1.0
  • simplicite-js:5.2.54/table:6.8.1
  • simplicite-js:5.2.54/boxen:4.2.0
  • simplicite-js:5.2.54
  • simplicite-js:5.2.54/ansi-align:3.0.1
  • simplicite-js:5.2.54/@isaacs/cliui:8.0.2
  • simplicite-js:5.2.54/wrap-ansi:7.0.0
  • simplicite-js:5.2.54/stylelint:14.16.1
  • simplicite-js:5.2.54/inquirer:7.3.3
  • simplicite-js:5.2.54/widest-line:4.0.1
  • simplicite-js:5.2.54/wrap-ansi-cjs:7.0.0
  • simplicite-js:5.2.54/boxen:5.1.2
  • simplicite-js:5.2.54/wide-align:1.1.5
  • simplicite-js:5.2.54/yargs:16.2.0
  • simplicite-js:5.2.54/boxen:7.1.0

Identifiers

string.prototype.trim:1.2.7

Description:

ES5 spec-compliant shim for String.prototype.trim

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/string.prototype.trim:1.2.7

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/es-abstract:1.21.2
  • simplicite-js:5.2.54

Identifiers

string.prototype.trimend:1.0.6

Description:

ES2019 spec-compliant String.prototype.trimEnd shim.

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/string.prototype.trimend:1.0.6

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/es-abstract:1.21.2
  • simplicite-js:5.2.54

Identifiers

string.prototype.trimstart:1.0.6

Description:

ES2019 spec-compliant String.prototype.trimStart shim.

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/string.prototype.trimstart:1.0.6

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/es-abstract:1.21.2
  • simplicite-js:5.2.54

Identifiers

string_decoder:0.10.31

Description:

The string_decoder module from Node core

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/string_decoder:0.10.31

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/readable-stream:3.6.2
  • simplicite-js:5.2.54/readable-stream:2.3.8
  • simplicite-js:5.2.54/readable-stream:1.1.14
  • simplicite-js:5.2.54

Identifiers

string_decoder:1.1.1

Description:

The string_decoder module from Node core

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/string_decoder:1.1.1

Referenced In Project/Scope: simplicite-js:5.2.54

Identifiers

string_decoder:1.3.0

Description:

The string_decoder module from Node core

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/string_decoder:1.3.0

Referenced In Project/Scope: simplicite-js:5.2.54

Identifiers

stringtemplate-3.2.1.jar

Description:

StringTemplate is a java template engine for generating source code,
web pages, emails, or any other formatted text output.

StringTemplate is particularly good at multi-targeted code generators,
multiple site skins, and internationalization/localization. 

It evolved over years of effort developing jGuru.com. 

StringTemplate also generates the stringtemplate website: http://www.stringtemplate.org
and powers the ANTLR v3 code generator. Its distinguishing characteristic 
is that unlike other engines, it strictly enforces model-view separation.

Strict separation makes websites and code generators more flexible
and maintainable; it also provides an excellent defense against malicious
template authors.

There are currently about 600 StringTemplate source downloads a month.

License:

BSD licence: http://antlr.org/license.html
File Path: /var/simplicite/.m2/repository/org/antlr/stringtemplate/3.2.1/stringtemplate-3.2.1.jar
MD5: b58ca53e518a92a1991eb63b61917582
SHA1: 59ec8083721eae215c6f3caee944c410d2be34de
SHA256:f66ce72e965e5301cb0f020e54d2ba6ad76feb91b3cbfc30dbbf00c06a6df6d7
Referenced In Project/Scope: Simplicite Platform:compile
stringtemplate-3.2.1.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.docx4j/docx4j-core@11.2.9

Identifiers

strip-ansi:6.0.1

Description:

Strip ANSI escape codes from a string

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?wrap-ansi-cjs:7.0.0/strip-ansi:^6.0.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/npm-check:6.0.1
  • simplicite-js:5.2.54/string-width-cjs:4.2.3
  • simplicite-js:5.2.54/cliui:7.0.4
  • simplicite-js:5.2.54/gauge:4.0.4
  • simplicite-js:5.2.54/string-width:5.1.2
  • simplicite-js:5.2.54/wrap-ansi:8.1.0
  • simplicite-js:5.2.54/table:6.8.1
  • simplicite-js:5.2.54/npm-check-updates:16.14.14
  • simplicite-js:5.2.54
  • simplicite-js:5.2.54/@isaacs/cliui:8.0.2
  • simplicite-js:5.2.54/string-width:4.2.3
  • simplicite-js:5.2.54/eslint:8.56.0
  • simplicite-js:5.2.54/wrap-ansi:7.0.0
  • simplicite-js:5.2.54/stylelint:14.16.1
  • simplicite-js:5.2.54/inquirer:7.3.3
  • simplicite-js:5.2.54/ora:5.4.1
  • simplicite-js:5.2.54/wrap-ansi-cjs:7.0.0

Identifiers

strip-bom:3.0.0

Description:

Strip UTF-8 byte order mark (BOM) from a string

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/strip-bom:3.0.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/load-yaml-file:0.2.0
  • simplicite-js:5.2.54

Identifiers

strip-final-newline:2.0.0

Description:

Strip the final newline character from a string/buffer

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/strip-final-newline:2.0.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/execa:5.1.1
  • simplicite-js:5.2.54

Identifiers

strip-indent:3.0.0

Description:

Strip leading whitespace from each line in a string

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/strip-indent:3.0.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/redent:3.0.0
  • simplicite-js:5.2.54

Identifiers

strip-json-comments:1.0.4

Description:

Strip comments from JSON. Lets you use comments in your JSON files!

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/strip-json-comments:1.0.4

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/jshint:2.13.1
  • simplicite-js:5.2.54

Identifiers

strip-json-comments:2.0.1

Description:

Strip comments from JSON. Lets you use comments in your JSON files!

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/strip-json-comments:2.0.1

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/rc:1.2.8
  • simplicite-js:5.2.54

Identifiers

strip-json-comments:3.1.1

Description:

Strip comments from JSON. Lets you use comments in your JSON files!

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/strip-json-comments:3.1.1

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/jsdoc:4.0.2
  • simplicite-js:5.2.54/@eslint/eslintrc:2.1.4
  • simplicite-js:5.2.54

Identifiers

strip-json-comments:5.0.1

Description:

Strip comments from JSON. Lets you use comments in your JSON files!

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/strip-json-comments:5.0.1

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/npm-check-updates:16.14.14
  • simplicite-js:5.2.54

Identifiers

stripe-java-20.77.0.jar

Description:

Stripe Java Bindings

License:

The MIT License: https://opensource.org/licenses/MIT
File Path: /var/simplicite/.m2/repository/com/stripe/stripe-java/20.77.0/stripe-java-20.77.0.jar
MD5: 451c6c665a7d62d3203413f826853ccc
SHA1: c75cb3f6af633ac2b96cf275ef03cf83c9b024a4
SHA256:b9da3e5df1aec5cee6c7521954831832b2c819d17cd255e3a42a865ff9df5f1f
Referenced In Project/Scope: Simplicite Platform:compile
stripe-java-20.77.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.simplicite/simplicite@5.2.54

Identifiers

sts-2.4.0.jar

Description:

jclouds components to access an implementation of Security Token Service (STS)

File Path: /var/simplicite/.m2/repository/org/apache/jclouds/api/sts/2.4.0/sts-2.4.0.jar
MD5: cd160b3f4654e43ca6a8069b52e4912a
SHA1: babc630e955430a26665c1da8c640dd069317836
SHA256:8ba08920ca2ac51507bab5a6a32185011aaeaf5342f6dd23b2a8e136b476426a
Referenced In Project/Scope: Simplicite Platform:compile
sts-2.4.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.apache.jclouds.provider/aws-s3@2.4.0

Identifiers

style-search:0.1.0

Description:

Search CSS(-like) strings

License:

ISC
File Path: /var/simplicite/simplicite-5.2/package-lock.json?stylelint:14.16.1/style-search:^0.1.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/stylelint:14.16.1
  • simplicite-js:5.2.54

Identifiers

stylelint-config-recommended:9.0.0

Description:

Recommended shareable config for Stylelint

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?stylelint-config-standard:29.0.0/stylelint-config-recommended:^9.0.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/stylelint-config-standard:29.0.0
  • simplicite-js:5.2.54

Identifiers

stylelint-config-standard:29.0.0

Description:

Standard shareable config for Stylelint

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/stylelint-config-standard:29.0.0

Referenced In Project/Scope: simplicite-js:5.2.54

Identifiers

stylelint:14.16.1

Description:

A mighty, modern CSS linter.

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/stylelint:14.16.1

Referenced In Project/Scope: simplicite-js:5.2.54

Identifiers

supports-color:5.5.0

Description:

Detect whether a terminal supports color

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/supports-color:5.5.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/chalk:3.0.0
  • simplicite-js:5.2.54/chalk:4.1.2
  • simplicite-js:5.2.54/supports-hyperlinks:2.3.0
  • simplicite-js:5.2.54
  • simplicite-js:5.2.54/chalk:2.4.2

Identifiers

supports-color:7.2.0

Description:

Detect whether a terminal supports color

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/supports-color:7.2.0

Referenced In Project/Scope: simplicite-js:5.2.54

Identifiers

supports-hyperlinks:2.3.0

Description:

Detect if your terminal emulator supports hyperlinks

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?terminal-link:2.1.1/supports-hyperlinks:^2.0.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/terminal-link:2.1.1
  • simplicite-js:5.2.54/stylelint:14.16.1
  • simplicite-js:5.2.54

Identifiers

supports-preserve-symlinks-flag:1.0.0

Description:

Determine if the current node version supports the `--preserve-symlinks` flag.

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/supports-preserve-symlinks-flag:1.0.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54
  • simplicite-js:5.2.54/resolve:1.22.2

Identifiers

svg-tags:1.0.0

Description:

List of standard SVG tags.

File Path: /var/simplicite/simplicite-5.2/package-lock.json?/svg-tags:1.0.0

Referenced In Projects/Scopes:

  • simplicite-js:5.2.54/stylelint:14.16.1
  • simplicite-js:5.2.54

Identifiers

swagger-annotations-1.5.18.jar

License:

http://www.apache.org/licenses/LICENSE-2.0.html
File Path: /var/simplicite/.m2/repository/io/swagger/swagger-annotations/1.5.18/swagger-annotations-1.5.18.jar
MD5: e55d57705e9f1a040015cf2fe2e8120b
SHA1: f386aa7dc018534e6e05c40fff292e6cd9b9d8f8
SHA256:0f4ca703a5e26ca949aee8f9ee88b2aa7f12b45d6a2e7dd9d343407f97205157
Referenced In Project/Scope: Simplicite Platform:provided
swagger-annotations-1.5.18.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.docusign/docusign-esign-java@3.14.0

Identifiers

swagger-ui-dist:4.15.5

License:

Apache-2.0
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/swagger-ui-dist:4.15.5

Referenced In Project/Scope: simplicite-js:5.2.54

Identifiers

table:6.8.1

Description:

Formats data into a string table.

License:

BSD-3-Clause
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/table:6.8.1

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/stylelint:14.16.1
  • simplicite-js:5.2.54

Identifiers

tablemark:3.0.0

Description:

Generate markdown tables from a list of objects or JSON data.

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/tablemark:3.0.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/license-report:6.5.0
  • simplicite-js:5.2.54

Identifiers

tagsoup-1.2.1.jar

Description:

TagSoup is a SAX-compliant parser written in Java that, instead of parsing well-formed or valid XML, parses HTML as it is found in the wild: poor, nasty and brutish, though quite often far from short. TagSoup is designed for people who have to process this stuff using some semblance of a rational application design. By providing a SAX interface, it allows standard XML tools to be applied to even the worst HTML. TagSoup also includes a command-line processor that reads HTML files and can generate either clean HTML or well-formed XML that is a close approximation to XHTML.

License:

Apache License 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /var/simplicite/.m2/repository/org/ccil/cowan/tagsoup/tagsoup/1.2.1/tagsoup-1.2.1.jar
MD5: ae73a52cdcbec10cd61d9ef22fab5936
SHA1: 5584627487e984c03456266d3f8802eb85a9ce97
SHA256:ac97f7b4b1d8e9337edfa0e34044f8d0efe7223f6ad8f3a85d54cc1018ea2e04
Referenced In Project/Scope: Simplicite Platform:compile
tagsoup-1.2.1.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.apache.tika/tika-parsers@1.27

Identifiers

tar:6.1.15

Description:

tar for node

License:

ISC
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/tar:6.1.15

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/cacache:17.1.3
  • simplicite-js:5.2.54/pacote:15.2.0
  • simplicite-js:5.2.54/node-gyp:9.4.0
  • simplicite-js:5.2.54

Identifiers

CVE-2024-28863 (OSSINDEX)  

node-tar is a Tar for Node.js. node-tar prior to version 6.2.1 has no limit on the number of sub-folders created in the folder creation process. An attacker who generates a large number of sub-folders can consume memory on the system running node-tar and even crash the Node.js client within few seconds of running it using a path with too many sub-folders inside. Version 6.2.1 fixes this issue by preventing extraction in excessively deep sub-folders.
CWE-400 Uncontrolled Resource Consumption

CVSSv2:
  • Base Score: MEDIUM (6.5)
  • Vector: /AV:N/AC:L/Au:/C:N/I:N/A:H

References:

Vulnerable Software & Versions (OSSINDEX):

  • cpe:2.3:a:*:tar:6.1.15:*:*:*:*:*:*:*

term-size:2.2.1

Description:

Reliably get the terminal window size (columns & rows)

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/term-size:2.2.1

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/boxen:4.2.0
  • simplicite-js:5.2.54

Identifiers

terminal-link:2.1.1

Description:

Create clickable links in the terminal

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/terminal-link:2.1.1

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/npm-audit-html:1.5.0
  • simplicite-js:5.2.54

Identifiers

text-table:0.2.0

Description:

borderless text tables with alignment

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/text-table:0.2.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/npm-check:6.0.1
  • simplicite-js:5.2.54/eslint:8.56.0
  • simplicite-js:5.2.54/license-report:6.5.0
  • simplicite-js:5.2.54

Identifiers

threeten-extra-1.7.0.jar

Description:

Additional functionality that enhances JSR-310 dates and times in Java SE 8 and later

License:

BSD 3-clause: https://raw.githubusercontent.com/ThreeTen/threeten-extra/master/LICENSE.txt
File Path: /var/simplicite/.m2/repository/org/threeten/threeten-extra/1.7.0/threeten-extra-1.7.0.jar
MD5: 4550c6bca1ba7815ed84a5e09ad93d01
SHA1: 358940b345b7d09e9f7fcd11c7e24af898e580d3
SHA256:c6569098f8a28897872a3e3b85f65f594be9e7b906eecc4687183b24b0f05edc
Referenced In Project/Scope: Simplicite Platform:compile
threeten-extra-1.7.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.simplicite/simplicite@5.2.54

Identifiers

threetenbp-1.5.1.jar

Description:

Backport of JSR-310 from JDK 8 to JDK 7 and JDK 6. NOT an implementation of the JSR.

License:

BSD 3-clause: https://raw.githubusercontent.com/ThreeTen/threetenbp/master/LICENSE.txt
File Path: /var/simplicite/.m2/repository/org/threeten/threetenbp/1.5.1/threetenbp-1.5.1.jar
MD5: f04e22e9d4e183b42c8555d584b9edd8
SHA1: 4307ad2fdd4ba8b5ecd3fdb88b932aa49fa25920
SHA256:4342ee04d87040f71b0aa9188ee960780ef2da734e32a8d43a522a580b5e0f3b
Referenced In Project/Scope: Simplicite Platform:compile
threetenbp-1.5.1.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.simplicite/simplicite@5.2.54

Identifiers

throat:6.0.2

Description:

Throttle the parallelism of an asynchronous (promise returning) function / functions

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/throat:6.0.2

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/npm-check:6.0.1
  • simplicite-js:5.2.54

Identifiers

through:2.3.8

Description:

simplified stream construction

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/through:2.3.8

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/inquirer:7.3.3
  • simplicite-js:5.2.54

Identifiers

tika-core-1.27.jar

Description:

This is the core Apache Tika™ toolkit library from which all other modules inherit functionality. It
        also
        includes the core facades for the Tika API.

License:

http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /var/simplicite/.m2/repository/org/apache/tika/tika-core/1.27/tika-core-1.27.jar
MD5: 0c76c02ebeaa3ab8e72979887d8c3d25
SHA1: 079ad0f72558b8fbce947147959e2faff8b7b70a
SHA256:73e66926394d0afefa0e6a0c3d836912accc7e105f550db7a72f5f7a57a9b24c
Referenced In Project/Scope: Simplicite Platform:compile
tika-core-1.27.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.simplicite/simplicite@5.2.54

Identifiers

CVE-2022-25169  

The BPG parser in versions of Apache Tika before 1.28.2 and 2.4.0 may allocate an unreasonable amount of memory on carefully crafted files.
CWE-770 Allocation of Resources Without Limits or Throttling

CVSSv2:
  • Base Score: MEDIUM (4.3)
  • Vector: /AV:N/AC:M/Au:N/C:N/I:N/A:P
CVSSv3:
  • Base Score: MEDIUM (5.5)
  • Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

References:

Vulnerable Software & Versions: (show all)

CVE-2022-30126  

In Apache Tika, a regular expression in our StandardsText class, used by the StandardsExtractingContentHandler could lead to a denial of service caused by backtracking on a specially crafted file. This only affects users who are running the StandardsExtractingContentHandler, which is a non-standard handler. This is fixed in 1.28.2 and 2.4.0
NVD-CWE-Other

CVSSv2:
  • Base Score: MEDIUM (4.3)
  • Vector: /AV:N/AC:M/Au:N/C:N/I:N/A:P
CVSSv3:
  • Base Score: MEDIUM (5.5)
  • Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

References:

Vulnerable Software & Versions: (show all)

CVE-2022-30973  

We failed to apply the fix for CVE-2022-30126 to the 1.x branch in the 1.28.2 release. In Apache Tika, a regular expression in the StandardsText class, used by the StandardsExtractingContentHandler could lead to a denial of service caused by backtracking on a specially crafted file. This only affects users who are running the StandardsExtractingContentHandler, which is a non-standard handler. This is fixed in 1.28.3.
NVD-CWE-Other

CVSSv2:
  • Base Score: LOW (2.6)
  • Vector: /AV:N/AC:H/Au:N/C:N/I:N/A:P
CVSSv3:
  • Base Score: MEDIUM (5.5)
  • Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

References:

Vulnerable Software & Versions:

CVE-2022-33879  

The initial fixes in CVE-2022-30126 and CVE-2022-30973 for regexes in the StandardsExtractingContentHandler were insufficient, and we found a separate, new regex DoS in a different regex in the StandardsExtractingContentHandler. These are now fixed in 1.28.4 and 2.4.1.
NVD-CWE-Other

CVSSv2:
  • Base Score: LOW (2.6)
  • Vector: /AV:N/AC:H/Au:N/C:N/I:N/A:P
CVSSv3:
  • Base Score: LOW (3.3)
  • Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

References:

Vulnerable Software & Versions: (show all)

tinymce-i18n:20.12.25

Description:

Languages for TinyMCE 4 and 5

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/tinymce-i18n:20.12.25

Referenced In Project/Scope: simplicite-js:5.2.54

Identifiers

tinymce:5.9.2

Description:

Web based JavaScript HTML WYSIWYG editor control.

License:

LGPL-2.1
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/tinymce:5.9.2

Referenced In Project/Scope: simplicite-js:5.2.54

Identifiers

CVE-2022-23494  

tinymce is an open source rich text editor. A cross-site scripting (XSS) vulnerability was discovered in the alert and confirm dialogs when these dialogs were provided with malicious HTML content. This can occur in plugins that use the alert or confirm dialogs, such as in the `image` plugin, which presents these dialogs when certain errors occur. The vulnerability allowed arbitrary JavaScript execution when an alert presented in the TinyMCE UI for the current user. This vulnerability has been patched in TinyMCE 5.10.7 and TinyMCE 6.3.1 by ensuring HTML sanitization was still performed after unwrapping invalid elements. Users are advised to upgrade to either 5.10.7 or 6.3.1. Users unable to upgrade may ensure the the `images_upload_handler` returns a valid value as per the images_upload_handler documentation.
CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

CVSSv3:
  • Base Score: MEDIUM (6.1)
  • Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

References:

Vulnerable Software & Versions: (show all)

CVE-2023-45818  

TinyMCE is an open source rich text editor. A mutation cross-site scripting (mXSS) vulnerability was discovered in TinyMCE’s core undo and redo functionality. When a carefully-crafted HTML snippet passes the XSS sanitisation layer, it is manipulated as a string by internal trimming functions before being stored in the undo stack. If the HTML snippet is restored from the undo stack, the combination of the string manipulation and reparative parsing by either the browser's native [DOMParser API](https://developer.mozilla.org/en-US/docs/Web/API/DOMParser) (TinyMCE 6) or the SaxParser API (TinyMCE 5) mutates the HTML maliciously, allowing an XSS payload to be executed. This vulnerability has been patched in TinyMCE 5.10.8 and TinyMCE 6.7.1 by ensuring HTML is trimmed using node-level manipulation instead of string manipulation. Users are advised to upgrade. There are no known workarounds for this vulnerability.
CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

CVSSv3:
  • Base Score: MEDIUM (6.1)
  • Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

References:

Vulnerable Software & Versions: (show all)

CVE-2023-45819  

TinyMCE is an open source rich text editor. A cross-site scripting (XSS) vulnerability was discovered in TinyMCE’s Notification Manager API. The vulnerability exploits TinyMCE's unfiltered notification system, which is used in error handling. The conditions for this exploit requires carefully crafted malicious content to have been inserted into the editor and a notification to have been triggered. When a notification was opened, the HTML within the text argument was displayed unfiltered in the notification. The vulnerability allowed arbitrary JavaScript execution when an notification presented in the TinyMCE UI for the current user.  This issue could also be exploited by any integration which uses a TinyMCE notification to display unfiltered HTML content. This vulnerability has been patched in TinyMCE 5.10.8 and TinyMCE 6.7.1 by ensuring that the HTML displayed in the notification is sanitized, preventing the exploit. Users are advised to upgrade. There are no known workarounds for this vulnerability.
CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

CVSSv3:
  • Base Score: MEDIUM (6.1)
  • Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

References:

Vulnerable Software & Versions: (show all)

CVE-2023-48219  

TinyMCE is an open source rich text editor. A mutation cross-site scripting (mXSS) vulnerability was discovered in TinyMCE’s core undo/redo functionality and other APIs and plugins. Text nodes within specific parents are not escaped upon serialization according to the HTML standard. If such text nodes contain a special character reserved as an internal marker, they can be combined with other HTML patterns to form malicious snippets. These snippets pass the initial sanitisation layer when the content is parsed into the editor body, but can trigger XSS when the special internal marker is removed from the content and re-parsed. his vulnerability has been patched in TinyMCE versions 6.7.3 and 5.10.9. Users are advised to upgrade. There are no known workarounds for this vulnerability.
CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

CVSSv3:
  • Base Score: MEDIUM (6.1)
  • Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

References:

Vulnerable Software & Versions: (show all)

CVE-2024-21910  

TinyMCE versions before 5.10.0 are affected by a cross-site scripting vulnerability. A remote and unauthenticated attacker could introduce crafted image or link URLs that would result in the execution of arbitrary JavaScript in an editing user's browser.
CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

CVSSv3:
  • Base Score: MEDIUM (6.1)
  • Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

References:

Vulnerable Software & Versions:

GHSA-hgqx-r2hp-jr38 (NPM)  

### Impact
A [cross-site scripting (XSS)](https://owasp.org/www-community/attacks/xss/) vulnerability was discovered in TinyMCE’s Notification Manager API. The vulnerability exploits TinyMCE's unfiltered notification system, which is used in error handling.  The conditions for this exploit requires carefully crafted malicious content to have been inserted into the editor and a notification to have been triggered.  

When a notification was opened, the HTML within the text argument was displayed unfiltered in the notification. The vulnerability allowed arbitrary JavaScript execution when an notification presented in the TinyMCE UI for the current user.  This issue could also be exploited by any integration which uses a TinyMCE notification to display unfiltered HTML content.

### Patches
This vulnerability has been patched in TinyMCE 5.10.8 and TinyMCE 6.7.1 by ensuring that the HTML displayed in the notification is sanitized, preventing the exploit.

### Fix
To avoid this vulnerability:

* Upgrade to TinyMCE 5.10.8 or higher for TinyMCE 5.x.
* Upgrade to TinyMCE 6.7.1 or higher for TinyMCE 6.x.

### References
* <https://tiny.cloud/docs/release-notes/release-notes5108/#securityfixes>
* <https://tiny.cloud/docs/tinymce/6/6.7.1-release-notes/#security-fixes>

### For more information
If you have any questions or comments about this advisory:
* Email us at <infosec@tiny.cloud>
* Open an issue in the [TinyMCE repo](https://github.com/tinymce/tinymce/issues?q=is%3Aissue+is%3Aopen+sort%3Aupdated-desc)
CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

CVSSv3:
  • Base Score: MEDIUM (6.1)
  • Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Unscored:
  • Severity: moderate

References:

Vulnerable Software & Versions (NPM):

  • cpe:2.3:a:*:tinymce:\<5.10.8:*:*:*:*:*:*:*

GHSA-r8hm-w5f7-wj39 (NPM)  

### Impact
A cross-site scripting (XSS) vulnerability was discovered in the URL processing logic of the `image` and `link` plugins. The vulnerability allowed arbitrary JavaScript execution when updating an image or link using a specially crafted URL. This issue only impacted users while editing and the dangerous URLs were stripped in any content extracted from the editor. This impacts all users who are using TinyMCE 5.9.2 or lower.

### Patches
This vulnerability has been patched in TinyMCE 5.10.0 by improved sanitization logic when updating URLs in the relevant plugins.

### Workarounds
To work around this vulnerability, either:
- Upgrade to TinyMCE 5.10.0 or higher
- Disable the `image` and `link` plugins

### Acknowledgements
Tiny Technologies would like to thank Yakir6 for discovering this vulnerability.

### References
https://www.tiny.cloud/docs/release-notes/release-notes510/#securityfixes

### For more information
If you have any questions or comments about this advisory:
* Email us at [infosec@tiny.cloud](mailto:infosec@tiny.cloud)
* Open an issue in the [TinyMCE repo](https://github.com/tinymce/tinymce/issues)
CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting'), CWE-64 Windows Shortcut Following (.LNK)

CVSSv3:
  • Base Score: MEDIUM (6.1)
  • Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Unscored:
  • Severity: moderate

References:

Vulnerable Software & Versions (NPM):

  • cpe:2.3:a:*:tinymce:\<5.10.0:*:*:*:*:*:*:*

GHSA-v626-r774-j7f8 (NPM)  

### Impact
A [mutation cross-site scripting](https://researchgate.net/publication/266654651_mXSS_attacks_Attacking_well-secured_web-applications_by_using_innerHTML_mutations) (mXSS) vulnerability was discovered in TinyMCE’s core undo/redo functionality and other APIs and plugins. Text nodes within specific parents are not escaped upon serialization according to the [HTML standard](https://html.spec.whatwg.org/multipage/parsing.html#serialising-html-fragments). If such text nodes contain a special character reserved as an internal marker, they can be combined with other HTML patterns to form malicious snippets. These snippets pass the initial sanitisation layer when the content is parsed into the editor body, but can trigger XSS when the special internal marker is removed from the content and re-parsed. Such mutations occur when serialised HTML content is processed before being stored in the undo stack, or when the following APIs and plugins are used:
* [`tinymce.Editor.getContent({ format: 'raw' })`](https://tiny.cloud/docs/tinymce/6/apis/tinymce.editor/#getContent)
* [`tinymce.Editor.resetContent()`](https://tiny.cloud/docs/tinymce/6/apis/tinymce.editor/#resetContent)
* [Autosave Plugin](https://tiny.cloud/docs/tinymce/6/autosave/)

### Patches
This vulnerability has been patched in TinyMCE 6.7.3 by:
* ensuring that any unescaped text nodes which contain the special internal marker are emptied before removing the marker from the rest of the HTML, and
* removing the special internal marker from content strings passed to `Editor.setContent`, `Editor.insertContent`, and `Editor.resetContent` APIs to prevent them from being loaded into the editor as user-provided content.

### Fix
To avoid this vulnerability:
- Upgrade to TinyMCE 6.7.3 or higher for TinyMCE 6.x.
- Upgrade to TinyMCE 5.10.9 or higher for TinyMCE 5.x.

### Acknowledgements
Tiny Technologies would like to thank Masato Kinugawa of [Cure53](https://cure53.de/) for discovering this vulnerability.

### References
- [TinyMCE 5.10.9 Release Notes](https://tiny.cloud/docs/release-notes/release-notes5109/)
- [TinyMCE 6.7.3 Release Notes](https://tiny.cloud/docs/tinymce/6/6.7.3-release-notes/)

### For more information

Email us at [infosec@tiny.cloud](mailto:infosec@tiny.cloud)
Open an issue in the [TinyMCE repo](https://github.com/tinymce/tinymce/issues?q=is%3Aissue+is%3Aopen+sort%3Aupdated-desc)
CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

CVSSv3:
  • Base Score: MEDIUM (6.1)
  • Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Unscored:
  • Severity: moderate

References:

Vulnerable Software & Versions (NPM):

  • cpe:2.3:a:*:tinymce:\<5.10.9:*:*:*:*:*:*:*

GHSA-v65r-p3vv-jjfv (NPM)  

### Impact
A [mutation cross-site scripting](https://researchgate.net/publication/266654651_mXSS_attacks_Attacking_well-secured_web-applications_by_using_innerHTML_mutations) (mXSS) vulnerability was discovered in TinyMCE’s core undo and redo functionality. When a carefully-crafted HTML snippet passes the XSS sanitisation layer, it is manipulated as a string by internal trimming functions before being stored in the undo stack. If the HTML snippet is restored from the undo stack, the combination of the string manipulation and reparative parsing by either the browser's native [DOMParser API](https://developer.mozilla.org/en-US/docs/Web/API/DOMParser) (TinyMCE 6) or the [SaxParser API](https://www.tiny.cloud/docs/api/tinymce.html/tinymce.html.saxparser/) (TinyMCE 5) mutates the HTML maliciously, allowing an XSS payload to be executed.
​This vulnerability also impacts these related TinyMCE APIs and plugins:​
* [`tinymce.Editor.getContent({ format: 'raw' })`](https://tiny.cloud/docs/tinymce/6/apis/tinymce.editor/#getContent)
* [`tinymce.Editor.resetContent()`](https://tiny.cloud/docs/tinymce/6/apis/tinymce.editor/#resetContent)
* [Autosave Plugin](https://tiny.cloud/docs/tinymce/6/autosave/)

### Patches
This vulnerability has been patched in TinyMCE 5.10.8 and TinyMCE 6.7.1 by ensuring HTML is trimmed using node-level manipulation instead of string manipulation.

### Fix
To avoid this vulnerability:
* Upgrade to TinyMCE 5.10.8 or higher for TinyMCE 5.x.
* Upgrade to TinyMCE 6.7.1 or higher for TinyMCE 6.x.

### Acknowledgements
Tiny Technologies would like to thank Masato Kinugawa of [Cure53](https://cure53.de/) for discovering this vulnerability.

### References
* [TinyMCE 5.10.8 Release Notes](https://tiny.cloud/docs/release-notes/release-notes5108/)
* [TinyMCE 6.7.1 Release Notes](https://tiny.cloud/docs/tinymce/6/6.7.1-release-notes/)

### For more information
If you have any questions or comments about this advisory:
* Email us at <infosec@tiny.cloud>
* Open an issue in the [TinyMCE repo](https://github.com/tinymce/tinymce/issues?q=is%3Aissue+is%3Aopen+sort%3Aupdated-desc)
CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

CVSSv3:
  • Base Score: MEDIUM (6.1)
  • Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Unscored:
  • Severity: moderate

References:

Vulnerable Software & Versions (NPM):

  • cpe:2.3:a:*:tinymce:\<5.10.8:*:*:*:*:*:*:*

GHSA-gg8r-xjwq-4w92 (NPM)  

### Impact
A cross-site scripting (XSS) vulnerability was discovered in the alert and confirm dialogs when these dialogs were provided with malicious HTML content. This can occur in plugins that use the alert or confirm dialogs, such as in the `image` plugin, which presents these dialogs when certain errors occur. The vulnerability allowed arbitrary JavaScript execution when an alert presented in the TinyMCE UI for the current user.

### Patches
This vulnerability has been patched in TinyMCE 5.10.7 and TinyMCE 6.3.1 by ensuring HTML sanitization was still performed after unwrapping invalid elements.

### Fix
To avoid this vulnerability:
- Upgrade to TinyMCE 5.10.7 or higher for TinyMCE 5.x.
- Upgrade to TinyMCE 6.3.1 or higher for TinyMCE 6.x.

### Workaround
To reduce the impact of this vulnerability:
- Ensure the the `images_upload_handler` returns a valid value as per the images_upload_handler documentation.

### References
- https://www.tiny.cloud/docs/release-notes/release-notes5107/#securityfixes
- https://www.tiny.cloud/docs/tinymce/6/6.3-release-notes/#security-fixes

### For more information
If you have any questions or comments about this advisory:
* Email us at [infosec@tiny.cloud](mailto:infosec@tiny.cloud)
* Open an issue in the [TinyMCE repo](https://github.com/tinymce/tinymce/issues)
CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

CVSSv3:
  • Base Score: MEDIUM (5.4)
  • Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
Unscored:
  • Severity: moderate

References:

Vulnerable Software & Versions (NPM):

  • cpe:2.3:a:*:tinymce:\<5.10.7:*:*:*:*:*:*:*

CVE-2024-29203 (OSSINDEX)  

TinyMCE is an open source rich text editor. A cross-site scripting (XSS) vulnerability was discovered in TinyMCE’s content insertion code.  This allowed `iframe` elements containing malicious code to execute when inserted into the editor.  These `iframe` elements are restricted in their permissions by same-origin browser protections, but could still trigger operations such as downloading of malicious assets. This vulnerability is fixed in 6.8.1.
CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

CVSSv2:
  • Base Score: MEDIUM (4.3)
  • Vector: /AV:N/AC:L/Au:/C:L/I:N/A:N

References:

Vulnerable Software & Versions (OSSINDEX):

  • cpe:2.3:a:*:tinymce:5.9.2:*:*:*:*:*:*:*

CVE-2024-29881 (OSSINDEX)  

TinyMCE is an open source rich text editor.  A cross-site scripting (XSS) vulnerability was discovered in TinyMCE’s content loading and content inserting code. A SVG image could be loaded though an `object` or `embed` element and that image could potentially contain a XSS payload. This vulnerability is fixed in 6.8.1 and 7.0.0.
CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

CVSSv2:
  • Base Score: MEDIUM (4.3)
  • Vector: /AV:N/AC:L/Au:/C:L/I:N/A:N

References:

Vulnerable Software & Versions (OSSINDEX):

  • cpe:2.3:a:*:tinymce:5.9.2:*:*:*:*:*:*:*

GHSA-438c-3975-5x3f (NPM)  

### Impact
A [cross-site scripting (XSS)](https://owasp.org/www-community/attacks/xss/) vulnerability was discovered in TinyMCE’s content insertion code.  This allowed `iframe` elements containing malicious code to execute when inserted into the editor.  These `iframe` elements are restricted in their permissions by same-origin browser protections, but could still trigger operations such as downloading of malicious assets.

### Fix
TinyMCE 6.8.1 introduced a new `sandbox_iframes` boolean option which adds the `sandbox=""` attribute to every `iframe` element by default when enabled. This will prevent cross-origin, and in special cases same-origin, XSS by embedded resources in `iframe` elements. From TinyMCE 7.0.0 onwards the default value of this option is `true`.

In TinyMCE 7.0.0 a new `sandbox_iframes_exclusions` option was also added, allowing a list of domains to be specified that should be excluded from having the `sandbox=""` attribute applied when the `sandbox_iframes` option is enabled. By default, this option is set to an array of domains that are provided in embed code by popular websites. To sandbox `iframe` elements from every domain, set this option to `[]`.

### Workarounds
The HTTP Content-Security-Policy (CSP) `frame-src` or `object-src` can be configured to restrict or block the loading of unauthorized URLS.  Refer to the [TinyMCE Content Security Policy Guide](https://www.tiny.cloud/docs/tinymce/latest/tinymce-and-csp/).

### References
- [TinyMCE 6.8.1](https://www.tiny.cloud/docs/tinymce/6/6.8.1-release-notes/#new-convert_unsafe_embeds-option-that-controls-whether-object-and-embed-elements-will-be-converted-to-more-restrictive-alternatives-namely-img-for-image-mime-types-video-for-video-mime-types-audio-audio-mime-types-or-iframe-for-other-or-unspecified-mime-types)
- [TinyMCE 7.0.0](https://www.tiny.cloud/docs/tinymce/7/7.0-release-notes/#sandbox_iframes-editor-option-is-now-defaulted-to-true)
CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

CVSSv3:
  • Base Score: MEDIUM (4.3)
  • Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
Unscored:
  • Severity: moderate

References:

Vulnerable Software & Versions (NPM):

  • cpe:2.3:a:*:tinymce:\<6.8.1:*:*:*:*:*:*:*

GHSA-5359-pvf2-pw78 (NPM)  

### Impact
A [cross-site scripting (XSS)](https://owasp.org/www-community/attacks/xss/) vulnerability was discovered in TinyMCE’s content loading and content inserting code. A SVG image could be loaded though an `object` or `embed` element and that image could potentially contain a XSS payload.

### Fix
TinyMCE 6.8.1 introduced a new `convert_unsafe_embeds` option to automatically convert `object` and `embed` elements respective of their `type` attribute.  From TinyMCE 7.0.0 onwards, the `convert_unsafe_embeds` option is enabled by default.

### Workarounds
If you are using TinyMCE 6.8.1 or higher, set `convert_unsafe_embeds` to true. For any earlier versions, a custom NodeFilter is recommended to remove or modify any `object` or `embed` elements. This can be added using the `editor.parser.addNodeFilter` and `editor.serializer.addNodeFilter` APIs.

### Acknowledgements
Tiny Technologies would like to thank Toni Huttunen of [Fraktal Oy](https://www.fraktal.fi/) for discovering this vulnerability.

### References
- [TinyMCE 6.8.1](https://www.tiny.cloud/docs/tinymce/6/6.8.1-release-notes/#new-convert_unsafe_embeds-option-that-controls-whether-object-and-embed-elements-will-be-converted-to-more-restrictive-alternatives-namely-img-for-image-mime-types-video-for-video-mime-types-audio-audio-mime-types-or-iframe-for-other-or-unspecified-mime-types)
- [TinyMCE 7.0.0](https://www.tiny.cloud/docs/tinymce/7/7.0-release-notes/#convert_unsafe_embeds-editor-option-is-now-defaulted-to-true)
CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

CVSSv3:
  • Base Score: MEDIUM (4.3)
  • Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
Unscored:
  • Severity: moderate

References:

Vulnerable Software & Versions (NPM):

  • cpe:2.3:a:*:tinymce:\<7.0.0:*:*:*:*:*:*:*

tmp:0.0.33

Description:

Temporary file and directory creator

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/tmp:0.0.33

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54
  • simplicite-js:5.2.54/external-editor:3.1.0

Identifiers

to-fast-properties:2.0.0

Description:

Force V8 to use fast properties for an object

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/to-fast-properties:2.0.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/@babel/types:7.23.9
  • simplicite-js:5.2.54

Identifiers

to-readable-stream:1.0.0

Description:

Convert a string/Buffer/Uint8Array to a readable stream

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/to-readable-stream:1.0.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/got:9.6.0
  • simplicite-js:5.2.54

Identifiers

to-regex-range:5.0.1

Description:

Pass two numbers, get a regex-compatible source string for matching ranges. Validated against more than 2.78 million test assertions.

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/to-regex-range:5.0.1

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/fill-range:7.0.1
  • simplicite-js:5.2.54

Identifiers

totp-1.7.1.jar

Description:

A library to help implement time-based one time passwords to enable MFA.

File Path: /var/simplicite/.m2/repository/dev/samstevens/totp/totp/1.7.1/totp-1.7.1.jar
MD5: ceaed46be1e655c451d11cc5cb33e4ff
SHA1: c2bcced6c255d48223f5626c4db9af9aa9d43c35
SHA256:f02b3fcab62298907d655acc54c0dc85f7103dc26cee95eed44ebe6fc2af3415
Referenced In Project/Scope: Simplicite Platform:compile
totp-1.7.1.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.simplicite/simplicite@5.2.54

Identifiers

trim-newlines:3.0.1

Description:

Trim newlines from the start and/or end of a string

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/trim-newlines:3.0.1

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/meow:9.0.0
  • simplicite-js:5.2.54

Identifiers

tslib:1.14.1

Description:

Runtime library for TypeScript helper functions

License:

0BSD
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/tslib:1.14.1

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/rxjs:6.6.7
  • simplicite-js:5.2.54

Identifiers

tslib:2.6.0

Description:

Runtime library for TypeScript helper functions

License:

0BSD
File Path: /var/simplicite/simplicite-5.2/package-lock.json?upper-case-first:2.0.2/tslib:^2.0.3

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/@fullcalendar/moment:5.11.0
  • simplicite-js:5.2.54/upper-case-first:2.0.2
  • simplicite-js:5.2.54/sentence-case:3.0.4
  • simplicite-js:5.2.54/@fullcalendar/moment-timezone:5.11.0
  • simplicite-js:5.2.54
  • simplicite-js:5.2.54/no-case:3.0.4
  • simplicite-js:5.2.54/@fullcalendar/interaction:5.11.0
  • simplicite-js:5.2.54/@fullcalendar/luxon:5.11.0
  • simplicite-js:5.2.54/@fullcalendar/google-calendar:5.11.0
  • simplicite-js:5.2.54/@fullcalendar/bootstrap:5.11.0
  • simplicite-js:5.2.54/@fullcalendar/daygrid:5.11.0
  • simplicite-js:5.2.54/@fullcalendar/common:5.11.5
  • simplicite-js:5.2.54/@fullcalendar/timegrid:5.11.0
  • simplicite-js:5.2.54/@fullcalendar/list:5.11.0
  • simplicite-js:5.2.54/@fullcalendar/rrule:5.11.0
  • simplicite-js:5.2.54/@fullcalendar/core:5.11.0
  • simplicite-js:5.2.54/rrule:2.8.1
  • simplicite-js:5.2.54/lower-case:2.0.2

Identifiers

tuf-js:1.1.7

Description:

JavaScript implementation of The Update Framework (TUF)

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/tuf-js:1.1.7

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/@sigstore/tuf:1.0.3
  • simplicite-js:5.2.54

Identifiers

twilio-8.19.1.jar

Description:

Twilio Java Helper Library

License:

MIT License: http://www.opensource.org/licenses/mit-license.php
File Path: /var/simplicite/.m2/repository/com/twilio/sdk/twilio/8.19.1/twilio-8.19.1.jar
MD5: 6d345a94feab55375544bc21fb2f0412
SHA1: e3c92a4dba7a385e0f1b2959972f029aa8222800
SHA256:216b472933a11bd0b139dab44b3c47f80edcd7646e1e61d3fd9468b72aae2ae6
Referenced In Project/Scope: Simplicite Platform:compile
twilio-8.19.1.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.simplicite/simplicite@5.2.54

Identifiers

txw2-2.3.4.jar

Description:

        TXW is a library that allows you to write XML documents.

File Path: /var/simplicite/.m2/repository/org/glassfish/jaxb/txw2/2.3.4/txw2-2.3.4.jar
MD5: 0d2de5cab75137d954fe38fb6d10471b
SHA1: 257fa649d3137a1060d222aefb96b7d1dd5f1286
SHA256:32c0c524624bd535d4e40b30afa2def7399cbb824fb3e74c73aea62872ad753b
Referenced In Project/Scope: Simplicite Platform:compile
txw2-2.3.4.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.glassfish.jaxb/jaxb-runtime@2.3.4

Identifiers

type-check:0.4.0

Description:

type-check allows you to check the types of JavaScript values at runtime with a Haskell like type syntax.

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/type-check:0.4.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/levn:0.4.1
  • simplicite-js:5.2.54/optionator:0.9.3
  • simplicite-js:5.2.54

Identifiers

type-fest:0.18.1

Description:

A collection of essential TypeScript types

License:

(MIT OR CC0-1.0)
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/type-fest:0.18.1

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/meow:9.0.0
  • simplicite-js:5.2.54

Identifiers

type-fest:0.20.2

Description:

A collection of essential TypeScript types

License:

(MIT OR CC0-1.0)
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/type-fest:0.20.2

Referenced In Project/Scope: simplicite-js:5.2.54

Identifiers

type-fest:0.21.3

Description:

A collection of essential TypeScript types

License:

(MIT OR CC0-1.0)
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/type-fest:0.21.3

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/ansi-escapes:4.3.2
  • simplicite-js:5.2.54/boxen:5.1.2
  • simplicite-js:5.2.54/globals:13.24.0
  • simplicite-js:5.2.54/boxen:7.1.0
  • simplicite-js:5.2.54
  • simplicite-js:5.2.54/globals:13.20.0

Identifiers

type-fest:0.6.0

Description:

A collection of essential TypeScript types

License:

(MIT OR CC0-1.0)
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/type-fest:0.6.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/read-pkg:5.2.0
  • simplicite-js:5.2.54

Identifiers

type-fest:0.8.1

Description:

A collection of essential TypeScript types

License:

(MIT OR CC0-1.0)
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/type-fest:0.8.1

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/read-pkg-up:7.0.1
  • simplicite-js:5.2.54/boxen:4.2.0
  • simplicite-js:5.2.54

Identifiers

type-fest:1.4.0

Description:

A collection of essential TypeScript types

License:

(MIT OR CC0-1.0)
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/type-fest:1.4.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/crypto-random-string:4.0.0
  • simplicite-js:5.2.54

Identifiers

type-fest:2.19.0

Description:

A collection of essential TypeScript types

License:

(MIT OR CC0-1.0)
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/type-fest:2.19.0

Referenced In Project/Scope: simplicite-js:5.2.54

Identifiers

typed-array-length:1.0.4

Description:

Robustly get the length of a Typed Array

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/typed-array-length:1.0.4

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/es-abstract:1.21.2
  • simplicite-js:5.2.54

Identifiers

typedarray-to-buffer:3.1.5

Description:

Convert a typed array to a Buffer without a copy

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/typedarray-to-buffer:3.1.5

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54
  • simplicite-js:5.2.54/write-file-atomic:3.0.3

Identifiers

uc.micro:1.0.6

Description:

Micro subset of unicode data files for markdown-it projects.

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/uc.micro:1.0.6

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/linkify-it:3.0.3
  • simplicite-js:5.2.54
  • simplicite-js:5.2.54/markdown-it:12.3.2

Identifiers

udunits-4.5.5.jar

Description:

The ucar.units Java package is for decoding and encoding
    formatted unit specifications (e.g. "m/s"), converting numeric values
    between compatible units (e.g. between "m/s" and "knot"), and for
    performing arithmetic operations on units (e.g. dividing one unit by
    another, raising a unit to a power).

File Path: /var/simplicite/.m2/repository/edu/ucar/udunits/4.5.5/udunits-4.5.5.jar
MD5: 025ffadf77de73601443c8262c995df0
SHA1: d8c8d65ade13666eedcf764889c69321c247f153
SHA256:fb641ad901d1526d53f2b13bc86baec703c57d58e6001cfa54ca7734c97fb30d
Referenced In Project/Scope: Simplicite Platform:compile
udunits-4.5.5.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.apache.tika/tika-parsers@1.27

Identifiers

uglify-js:3.17.4

Description:

JavaScript parser, mangler/compressor and beautifier toolkit

License:

BSD-2-Clause
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/uglify-js:3.17.4

Referenced In Project/Scope: simplicite-js:5.2.54

Identifiers

  • pkg:npm/uglify-js@3.17.4  (Confidence:Highest)
  • cpe:2.3:a:uglifyjs_project:uglifyjs:3.17.4:*:*:*:*:*:*:*  (Confidence:Low)  

unbox-primitive:1.0.2

Description:

Unbox a boxed JS primitive value.

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/unbox-primitive:1.0.2

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/es-abstract:1.21.2
  • simplicite-js:5.2.54

Identifiers

underscore:1.13.6

Description:

JavaScript's functional programming helper library.

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/underscore:1.13.6

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/jsdoc:4.0.2
  • simplicite-js:5.2.54

Identifiers

unicode-canonical-property-names-ecmascript:2.0.0

Description:

The set of canonical Unicode property names supported in ECMAScript RegExp property escapes.

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?unicode-match-property-ecmascript:2.0.0/unicode-canonical-property-names-ecmascript:^2.0.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/unicode-match-property-ecmascript:2.0.0
  • simplicite-js:5.2.54

Identifiers

unicode-match-property-ecmascript:2.0.0

Description:

Match a Unicode property or property alias to its canonical property name per the algorithm used for RegExp Unicode property escapes in ECMAScript.

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/unicode-match-property-ecmascript:2.0.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/regexpu-core:5.3.2
  • simplicite-js:5.2.54

Identifiers

unicode-match-property-value-ecmascript:2.1.0

Description:

Match a Unicode property or property alias to its canonical property name per the algorithm used for RegExp Unicode property escapes in ECMAScript.

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/unicode-match-property-value-ecmascript:2.1.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/regexpu-core:5.3.2
  • simplicite-js:5.2.54

Identifiers

unicode-property-aliases-ecmascript:2.1.0

Description:

Unicode property alias mappings in JavaScript format for property names that are supported in ECMAScript RegExp property escapes.

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/unicode-property-aliases-ecmascript:2.1.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/unicode-match-property-ecmascript:2.0.0
  • simplicite-js:5.2.54

Identifiers

unique-filename:3.0.0

Description:

Generate a unique filename for use in temporary directories or caches.

License:

ISC
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/unique-filename:3.0.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/cacache:17.1.3
  • simplicite-js:5.2.54

Identifiers

unique-slug:4.0.0

Description:

Generate a unique character string suitible for use in files and URLs.

License:

ISC
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/unique-slug:4.0.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/unique-filename:3.0.0
  • simplicite-js:5.2.54

Identifiers

unique-string:2.0.0

Description:

Generate a unique random string

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/unique-string:2.0.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/configstore:6.0.0
  • simplicite-js:5.2.54
  • simplicite-js:5.2.54/configstore:5.0.1

Identifiers

unique-string:3.0.0

Description:

Generate a unique random string

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/unique-string:3.0.0

Referenced In Project/Scope: simplicite-js:5.2.54

Identifiers

unirest-java-3.14.2.jar

Description:

Simplified, lightweight HTTP client library.

File Path: /var/simplicite/.m2/repository/com/konghq/unirest-java/3.14.2/unirest-java-3.14.2.jar
MD5: 68e701e21ea22313fa93b506db1c57df
SHA1: 0e7693bc22f364014d9164519fb057a7d86af9a7
SHA256:1df56813f4410de105265f91cb37be4cc9c1dc32902b18b8b8b7bf069ef2f2a7
Referenced In Project/Scope: Simplicite Platform:compile
unirest-java-3.14.2.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.simplicite/simplicite@5.2.54

Identifiers

unit-api-1.0.jar

Description:

Units of Measurement Standard - This JSR specifies Java packages for modeling and working with measurement values, quantities and their corresponding units.

License:

BSD: LICENSE.txt
File Path: /var/simplicite/.m2/repository/javax/measure/unit-api/1.0/unit-api-1.0.jar
MD5: 0e62b80ee212b7bb9d3cd150ff988a93
SHA1: 6b960260278588d7ff02fe376e5aad39a9c7440b
SHA256:35da65fdbd3f9c1fe79cfc8399db975fd97660d8a219febfda9fd1a5fc058f10
Referenced In Project/Scope: Simplicite Platform:compile
unit-api-1.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.apache.tika/tika-parsers@1.27

Identifiers

universalify:0.1.2

Description:

Make a callback- or promise-based function support both promises and callbacks.

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/universalify:0.1.2

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/fs-extra:8.1.0
  • simplicite-js:5.2.54

Identifiers

untildify:4.0.0

Description:

Convert a tilde path to an absolute path: `~/dev` → `/Users/sindresorhus/dev`

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/untildify:4.0.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/npm-check-updates:16.14.14
  • simplicite-js:5.2.54

Identifiers

update-browserslist-db:1.0.13

Description:

CLI tool to update caniuse-lite to refresh target browsers from Browserslist config

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/update-browserslist-db:1.0.13

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/browserslist:4.22.3
  • simplicite-js:5.2.54

Identifiers

update-notifier:4.1.3

Description:

Update notifications for your CLI app

License:

BSD-2-Clause
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/update-notifier:4.1.3

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/npm-audit-html:1.5.0
  • simplicite-js:5.2.54

Identifiers

update-notifier:5.1.0

Description:

Update notifications for your CLI app

License:

BSD-2-Clause
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/update-notifier:5.1.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/npm-check:6.0.1
  • simplicite-js:5.2.54

Identifiers

update-notifier:6.0.2

Description:

Update notifications for your CLI app

License:

BSD-2-Clause
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/update-notifier:6.0.2

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/npm-check-updates:16.14.14
  • simplicite-js:5.2.54

Identifiers

upper-case-first:2.0.2

Description:

Transforms the string with the first character in upper cased

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/upper-case-first:2.0.2

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/sentence-case:3.0.4
  • simplicite-js:5.2.54

Identifiers

uri-js:4.4.1

Description:

An RFC 3986/3987 compliant, scheme extendable URI/IRI parsing/validating/resolving library for JavaScript.

License:

BSD-2-Clause
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/uri-js:4.4.1

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/ajv:8.12.0
  • simplicite-js:5.2.54
  • simplicite-js:5.2.54/ajv:6.12.6

Identifiers

url-parse-lax:3.0.0

Description:

Lax url.parse() with support for protocol-less URLs & IPs

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/url-parse-lax:3.0.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/got:9.6.0
  • simplicite-js:5.2.54

Identifiers

util-deprecate:1.0.2

Description:

The Node.js `util.deprecate()` function with browser support

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/util-deprecate:1.0.2

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/postcss-selector-parser:6.0.13
  • simplicite-js:5.2.54/readable-stream:2.3.8
  • simplicite-js:5.2.54/readable-stream:3.6.2
  • simplicite-js:5.2.54

Identifiers

v8-compile-cache:2.3.0

Description:

Require hook for automatic V8 compile cache persistence

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/v8-compile-cache:2.3.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/stylelint:14.16.1
  • simplicite-js:5.2.54

Identifiers

v8flags:3.2.0

Description:

Get available v8 and Node.js flags.

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/v8flags:3.2.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/@babel/node:7.23.9
  • simplicite-js:5.2.54

Identifiers

validate-npm-package-license:3.0.4

Description:

Give me a string and I'll tell you if it's a valid npm package license string

License:

Apache-2.0
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/validate-npm-package-license:3.0.4

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/normalize-package-data:3.0.3
  • simplicite-js:5.2.54/normalize-package-data:2.5.0
  • simplicite-js:5.2.54
  • simplicite-js:5.2.54/normalize-package-data:5.0.0

Identifiers

validate-npm-package-name:5.0.0

Description:

Give me a string and I'll tell you if it's a valid npm package name

License:

ISC
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/validate-npm-package-name:5.0.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/npm-package-arg:10.1.0
  • simplicite-js:5.2.54

Identifiers

visit-values:2.0.0

Description:

visit all the children of a javascript object

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/visit-values:2.0.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/license-report:6.5.0
  • simplicite-js:5.2.54

Identifiers

vorbis-java-core-0.8.jar

File Path: /var/simplicite/.m2/repository/org/gagravarr/vorbis-java-core/0.8/vorbis-java-core-0.8.jar
MD5: 71b623b57f56daf112bddb3337ee896d
SHA1: 7e9937c2575cda2e3fc116415117c74f23e43fa6
SHA256:879bb0c8923fea686609e207fd9050ab246e001868341c725929405e755cf68e
Referenced In Project/Scope: Simplicite Platform:compile
vorbis-java-core-0.8.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.apache.tika/tika-parsers@1.27

Identifiers

vorbis-java-tika-0.8.jar

File Path: /var/simplicite/.m2/repository/org/gagravarr/vorbis-java-tika/0.8/vorbis-java-tika-0.8.jar
MD5: 85c7b34d5f94e66bf0c79f5d673db750
SHA1: 4ddbb27ac5884a0f0398a63d46a89d3bc87dc457
SHA256:a1b62281a99aec10dc69db1d2f8250952dca5841eedf1167b6b6f9585e2d0d26
Referenced In Project/Scope: Simplicite Platform:compile
vorbis-java-tika-0.8.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.apache.tika/tika-parsers@1.27

Identifiers

vue:2.6.14

Description:

Reactive, component-oriented view layer for modern web interfaces.

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/vue:2.6.14

Referenced In Project/Scope: simplicite-js:5.2.54

Identifiers

wcwidth:1.0.1

Description:

Port of C's wcwidth() and wcswidth()

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/wcwidth:1.0.1

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/ora:5.4.1
  • simplicite-js:5.2.54

Identifiers

which-boxed-primitive:1.0.2

Description:

Which kind of boxed JS primitive is this?

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/which-boxed-primitive:1.0.2

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/unbox-primitive:1.0.2
  • simplicite-js:5.2.54

Identifiers

which-pm:2.0.0

Description:

Detects what package manager was used for installation

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/which-pm:2.0.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/preferred-pm:3.0.3
  • simplicite-js:5.2.54

Identifiers

which-typed-array:1.1.9

Description:

Which kind of Typed Array is this JavaScript value? Works cross-realm, without `instanceof`, and despite Symbol.toStringTag.

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/which-typed-array:1.1.9

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/es-abstract:1.21.2
  • simplicite-js:5.2.54

Identifiers

which:1.3.1

Description:

Like which(1) unix command. Find the first instance of an executable in the PATH.

License:

ISC
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/which:1.3.1

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54
  • simplicite-js:5.2.54/global-prefix:3.0.0

Identifiers

which:2.0.2

Description:

Like which(1) unix command. Find the first instance of an executable in the PATH.

License:

ISC
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/which:2.0.2

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/node-gyp:9.4.0
  • simplicite-js:5.2.54/cross-spawn:7.0.3
  • simplicite-js:5.2.54

Identifiers

which:3.0.1

Description:

Like which(1) unix command. Find the first instance of an executable in the PATH.

License:

ISC
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/which:3.0.1

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/@npmcli/run-script:6.0.2
  • simplicite-js:5.2.54
  • simplicite-js:5.2.54/@npmcli/promise-spawn:6.0.2
  • simplicite-js:5.2.54/@npmcli/git:4.1.0

Identifiers

wide-align:1.1.5

Description:

A wide-character aware text alignment function for use on the console or with fixed width fonts.

License:

ISC
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/wide-align:1.1.5

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/gauge:4.0.4
  • simplicite-js:5.2.54

Identifiers

widest-line:3.1.0

Description:

Get the visual width of the widest line in a string - the number of columns required to display it

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/widest-line:3.1.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/boxen:5.1.2
  • simplicite-js:5.2.54/boxen:4.2.0
  • simplicite-js:5.2.54/boxen:7.1.0
  • simplicite-js:5.2.54

Identifiers

widest-line:4.0.1

Description:

Get the visual width of the widest line in a string - the number of columns required to display it

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/widest-line:4.0.1

Referenced In Project/Scope: simplicite-js:5.2.54

Identifiers

wmf2svg-0.9.8.jar

Description:

WMF to SVG Converting Tool & Library

License:

The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /var/simplicite/.m2/repository/net/arnx/wmf2svg/0.9.8/wmf2svg-0.9.8.jar
MD5: 34b920f0aa840b1792702d253c2c58b7
SHA1: 365614a3ee72ec475d9032f906d37b753fbe2bfa
SHA256:c7f136558140c3fbe9410199ca509895faad4fa79bdc185e72a868f1c2819b4a
Referenced In Project/Scope: Simplicite Platform:compile
wmf2svg-0.9.8.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.docx4j/docx4j-core@11.2.9

Identifiers

woodstox-core-6.2.4.jar (shaded: com.sun.xml.bind.jaxb:isorelax:20090621)

Description:

Unknown version of isorelax library used in JAXB project

File Path: /var/simplicite/.m2/repository/com/fasterxml/woodstox/woodstox-core/6.2.4/woodstox-core-6.2.4.jar/META-INF/maven/com.sun.xml.bind.jaxb/isorelax/pom.xml
MD5: 6fbb4bc95fbf2072bc6e3b790553fe81
SHA1: 314ec72948d5c1fc71d553cbbd7a130caa6f9f13
SHA256:cda6451d0231a973352b592ff950e39224ba6ba1a2f35eeab66511b5c225dff1
Referenced In Project/Scope: Simplicite Platform:compile

Identifiers

woodstox-core-6.2.4.jar (shaded: net.java.dev.msv:xsdlib:2013.6.1)

Description:

XML Schema datatypes library

File Path: /var/simplicite/.m2/repository/com/fasterxml/woodstox/woodstox-core/6.2.4/woodstox-core-6.2.4.jar/META-INF/maven/net.java.dev.msv/xsdlib/pom.xml
MD5: aaf872ed9d1aabee25e03c2a132ffd8e
SHA1: 47f218a999411ed028f089d59ebef8f14e0fe914
SHA256:d6e83c124436049d83238fc532a26c5d8ccd7e4ab10eba6d96043c850ac82f3c
Referenced In Project/Scope: Simplicite Platform:compile

Identifiers

woodstox-core-6.2.4.jar

Description:

Woodstox is a high-performance XML processor that implements Stax (JSR-173),
SAX2 and Stax2 APIs

License:

The Apache License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /var/simplicite/.m2/repository/com/fasterxml/woodstox/woodstox-core/6.2.4/woodstox-core-6.2.4.jar
MD5: c72181f3fb82bda9aa724e6b0fed3395
SHA1: 16b9f8ab972e67eb21872ea2c40046249d543989
SHA256:5fa734d5050f097405a801022d09377bbc81e811ef9a17cd0279ed3279f495a5
Referenced In Project/Scope: Simplicite Platform:compile
woodstox-core-6.2.4.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.fasterxml.jackson.jaxrs/jackson-jaxrs-xml-provider@2.12.4

Identifiers

CVE-2022-40152  

Those using Woodstox to parse XML data may be vulnerable to Denial of Service attacks (DOS) if DTD support is enabled. If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stackoverflow. This effect may support a denial of service attack.
CWE-787 Out-of-bounds Write

CVSSv3:
  • Base Score: HIGH (7.5)
  • Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

References:

Vulnerable Software & Versions: (show all)

wordwrap:1.0.0

Description:

Wrap those words. Show them at what columns to start and stop.

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/wordwrap:1.0.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/handlebars:4.7.7
  • simplicite-js:5.2.54

Identifiers

wrap-ansi:7.0.0

Description:

Wordwrap a string with ANSI escape codes

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/wrap-ansi:7.0.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/@isaacs/cliui:8.0.2
  • simplicite-js:5.2.54/cliui:7.0.4
  • simplicite-js:5.2.54/boxen:5.1.2
  • simplicite-js:5.2.54/boxen:7.1.0
  • simplicite-js:5.2.54

Identifiers

wrap-ansi:8.1.0

Description:

Wordwrap a string with ANSI escape codes

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/wrap-ansi:8.1.0

Referenced In Project/Scope: simplicite-js:5.2.54

Identifiers

wrappy:1.0.2

Description:

Callback wrapping utility

License:

ISC
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/wrappy:1.0.2

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/inflight:1.0.6
  • simplicite-js:5.2.54/once:1.4.0
  • simplicite-js:5.2.54

Identifiers

write-file-atomic:3.0.3

Description:

Write files in an atomic fashion w/configurable ownership

License:

ISC
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/write-file-atomic:3.0.3

Referenced In Project/Scope: simplicite-js:5.2.54

Identifiers

write-file-atomic:4.0.2

Description:

Write files in an atomic fashion w/configurable ownership

License:

ISC
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/write-file-atomic:4.0.2

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/configstore:6.0.0
  • simplicite-js:5.2.54/stylelint:14.16.1
  • simplicite-js:5.2.54
  • simplicite-js:5.2.54/configstore:5.0.1

Identifiers

xalan-2.7.2.jar

Description:

    Xalan-Java is an XSLT processor for transforming XML documents into HTML,
    text, or other XML document types. It implements XSL Transformations (XSLT)
    Version 1.0 and XML Path Language (XPath) Version 1.0 and can be used from
    the command line, in an applet or a servlet, or as a module in other program.

File Path: /var/simplicite/.m2/repository/xalan/xalan/2.7.2/xalan-2.7.2.jar
MD5: 6aa6607802502c8016b676f25f8e4873
SHA1: d55d3f02a56ec4c25695fe67e1334ff8c2ecea23
SHA256:a44bd80e82cb0f4cfac0dac8575746223802514e3cec9dc75235bc0de646af14
Referenced In Project/Scope: Simplicite Platform:compile
xalan-2.7.2.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.simplicite/simplicite@5.2.54

Identifiers

CVE-2022-34169  

The Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets. This can be used to corrupt Java class files generated by the internal XSLTC compiler and execute arbitrary Java bytecode. Users are recommended to update to version 2.7.3 or later. Note: Java runtimes (such as OpenJDK) include repackaged copies of Xalan.
CWE-681 Incorrect Conversion between Numeric Types

CVSSv3:
  • Base Score: HIGH (7.5)
  • Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

References:

Vulnerable Software & Versions: (show all)

xalan-interpretive-11.0.0.jar

Description:

xalan-interpretive

License:

Apache 2: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /var/simplicite/.m2/repository/org/docx4j/org/apache/xalan-interpretive/11.0.0/xalan-interpretive-11.0.0.jar
MD5: fc5a8e36ca1cbe5eb05dbf328e058403
SHA1: 7494b62aced4c3d0ffa259e59c435dc9bd7f07b3
SHA256:badfeb922041262d667363e05bd1cea3947f2ad63dc0f586582ef20ab5a52456
Referenced In Project/Scope: Simplicite Platform:compile
xalan-interpretive-11.0.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.docx4j/docx4j-core@11.2.9

Identifiers

xalan-serializer-11.0.0.jar

Description:

xalan-serializer

License:

Apache 2: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /var/simplicite/.m2/repository/org/docx4j/org/apache/xalan-serializer/11.0.0/xalan-serializer-11.0.0.jar
MD5: f21112d50f8c5e067bcb388697cb6af1
SHA1: 7a6b5802bdba3d3b12e935b8a0ae2e020d839cfd
SHA256:ee20541b9180bbd4dc4d55b825e397aefc1545d11d819e4d488012fa76a4b6dc
Referenced In Project/Scope: Simplicite Platform:compile
xalan-serializer-11.0.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.docx4j/docx4j-core@11.2.9

Identifiers

xdg-basedir:4.0.0

Description:

Get XDG Base Directory paths

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/xdg-basedir:4.0.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/configstore:6.0.0
  • simplicite-js:5.2.54/update-notifier:6.0.2
  • simplicite-js:5.2.54/update-notifier:4.1.3
  • simplicite-js:5.2.54/update-notifier:5.1.0
  • simplicite-js:5.2.54
  • simplicite-js:5.2.54/configstore:5.0.1

Identifiers

xdg-basedir:5.1.0

Description:

Get XDG Base Directory paths

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/xdg-basedir:5.1.0

Referenced In Project/Scope: simplicite-js:5.2.54

Identifiers

xercesImpl-2.12.2.jar

Description:

      Xerces2 provides high performance, fully compliant XML parsers in the Apache Xerces family. This new version of Xerces continues to build upon the Xerces Native Interface (XNI), a complete framework for building parser components and configurations that is extremely modular and easy to program.

      The Apache Xerces2 parser is the reference implementation of XNI but other parser components, configurations, and parsers can be written using the Xerces Native Interface. For complete design and implementation documents, refer to the XNI Manual.

      Xerces2 provides fully conforming XML Schema 1.0 and 1.1 processors. An experimental implementation of the "XML Schema Definition Language (XSD): Component Designators (SCD) Candidate Recommendation (January 2010)" is also provided for evaluation. For more information, refer to the XML Schema page.

      Xerces2 also provides a complete implementation of the Document Object Model Level 3 Core and Load/Save W3C Recommendations and provides a complete implementation of the XML Inclusions (XInclude) W3C Recommendation. It also provides support for OASIS XML Catalogs v1.1.

      Xerces2 is able to parse documents written according to the XML 1.1 Recommendation, except that it does not yet provide an option to enable normalization checking as described in section 2.13 of this specification. It also handles namespaces according to the XML Namespaces 1.1 Recommendation, and will correctly serialize XML 1.1 documents if the DOM level 3 load/save APIs are in use.

License:

The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /var/simplicite/.m2/repository/xerces/xercesImpl/2.12.2/xercesImpl-2.12.2.jar
MD5: 40e4f2d5aacfbf51a9a1572d77a0e5e9
SHA1: f051f988aa2c9b4d25d05f95742ab0cc3ed789e2
SHA256:6fc991829af1708d15aea50c66f0beadcd2cfeb6968e0b2f55c1b0909883fe16
Referenced In Project/Scope: Simplicite Platform:compile
xercesImpl-2.12.2.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.simplicite/simplicite@5.2.54

Identifiers

  • pkg:maven/xerces/xercesImpl@2.12.2  (Confidence:High)
  • cpe:2.3:a:apache:xerces-j:2.12.2:*:*:*:*:*:*:*  (Confidence:Low)  
  • cpe:2.3:a:apache:xerces2_java:2.12.2:*:*:*:*:*:*:*  (Confidence:Low)  

CVE-2017-10355 (OSSINDEX)  

sonatype-2017-0348 - xerces:xercesImpl - Denial of Service (DoS)

The software contains multiple threads or executable segments that are waiting for each other to release a necessary lock, resulting in deadlock.
CWE-833 Deadlock

CVSSv3:
  • Base Score: MEDIUM (5.9)
  • Vector: CVSS:/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

References:

Vulnerable Software & Versions (OSSINDEX):

  • cpe:2.3:a:xerces:xercesImpl:2.12.2:*:*:*:*:*:*:*

xmlbeans-3.1.0.jar

Description:

XmlBeans main jar

License:

The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /var/simplicite/.m2/repository/org/apache/xmlbeans/xmlbeans/3.1.0/xmlbeans-3.1.0.jar
MD5: 408902d943e5bd51a4813dae131681a3
SHA1: 6dac1f897dfb3e3f17fc79b18a3353b2e51c464e
SHA256:a19ea1ec835a101165f7aa3c55427e81b5f2b187bfe7689a19277c51402620b0
Referenced In Project/Scope: Simplicite Platform:compile
xmlbeans-3.1.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.apache.poi/poi-ooxml-schemas@4.1.2

Identifiers

xmlcreate:2.0.4

Description:

Simple XML builder for Node.js

License:

Apache-2.0
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/xmlcreate:2.0.4

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54
  • simplicite-js:5.2.54/js2xmlparser:4.0.2

Identifiers

xmlgraphics-commons-2.3.jar

Description:

    Apache XML Graphics Commons is a library that consists of several reusable 
    components used by Apache Batik and Apache FOP. Many of these components 
    can easily be used separately outside the domains of SVG and XSL-FO.

License:

The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /var/simplicite/.m2/repository/org/apache/xmlgraphics/xmlgraphics-commons/2.3/xmlgraphics-commons-2.3.jar
MD5: 3edc187a769f9ff50e53f095bccb20cd
SHA1: f0b77d80c4d8f02538512b4d505af0cf5286eb7f
SHA256:1fb91bac2795f7a768a7665f40cde996023a489ecc43e5ee67ad40fbaa79e194
Referenced In Project/Scope: Simplicite Platform:compile
xmlgraphics-commons-2.3.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.docx4j/docx4j-core@11.2.9

Identifiers

CVE-2020-11988  

Apache XmlGraphics Commons 2.4 and earlier is vulnerable to server-side request forgery, caused by improper input validation by the XMPParser. By using a specially-crafted argument, an attacker could exploit this vulnerability to cause the underlying server to make arbitrary GET requests. Users should upgrade to 2.6 or later.
CWE-20 Improper Input Validation, CWE-918 Server-Side Request Forgery (SSRF)

CVSSv2:
  • Base Score: MEDIUM (6.4)
  • Vector: /AV:N/AC:L/Au:N/C:P/I:P/A:N
CVSSv3:
  • Base Score: HIGH (8.2)
  • Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N

References:

Vulnerable Software & Versions:

xmlsec-2.2.3.jar

Description:

        Apache XML Security for Java supports XML-Signature Syntax and Processing,
        W3C Recommendation 12 February 2002, and XML Encryption Syntax and
        Processing, W3C Recommendation 10 December 2002. As of version 1.4,
        the library supports the standard Java API JSR-105: XML Digital Signature APIs.

License:

Apache License, Version 2.0: https://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /var/simplicite/.m2/repository/org/apache/santuario/xmlsec/2.2.3/xmlsec-2.2.3.jar
MD5: 3ce56109cd24b76243c3846e42b4a493
SHA1: 216237777d6371fa618d8b8a51a53a1c295291f5
SHA256:7c42fee8eb82b24ef1c2b505026d3a44eb2b1edcdc728f0e4726bc2e79261053
Referenced In Project/Scope: Simplicite Platform:compile
xmlsec-2.2.3.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.simplicite/simplicite@5.2.54

Identifiers

  • pkg:maven/org.apache.santuario/xmlsec@2.2.3  (Confidence:High)
  • cpe:2.3:a:apache:santuario_xml_security_for_java:2.2.3:*:*:*:*:*:*:*  (Confidence:Low)  
  • cpe:2.3:a:apache:xml_security_for_java:2.2.3:*:*:*:*:*:*:*  (Confidence:Low)  

CVE-2023-44483  

All versions of Apache Santuario - XML Security for Java prior to 2.2.6, 2.3.4, and 3.0.3, when using the JSR 105 API, are vulnerable to an issue where a private key may be disclosed in log files when generating an XML Signature and logging with debug level is enabled. Users are recommended to upgrade to version 2.2.6, 2.3.4, or 3.0.3, which fixes this issue.
CWE-532 Insertion of Sensitive Information into Log File

CVSSv3:
  • Base Score: MEDIUM (6.5)
  • Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

References:

Vulnerable Software & Versions: (show all)

xmpbox-2.0.23.jar

Description:

    The Apache XmpBox library is an open source Java tool that implements Adobe's XMP(TM)
    specification. It can be used to parse, validate and create xmp contents.
    It is mainly used by subproject preflight of Apache PDFBox. 
    XmpBox is a subproject of Apache PDFBox.

License:

https://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /var/simplicite/.m2/repository/org/apache/pdfbox/xmpbox/2.0.23/xmpbox-2.0.23.jar
MD5: d964e89c70c0a0e2606ab58cd307faae
SHA1: 929cb01b738f84798fcae7786e608af6735898da
SHA256:e52214fd41f23b2531197ce2186d123c577e2ee4ca466b0cf33b2df73a92a0f9
Referenced In Project/Scope: Simplicite Platform:compile
xmpbox-2.0.23.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.simplicite/simplicite@5.2.54

Identifiers

CVE-2021-31811  

In Apache PDFBox, a carefully crafted PDF file can trigger an OutOfMemory-Exception while loading the file. This issue affects Apache PDFBox version 2.0.23 and prior 2.0.x versions.
CWE-770 Allocation of Resources Without Limits or Throttling

CVSSv2:
  • Base Score: MEDIUM (4.3)
  • Vector: /AV:N/AC:M/Au:N/C:N/I:N/A:P
CVSSv3:
  • Base Score: MEDIUM (5.5)
  • Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

References:

Vulnerable Software & Versions: (show all)

CVE-2021-31812  

In Apache PDFBox, a carefully crafted PDF file can trigger an infinite loop while loading the file. This issue affects Apache PDFBox version 2.0.23 and prior 2.0.x versions.
CWE-835 Loop with Unreachable Exit Condition ('Infinite Loop')

CVSSv2:
  • Base Score: MEDIUM (4.3)
  • Vector: /AV:N/AC:M/Au:N/C:N/I:N/A:P
CVSSv3:
  • Base Score: MEDIUM (5.5)
  • Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

References:

Vulnerable Software & Versions: (show all)

xmpcore-shaded-6.1.11.jar

Description:

This project shades Adobe's xmpcore to remove the *.internal.* component from name spaces
        to make recent versions backwards compatible

License:

BSD 3 Clause: https://opensource.org/licenses/BSD-3-Clause
File Path: /var/simplicite/.m2/repository/org/tallison/xmp/xmpcore-shaded/6.1.11/xmpcore-shaded-6.1.11.jar
MD5: 368dca891b4d671acb556ddef9e2d180
SHA1: 90693147097d4c73fc983c327da478c141047d5a
SHA256:1110b83a44c96e72e50be9adb82943b059d7f07d281d99483773512633c40cc7
Referenced In Project/Scope: Simplicite Platform:compile
xmpcore-shaded-6.1.11.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.apache.tika/tika-parsers@1.27

Identifiers

xsom-2.3.4.jar

Description:

XML Schema Object Model (XSOM) is a Java library that allows applications to easily parse XML Schema
        documents and inspect information in them. It is expected to be useful for applications that need to take XML
        Schema as an input.

License:

Eclipse Distribution License - v 1.0: http://www.eclipse.org/org/documents/edl-v10.php
File Path: /var/simplicite/.m2/repository/org/glassfish/jaxb/xsom/2.3.4/xsom-2.3.4.jar
MD5: c2e2614dca203d71067effe159721a80
SHA1: e538afe3b621b1bb90aad11eeef9db811f50b85a
SHA256:a668cb130d6f24b8a60f48c34987ac22f920b2c4f95932ace873f2258cf06ddf
Referenced In Project/Scope: Simplicite Platform:compile
xsom-2.3.4.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.glassfish.jaxb/jaxb-xjc@2.3.4

Identifiers

xtend:4.0.2

Description:

extend like a boss

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/xtend:4.0.2

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/npm-check:6.0.1
  • simplicite-js:5.2.54

Identifiers

xterm-js:4.9.0

Description:

Full xterm terminal, in your browser

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/xterm-js:4.9.0

Referenced In Project/Scope: simplicite-js:5.2.54

Identifiers

CVE-2019-0542  

A remote code execution vulnerability exists in Xterm.js when the component mishandles special characters, aka "Xterm Remote Code Execution Vulnerability." This affects xterm.js.
CWE-94 Improper Control of Generation of Code ('Code Injection')

CVSSv2:
  • Base Score: MEDIUM (6.8)
  • Vector: /AV:N/AC:M/Au:N/C:P/I:P/A:P
CVSSv3:
  • Base Score: HIGH (8.8)
  • Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

References:

Vulnerable Software & Versions: (show all)

xz-1.9.jar

Description:

XZ data compression

License:

Public Domain
File Path: /var/simplicite/.m2/repository/org/tukaani/xz/1.9/xz-1.9.jar
MD5: 57c2fbfeb55e307ccae52e5322082e02
SHA1: 1ea4bec1a921180164852c65006d928617bd2caf
SHA256:211b306cfc44f8f96df3a0a3ddaf75ba8c5289eed77d60d72f889bb855f535e5
Referenced In Project/Scope: Simplicite Platform:compile
xz-1.9.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.apache.tika/tika-parsers@1.27

Identifiers

y18n:5.0.8

Description:

the bare-bones internationalization library used by yargs

License:

ISC
File Path: /var/simplicite/simplicite-5.2/package-lock.json?yargs:16.2.0/y18n:^5.0.5

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/yargs:16.2.0
  • simplicite-js:5.2.54

Identifiers

yallist:2.1.2

Description:

Yet Another Linked List

License:

ISC
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/yallist:2.1.2

Referenced In Project/Scope: simplicite-js:5.2.54

Identifiers

yallist:3.1.1

Description:

Yet Another Linked List

License:

ISC
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/yallist:3.1.1

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/tar:6.1.15
  • simplicite-js:5.2.54/lru-cache:5.1.1
  • simplicite-js:5.2.54/minizlib:2.1.2
  • simplicite-js:5.2.54/lru-cache:6.0.0
  • simplicite-js:5.2.54/lru-cache:4.1.5
  • simplicite-js:5.2.54
  • simplicite-js:5.2.54/minipass:3.3.6

Identifiers

yallist:4.0.0

Description:

Yet Another Linked List

License:

ISC
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/yallist:4.0.0

Referenced In Project/Scope: simplicite-js:5.2.54

Identifiers

yaml:1.10.2

Description:

JavaScript parser and stringifier for YAML

License:

ISC
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/yaml:1.10.2

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/cosmiconfig:7.1.0
  • simplicite-js:5.2.54

Identifiers

yargs-parser:20.2.9

Description:

the mighty option parser used by yargs

License:

ISC
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/yargs-parser:20.2.9

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54/meow:9.0.0
  • simplicite-js:5.2.54/yargs:16.2.0
  • simplicite-js:5.2.54

Identifiers

yargs:16.2.0

Description:

yargs the modern, pirate-themed, successor to optimist.

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/yargs:16.2.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54
  • simplicite-js:5.2.54/depcheck:1.4.3

Identifiers

yocto-queue:0.1.0

Description:

Tiny queue data structure

License:

MIT
File Path: /var/simplicite/simplicite-5.2/package-lock.json?/yocto-queue:0.1.0

Referenced In Projects/Scopes:
  • simplicite-js:5.2.54
  • simplicite-js:5.2.54/p-limit:3.1.0

Identifiers

zstd-jni-1.5.2-1.jar

Description:

JNI bindings for Zstd native library that provides fast and high compression lossless algorithm for Java and all JVM languages.

License:

BSD 2-Clause License: https://opensource.org/licenses/BSD-2-Clause
File Path: /var/simplicite/.m2/repository/com/github/luben/zstd-jni/1.5.2-1/zstd-jni-1.5.2-1.jar
MD5: 2909788860e8e3ee29d51b327a43ca24
SHA1: fad786abc1d1b81570e8d9a2fc8a1ef479bc27b6
SHA256:93f7e4cbc907c2650f89f9f0bec94873735a58f1e4b66a54973294e4ec1878e8
Referenced In Project/Scope: Simplicite Platform:runtime
zstd-jni-1.5.2-1.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.apache.kafka/kafka-clients@3.3.1

Identifiers

zstd-jni-1.5.2-1.jar: libzstd-jni-1.5.2-1.dll

File Path: /var/simplicite/.m2/repository/com/github/luben/zstd-jni/1.5.2-1/zstd-jni-1.5.2-1.jar/win/amd64/libzstd-jni-1.5.2-1.dll
MD5: 47cb3a35f42743eb1f9346af229e87b7
SHA1: e31a10143ab3690a9bc2836ba62696023c94dfa0
SHA256:210044a424ce01b5b34d192d1c1c51b8058f7790770943f94e2df01906ea1f64
Referenced In Project/Scope: Simplicite Platform:runtime

Identifiers

  • None

zstd-jni-1.5.2-1.jar: libzstd-jni-1.5.2-1.dll

File Path: /var/simplicite/.m2/repository/com/github/luben/zstd-jni/1.5.2-1/zstd-jni-1.5.2-1.jar/win/x86/libzstd-jni-1.5.2-1.dll
MD5: 74ee40fd92c62a5a1b6a385b5a1251cd
SHA1: 8bbd3dc53b0bf577304fc048a2cd36709a190ae9
SHA256:3b887bee98cbce3af607256d2390f7cc5d068099f541590a4c3f7d6d5b48c65d
Referenced In Project/Scope: Simplicite Platform:runtime

Identifiers

  • None


This report contains data retrieved from the National Vulnerability Database.
This report may contain data retrieved from the CISA Known Exploited Vulnerability Catalog.
This report may contain data retrieved from the Github Advisory Database (via NPM Audit API).
This report may contain data retrieved from RetireJS.
This report may contain data retrieved from the Sonatype OSS Index.