Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user’s risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report.

How to read the report | Suppressing false positives | Getting Help: github issues

 Sponsor

Project: Simplicite Platform

com.simplicite:simplicite:5.3.40

Scan Information (show all):

Summary

Display: Showing Vulnerable Dependencies (click to show all)

DependencyVulnerability IDsPackageHighest SeverityCVE CountConfidenceEvidence Count
@fullcalendar/bootstrap:5.11.4pkg:npm/%40fullcalendar%2Fbootstrap@5.11.4 010
@fullcalendar/core:5.11.4pkg:npm/%40fullcalendar%2Fcore@5.11.4 010
@fullcalendar/daygrid:5.11.4pkg:npm/%40fullcalendar%2Fdaygrid@5.11.4 010
@fullcalendar/google-calendar:5.11.4pkg:npm/%40fullcalendar%2Fgoogle-calendar@5.11.4 010
@fullcalendar/interaction:5.11.4pkg:npm/%40fullcalendar%2Finteraction@5.11.4 010
@fullcalendar/list:5.11.4pkg:npm/%40fullcalendar%2Flist@5.11.4 010
@fullcalendar/luxon:5.11.4pkg:npm/%40fullcalendar%2Fluxon@5.11.4 010
@fullcalendar/moment-timezone:5.11.4pkg:npm/%40fullcalendar%2Fmoment-timezone@5.11.4 010
@fullcalendar/moment:5.11.4pkg:npm/%40fullcalendar%2Fmoment@5.11.4 010
@fullcalendar/rrule:5.11.4pkg:npm/%40fullcalendar%2Frrule@5.11.4 010
@fullcalendar/timegrid:5.11.4pkg:npm/%40fullcalendar%2Ftimegrid@5.11.4 010
HikariCP-5.0.1.jarpkg:maven/com.zaxxer/HikariCP@5.0.1 038
JavaEWAH-1.1.13.jarpkg:maven/com.googlecode.javaewah/JavaEWAH@1.1.13 033
SparseBitSet-1.2.jarcpe:2.3:a:bit_project:bit:1.2:*:*:*:*:*:*:*pkg:maven/com.zaxxer/SparseBitSet@1.2 0Low27
accessors-smart-2.4.9.jarpkg:maven/net.minidev/accessors-smart@2.4.9 041
ace-builds:1.18.0pkg:npm/ace-builds@1.18.0 08
ace-diff:3.0.3pkg:npm/ace-diff@3.0.3 08
angus-activation-2.0.0.jarcpe:2.3:a:service_project:service:2.0.0:*:*:*:*:*:*:*pkg:maven/org.eclipse.angus/angus-activation@2.0.0 0Low37
animal-sniffer-annotations-1.21.jarpkg:maven/org.codehaus.mojo/animal-sniffer-annotations@1.21 019
annotations-4.1.1.4.jarpkg:maven/com.google.android/annotations@4.1.1.4 020
ant-1.10.13.jarcpe:2.3:a:apache:ant:1.10.13:*:*:*:*:*:*:*pkg:maven/org.apache.ant/ant@1.10.13 0Highest24
antlr-2.7.7.jarpkg:maven/antlr/antlr@2.7.7 024
antlr-runtime-3.5.2.jarcpe:2.3:a:temporal:temporal:3.5.2:*:*:*:*:*:*:*pkg:maven/org.antlr/antlr-runtime@3.5.2 0Low39
aopalliance-1.0.jarpkg:maven/aopalliance/aopalliance@1.0 020
aopalliance-repackaged-2.6.1.jarpkg:maven/org.glassfish.hk2.external/aopalliance-repackaged@2.6.1 025
apache-mime4j-core-0.8.9.jarpkg:maven/org.apache.james/apache-mime4j-core@0.8.9MEDIUM134
apache-mime4j-dom-0.8.9.jarpkg:maven/org.apache.james/apache-mime4j-dom@0.8.9 034
api-common-2.1.5.jarpkg:maven/com.google.api/api-common@2.1.5 029
asm-9.4.jarpkg:maven/org.ow2.asm/asm@9.4 053
auto-value-annotations-1.9.jarpkg:maven/com.google.auto.value/auto-value-annotations@1.9 025
autolink-0.10.0.jarpkg:maven/org.nibor.autolink/autolink@0.10.0 023
avalon-framework-impl-4.2.0.jarpkg:maven/avalon-framework/avalon-framework-impl@4.2.0 021
aws-s3-2.5.0.jarcpe:2.3:a:apache:jclouds:2.5.0:*:*:*:*:*:*:*pkg:maven/org.apache.jclouds.provider/aws-s3@2.5.0 0Highest33
azureblob-2.5.0.jarcpe:2.3:a:apache:jclouds:2.5.0:*:*:*:*:*:*:*pkg:maven/org.apache.jclouds.provider/azureblob@2.5.0 0Highest35
barcode4j-2.1.jarcpe:2.3:a:web_project:web:2.1:*:*:*:*:*:*:*pkg:maven/net.sf.barcode4j/barcode4j@2.1 0Low50
bcmail-jdk18on-1.73.jarcpe:2.3:a:bouncycastle:bouncy_castle_for_java:1.73:*:*:*:*:*:*:*pkg:maven/org.bouncycastle/bcmail-jdk18on@1.73 0Highest52
bcpg-jdk18on-1.73.jarcpe:2.3:a:bouncycastle:bouncy_castle_for_java:1.73:*:*:*:*:*:*:*
cpe:2.3:a:openpgp:openpgp:1.73:*:*:*:*:*:*:*
pkg:maven/org.bouncycastle/bcpg-jdk18on@1.73 0Highest54
bcpkix-jdk18on-1.73.jarcpe:2.3:a:bouncycastle:bouncy_castle_for_java:1.73:*:*:*:*:*:*:*pkg:maven/org.bouncycastle/bcpkix-jdk18on@1.73 0Highest66
bcprov-ext-jdk18on-1.73.jarcpe:2.3:a:bouncycastle:bouncy_castle_for_java:1.73:*:*:*:*:*:*:*pkg:maven/org.bouncycastle/bcprov-ext-jdk18on@1.73HIGH5Highest58
bcprov-jdk15on-1.69.jarcpe:2.3:a:bouncycastle:bouncy-castle-crypto-package:1.69:*:*:*:*:*:*:*
cpe:2.3:a:bouncycastle:bouncy_castle_crypto_package:1.69:*:*:*:*:*:*:*
cpe:2.3:a:bouncycastle:bouncy_castle_for_java:1.69:*:*:*:*:*:*:*
cpe:2.3:a:bouncycastle:legion-of-the-bouncy-castle-java-crytography-api:1.69:*:*:*:*:*:*:*
cpe:2.3:a:bouncycastle:the_bouncy_castle_crypto_package_for_java:1.69:*:*:*:*:*:*:*
pkg:maven/org.bouncycastle/bcprov-jdk15on@1.69HIGH5Highest60
bcprov-jdk18on-1.73.jarcpe:2.3:a:bouncycastle:bouncy-castle-crypto-package:1.73:*:*:*:*:*:*:*
cpe:2.3:a:bouncycastle:bouncy_castle_crypto_package:1.73:*:*:*:*:*:*:*
cpe:2.3:a:bouncycastle:bouncy_castle_for_java:1.73:*:*:*:*:*:*:*
cpe:2.3:a:bouncycastle:legion-of-the-bouncy-castle-java-crytography-api:1.73:*:*:*:*:*:*:*
cpe:2.3:a:bouncycastle:the_bouncy_castle_crypto_package_for_java:1.73:*:*:*:*:*:*:*
pkg:maven/org.bouncycastle/bcprov-jdk18on@1.73HIGH5Highest60
bcutil-jdk18on-1.73.jarcpe:2.3:a:bouncycastle:bouncy_castle_for_java:1.73:*:*:*:*:*:*:*pkg:maven/org.bouncycastle/bcutil-jdk18on@1.73 0Highest50
bootbox:6.0.0pkg:npm/bootbox@6.0.0MEDIUM16
bootstrap:5.2.3cpe:2.3:a:getbootstrap:bootstrap:5.2.3:*:*:*:*:*:*:*pkg:npm/bootstrap@5.2.3 0Highest8
bson-3.12.13.jarcpe:2.3:a:mongodb:bson:3.12.13:*:*:*:*:*:*:*pkg:maven/org.mongodb/bson@3.12.13 0Highest26
byte-buddy-1.14.4.jarpkg:maven/net.bytebuddy/byte-buddy@1.14.4 029
byte-buddy-agent-1.14.4.jarpkg:maven/net.bytebuddy/byte-buddy-agent@1.14.4 033
byte-buddy-agent-1.14.4.jar: attach_hotspot_windows.dll 02
byte-buddy-agent-1.14.4.jar: attach_hotspot_windows.dll 02
c3p0-0.9.5.5.jarcpe:2.3:a:mchange:c3p0:0.9.5.5:*:*:*:*:*:*:*pkg:maven/com.mchange/c3p0@0.9.5.5 0Highest31
cache-api-1.1.0.jarpkg:maven/javax.cache/cache-api@1.1.0 023
caffeine-3.1.6.jarpkg:maven/com.github.ben-manes.caffeine/caffeine@3.1.6 037
chart.js:3.9.1cpe:2.3:a:chartjs:chart.js:3.9.1:*:*:*:*:*:*:*pkg:npm/chart.js@3.9.1 0Highest7
chartjs-adapter-moment:1.0.1pkg:npm/chartjs-adapter-moment@1.0.1 06
checker-compat-qual-2.5.5.jarpkg:maven/org.checkerframework/checker-compat-qual@2.5.5 052
checker-qual-3.33.0.jarpkg:maven/org.checkerframework/checker-qual@3.33.0 046
codemodel-3.0.2.jarcpe:2.3:a:eclipse:glassfish:3.0.2:*:*:*:*:*:*:*pkg:maven/org.glassfish.jaxb/codemodel@3.0.2 0Highest36
commonmark-0.21.0.jarpkg:maven/org.commonmark/commonmark@0.21.0 023
commonmark-ext-autolink-0.21.0.jarpkg:maven/org.commonmark/commonmark-ext-autolink@0.21.0 023
commonmark-ext-gfm-strikethrough-0.21.0.jarpkg:maven/org.commonmark/commonmark-ext-gfm-strikethrough@0.21.0 025
commonmark-ext-gfm-tables-0.21.0.jarpkg:maven/org.commonmark/commonmark-ext-gfm-tables@0.21.0 025
commonmark-ext-heading-anchor-0.21.0.jarpkg:maven/org.commonmark/commonmark-ext-heading-anchor@0.21.0 025
commonmark-ext-image-attributes-0.21.0.jarpkg:maven/org.commonmark/commonmark-ext-image-attributes@0.21.0 025
commonmark-ext-ins-0.21.0.jarpkg:maven/org.commonmark/commonmark-ext-ins@0.21.0 023
commonmark-ext-task-list-items-0.21.0.jarpkg:maven/org.commonmark/commonmark-ext-task-list-items@0.21.0 025
commonmark-ext-yaml-front-matter-0.21.0.jarpkg:maven/org.commonmark/commonmark-ext-yaml-front-matter@0.21.0 025
commons-beanutils-1.9.4.jarcpe:2.3:a:apache:commons_beanutils:1.9.4:*:*:*:*:*:*:*pkg:maven/commons-beanutils/commons-beanutils@1.9.4 0Highest168
commons-cli-1.5.0.jarpkg:maven/commons-cli/commons-cli@1.5.0 0102
commons-codec-1.15.jarpkg:maven/commons-codec/commons-codec@1.15 0108
commons-collections-3.2.2.jarcpe:2.3:a:apache:commons_collections:3.2.2:*:*:*:*:*:*:*pkg:maven/commons-collections/commons-collections@3.2.2 0Highest84
commons-collections4-4.4.jarcpe:2.3:a:apache:commons_collections:4.4:*:*:*:*:*:*:*pkg:maven/org.apache.commons/commons-collections4@4.4 0Highest105
commons-compress-1.23.0.jarcpe:2.3:a:apache:commons_compress:1.23.0:*:*:*:*:*:*:*pkg:maven/org.apache.commons/commons-compress@1.23.0MEDIUM3Highest108
commons-csv-1.10.0.jarpkg:maven/org.apache.commons/commons-csv@1.10.0 085
commons-digester-2.1.jarpkg:maven/commons-digester/commons-digester@2.1 098
commons-discovery-0.5.jarcpe:2.3:a:spirit-project:spirit:0.5:*:*:*:*:*:*:*pkg:maven/commons-discovery/commons-discovery@0.5MEDIUM1Low86
commons-email-1.5.jarcpe:2.3:a:apache:commons_email:1.5:*:*:*:*:*:*:*pkg:maven/org.apache.commons/commons-email@1.5 0Highest137
commons-exec-1.3.jarpkg:maven/org.apache.commons/commons-exec@1.3 059
commons-fileupload-1.5.jarcpe:2.3:a:apache:commons_fileupload:1.5:*:*:*:*:*:*:*pkg:maven/commons-fileupload/commons-fileupload@1.5 0Highest115
commons-imaging-1.0-alpha3.jarcpe:2.3:a:apache:commons_imaging:1.0:pha3:*:*:*:*:*:*pkg:maven/org.apache.commons/commons-imaging@1.0-alpha3 0Highest67
commons-io-2.11.0.jarcpe:2.3:a:apache:commons_io:2.11.0:*:*:*:*:*:*:*pkg:maven/commons-io/commons-io@2.11.0 0Highest123
commons-lang-2.6.jarpkg:maven/commons-lang/commons-lang@2.6 0122
commons-lang3-3.12.0.jarpkg:maven/org.apache.commons/commons-lang3@3.12.0 0139
commons-logging-1.2.jarpkg:maven/commons-logging/commons-logging@1.2 0117
commons-math3-3.6.1.jarpkg:maven/org.apache.commons/commons-math3@3.6.1 0134
commons-net-3.9.0.jarcpe:2.3:a:apache:commons_net:3.9.0:*:*:*:*:*:*:*pkg:maven/commons-net/commons-net@3.9.0 0Highest105
commons-pool2-2.11.1.jarpkg:maven/org.apache.commons/commons-pool2@2.11.1 090
commons-text-1.10.0.jarcpe:2.3:a:apache:commons_text:1.10.0:*:*:*:*:*:*:*pkg:maven/org.apache.commons/commons-text@1.10.0 0Highest71
commons-validator-1.7.jarpkg:maven/commons-validator/commons-validator@1.7 0125
commons-vfs2-2.9.0.jarpkg:maven/org.apache.commons/commons-vfs2@2.9.0 039
conscrypt-openjdk-uber-2.5.1.jarpkg:maven/org.conscrypt/conscrypt-openjdk-uber@2.5.1 037
conscrypt-openjdk-uber-2.5.1.jar: conscrypt_openjdk_jni-windows-x86.dll 04
conscrypt-openjdk-uber-2.5.1.jar: conscrypt_openjdk_jni-windows-x86_64.dll 02
core-3.0.1.jarpkg:maven/com.google.zxing/core@3.0.1 020
curvesapi-1.07.jarpkg:maven/com.github.virtuald/curvesapi@1.07 023
dd-plist-1.26.jarcpe:2.3:a:dd-plist_project:dd-plist:1.26:*:*:*:*:*:*:*pkg:maven/com.googlecode.plist/dd-plist@1.26 0Highest31
dec-0.1.2.jarpkg:maven/org.brotli/dec@0.1.2 023
derby-10.16.1.1.jarcpe:2.3:a:apache:derby:10.16.1.1:*:*:*:*:*:*:*pkg:maven/org.apache.derby/derby@10.16.1.1CRITICAL1Highest28
derbyshared-10.16.1.1.jarcpe:2.3:a:apache:derby:10.16.1.1:*:*:*:*:*:*:*pkg:maven/org.apache.derby/derbyshared@10.16.1.1CRITICAL1Highest27
diffutils-1.3.0.jarcpe:2.3:a:utils_project:utils:1.3.0:*:*:*:*:*:*:*pkg:maven/com.googlecode.java-diff-utils/diffutils@1.3.0 0Highest19
docusign-esign-java-3.18.0.jarpkg:maven/com.docusign/docusign-esign-java@3.18.0 034
docx4j-ImportXHTML-8.3.2.jarpkg:maven/org.docx4j/docx4j-ImportXHTML@8.3.2 029
docx4j-JAXB-ReferenceImpl-11.4.5.jarpkg:maven/org.docx4j/docx4j-JAXB-ReferenceImpl@11.4.5 029
docx4j-core-11.4.5.jarpkg:maven/org.docx4j/docx4j-core@11.4.5 035
docx4j-openxml-objects-11.4.5.jarpkg:maven/org.docx4j/docx4j-openxml-objects@11.4.5 029
docx4j-openxml-objects-pml-11.4.5.jarpkg:maven/org.docx4j/docx4j-openxml-objects-pml@11.4.5 027
docx4j-openxml-objects-sml-11.4.5.jarpkg:maven/org.docx4j/docx4j-openxml-objects-sml@11.4.5 027
dtd-parser-1.4.5.jarpkg:maven/com.sun.xml.dtd-parser/dtd-parser@1.4.5 038
eddsa-0.3.0.jarcpe:2.3:a:4d:4d:0.3.0:*:*:*:*:*:*:*pkg:maven/net.i2p.crypto/eddsa@0.3.0 0Low33
ehcache-3.10.8.jar (shaded: org.ehcache.modules:ehcache-107:3.10.8)pkg:maven/org.ehcache.modules/ehcache-107@3.10.8 021
ehcache-3.10.8.jar (shaded: org.ehcache.modules:ehcache-api:3.10.8)pkg:maven/org.ehcache.modules/ehcache-api@3.10.8 021
ehcache-3.10.8.jar (shaded: org.ehcache.modules:ehcache-core:3.10.8)pkg:maven/org.ehcache.modules/ehcache-core@3.10.8 021
ehcache-3.10.8.jar (shaded: org.ehcache.modules:ehcache-impl:3.10.8)pkg:maven/org.ehcache.modules/ehcache-impl@3.10.8 021
ehcache-3.10.8.jar (shaded: org.ehcache.modules:ehcache-xml-spi:3.10.8)pkg:maven/org.ehcache.modules/ehcache-xml-spi@3.10.8 021
ehcache-3.10.8.jar (shaded: org.ehcache.modules:ehcache-xml:3.10.8)pkg:maven/org.ehcache.modules/ehcache-xml@3.10.8 021
ehcache-3.10.8.jar (shaded: org.ehcache:sizeof:0.4.3)pkg:maven/org.ehcache/sizeof@0.4.3 013
ehcache-3.10.8.jar (shaded: org.terracotta:offheap-store:2.5.3)pkg:maven/org.terracotta/offheap-store@2.5.3 017
ehcache-3.10.8.jar (shaded: org.terracotta:statistics:2.1.2)pkg:maven/org.terracotta/statistics@2.1.2 025
ehcache-3.10.8.jar (shaded: org.terracotta:terracotta-utilities-tools:0.0.15)pkg:maven/org.terracotta/terracotta-utilities-tools@0.0.15 019
ehcache-3.10.8.jarcpe:2.3:a:service_project:service:3.10.8:*:*:*:*:*:*:*pkg:maven/org.ehcache/ehcache@3.10.8 0Low54
ehcache-3.10.8.jar: sizeof-agent.jar 08
error_prone_annotations-2.11.0.jarpkg:maven/com.google.errorprone/error_prone_annotations@2.11.0 023
failureaccess-1.0.1.jarpkg:maven/com.google.guava/failureaccess@1.0.1 028
fast-and-simple-minify-1.0.jarpkg:maven/ch.simschla/fast-and-simple-minify@1.0 028
firebase-admin-8.1.0.jarpkg:maven/com.google.firebase/firebase-admin@8.1.0 034
fontbox-2.0.28.jarpkg:maven/org.apache.pdfbox/fontbox@2.0.28 035
fuzzywuzzy-1.4.0.jar (shaded: me.xdrop:diffutils:1.3)pkg:maven/me.xdrop/diffutils@1.3 07
fuzzywuzzy-1.4.0.jar (shaded: me.xdrop:fuzzywuzzy-build:1.4.0)pkg:maven/me.xdrop/fuzzywuzzy-build@1.4.0 011
fuzzywuzzy-1.4.0.jarpkg:maven/me.xdrop/fuzzywuzzy@1.4.0 025
gax-2.15.0.jarpkg:maven/com.google.api/gax@2.15.0 034
gax-grpc-2.13.0.jarcpe:2.3:a:grpc:grpc:2.13.0:*:*:*:*:*:*:*pkg:maven/com.google.api/gax-grpc@2.13.0 0Highest36
gax-httpjson-0.98.0.jarpkg:maven/com.google.api/gax-httpjson@0.98.0 036
google-api-client-1.34.0.jarpkg:maven/com.google.api-client/google-api-client@1.34.0 034
google-api-client-gson-1.34.0.jarpkg:maven/com.google.api-client/google-api-client-gson@1.34.0 034
google-api-services-calendar-v3-rev20220401-1.32.1.jarpkg:maven/com.google.apis/google-api-services-calendar@v3-rev20220401-1.32.1 026
google-api-services-drive-v3-rev20220214-1.32.1.jarcpe:2.3:a:google:drive:v3.rev20220214.1.32.1:*:*:*:*:*:*:*pkg:maven/com.google.apis/google-api-services-drive@v3-rev20220214-1.32.1 0Highest26
google-api-services-gmail-v1-rev20220404-1.32.1.jarcpe:2.3:a:google:gmail:v1.rev20220404.1.32.1:*:*:*:*:*:*:*pkg:maven/com.google.apis/google-api-services-gmail@v1-rev20220404-1.32.1 0Highest26
google-api-services-plus-v1-rev20190328-1.30.10.jarpkg:maven/com.google.apis/google-api-services-plus@v1-rev20190328-1.30.10 026
google-api-services-sheets-v4-rev20220322-1.32.1.jarpkg:maven/com.google.apis/google-api-services-sheets@v4-rev20220322-1.32.1 026
google-api-services-storage-v1-rev20220401-1.32.1.jarpkg:maven/com.google.apis/google-api-services-storage@v1-rev20220401-1.32.1 026
google-api-services-translate-v2-rev20170525-1.30.1.jarpkg:maven/com.google.apis/google-api-services-translate@v2-rev20170525-1.30.1 026
google-api-services-youtube-v3-rev20220409-1.32.1.jarpkg:maven/com.google.apis/google-api-services-youtube@v3-rev20220409-1.32.1 026
google-auth-library-credentials-1.6.0.jarpkg:maven/com.google.auth/google-auth-library-credentials@1.6.0 023
google-auth-library-oauth2-http-1.6.0.jarpkg:maven/com.google.auth/google-auth-library-oauth2-http@1.6.0 025
google-cloud-core-2.5.11.jarpkg:maven/com.google.cloud/google-cloud-core@2.5.11 029
google-cloud-core-grpc-2.5.11.jarcpe:2.3:a:grpc:grpc:2.5.11:*:*:*:*:*:*:*pkg:maven/com.google.cloud/google-cloud-core-grpc@2.5.11 0Highest31
google-cloud-core-http-2.5.11.jarpkg:maven/com.google.cloud/google-cloud-core-http@2.5.11 031
google-cloud-firestore-2.6.1.jarpkg:maven/com.google.cloud/google-cloud-firestore@2.6.1 099
google-cloud-pubsub-1.116.3.jarpkg:maven/com.google.cloud/google-cloud-pubsub@1.116.3 039
google-cloud-storage-2.5.0.jarcpe:2.3:a:apache:jclouds:2.5.0:*:*:*:*:*:*:*pkg:maven/org.apache.jclouds.provider/google-cloud-storage@2.5.0 0Highest29
google-cloud-storage-2.6.0.jarpkg:maven/com.google.cloud/google-cloud-storage@2.6.0 039
google-http-client-1.41.7.jarpkg:maven/com.google.http-client/google-http-client@1.41.7 034
google-http-client-apache-v2-1.41.7.jarpkg:maven/com.google.http-client/google-http-client-apache-v2@1.41.7 031
google-http-client-appengine-1.41.7.jarpkg:maven/com.google.http-client/google-http-client-appengine@1.41.7 025
google-http-client-gson-1.41.7.jarpkg:maven/com.google.http-client/google-http-client-gson@1.41.7 025
google-http-client-jackson-1.29.2.jarcpe:2.3:a:apache:httpclient:1.29.2:*:*:*:*:*:*:*pkg:maven/com.google.http-client/google-http-client-jackson@1.29.2MEDIUM1Low31
google-http-client-jackson2-1.41.7.jarpkg:maven/com.google.http-client/google-http-client-jackson2@1.41.7 025
google-java-format-1.16.0.jarpkg:maven/com.google.googlejavaformat/google-java-format@1.16.0 033
google-oauth-client-1.33.2.jarcpe:2.3:a:google:oauth_client_library_for_java:1.33.2:*:*:*:*:*:*:*pkg:maven/com.google.oauth-client/google-oauth-client@1.33.2HIGH1Low36
googlecloud-2.5.0.jarcpe:2.3:a:apache:jclouds:2.5.0:*:*:*:*:*:*:*pkg:maven/org.apache.jclouds.common/googlecloud@2.5.0 0Highest31
graphics2d-0.32.jarpkg:maven/de.rototor.pdfbox/graphics2d@0.32 025
graphql-java-20.2.jar (shaded: com.google.guava:guava:31.0.1-jre)cpe:2.3:a:google:guava:31.0.1:*:*:*:*:*:*:*pkg:maven/com.google.guava/guava@31.0.1-jreHIGH2Highest11
graphql-java-20.2.jar (shaded: org.antlr:antlr4-runtime:4.9.3)pkg:maven/org.antlr/antlr4-runtime@4.9.3 09
graphql-java-20.2.jarcpe:2.3:a:graphql-java:graphql-java:20.2:*:*:*:*:*:*:*
cpe:2.3:a:graphql-java_project:graphql-java:20.2:*:*:*:*:*:*:*
pkg:maven/com.graphql-java/graphql-java@20.2 0Highest26
grpc-core-1.45.0.jarcpe:2.3:a:grpc:grpc:1.45.0:*:*:*:*:*:*:*pkg:maven/io.grpc/grpc-core@1.45.0HIGH*4Highest29
grpc-netty-shaded-1.45.0.jar: io_grpc_netty_shaded_netty_tcnative_windows_x86_64.dll 02
grpc-protobuf-1.45.0.jarcpe:2.3:a:grpc:grpc:1.45.0:*:*:*:*:*:*:*
cpe:2.3:a:protobuf:protobuf:1.45.0:*:*:*:*:*:*:*
pkg:maven/io.grpc/grpc-protobuf@1.45.0HIGH*4Highest31
gson-2.8.9.jarcpe:2.3:a:google:gson:2.8.9:*:*:*:*:*:*:*pkg:maven/com.google.code.gson/gson@2.8.9 0Highest29
guava-31.1-jre.jarcpe:2.3:a:google:guava:31.1:*:*:*:*:*:*:*pkg:maven/com.google.guava/guava@31.1-jreHIGH2Highest25
guice-5.0.1.jarpkg:maven/com.google.inject/guice@5.0.1 034
guice-assistedinject-5.0.1.jarpkg:maven/com.google.inject.extensions/guice-assistedinject@5.0.1 031
h2-2.1.214.jarcpe:2.3:a:h2database:h2:2.1.214:*:*:*:*:*:*:*pkg:maven/com.h2database/h2@2.1.214HIGH2Highest44
h2-2.1.214.jar: data.zip: table.js 00
h2-2.1.214.jar: data.zip: tree.js 00
hadoop-hdfs-client-3.3.1.jarcpe:2.3:a:apache:hadoop:3.3.1:*:*:*:*:*:*:*pkg:maven/org.apache.hadoop/hadoop-hdfs-client@3.3.1CRITICAL6Highest27
hamcrest-core-1.3.jarpkg:maven/org.hamcrest/hamcrest-core@1.3 024
highlight.js:11.7.0cpe:2.3:a:highlightjs:highlight.js:11.7.0:*:*:*:*:*:*:*pkg:npm/highlight.js@11.7.0 0Highest8
hk2-api-2.6.1.jarpkg:maven/org.glassfish.hk2/hk2-api@2.6.1 025
hk2-locator-2.6.1.jarcpe:2.3:a:service_project:service:2.6.1:*:*:*:*:*:*:*pkg:maven/org.glassfish.hk2/hk2-locator@2.6.1 0Low21
hk2-utils-2.6.1.jarcpe:2.3:a:utils_project:utils:2.6.1:*:*:*:*:*:*:*pkg:maven/org.glassfish.hk2/hk2-utils@2.6.1 0Highest27
hsqldb-2.7.1.jarcpe:2.3:a:hsqldb:hypersql_database:2.7.1:*:*:*:*:*:*:*pkg:maven/org.hsqldb/hsqldb@2.7.1 0Low47
html5-qrcode:2.3.8pkg:npm/html5-qrcode@2.3.8 08
httpasyncclient-4.1.5.jarcpe:2.3:a:apache:httpasyncclient:4.1.5:*:*:*:*:*:*:*pkg:maven/org.apache.httpcomponents/httpasyncclient@4.1.5 0Highest28
httpclient-4.5.14.jarcpe:2.3:a:apache:httpclient:4.5.14:*:*:*:*:*:*:*pkg:maven/org.apache.httpcomponents/httpclient@4.5.14 0Highest32
httpcore-4.4.16.jarpkg:maven/org.apache.httpcomponents/httpcore@4.4.16 032
httpcore-nio-4.4.16.jarpkg:maven/org.apache.httpcomponents/httpcore-nio@4.4.16 030
httpmime-4.5.14.jarpkg:maven/org.apache.httpcomponents/httpmime@4.5.14 030
icu4j-73.1.jarcpe:2.3:a:icu-project:international_components_for_unicode:73.1:*:*:*:*:*:*:*
cpe:2.3:a:unicode:international_components_for_unicode:73.1:*:*:*:*:*:*:*
pkg:maven/com.ibm.icu/icu4j@73.1 0Low79
istack-commons-runtime-4.0.1.jarpkg:maven/com.sun.istack/istack-commons-runtime@4.0.1 033
istack-commons-tools-4.0.1.jarpkg:maven/com.sun.istack/istack-commons-tools@4.0.1 035
itext-2.1.7.jarcpe:2.3:a:itextpdf:itext:2.1.7:*:*:*:*:*:*:*pkg:maven/com.lowagie/itext@2.1.7HIGH3High47
j2objc-annotations-1.3.jarpkg:maven/com.google.j2objc/j2objc-annotations@1.3 024
jackcess-4.0.5.jarpkg:maven/com.healthmarketscience.jackcess/jackcess@4.0.5 042
jackcess-encrypt-4.0.2.jarpkg:maven/com.healthmarketscience.jackcess/jackcess-encrypt@4.0.2 038
jackson-core-2.14.2.jarcpe:2.3:a:fasterxml:jackson-modules-java8:2.14.2:*:*:*:*:*:*:*pkg:maven/com.fasterxml.jackson.core/jackson-core@2.14.2 0Low45
jackson-core-asl-1.9.13.jarpkg:maven/org.codehaus.jackson/jackson-core-asl@1.9.13 038
jackson-databind-2.14.2.jarcpe:2.3:a:fasterxml:jackson-databind:2.14.2:*:*:*:*:*:*:*
cpe:2.3:a:fasterxml:jackson-modules-java8:2.14.2:*:*:*:*:*:*:*
pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.14.2MEDIUM1Highest41
jackson-dataformat-csv-2.14.2.jarcpe:2.3:a:fasterxml:jackson-dataformat-xml:2.14.2:*:*:*:*:*:*:*pkg:maven/com.fasterxml.jackson.dataformat/jackson-dataformat-csv@2.14.2 0Highest39
jackson-datatype-guava-2.14.2.jarpkg:maven/com.fasterxml.jackson.datatype/jackson-datatype-guava@2.14.2 039
jackson-datatype-joda-2.14.2.jarpkg:maven/com.fasterxml.jackson.datatype/jackson-datatype-joda@2.14.2 041
jackson-jaxrs-base-2.14.2.jarpkg:maven/com.fasterxml.jackson.jaxrs/jackson-jaxrs-base@2.14.2 037
jackson-jaxrs-json-provider-2.14.2.jarpkg:maven/com.fasterxml.jackson.jaxrs/jackson-jaxrs-json-provider@2.14.2 037
jackson-jaxrs-xml-provider-2.14.2.jarpkg:maven/com.fasterxml.jackson.jaxrs/jackson-jaxrs-xml-provider@2.14.2 037
jackson-module-jaxb-annotations-2.14.2.jarpkg:maven/com.fasterxml.jackson.module/jackson-module-jaxb-annotations@2.14.2 039
jai-imageio-core-1.4.0.jarpkg:maven/com.github.jai-imageio/jai-imageio-core@1.4.0 042
jakarta.activation-1.2.2.jarpkg:maven/com.sun.activation/jakarta.activation@1.2.2 033
jakarta.activation-api-2.1.1.jarpkg:maven/jakarta.activation/jakarta.activation-api@2.1.1 045
jakarta.annotation-api-1.3.5.jarcpe:2.3:a:oracle:projects:1.3.5:*:*:*:*:*:*:*pkg:maven/jakarta.annotation/jakarta.annotation-api@1.3.5 0Low35
jakarta.inject-2.6.1.jarpkg:maven/org.glassfish.hk2.external/jakarta.inject@2.6.1 027
jakarta.jms-api-2.0.3.jarpkg:maven/jakarta.jms/jakarta.jms-api@2.0.3 033
jakarta.mail-2.0.1.jar (shaded: jakarta.mail:jakarta.mail-api:2.1.1)pkg:maven/jakarta.mail/jakarta.mail-api@2.1.1 012
jakarta.mail-2.0.1.jar (shaded: org.eclipse.angus:angus-core:2.0.1)pkg:maven/org.eclipse.angus/angus-core@2.0.1 09
jakarta.mail-2.0.1.jar (shaded: org.eclipse.angus:angus-mail:2.0.1)pkg:maven/org.eclipse.angus/angus-mail@2.0.1 09
jakarta.mail-2.0.1.jar (shaded: org.eclipse.angus:imap:2.0.1)pkg:maven/org.eclipse.angus/imap@2.0.1 09
jakarta.mail-2.0.1.jar (shaded: org.eclipse.angus:logging-mailhandler:2.0.1)pkg:maven/org.eclipse.angus/logging-mailhandler@2.0.1 09
jakarta.mail-2.0.1.jar (shaded: org.eclipse.angus:pop3:2.0.1)pkg:maven/org.eclipse.angus/pop3@2.0.1 09
jakarta.mail-2.0.1.jar (shaded: org.eclipse.angus:smtp:2.0.1)pkg:maven/org.eclipse.angus/smtp@2.0.1 09
jakarta.mail-2.0.1.jarcpe:2.3:a:service_project:service:2.0.1:*:*:*:*:*:*:*pkg:maven/org.eclipse.angus/jakarta.mail@2.0.1 0Low36
jakarta.validation-api-2.0.2.jarpkg:maven/jakarta.validation/jakarta.validation-api@2.0.2 056
jakarta.ws.rs-api-2.1.6.jarcpe:2.3:a:web_project:web:2.1.6:*:*:*:*:*:*:*pkg:maven/jakarta.ws.rs/jakarta.ws.rs-api@2.1.6 0Low43
jakarta.xml.bind-api-4.0.0.jarpkg:maven/jakarta.xml.bind/jakarta.xml.bind-api@4.0.0 031
java-dataloader-3.2.0.jarpkg:maven/com.graphql-java/java-dataloader@3.2.0 031
java-jwt-4.4.0.jarpkg:maven/com.auth0/java-jwt@4.4.0 039
java-libpst-0.9.3.jarpkg:maven/com.pff/java-libpst@0.9.3 020
java-saml-2.9.0.jarpkg:maven/com.onelogin/java-saml@2.9.0 018
java-saml-core-2.9.0.jarpkg:maven/com.onelogin/java-saml-core@2.9.0 017
javase-3.0.1.jarpkg:maven/com.google.zxing/javase@3.0.1 023
javassist-3.22.0-CR2.jarpkg:maven/org.javassist/javassist@3.22.0-CR2 056
javax.activation-api-1.2.0.jarpkg:maven/javax.activation/javax.activation-api@1.2.0 039
javax.annotation-api-1.3.2.jarpkg:maven/javax.annotation/javax.annotation-api@1.3.2 048
javax.ejb-api-3.2.2.jarpkg:maven/javax.ejb/javax.ejb-api@3.2.2 046
javax.inject-1.jarpkg:maven/javax.inject/javax.inject@1 020
javax.jms-api-2.0.1.jarcpe:2.3:a:oracle:projects:2.0.1:*:*:*:*:*:*:*pkg:maven/javax.jms/javax.jms-api@2.0.1 0Low34
javax.servlet-api-4.0.1.jarcpe:2.3:a:oracle:java_se:4.0.1:*:*:*:*:*:*:*pkg:maven/javax.servlet/javax.servlet-api@4.0.1 0Medium48
javax.servlet.jsp-api-2.3.3.jarcpe:2.3:a:oracle:java_se:2.3.3:*:*:*:*:*:*:*
cpe:2.3:a:oracle:jsp:2.3.3:*:*:*:*:*:*:*
pkg:maven/javax.servlet.jsp/javax.servlet.jsp-api@2.3.3 0High46
javax.transaction-api-1.3.jarpkg:maven/javax.transaction/javax.transaction-api@1.3 048
javax.websocket-api-1.1.jarpkg:maven/javax.websocket/javax.websocket-api@1.1 030
javax.ws.rs-api-2.0.1.jarpkg:maven/javax.ws.rs/javax.ws.rs-api@2.0.1 057
jawk-1.02.jarpkg:maven/org.jawk/jawk@1.02 012
jaxb-api-2.3.1.jarpkg:maven/javax.xml.bind/jaxb-api@2.3.1 035
jaxb-core-3.0.2.jarcpe:2.3:a:eclipse:glassfish:3.0.2:*:*:*:*:*:*:*pkg:maven/org.glassfish.jaxb/jaxb-core@3.0.2 0Highest45
jaxb-impl-2.3.3.jar (shaded: com.sun.istack:istack-commons-runtime:3.0.11)pkg:maven/com.sun.istack/istack-commons-runtime@3.0.11 09
jaxb-impl-2.3.3.jar (shaded: org.glassfish.jaxb:jaxb-runtime:2.3.3)pkg:maven/org.glassfish.jaxb/jaxb-runtime@2.3.3 011
jaxb-impl-2.3.3.jar (shaded: org.glassfish.jaxb:txw2:2.3.3)pkg:maven/org.glassfish.jaxb/txw2@2.3.3 011
jaxb-impl-2.3.3.jarpkg:maven/com.sun.xml.bind/jaxb-impl@2.3.3 041
jaxb-svg11-11.4.0.jarpkg:maven/org.plutext/jaxb-svg11@11.4.0 033
jbig2-imageio-3.0.4.jarcpe:2.3:a:apache:pdfbox:3.0.4:*:*:*:*:*:*:*pkg:maven/org.apache.pdfbox/jbig2-imageio@3.0.4 0Highest130
jcl-over-slf4j-1.7.36.jarpkg:maven/org.slf4j/jcl-over-slf4j@1.7.36 033
jclouds-core-2.5.0.jarcpe:2.3:a:apache:jclouds:2.5.0:*:*:*:*:*:*:*pkg:maven/org.apache.jclouds/jclouds-core@2.5.0 0Highest27
jdom2-2.0.6.1.jarcpe:2.3:a:jdom:jdom:2.0.6.1:*:*:*:*:*:*:*pkg:maven/org.jdom/jdom2@2.0.6.1 0Highest60
jedis-4.3.1.jarpkg:maven/redis.clients/jedis@4.3.1 025
jempbox-1.8.17.jarcpe:2.3:a:apache:pdfbox:1.8.17:*:*:*:*:*:*:*pkg:maven/org.apache.pdfbox/jempbox@1.8.17 0Highest31
jersey-common-2.29.1.jarcpe:2.3:a:jersey_project:jersey:2.29.1:*:*:*:*:*:*:*pkg:maven/org.glassfish.jersey.core/jersey-common@2.29.1MEDIUM1Highest29
jersey-hk2-2.29.1.jarcpe:2.3:a:jersey_project:jersey:2.29.1:*:*:*:*:*:*:*pkg:maven/org.glassfish.jersey.inject/jersey-hk2@2.29.1 0Highest27
jfreechart-1.5.4.jarcpe:2.3:a:time_project:time:1.5.4:*:*:*:*:*:*:*pkg:maven/org.jfree/jfreechart@1.5.4HIGH3Low37
jhighlight-1.1.0.jarpkg:maven/org.codelibs/jhighlight@1.1.0 021
jjwt-api-0.11.2.jarpkg:maven/io.jsonwebtoken/jjwt-api@0.11.2 031
jjwt-impl-0.11.2.jarpkg:maven/io.jsonwebtoken/jjwt-impl@0.11.2 035
jjwt-jackson-0.11.2.jarpkg:maven/io.jsonwebtoken/jjwt-jackson@0.11.2 035
jlessc-1.10.jarpkg:maven/de.inetsoftware/jlessc@1.10 033
jlessc-ant-1.10.jarpkg:maven/com.simplicite.ant/jlessc-ant@1.10
pkg:maven/com.simplicite/jlessc-ant@1.10
 028
jmatio-1.5.jarpkg:maven/org.tallison/jmatio@1.5 026
jmustache-1.15.jarpkg:maven/com.samskivert/jmustache@1.15 028
joda-time-2.12.4.jarpkg:maven/joda-time/joda-time@2.12.4 047
jose4j-0.9.3.jarcpe:2.3:a:jose4j_project:jose4j:0.9.3:*:*:*:*:*:*:*pkg:maven/org.bitbucket.b_c/jose4j@0.9.3HIGH1Highest39
jquery:3.6.4cpe:2.3:a:jquery:jquery:3.6.4:*:*:*:*:*:*:*pkg:npm/jquery@3.6.4 0Highest9
js-beautify:1.14.7cpe:2.3:a:js-beautify_project:js-beautify:1.14.7:*:*:*:*:*:*:*pkg:npm/js-beautify@1.14.7 0Highest8
jshint:2.13.6pkg:npm/jshint@2.13.6 010
json-20231013.jarcpe:2.3:a:json-java_project:json-java:20231013:*:*:*:*:*:*:*pkg:maven/org.json/json@20231013 0Highest32
json-path-2.8.0.jarcpe:2.3:a:json-path:jayway_jsonpath:2.8.0:*:*:*:*:*:*:*pkg:maven/com.jayway.jsonpath/json-path@2.8.0MEDIUM1Highest32
json-simple-1.1.1.jarpkg:maven/com.googlecode.json-simple/json-simple@1.1.1 025
json-smart-2.4.10.jarcpe:2.3:a:json-smart_project:json-smart:2.4.10:*:*:*:*:*:*:*
cpe:2.3:a:json-smart_project:json-smart-v2:2.4.10:*:*:*:*:*:*:*
pkg:maven/net.minidev/json-smart@2.4.10 0Highest51
jsoup-1.16.1.jarcpe:2.3:a:jsoup:jsoup:1.16.1:*:*:*:*:*:*:*pkg:maven/org.jsoup/jsoup@1.16.1 0Highest40
jsr305-3.0.2.jarpkg:maven/com.google.code.findbugs/jsr305@3.0.2 017
jszip-utils:0.1.0pkg:npm/jszip-utils@0.1.0 06
jszip:3.10.1cpe:2.3:a:jszip_project:jszip:3.10.1:*:*:*:*:*:*:*pkg:npm/jszip@3.10.1 0Highest6
jtidy-r938.jarcpe:2.3:a:jtidy_project:jtidy:r938:*:*:*:*:*:*:*pkg:maven/net.sf.jtidy/jtidy@r938HIGH1Highest53
jul-to-slf4j-1.7.36.jarpkg:maven/org.slf4j/jul-to-slf4j@1.7.36 028
junit-4.13.2.jarcpe:2.3:a:junit:junit4:4.13.2:*:*:*:*:*:*:*pkg:maven/junit/junit@4.13.2 0Low53
juniversalchardet-2.4.0.jarpkg:maven/com.github.albfernandez/juniversalchardet@2.4.0 029
junrar-7.5.4.jarcpe:2.3:a:junrar_project:junrar:7.5.4:*:*:*:*:*:*:*pkg:maven/com.github.junrar/junrar@7.5.4 0Highest24
jwarc-0.21.0.jarcpe:2.3:a:alex_project:alex:0.21.0:*:*:*:*:*:*:*pkg:maven/org.netpreserve/jwarc@0.21.0 0Low27
jwarc-0.21.0.jar: inject.js 00
jwarc-0.21.0.jar: sw.js 00
kafka-clients-3.5.1.jarcpe:2.3:a:apache:kafka:3.5.1:*:*:*:*:*:*:*pkg:maven/org.apache.kafka/kafka-clients@3.5.1 0Highest24
leaflet.markercluster:1.5.3pkg:npm/leaflet.markercluster@1.5.3 05
leaflet:1.9.3pkg:npm/leaflet@1.9.3 06
libphonenumber-8.13.11.jarpkg:maven/com.googlecode.libphonenumber/libphonenumber@8.13.11 022
listenablefuture-9999.0-empty-to-avoid-conflict-with-guava.jarpkg:maven/com.google.guava/listenablefuture@9999.0-empty-to-avoid-conflict-with-guava 013
log4j-core-2.21.0.jarcpe:2.3:a:apache:log4j:2.21.0:*:*:*:*:*:*:*pkg:maven/org.apache.logging.log4j/log4j-core@2.21.0 0Highest33
log4j-slf4j-impl-2.21.0.jarpkg:maven/org.apache.logging.log4j/log4j-slf4j-impl@2.21.0 029
lucene-core-9.5.0.jarpkg:maven/org.apache.lucene/lucene-core@9.5.0 030
lz4-java-1.8.0.jarpkg:maven/org.lz4/lz4-java@1.8.0 037
marked:4.3.0cpe:2.3:a:marked_project:marked:4.3.0:*:*:*:*:*:*:*pkg:npm/marked@4.3.0 0Highest8
mbassador-1.3.2.jarpkg:maven/net.engio/mbassador@1.3.2 029
mchange-commons-java-0.2.19.jarpkg:maven/com.mchange/mchange-commons-java@0.2.19 029
metadata-extractor-2.18.0.jarcpe:2.3:a:metadata-extractor_project:metadata-extractor:2.18.0:*:*:*:*:*:*:*pkg:maven/com.drewnoakes/metadata-extractor@2.18.0 0Highest33
migbase64-2.2.jarpkg:maven/com.brsanthu/migbase64@2.2 038
mimepull-1.9.11.jarpkg:maven/org.jvnet.mimepull/mimepull@1.9.11 037
mockito-core-5.3.0.jarpkg:maven/org.mockito/mockito-core@5.3.0 041
moment-timezone:0.5.43pkg:npm/moment-timezone@0.5.43 08
moment:2.29.4cpe:2.3:a:momentjs:moment:2.29.4:*:*:*:*:*:*:*pkg:npm/moment@2.29.4 0Highest8
mongodb-driver-core-3.12.13.jarcpe:2.3:a:mongodb:java_driver:3.12.13:*:*:*:*:*:*:*pkg:maven/org.mongodb/mongodb-driver-core@3.12.13 0Highest28
mssql-jdbc-12.6.2.jre11.jarcpe:2.3:a:www-sql_project:www-sql:12.6.2.jre11:*:*:*:*:*:*:*pkg:maven/com.microsoft.sqlserver/mssql-jdbc@12.6.2
pkg:maven/com.microsoft.sqlserver/mssql-jdbc@12.6.2.jre11
 0Highest36
mustache:4.2.0pkg:npm/mustache@4.2.0 07
mysql-connector-j-8.4.0.jarcpe:2.3:a:mysql:mysql:8.4.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql_connector\/j:8.4.0:*:*:*:*:*:*:*
pkg:maven/com.mysql/mysql-connector-j@8.4.0 0Highest52
netty-codec-http-4.1.91.Final.jarcpe:2.3:a:netty:netty:4.1.91:*:*:*:*:*:*:*pkg:maven/io.netty/netty-codec-http@4.1.91.FinalHIGH*3Highest34
netty-codec-mqtt-4.1.91.Final.jarcpe:2.3:a:mqtt:mqtt:4.1.91:*:*:*:*:*:*:*
cpe:2.3:a:netty:netty:4.1.91:*:*:*:*:*:*:*
pkg:maven/io.netty/netty-codec-mqtt@4.1.91.FinalHIGH*2Highest34
netty-common-4.1.91.Final.jar (shaded: org.jctools:jctools-core:3.1.0)pkg:maven/org.jctools/jctools-core@3.1.0 09
netty-transport-4.1.91.Final.jarcpe:2.3:a:netty:netty:4.1.91:*:*:*:*:*:*:*pkg:maven/io.netty/netty-transport@4.1.91.FinalHIGH*2Highest32
netty-transport-native-kqueue-4.1.75.Final-osx-x86_64.jarcpe:2.3:a:netty:netty:4.1.75:*:*:*:*:*:*:*pkg:maven/io.netty/netty-transport-native-kqueue@4.1.75.FinalHIGH*4Highest30
oauth-2.5.0.jarcpe:2.3:a:apache:jclouds:2.5.0:*:*:*:*:*:*:*pkg:maven/org.apache.jclouds.api/oauth@2.5.0 0Highest31
objenesis-3.3.jarpkg:maven/org.objenesis/objenesis@3.3 027
ojdbc11-23.4.0.24.05.jarcpe:2.3:a:oracle:jdbc:23.4.0.24.05:*:*:*:*:*:*:*pkg:maven/com.oracle.database.jdbc/ojdbc11@23.4.0.24.05 0Highest33
okhttp-2.7.5.jarcpe:2.3:a:squareup:okhttp:2.7.5:*:*:*:*:*:*:*pkg:maven/com.squareup.okhttp/okhttp@2.7.5HIGH2Highest22
okio-1.6.0.jarcpe:2.3:a:squareup:okio:1.6.0:*:*:*:*:*:*:*pkg:maven/com.squareup.okio/okio@1.6.0HIGH1Highest16
opencensus-api-0.31.0.jarpkg:maven/io.opencensus/opencensus-api@0.31.0 033
opencensus-contrib-grpc-util-0.28.0.jarpkg:maven/io.opencensus/opencensus-contrib-grpc-util@0.28.0 037
opencensus-contrib-http-util-0.31.0.jarpkg:maven/io.opencensus/opencensus-contrib-http-util@0.31.0 037
opencensus-proto-0.2.0.jarpkg:maven/io.opencensus/opencensus-proto@0.2.0 035
opencsv-5.7.1.jarpkg:maven/com.opencsv/opencsv@5.7.1 035
openhtmltopdf-core-1.0.10.jarpkg:maven/com.openhtmltopdf/openhtmltopdf-core@1.0.10 025
openhtmltopdf-pdfbox-1.0.10.jarcpe:2.3:a:apache:pdfbox:1.0.10:*:*:*:*:*:*:*pkg:maven/com.openhtmltopdf/openhtmltopdf-pdfbox@1.0.10 0High21
openstack-keystone-2.5.0.jarcpe:2.3:a:apache:jclouds:2.5.0:*:*:*:*:*:*:*
cpe:2.3:a:openstack:keystone:2.5.0:*:*:*:*:*:*:*
cpe:2.3:a:openstack:openstack:2.5.0:*:*:*:*:*:*:*
pkg:maven/org.apache.jclouds.api/openstack-keystone@2.5.0HIGH7Highest33
openstack-swift-2.5.0.jarcpe:2.3:a:apache:jclouds:2.5.0:*:*:*:*:*:*:*
cpe:2.3:a:openstack:openstack:2.5.0:*:*:*:*:*:*:*
cpe:2.3:a:openstack:swift:2.5.0:*:*:*:*:*:*:*
pkg:maven/org.apache.jclouds.api/openstack-swift@2.5.0CRITICAL4Highest33
org.apache.oltu.oauth2.client-1.0.2.jarpkg:maven/org.apache.oltu.oauth2/org.apache.oltu.oauth2.client@1.0.2 032
org.apache.oltu.oauth2.common-1.0.2.jarpkg:maven/org.apache.oltu.oauth2/org.apache.oltu.oauth2.common@1.0.2 032
org.eclipse.jgit-6.5.0.202303070854-r.jarcpe:2.3:a:eclipse:jgit:6.5.0:202303070854:*:*:*:*:*:*pkg:maven/org.eclipse.jgit/org.eclipse.jgit@6.5.0.202303070854-rHIGH1Highest38
org.eclipse.jgit.http.server-6.5.0.202303070854-r.jarcpe:2.3:a:eclipse:jgit:6.5.0:202303070854:*:*:*:*:*:*pkg:maven/org.eclipse.jgit/org.eclipse.jgit.http.server@6.5.0.202303070854-r 0Highest40
org.eclipse.paho.client.mqttv3-1.2.5.jarcpe:2.3:a:eclipse:paho_java_client:1.2.5:*:*:*:*:*:*:*pkg:maven/org.eclipse.paho/org.eclipse.paho.client.mqttv3@1.2.5 0Highest32
osgi-resource-locator-1.0.3.jarcpe:2.3:a:eclipse:glassfish:1.0.3:*:*:*:*:*:*:*pkg:maven/org.glassfish.hk2/osgi-resource-locator@1.0.3 0Medium34
package.json 00
parso-2.0.14.jarcpe:2.3:a:parso_project:parso:2.0.14:*:*:*:*:*:*:*pkg:maven/com.epam/parso@2.0.14 0Highest34
pdfbox-2.0.28.jarcpe:2.3:a:apache:pdfbox:2.0.28:*:*:*:*:*:*:*pkg:maven/org.apache.pdfbox/pdfbox@2.0.28 0Highest33
perfmark-api-0.23.0.jarpkg:maven/io.perfmark/perfmark-api@0.23.0 026
poi-5.2.3.jarcpe:2.3:a:apache:poi:5.2.3:*:*:*:*:*:*:*pkg:maven/org.apache.poi/poi@5.2.3 0Highest35
postgresql-42.7.3.jarcpe:2.3:a:postgresql:postgresql_jdbc_driver:42.7.3:*:*:*:*:*:*:*pkg:maven/org.postgresql/postgresql@42.7.3 0Low68
preflight-2.0.28.jarcpe:2.3:a:apache:pdfbox:2.0.28:*:*:*:*:*:*:*pkg:maven/org.apache.pdfbox/preflight@2.0.28 0Highest35
proto-google-cloud-firestore-bundle-v1-2.6.1.jarpkg:maven/com.google.cloud/proto-google-cloud-firestore-bundle-v1@2.6.1 099
proto-google-cloud-firestore-v1-2.6.1.jarpkg:maven/com.google.api.grpc/proto-google-cloud-firestore-v1@2.6.1 099
proto-google-cloud-pubsub-v1-1.98.3.jarpkg:maven/com.google.api.grpc/proto-google-cloud-pubsub-v1@1.98.3 039
proto-google-common-protos-2.8.0.jarpkg:maven/com.google.api.grpc/proto-google-common-protos@2.8.0 037
proto-google-iam-v1-1.2.10.jarpkg:maven/com.google.api.grpc/proto-google-iam-v1@1.2.10 039
protobuf-java-3.22.3.jarcpe:2.3:a:google:protobuf-java:3.22.3:*:*:*:*:*:*:*
cpe:2.3:a:protobuf:protobuf:3.22.3:*:*:*:*:*:*:*
pkg:maven/com.google.protobuf/protobuf-java@3.22.3 0Highest19
proton-j-0.33.10.jarcpe:2.3:a:apache:qpid:0.33.10:*:*:*:*:*:*:*
cpe:2.3:a:apache:qpid_proton:0.33.10:*:*:*:*:*:*:*
cpe:2.3:a:apache:qpid_proton-j:0.33.10:*:*:*:*:*:*:*
cpe:2.3:a:proton_project:proton:0.33.10:*:*:*:*:*:*:*
pkg:maven/org.apache.qpid/proton-j@0.33.10 0Highest28
qdox-1.12.jarpkg:maven/com.thoughtworks.qdox/qdox@1.12 050
qpid-jms-client-1.6.0.jarcpe:2.3:a:apache:qpid:1.6.0:*:*:*:*:*:*:*pkg:maven/org.apache.qpid/qpid-jms-client@1.6.0 0Highest25
qrgen-1.4.jarpkg:maven/net.glxn/qrgen@1.4 030
quartz-2.3.2.jarcpe:2.3:a:softwareag:quartz:2.3.2:*:*:*:*:*:*:*pkg:maven/org.quartz-scheduler/quartz@2.3.2CRITICAL1Highest33
re2j-1.5.jarpkg:maven/com.google.re2j/re2j@1.5 028
reactive-streams-1.0.3.jarpkg:maven/org.reactivestreams/reactive-streams@1.0.3 027
relaxng-datatype-3.0.2.jarpkg:maven/com.sun.xml.bind.external/relaxng-datatype@3.0.2 036
rhino-1.7.13.jarpkg:maven/org.mozilla/rhino@1.7.13 031
rhino-1.7.13.jar: test.js 00
rhino-js-engine-1.7.10.jarpkg:maven/cat.inspiracio/rhino-js-engine@1.7.10 032
rhino-js-engine-1.7.10.jar: toplevel.js 00
rngom-3.0.2.jarpkg:maven/com.sun.xml.bind.external/rngom@3.0.2 038
rome-1.18.0.jarpkg:maven/com.rometools/rome@1.18.0 032
rome-utils-1.18.0.jarcpe:2.3:a:utils_project:utils:1.18.0:*:*:*:*:*:*:*pkg:maven/com.rometools/rome-utils@1.18.0 0Highest21
s3-2.5.0.jarcpe:2.3:a:apache:jclouds:2.5.0:*:*:*:*:*:*:*pkg:maven/org.apache.jclouds.api/s3@2.5.0 0Highest31
select2-theme-bootstrap4:1.0.2pkg:npm/select2-theme-bootstrap4@1.0.2 08
select2:4.0.13cpe:2.3:a:select2:select2:4.0.13:*:*:*:*:*:*:*pkg:npm/select2@4.0.13 0Highest9
semver4j-5.2.2.jarpkg:maven/org.semver4j/semver4j@5.2.2 023
serializer-2.7.3.jarpkg:maven/xalan/serializer@2.7.3 022
signature_pad:4.1.5pkg:npm/signature_pad@4.1.5 09
simplicite-bootstrap-datetimepicker:1.1.0pkg:npm/simplicite-bootstrap-datetimepicker@1.1.0 07
simplicite:3.0.1pkg:npm/simplicite@3.0.1 08
slf4j-api-1.7.36.jarpkg:maven/org.slf4j/slf4j-api@1.7.36 029
snakeyaml-2.0.jarcpe:2.3:a:snakeyaml_project:snakeyaml:2.0:*:*:*:*:*:*:*pkg:maven/org.yaml/snakeyaml@2.0 0Highest42
snappy-java-1.1.10.1.jarcpe:2.3:a:xerial:snappy-java:1.1.10.1:*:*:*:*:*:*:*pkg:maven/org.xerial.snappy/snappy-java@1.1.10.1HIGH1Highest44
snappy-java-1.1.10.1.jar: snappyjava.dll 02
snappy-java-1.1.10.1.jar: snappyjava.dll 02
spectrum-colorpicker:1.8.1pkg:npm/spectrum-colorpicker@1.8.1 09
sqlite-jdbc-3.45.2.0.jarcpe:2.3:a:sqlite:sqlite:3.45.2.0:*:*:*:*:*:*:*
cpe:2.3:a:sqlite_jdbc_project:sqlite_jdbc:3.45.2.0:*:*:*:*:*:*:*
pkg:maven/org.xerial/sqlite-jdbc@3.45.2.0 0Highest38
sqlite-jdbc-3.45.2.0.jar: sqlitejdbc.dll 02
sqlite-jdbc-3.45.2.0.jar: sqlitejdbc.dll 02
sqlite-jdbc-3.45.2.0.jar: sqlitejdbc.dll 02
sqlite-jdbc-3.45.2.0.jar: sqlitejdbc.dll 02
sshd-core-2.9.2.jarcpe:2.3:a:apache:sshd:2.9.2:*:*:*:*:*:*:*pkg:maven/org.apache.sshd/sshd-core@2.9.2MEDIUM2Highest26
stax2-api-4.2.1.jarpkg:maven/org.codehaus.woodstox/stax2-api@4.2.1 052
stringtemplate-3.2.1.jarcpe:2.3:a:temporal:temporal:3.2.1:*:*:*:*:*:*:*pkg:maven/org.antlr/stringtemplate@3.2.1 0Low38
stripe-java-20.113.0.jarcpe:2.3:a:stripe:stripe:20.113.0:*:*:*:*:*:*:*pkg:maven/com.stripe/stripe-java@20.113.0 0Highest32
sts-2.5.0.jarcpe:2.3:a:apache:jclouds:2.5.0:*:*:*:*:*:*:*pkg:maven/org.apache.jclouds.api/sts@2.5.0 0Highest31
swagger-annotations-1.5.18.jarpkg:maven/io.swagger/swagger-annotations@1.5.18 029
swagger-core-2.2.9.jarcpe:2.3:a:http-swagger_project:http-swagger:2.2.9:*:*:*:*:*:*:*pkg:maven/io.swagger.core.v3/swagger-core@2.2.9 0Low38
swagger-ui-dist:4.18.2pkg:npm/swagger-ui-dist@4.18.2 04
tagsoup-1.2.1.jarpkg:maven/org.ccil.cowan.tagsoup/tagsoup@1.2.1 024
threeten-extra-1.7.2.jarpkg:maven/org.threeten/threeten-extra@1.7.2 038
threetenbp-1.6.8.jarpkg:maven/org.threeten/threetenbp@1.6.8MEDIUM240
tika-core-2.7.0.jarcpe:2.3:a:apache:tika:2.7.0:*:*:*:*:*:*:*pkg:maven/org.apache.tika/tika-core@2.7.0 0Highest40
tika-parsers-standard-package-2.7.0.jar (shaded: org.apache.tika:tika-parser-cad-module:2.7.0)cpe:2.3:a:apache:tika:2.7.0:*:*:*:*:*:*:*pkg:maven/org.apache.tika/tika-parser-cad-module@2.7.0 0Highest9
tinymce-i18n:24.5.8pkg:npm/tinymce-i18n@24.5.8 06
tinymce:6.8.3cpe:2.3:a:tiny:tinymce:6.8.3:*:*:*:*:*:*:*
cpe:2.3:a:tinymce:tinymce:6.8.3:*:*:*:*:*:*:*
pkg:npm/tinymce@6.8.3MEDIUM2Highest8
totp-1.7.1.jarcpe:2.3:a:time_project:time:1.7.1:*:*:*:*:*:*:*pkg:maven/dev.samstevens.totp/totp@1.7.1 0Low26
twilio-8.29.0.jarpkg:maven/com.twilio.sdk/twilio@8.29.0 028
txw2-3.0.2.jarcpe:2.3:a:eclipse:glassfish:3.0.2:*:*:*:*:*:*:*pkg:maven/org.glassfish.jaxb/txw2@3.0.2 0Highest35
unirest-java-3.14.2.jarpkg:maven/com.konghq/unirest-java@3.14.2 018
vorbis-java-core-0.8.jarpkg:maven/org.gagravarr/vorbis-java-core@0.8 022
vorbis-java-tika-0.8.jarpkg:maven/org.gagravarr/vorbis-java-tika@0.8 022
vue:3.4.21pkg:npm/vue@3.4.21 08
wmf2svg-0.9.8.jarpkg:maven/net.arnx/wmf2svg@0.9.8 031
woodstox-core-6.5.0.jar (shaded: com.sun.xml.bind.jaxb:isorelax:20090621)pkg:maven/com.sun.xml.bind.jaxb/isorelax@20090621 012
woodstox-core-6.5.0.jar (shaded: net.java.dev.msv:xsdlib:2013.6.1)cpe:2.3:a:xml_library_project:xml_library:2013.6.1:*:*:*:*:*:*:*pkg:maven/net.java.dev.msv/xsdlib@2013.6.1 0Low9
woodstox-core-6.5.0.jarcpe:2.3:a:fasterxml:woodstox:6.5.0:*:*:*:*:*:*:*pkg:maven/com.fasterxml.woodstox/woodstox-core@6.5.0 0Highest56
xalan-2.7.3.jar (shaded: org.apache.bcel:bcel:6.7.0)cpe:2.3:a:apache:commons_bcel:6.7.0:*:*:*:*:*:*:*pkg:maven/org.apache.bcel/bcel@6.7.0 0Low52
xalan-2.7.3.jarcpe:2.3:a:apache:xalan-java:2.7.3:*:*:*:*:*:*:*pkg:maven/xalan/xalan@2.7.3 0Highest46
xalan-interpretive-11.0.0.jarpkg:maven/org.docx4j.org.apache/xalan-interpretive@11.0.0 042
xalan-serializer-11.0.0.jarpkg:maven/org.docx4j.org.apache/xalan-serializer@11.0.0 041
xercesImpl-2.12.2.jarcpe:2.3:a:apache:xerces-j:2.12.2:*:*:*:*:*:*:*
cpe:2.3:a:apache:xerces2_java:2.12.2:*:*:*:*:*:*:*
pkg:maven/xerces/xercesImpl@2.12.2MEDIUM1Low84
xmlbeans-5.1.1.jarcpe:2.3:a:apache:xmlbeans:5.1.1:*:*:*:*:*:*:*pkg:maven/org.apache.xmlbeans/xmlbeans@5.1.1 0Highest37
xmlgraphics-commons-2.7.jarcpe:2.3:a:apache:xmlgraphics_commons:2.7:*:*:*:*:*:*:*pkg:maven/org.apache.xmlgraphics/xmlgraphics-commons@2.7 0Highest29
xmlsec-3.0.2.jarcpe:2.3:a:apache:santuario_xml_security_for_java:3.0.2:*:*:*:*:*:*:*
cpe:2.3:a:apache:xml_security_for_java:3.0.2:*:*:*:*:*:*:*
pkg:maven/org.apache.santuario/xmlsec@3.0.2MEDIUM1Low48
xmpbox-2.0.28.jarcpe:2.3:a:apache:pdfbox:2.0.28:*:*:*:*:*:*:*pkg:maven/org.apache.pdfbox/xmpbox@2.0.28 0Highest33
xmpcore-6.1.11.jarpkg:maven/com.adobe.xmp/xmpcore@6.1.11 031
xsom-3.0.2.jarcpe:2.3:a:eclipse:glassfish:3.0.2:*:*:*:*:*:*:*pkg:maven/org.glassfish.jaxb/xsom@3.0.2 0Highest36
xterm-js:4.9.0cpe:2.3:a:xtermjs:xterm.js:4.9.0:*:*:*:*:*:*:*pkg:npm/xterm-js@4.9.0HIGH1Highest5
xz-1.9.jarcpe:2.3:a:tukaani:xz:1.9:*:*:*:*:*:*:*pkg:maven/org.tukaani/xz@1.9 0Highest33
zstd-jni-1.5.5-1.jarpkg:maven/com.github.luben/zstd-jni@1.5.5-1 043
zstd-jni-1.5.5-1.jar: libzstd-jni-1.5.5-1.dll 04
zstd-jni-1.5.5-1.jar: libzstd-jni-1.5.5-1.dll 04

* indicates the dependency has a known exploited vulnerability

Dependencies (vulnerable)

@fullcalendar/bootstrap:5.11.4

Description:

Bootstrap 4 theming for your calendar

License:

MIT
File Path: /var/simplicite/simplicite-5.3/package.json?/@fullcalendar/bootstrap:5.11.4

Referenced In Project/Scope: simplicite-js:5.3.40

Identifiers

@fullcalendar/core:5.11.4

Description:

Provides core functionality, including the Calendar class

License:

MIT
File Path: /var/simplicite/simplicite-5.3/package.json?/@fullcalendar/core:5.11.4

Referenced In Project/Scope: simplicite-js:5.3.40

Identifiers

@fullcalendar/daygrid:5.11.4

Description:

Display events on Month view or DayGrid view

License:

MIT
File Path: /var/simplicite/simplicite-5.3/package.json?/@fullcalendar/daygrid:5.11.4

Referenced In Project/Scope: simplicite-js:5.3.40

Identifiers

@fullcalendar/google-calendar:5.11.4

Description:

Fetch events from a public Google Calendar feed

License:

MIT
File Path: /var/simplicite/simplicite-5.3/package.json?/@fullcalendar/google-calendar:5.11.4

Referenced In Project/Scope: simplicite-js:5.3.40

Identifiers

@fullcalendar/interaction:5.11.4

Description:

Provides functionality for event drag-n-drop, resizing, dateClick, and selectable actions

License:

MIT
File Path: /var/simplicite/simplicite-5.3/package.json?/@fullcalendar/interaction:5.11.4

Referenced In Project/Scope: simplicite-js:5.3.40

Identifiers

@fullcalendar/list:5.11.4

Description:

View your events as a bulleted list

License:

MIT
File Path: /var/simplicite/simplicite-5.3/package.json?/@fullcalendar/list:5.11.4

Referenced In Project/Scope: simplicite-js:5.3.40

Identifiers

@fullcalendar/luxon:5.11.4

Description:

A connector to the Luxon 1 date library

License:

MIT
File Path: /var/simplicite/simplicite-5.3/package.json?/@fullcalendar/luxon:5.11.4

Referenced In Project/Scope: simplicite-js:5.3.40

Identifiers

@fullcalendar/moment-timezone:5.11.4

Description:

A connector to the moment-timezone library

License:

MIT
File Path: /var/simplicite/simplicite-5.3/package.json?/@fullcalendar/moment-timezone:5.11.4

Referenced In Project/Scope: simplicite-js:5.3.40

Identifiers

@fullcalendar/moment:5.11.4

Description:

A connector to the MomentJS date library

License:

MIT
File Path: /var/simplicite/simplicite-5.3/package.json?/@fullcalendar/moment:5.11.4

Referenced In Project/Scope: simplicite-js:5.3.40

Identifiers

@fullcalendar/rrule:5.11.4

Description:

A connector to the RRule library, for recurring events

License:

MIT
File Path: /var/simplicite/simplicite-5.3/package.json?/@fullcalendar/rrule:5.11.4

Referenced In Project/Scope: simplicite-js:5.3.40

Identifiers

@fullcalendar/timegrid:5.11.4

Description:

Display your events on a grid of time slots

License:

MIT
File Path: /var/simplicite/simplicite-5.3/package.json?/@fullcalendar/timegrid:5.11.4

Referenced In Project/Scope: simplicite-js:5.3.40

Identifiers

HikariCP-5.0.1.jar

Description:

Ultimate JDBC Connection Pool

License:

The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /var/simplicite/.m2/repository/com/zaxxer/HikariCP/5.0.1/HikariCP-5.0.1.jar
MD5: 3bc96d2ce8285470da11ec41bff6129f
SHA1: a74c7f0a37046846e88d54f7cb6ea6d565c65f9c
SHA256:26d492397e6775b4296737a8919bf04047afe5827fdd2c08b4557595436b3a2b
Referenced In Project/Scope: Simplicite Platform:compile
HikariCP-5.0.1.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.simplicite/simplicite@5.3.40

Identifiers

JavaEWAH-1.1.13.jar

Description:

The bit array data structure is implemented in Java as the BitSet class. Unfortunately, this fails to scale without compression.
  JavaEWAH is a word-aligned compressed variant of the Java bitset class. It uses a 64-bit run-length encoding (RLE) compression scheme.
  The goal of word-aligned compression is not to achieve the best compression, but rather to improve query processing time. Hence, we try to save CPU cycles, maybe at the expense of storage. However, the EWAH scheme we implemented is always more efficient storage-wise than an uncompressed bitmap (implemented in Java as the BitSet class). Unlike some alternatives, javaewah does not rely on a patented scheme. 

License:

Apache 2: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /var/simplicite/.m2/repository/com/googlecode/javaewah/JavaEWAH/1.1.13/JavaEWAH-1.1.13.jar
MD5: a1eb305e5cc5bba238d4360e3139abb4
SHA1: 32cd724a42dc73f99ca08453d11a4bb83e0034c7
SHA256:4c0fda2b1d317750d7ea324e36c70b2bc48310c0aaae67b98df0915d696d7111
Referenced In Project/Scope: Simplicite Platform:compile
JavaEWAH-1.1.13.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.eclipse.jgit/org.eclipse.jgit@6.5.0.202303070854-r

Identifiers

SparseBitSet-1.2.jar

Description:

An efficient sparse bitset implementation for Java

License:

The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /var/simplicite/.m2/repository/com/zaxxer/SparseBitSet/1.2/SparseBitSet-1.2.jar
MD5: 1c6032441aec11b523e1a7bfa96d60cf
SHA1: 8467c813d442837fcaeddbc42cf5c5359fab4933
SHA256:91e6b318c901a0f2dd1f6ce781d62474435ae627d22fbac9b21bbc39ffd804b6
Referenced In Project/Scope: Simplicite Platform:compile
SparseBitSet-1.2.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.apache.poi/poi@5.2.3

Identifiers

accessors-smart-2.4.9.jar

Description:

Java reflect give poor performance on getter setter an constructor calls, accessors-smart use ASM to speed up those calls.

License:

The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /var/simplicite/.m2/repository/net/minidev/accessors-smart/2.4.9/accessors-smart-2.4.9.jar
MD5: 339685c20dcac95c4f5b59e70daadc0e
SHA1: 32e540749224c22c9b17de8137e916aae9057e22
SHA256:accdd5c7ac4c49b155890aaea1ffca2a9ccd5826b562dd95a99fc1887003e031
Referenced In Project/Scope: Simplicite Platform:runtime
accessors-smart-2.4.9.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.jayway.jsonpath/json-path@2.8.0

Identifiers

ace-builds:1.18.0

Description:

Ace (Ajax.org Cloud9 Editor)

License:

BSD-3-Clause
File Path: /var/simplicite/simplicite-5.3/package.json?/ace-builds:1.18.0

Referenced In Project/Scope: simplicite-js:5.3.40

Identifiers

ace-diff:3.0.3

Description:

A diff/merging wrapper for Ace Editor built on google-diff-match-patch

License:

MIT
File Path: /var/simplicite/simplicite-5.3/package.json?/ace-diff:3.0.3

Referenced In Project/Scope: simplicite-js:5.3.40

Identifiers

angus-activation-2.0.0.jar

Description:

 Implementation

License:

http://www.eclipse.org/org/documents/edl-v10.php
File Path: /var/simplicite/.m2/repository/org/eclipse/angus/angus-activation/2.0.0/angus-activation-2.0.0.jar
MD5: 834539f269d476663784d8571048f3c4
SHA1: 72369f4e2314d38de2dcbb277141ef0226f73151
SHA256:3a12d321a0f35aa9458ff9b6ee93a3de76b78e3f18b077c81721473d83079147
Referenced In Project/Scope: Simplicite Platform:runtime
angus-activation-2.0.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.eclipse.angus/jakarta.mail@2.0.1

Identifiers

animal-sniffer-annotations-1.21.jar

File Path: /var/simplicite/.m2/repository/org/codehaus/mojo/animal-sniffer-annotations/1.21/animal-sniffer-annotations-1.21.jar
MD5: 8e018b5f98c87e95dc13662c05a3b447
SHA1: 419a9acd297cb6fe6f91b982d909f2c20e9fa5c0
SHA256:2f25841c937e24959a57b630e2c4b8525b3d0f536f2e511c9b2bed30b1651d54
Referenced In Project/Scope: Simplicite Platform:runtime
animal-sniffer-annotations-1.21.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.google.cloud/google-cloud-pubsub@1.116.3

Identifiers

annotations-4.1.1.4.jar

Description:

A library jar that provides annotations for the Google Android Platform.

License:

Apache 2.0: http://www.apache.org/licenses/LICENSE-2.0
File Path: /var/simplicite/.m2/repository/com/google/android/annotations/4.1.1.4/annotations-4.1.1.4.jar
MD5: c2cdd26a6ae577f24775e8ce75da1fdc
SHA1: a1678ba907bf92691d879fef34e1a187038f9259
SHA256:ba734e1e84c09d615af6a09d33034b4f0442f8772dec120efb376d86a565ae15
Referenced In Project/Scope: Simplicite Platform:runtime
annotations-4.1.1.4.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.google.cloud/google-cloud-pubsub@1.116.3

Identifiers

ant-1.10.13.jar

File Path: /var/simplicite/.m2/repository/org/apache/ant/ant/1.10.13/ant-1.10.13.jar
MD5: 0781dacdb3a7af3a1c1f6d5187438da4
SHA1: 85fd5990a27ddafe8af3f7a6d7132d2c29a22a7c
SHA256:befbfc79e744e9892cfa7db96df3b6e82dc17d2571af42aa427976fc22299838
Referenced In Project/Scope: Simplicite Platform:compile
ant-1.10.13.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.simplicite/simplicite@5.3.40

Identifiers

antlr-2.7.7.jar

Description:

    A framework for constructing recognizers, compilers,
    and translators from grammatical descriptions containing
    Java, C#, C++, or Python actions.
  

License:

BSD License: http://www.antlr.org/license.html
File Path: /var/simplicite/.m2/repository/antlr/antlr/2.7.7/antlr-2.7.7.jar
MD5: f8f1352c52a4c6a500b597596501fc64
SHA1: 83cd2cd674a217ade95a4bb83a8a14f351f48bd0
SHA256:88fbda4b912596b9f56e8e12e580cc954bacfb51776ecfddd3e18fc1cf56dc4c
Referenced In Project/Scope: Simplicite Platform:compile
antlr-2.7.7.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.docx4j/docx4j-core@11.4.5

Identifiers

antlr-runtime-3.5.2.jar

Description:

A framework for constructing recognizers, compilers, and translators from grammatical descriptions containing Java, C#, C++, or Python actions.

File Path: /var/simplicite/.m2/repository/org/antlr/antlr-runtime/3.5.2/antlr-runtime-3.5.2.jar
MD5: 1fbbae2cb72530207c20b797bdabd029
SHA1: cd9cd41361c155f3af0f653009dcecb08d8b4afd
SHA256:ce3fc8ecb10f39e9a3cddcbb2ce350d272d9cd3d0b1e18e6fe73c3b9389c8734
Referenced In Project/Scope: Simplicite Platform:compile
antlr-runtime-3.5.2.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.docx4j/docx4j-core@11.4.5

Identifiers

aopalliance-1.0.jar

Description:

AOP Alliance

License:

Public Domain
File Path: /var/simplicite/.m2/repository/aopalliance/aopalliance/1.0/aopalliance-1.0.jar
MD5: 04177054e180d09e3998808efa0401c7
SHA1: 0235ba8b489512805ac13a8f9ea77a1ca5ebe3e8
SHA256:0addec670fedcd3f113c5c8091d783280d23f75e3acb841b61a9cdb079376a08
Referenced In Project/Scope: Simplicite Platform:compile
aopalliance-1.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.apache.jclouds/jclouds-core@2.5.0

Identifiers

aopalliance-repackaged-2.6.1.jar

Description:

Dependency Injection Kernel

License:

http://www.eclipse.org/legal/epl-2.0, https://www.gnu.org/software/classpath/license.html
File Path: /var/simplicite/.m2/repository/org/glassfish/hk2/external/aopalliance-repackaged/2.6.1/aopalliance-repackaged-2.6.1.jar
MD5: 0237846ebdaa7db36b356044a373ffba
SHA1: b2eb0a83bcbb44cc5d25f8b18f23be116313a638
SHA256:bad77f9278d753406360af9e4747bd9b3161554ea9cd3d62411a0ae1f2c141fd
Referenced In Project/Scope: Simplicite Platform:provided
aopalliance-repackaged-2.6.1.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.docusign/docusign-esign-java@3.18.0

Identifiers

apache-mime4j-core-0.8.9.jar

Description:

Java stream based MIME message parser

License:

https://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /var/simplicite/.m2/repository/org/apache/james/apache-mime4j-core/0.8.9/apache-mime4j-core-0.8.9.jar
MD5: 83d942785627f7538d44b360a13ad824
SHA1: 718755ac63359ab202911caf76cf79d9d44f8e17
SHA256:901486a66c0eeee9d6bd63b1eaa195e164100cf415b0122388813d484947801f
Referenced In Project/Scope: Simplicite Platform:compile
apache-mime4j-core-0.8.9.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.simplicite/simplicite@5.3.40

Identifiers

CVE-2024-21742 (OSSINDEX)  

Improper input validation allows for header injection in MIME4J library when using MIME4J DOM for composing message.
This can be exploited by an attacker to add unintended headers to MIME messages.
CWE-20 Improper Input Validation

CVSSv3:
  • Base Score: MEDIUM (5.300000190734863)
  • Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

References:

Vulnerable Software & Versions (OSSINDEX):

  • cpe:2.3:a:org.apache.james:apache-mime4j-core:0.8.9:*:*:*:*:*:*:*

apache-mime4j-dom-0.8.9.jar

Description:

Java MIME Document Object Model

License:

https://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /var/simplicite/.m2/repository/org/apache/james/apache-mime4j-dom/0.8.9/apache-mime4j-dom-0.8.9.jar
MD5: 72175c47d8dd8d678f3433fc88dc3cd7
SHA1: cf9daba1dd95aa3c32a05fbfb5edf5f078a0465a
SHA256:726d04098a6317cf175b3708a736ed4ecbc09cf7673784eaf1f4251f030d2433
Referenced In Project/Scope: Simplicite Platform:compile
apache-mime4j-dom-0.8.9.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.simplicite/simplicite@5.3.40

Identifiers

api-common-2.1.5.jar

Description:

Common utilities for Google APIs in Java

License:

BSD: https://github.com/googleapis/api-common-java/blob/master/LICENSE
File Path: /var/simplicite/.m2/repository/com/google/api/api-common/2.1.5/api-common-2.1.5.jar
MD5: 06217329f446606a8009b22ff2a1727e
SHA1: 856fe2e1cafce0314ba0916affb5744d5b6e7425
SHA256:661307a5436fcbfcbc1b5c98aba9067bddfed5fff1b07330a056f84779b703c0
Referenced In Project/Scope: Simplicite Platform:compile
api-common-2.1.5.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.google.cloud/google-cloud-storage@2.6.0

Identifiers

asm-9.4.jar

Description:

ASM, a very small and fast Java bytecode manipulation framework

License:

BSD-3-Clause: https://asm.ow2.io/license.html
File Path: /var/simplicite/.m2/repository/org/ow2/asm/asm/9.4/asm-9.4.jar
MD5: ffa64f03a23a4823d98703e6ce6ff397
SHA1: b4e0e2d2e023aa317b7cfcfc916377ea348e07d1
SHA256:39d0e2b3dc45af65a09b097945750a94a126e052e124f93468443a1d0e15f381
Referenced In Project/Scope: Simplicite Platform:compile
asm-9.4.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.apache.tika/tika-parsers-standard-package@2.7.0

Identifiers

auto-value-annotations-1.9.jar

Description:

    Immutable value-type code generation for Java 1.7+.
  

File Path: /var/simplicite/.m2/repository/com/google/auto/value/auto-value-annotations/1.9/auto-value-annotations-1.9.jar
MD5: 86f1f5d71eceea4eb4e3ad0505e8b22c
SHA1: 25a0fcef915f663679fcdb447541c5d86a9be4ba
SHA256:fa5469f4c44ee598a2d8f033ab0a9dcbc6498a0c5e0c998dfa0c2adf51358044
Referenced In Project/Scope: Simplicite Platform:compile
auto-value-annotations-1.9.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.google.cloud/google-cloud-storage@2.6.0

Identifiers

autolink-0.10.0.jar

Description:

        Java library to extract links (URLs, email addresses) from plain text;
        fast, small and smart about recognizing where links end
    

License:

MIT License: http://www.opensource.org/licenses/mit-license.php
File Path: /var/simplicite/.m2/repository/org/nibor/autolink/autolink/0.10.0/autolink-0.10.0.jar
MD5: be771f6d4d82b9098596afa30b4f48ea
SHA1: 6579ea7079be461e5ffa99f33222a632711cc671
SHA256:302b30160968415ee6cd1907987138c7575a6315f9b6ef13b9fe3abc87367857
Referenced In Project/Scope: Simplicite Platform:compile
autolink-0.10.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.commonmark/commonmark-ext-autolink@0.21.0

Identifiers

avalon-framework-impl-4.2.0.jar

File Path: /var/simplicite/.m2/repository/avalon-framework/avalon-framework-impl/4.2.0/avalon-framework-impl-4.2.0.jar
MD5: 5c1f8f5c8c6c043538fc4ea038c2aaf6
SHA1: 4da1db18947eb6950abb7ad79253011b9aec0e48
SHA256:ed42c573cab460ca634b5c64a3b40ed1d67d6ee47fe25f87947370bede6af814
Referenced In Project/Scope: Simplicite Platform:compile
avalon-framework-impl-4.2.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/net.sf.barcode4j/barcode4j@2.1

Identifiers

aws-s3-2.5.0.jar

Description:

Simple Storage Service (S3) implementation targeted to Amazon Web Services

File Path: /var/simplicite/.m2/repository/org/apache/jclouds/provider/aws-s3/2.5.0/aws-s3-2.5.0.jar
MD5: 167cb45c01df725ad27b3a8138951cc8
SHA1: 034fcf2ec0a9897bb7fcdeabc2a9d8673395a6a1
SHA256:166aeb5c25a235f63323ebc2edec912f2060f2199edd82f19f355bd014f79710
Referenced In Project/Scope: Simplicite Platform:compile
aws-s3-2.5.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.simplicite/simplicite@5.3.40

Identifiers

azureblob-2.5.0.jar

Description:

jclouds components to access Azure Blob Service

File Path: /var/simplicite/.m2/repository/org/apache/jclouds/provider/azureblob/2.5.0/azureblob-2.5.0.jar
MD5: d3e3160cb1cdc5825d454505c429999d
SHA1: ce68d3bce0bc135ec7d958980b3e30267ad805b6
SHA256:c21dd6a733163ed9c2f9f487ea02a723a20526de33e87cd5b3d328833b476cd0
Referenced In Project/Scope: Simplicite Platform:compile
azureblob-2.5.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.simplicite/simplicite@5.3.40

Identifiers

barcode4j-2.1.jar

Description:

Barcode4J is a flexible generator for barcodes written in Java.

License:

The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /var/simplicite/.m2/repository/net/sf/barcode4j/barcode4j/2.1/barcode4j-2.1.jar
MD5: 4fc30cdb7b1abaf1ce08f26b0666e351
SHA1: 4b38b2219c0d522fcea8238493f2ea3e238ef529
SHA256:eb7252cc41a1539bcd018348e9f60e0942872bdaa49c58051e656a6be94969fb
Referenced In Project/Scope: Simplicite Platform:compile
barcode4j-2.1.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.simplicite/simplicite@5.3.40

Identifiers

bcmail-jdk18on-1.73.jar

Description:

The Bouncy Castle Java S/MIME APIs for handling S/MIME protocols. This jar contains S/MIME APIs for JDK 1.8 and up. The APIs can be used in conjunction with a JCE/JCA provider such as the one provided with the Bouncy Castle Cryptography APIs. The JavaMail API and the Java activation framework will also be needed.

License:

Bouncy Castle Licence: https://www.bouncycastle.org/licence.html
File Path: /var/simplicite/.m2/repository/org/bouncycastle/bcmail-jdk18on/1.73/bcmail-jdk18on-1.73.jar
MD5: d0f7939c8a9b3f7d90bfa8060318843e
SHA1: 2c132108f42d6fe499938440b5da9c65da06033b
SHA256:d94dc99d55152cab2bb5496601902cd7db06dfd960450d27b67118102f91f7e1
Referenced In Project/Scope: Simplicite Platform:compile
bcmail-jdk18on-1.73.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.simplicite/simplicite@5.3.40

Identifiers

bcpg-jdk18on-1.73.jar

Description:

The Bouncy Castle Java API for handling the OpenPGP protocol. This jar contains the OpenPGP API for JDK 1.8 and up. The APIs can be used in conjunction with a JCE/JCA provider such as the one provided with the Bouncy Castle Cryptography APIs.

License:

Bouncy Castle Licence: https://www.bouncycastle.org/licence.html
Apache Software License, Version 2.0: https://www.apache.org/licenses/LICENSE-2.0
File Path: /var/simplicite/.m2/repository/org/bouncycastle/bcpg-jdk18on/1.73/bcpg-jdk18on-1.73.jar
MD5: 0e3aaf2b2fae29065f9098fd24b63899
SHA1: 2838f8c35e6e716349ce780c9c88271cab32065d
SHA256:dd6efbd826f0d3aed3a1193acf1d81dd6044c585b90ddf88adca4e1fb41a0984
Referenced In Project/Scope: Simplicite Platform:compile
bcpg-jdk18on-1.73.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.simplicite/simplicite@5.3.40

Identifiers

bcpkix-jdk18on-1.73.jar

Description:

The Bouncy Castle Java APIs for CMS, PKCS, EAC, TSP, CMP, CRMF, OCSP, and certificate generation. This jar contains APIs for JDK 1.8 and up. The APIs can be used in conjunction with a JCE/JCA provider such as the one provided with the Bouncy Castle Cryptography APIs.

License:

Bouncy Castle Licence: https://www.bouncycastle.org/licence.html
File Path: /var/simplicite/.m2/repository/org/bouncycastle/bcpkix-jdk18on/1.73/bcpkix-jdk18on-1.73.jar
MD5: 18315c3729fc76e2217efffd1f618e64
SHA1: fd41dae0f564a93888ed5ade426281de94824717
SHA256:9487164ba018f2211fcc0f989d6f4ea25b7d48fc6031501c3c7e3a17b164d860
Referenced In Project/Scope: Simplicite Platform:compile
bcpkix-jdk18on-1.73.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.simplicite/simplicite@5.3.40

Identifiers

bcprov-ext-jdk18on-1.73.jar

Description:

The Bouncy Castle Crypto package is a Java implementation of cryptographic algorithms. This jar contains JCE provider and lightweight API for the Bouncy Castle Cryptography APIs for JDK 1.8 and up. Note: this package includes the NTRU encryption algorithms.

License:

Bouncy Castle Licence: https://www.bouncycastle.org/licence.html
File Path: /var/simplicite/.m2/repository/org/bouncycastle/bcprov-ext-jdk18on/1.73/bcprov-ext-jdk18on-1.73.jar
MD5: e0e7191a082e33ca6fe4af159fbd5bff
SHA1: faec66c90751bf9e97f4ae148955e377021982f2
SHA256:f137490b4d8fa5aeaca5683bca391f7c91eb2085b625c28dde1a3e18506d7034
Referenced In Project/Scope: Simplicite Platform:compile
bcprov-ext-jdk18on-1.73.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.simplicite/simplicite@5.3.40

Identifiers

CVE-2024-34447 (OSSINDEX)  

bouncycastle - Improper Validation of Certificate with Host Mismatch

The software communicates with a host that provides a certificate, but the software does not properly ensure that the certificate is actually associated with that host.
CWE-297 Improper Validation of Certificate with Host Mismatch

CVSSv3:
  • Base Score: HIGH (7.699999809265137)
  • Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:L

References:

Vulnerable Software & Versions (OSSINDEX):

  • cpe:2.3:a:org.bouncycastle:bcprov-ext-jdk18on:1.73:*:*:*:*:*:*:*

CVE-2024-29857 (OSSINDEX)  

An issue was discovered in ECCurve.java and ECCurve.cs in Bouncy Castle Java (BC Java) before 1.78, BC Java LTS before 2.73.6, BC-FJA before 1.0.2.5, and BC C# .Net before 2.3.1. Importing an EC certificate with crafted F2m parameters can lead to excessive CPU consumption during the evaluation of the curve parameters.
CWE-400 Uncontrolled Resource Consumption

CVSSv3:
  • Base Score: HIGH (7.5)
  • Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

References:

Vulnerable Software & Versions (OSSINDEX):

  • cpe:2.3:a:org.bouncycastle:bcprov-ext-jdk18on:1.73:*:*:*:*:*:*:*

CVE-2024-30171 (OSSINDEX)  

An issue was discovered in Bouncy Castle Java TLS API and JSSE Provider before 1.78. Timing-based leakage may occur in RSA based handshakes because of exception processing.
CWE-208 Observable Timing Discrepancy

CVSSv3:
  • Base Score: MEDIUM (5.900000095367432)
  • Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

References:

Vulnerable Software & Versions (OSSINDEX):

  • cpe:2.3:a:org.bouncycastle:bcprov-ext-jdk18on:1.73:*:*:*:*:*:*:*

CVE-2024-30172 (OSSINDEX)  

An issue was discovered in Bouncy Castle Java Cryptography APIs before 1.78. An Ed25519 verification code infinite loop can occur via a crafted signature and public key.
CWE-835 Loop with Unreachable Exit Condition ('Infinite Loop')

CVSSv3:
  • Base Score: MEDIUM (5.900000095367432)
  • Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

References:

Vulnerable Software & Versions (OSSINDEX):

  • cpe:2.3:a:org.bouncycastle:bcprov-ext-jdk18on:1.73:*:*:*:*:*:*:*

CVE-2023-33201 (OSSINDEX)  

Bouncy Castle For Java before 1.74 is affected by an LDAP injection vulnerability. The vulnerability only affects applications that use an LDAP CertStore from Bouncy Castle to validate X.509 certificates. During the certificate validation process, Bouncy Castle inserts the certificate's Subject Name into an LDAP search filter without any escaping, which leads to an LDAP injection vulnerability.
CWE-295 Improper Certificate Validation

CVSSv3:
  • Base Score: MEDIUM (5.300000190734863)
  • Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

References:

Vulnerable Software & Versions (OSSINDEX):

  • cpe:2.3:a:org.bouncycastle:bcprov-ext-jdk18on:1.73:*:*:*:*:*:*:*

bcprov-jdk15on-1.69.jar

Description:

The Bouncy Castle Crypto package is a Java implementation of cryptographic algorithms. This jar contains JCE provider and lightweight API for the Bouncy Castle Cryptography APIs for JDK 1.5 and up.

License:

Bouncy Castle Licence: https://www.bouncycastle.org/licence.html
File Path: /var/simplicite/.m2/repository/org/bouncycastle/bcprov-jdk15on/1.69/bcprov-jdk15on-1.69.jar
MD5: 76388cd78560913812a26f6f44651f53
SHA1: 91e1628251cf3ca90093ce9d0fe67e5b7dab3850
SHA256:e469bd39f936999f256002631003ff022a22951da9d5bd9789c7abfa9763a292
Referenced In Project/Scope: Simplicite Platform:runtime
bcprov-jdk15on-1.69.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.docusign/docusign-esign-java@3.18.0

Identifiers

  • pkg:maven/org.bouncycastle/bcprov-jdk15on@1.69  (Confidence:High)
  • cpe:2.3:a:bouncycastle:bouncy-castle-crypto-package:1.69:*:*:*:*:*:*:*  (Confidence:Low)  
  • cpe:2.3:a:bouncycastle:bouncy_castle_crypto_package:1.69:*:*:*:*:*:*:*  (Confidence:Low)  
  • cpe:2.3:a:bouncycastle:bouncy_castle_for_java:1.69:*:*:*:*:*:*:*  (Confidence:Highest)  
  • cpe:2.3:a:bouncycastle:legion-of-the-bouncy-castle-java-crytography-api:1.69:*:*:*:*:*:*:*  (Confidence:Low)  
  • cpe:2.3:a:bouncycastle:the_bouncy_castle_crypto_package_for_java:1.69:*:*:*:*:*:*:*  (Confidence:Low)  

CVE-2024-34447 (OSSINDEX)  

bouncycastle - Improper Validation of Certificate with Host Mismatch

The software communicates with a host that provides a certificate, but the software does not properly ensure that the certificate is actually associated with that host.
CWE-297 Improper Validation of Certificate with Host Mismatch

CVSSv3:
  • Base Score: HIGH (7.699999809265137)
  • Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:L

References:

Vulnerable Software & Versions (OSSINDEX):

  • cpe:2.3:a:org.bouncycastle:bcprov-jdk15on:1.69:*:*:*:*:*:*:*

CVE-2024-29857 (OSSINDEX)  

An issue was discovered in ECCurve.java and ECCurve.cs in Bouncy Castle Java (BC Java) before 1.78, BC Java LTS before 2.73.6, BC-FJA before 1.0.2.5, and BC C# .Net before 2.3.1. Importing an EC certificate with crafted F2m parameters can lead to excessive CPU consumption during the evaluation of the curve parameters.
CWE-400 Uncontrolled Resource Consumption

CVSSv3:
  • Base Score: HIGH (7.5)
  • Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

References:

Vulnerable Software & Versions (OSSINDEX):

  • cpe:2.3:a:org.bouncycastle:bcprov-jdk15on:1.69:*:*:*:*:*:*:*

CVE-2024-30171 (OSSINDEX)  

An issue was discovered in Bouncy Castle Java TLS API and JSSE Provider before 1.78. Timing-based leakage may occur in RSA based handshakes because of exception processing.
CWE-208 Observable Timing Discrepancy

CVSSv3:
  • Base Score: MEDIUM (5.900000095367432)
  • Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

References:

Vulnerable Software & Versions (OSSINDEX):

  • cpe:2.3:a:org.bouncycastle:bcprov-jdk15on:1.69:*:*:*:*:*:*:*

CVE-2023-33202  

Bouncy Castle for Java before 1.73 contains a potential Denial of Service (DoS) issue within the Bouncy Castle org.bouncycastle.openssl.PEMParser class. This class parses OpenSSL PEM encoded streams containing X.509 certificates, PKCS8 encoded keys, and PKCS7 objects. Parsing a file that has crafted ASN.1 data through the PEMParser causes an OutOfMemoryError, which can enable a denial of service attack. (For users of the FIPS Java API: BC-FJA 1.0.2.3 and earlier are affected; BC-FJA 1.0.2.4 is fixed.)
CWE-400 Uncontrolled Resource Consumption

CVSSv3:
  • Base Score: MEDIUM (5.5)
  • Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:1.8/RC:R/MAV:A

References:

Vulnerable Software & Versions:

CVE-2023-33201 (OSSINDEX)  

Bouncy Castle For Java before 1.74 is affected by an LDAP injection vulnerability. The vulnerability only affects applications that use an LDAP CertStore from Bouncy Castle to validate X.509 certificates. During the certificate validation process, Bouncy Castle inserts the certificate's Subject Name into an LDAP search filter without any escaping, which leads to an LDAP injection vulnerability.
CWE-295 Improper Certificate Validation

CVSSv3:
  • Base Score: MEDIUM (5.300000190734863)
  • Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

References:

Vulnerable Software & Versions (OSSINDEX):

  • cpe:2.3:a:org.bouncycastle:bcprov-jdk15on:1.69:*:*:*:*:*:*:*

bcprov-jdk18on-1.73.jar

Description:

The Bouncy Castle Crypto package is a Java implementation of cryptographic algorithms. This jar contains JCE provider and lightweight API for the Bouncy Castle Cryptography APIs for JDK 1.8 and up.

License:

Bouncy Castle Licence: https://www.bouncycastle.org/licence.html
File Path: /var/simplicite/.m2/repository/org/bouncycastle/bcprov-jdk18on/1.73/bcprov-jdk18on-1.73.jar
MD5: db1309ef2297987495d57456a66fe137
SHA1: 4bd3de48e5153059fe3f80cbcf86ea221795ee55
SHA256:ad3ae628f4459a8fecb5c1a142b5525ce5118817414f97efd92f5448a69180ff
Referenced In Project/Scope: Simplicite Platform:compile
bcprov-jdk18on-1.73.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.simplicite/simplicite@5.3.40

Identifiers

  • pkg:maven/org.bouncycastle/bcprov-jdk18on@1.73  (Confidence:High)
  • cpe:2.3:a:bouncycastle:bouncy-castle-crypto-package:1.73:*:*:*:*:*:*:*  (Confidence:Low)  
  • cpe:2.3:a:bouncycastle:bouncy_castle_crypto_package:1.73:*:*:*:*:*:*:*  (Confidence:Low)  
  • cpe:2.3:a:bouncycastle:bouncy_castle_for_java:1.73:*:*:*:*:*:*:*  (Confidence:Highest)  
  • cpe:2.3:a:bouncycastle:legion-of-the-bouncy-castle-java-crytography-api:1.73:*:*:*:*:*:*:*  (Confidence:Low)  
  • cpe:2.3:a:bouncycastle:the_bouncy_castle_crypto_package_for_java:1.73:*:*:*:*:*:*:*  (Confidence:Low)  

CVE-2024-34447 (OSSINDEX)  

bouncycastle - Improper Validation of Certificate with Host Mismatch

The software communicates with a host that provides a certificate, but the software does not properly ensure that the certificate is actually associated with that host.
CWE-297 Improper Validation of Certificate with Host Mismatch

CVSSv3:
  • Base Score: HIGH (7.699999809265137)
  • Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:L

References:

Vulnerable Software & Versions (OSSINDEX):

  • cpe:2.3:a:org.bouncycastle:bcprov-jdk18on:1.73:*:*:*:*:*:*:*

CVE-2024-29857 (OSSINDEX)  

An issue was discovered in ECCurve.java and ECCurve.cs in Bouncy Castle Java (BC Java) before 1.78, BC Java LTS before 2.73.6, BC-FJA before 1.0.2.5, and BC C# .Net before 2.3.1. Importing an EC certificate with crafted F2m parameters can lead to excessive CPU consumption during the evaluation of the curve parameters.
CWE-400 Uncontrolled Resource Consumption

CVSSv3:
  • Base Score: HIGH (7.5)
  • Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

References:

Vulnerable Software & Versions (OSSINDEX):

  • cpe:2.3:a:org.bouncycastle:bcprov-jdk18on:1.73:*:*:*:*:*:*:*

CVE-2024-30171 (OSSINDEX)  

An issue was discovered in Bouncy Castle Java TLS API and JSSE Provider before 1.78. Timing-based leakage may occur in RSA based handshakes because of exception processing.
CWE-208 Observable Timing Discrepancy

CVSSv3:
  • Base Score: MEDIUM (5.900000095367432)
  • Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

References:

Vulnerable Software & Versions (OSSINDEX):

  • cpe:2.3:a:org.bouncycastle:bcprov-jdk18on:1.73:*:*:*:*:*:*:*

CVE-2024-30172 (OSSINDEX)  

An issue was discovered in Bouncy Castle Java Cryptography APIs before 1.78. An Ed25519 verification code infinite loop can occur via a crafted signature and public key.
CWE-835 Loop with Unreachable Exit Condition ('Infinite Loop')

CVSSv3:
  • Base Score: MEDIUM (5.900000095367432)
  • Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

References:

Vulnerable Software & Versions (OSSINDEX):

  • cpe:2.3:a:org.bouncycastle:bcprov-jdk18on:1.73:*:*:*:*:*:*:*

CVE-2023-33201 (OSSINDEX)  

Bouncy Castle For Java before 1.74 is affected by an LDAP injection vulnerability. The vulnerability only affects applications that use an LDAP CertStore from Bouncy Castle to validate X.509 certificates. During the certificate validation process, Bouncy Castle inserts the certificate's Subject Name into an LDAP search filter without any escaping, which leads to an LDAP injection vulnerability.
CWE-295 Improper Certificate Validation

CVSSv3:
  • Base Score: MEDIUM (5.300000190734863)
  • Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

References:

Vulnerable Software & Versions (OSSINDEX):

  • cpe:2.3:a:org.bouncycastle:bcprov-jdk18on:1.73:*:*:*:*:*:*:*

bcutil-jdk18on-1.73.jar

Description:

The Bouncy Castle Java APIs for ASN.1 extension and utility APIs used to support bcpkix and bctls. This jar contains APIs for JDK 1.8 and up.

License:

Bouncy Castle Licence: https://www.bouncycastle.org/licence.html
File Path: /var/simplicite/.m2/repository/org/bouncycastle/bcutil-jdk18on/1.73/bcutil-jdk18on-1.73.jar
MD5: e535f6c495b9197e287f68375b0508f1
SHA1: 073a680acd04b249a6773f49200092cadb670bf0
SHA256:0b70292c36cfe08ac00a71f5cc5af4c412ceedbc8c0f0a22995dbacfaf25dd42
Referenced In Project/Scope: Simplicite Platform:compile
bcutil-jdk18on-1.73.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.bouncycastle/bcpkix-jdk18on@1.73

Identifiers

bootbox:6.0.0

Description:

Wrappers for JavaScript alert(), confirm(), prompt(), and other flexible dialogs using the Bootstrap framework

License:

MIT
File Path: /var/simplicite/simplicite-5.3/package.json?/bootbox:6.0.0

Referenced In Project/Scope: simplicite-js:5.3.40

Identifiers

CVE-2023-46998 (OSSINDEX)  

Cross Site Scripting vulnerability in BootBox Bootbox.js v.3.2 through 6.0 allows a remote attacker to execute arbitrary code via a crafted payload to alert(), confirm(), prompt() functions.
CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

CVSSv3:
  • Base Score: MEDIUM (6.099999904632568)
  • Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

References:

Vulnerable Software & Versions (OSSINDEX):

  • cpe:2.3:a:*:bootbox:6.0.0:*:*:*:*:*:*:*

bootstrap:5.2.3

Description:

The most popular front-end framework for developing responsive, mobile first projects on the web.

License:

MIT
File Path: /var/simplicite/simplicite-5.3/package.json?/bootstrap:5.2.3

Referenced In Project/Scope: simplicite-js:5.3.40

Identifiers

bson-3.12.13.jar

Description:

The BSON library

License:

The Apache License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /var/simplicite/.m2/repository/org/mongodb/bson/3.12.13/bson-3.12.13.jar
MD5: 8372c7e19dfc5164761daaeca1557548
SHA1: 49dc931b5629509b06a9f696f8036d258adc90ef
SHA256:d1837cb8c051e4212f95adba227f566b752fe0f14e51717b5d60b4ed77b8803e
Referenced In Project/Scope: Simplicite Platform:compile
bson-3.12.13.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.mongodb/mongodb-driver@3.12.13

Identifiers

byte-buddy-1.14.4.jar

Description:

        Byte Buddy is a Java library for creating Java classes at run time.
        This artifact is a build of Byte Buddy with all ASM dependencies repackaged into its own name space.
    

License:

https://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /var/simplicite/.m2/repository/net/bytebuddy/byte-buddy/1.14.4/byte-buddy-1.14.4.jar
MD5: 21117c3c69db9aa3080d611640a27bb9
SHA1: 20498aaec9b00a5cfdb831e7bf68feafa833ce4b
SHA256:7ae2b39ac230be9e3e09ce020406c017ff8ceba06eaf078c62a88c218a0ff2b4
Referenced In Project/Scope: Simplicite Platform:compile
byte-buddy-1.14.4.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.mockito/mockito-core@5.3.0

Identifiers

byte-buddy-agent-1.14.4.jar

Description:

The Byte Buddy agent offers convenience for attaching an agent to the local or a remote VM.

License:

https://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /var/simplicite/.m2/repository/net/bytebuddy/byte-buddy-agent/1.14.4/byte-buddy-agent-1.14.4.jar
MD5: f9b055b741a5a0539d86a4f984ac9a68
SHA1: 3bf5ac1104554908cc623e40e58a00be37c35f36
SHA256:fbd1ab3db43c6c78b8804908cb95b656517f5c82e7fde8d255d8bdceef412d70
Referenced In Project/Scope: Simplicite Platform:compile
byte-buddy-agent-1.14.4.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.mockito/mockito-core@5.3.0

Identifiers

byte-buddy-agent-1.14.4.jar: attach_hotspot_windows.dll

File Path: /var/simplicite/.m2/repository/net/bytebuddy/byte-buddy-agent/1.14.4/byte-buddy-agent-1.14.4.jar/win32-x86-64/attach_hotspot_windows.dll
MD5: 053a783e5777c6a9867c27d51af89677
SHA1: 5ef4d98ae6a033a5707d0b5466e6138beb337e76
SHA256:16d424423f9b09accf132ad35dbeaa52ac9f6bd45bba1406b89df851f651db20
Referenced In Project/Scope: Simplicite Platform:compile

Identifiers

  • None

byte-buddy-agent-1.14.4.jar: attach_hotspot_windows.dll

File Path: /var/simplicite/.m2/repository/net/bytebuddy/byte-buddy-agent/1.14.4/byte-buddy-agent-1.14.4.jar/win32-x86/attach_hotspot_windows.dll
MD5: fbca33102ac97be0ed496c0f78e466b3
SHA1: c4df05146a86a6d073769bb697d550ef42518ed5
SHA256:810f94c4a2f5ca1a072c19859f7954fed9aa3a1dcb0d601e92d2338793202e72
Referenced In Project/Scope: Simplicite Platform:compile

Identifiers

  • None

c3p0-0.9.5.5.jar

Description:

a JDBC Connection pooling / Statement caching library

License:

GNU Lesser General Public License, Version 2.1: http://www.gnu.org/licenses/lgpl-2.1.html
Eclipse Public License, Version 1.0: http://www.eclipse.org/org/documents/epl-v10.php
File Path: /var/simplicite/.m2/repository/com/mchange/c3p0/0.9.5.5/c3p0-0.9.5.5.jar
MD5: 9fc982b4b179e44cec986ea86fe1bff7
SHA1: 37dfc3021e5589d65ff2ae0becf811510b87ab01
SHA256:96cec5ddfe2f08b8407125d8228eb0392121e1bf2239ca621bb19228b67f741a
Referenced In Project/Scope: Simplicite Platform:compile
c3p0-0.9.5.5.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.simplicite/simplicite@5.3.40

Identifiers

cache-api-1.1.0.jar

License:

Apache License, Version 2.0: https://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /var/simplicite/.m2/repository/javax/cache/cache-api/1.1.0/cache-api-1.1.0.jar
MD5: ac907ad12e9a7ac5d41abf703855002f
SHA1: 77bdcff7814076dfa61611b0db88487c515150b6
SHA256:6c980ad1ae4a6dda3bdb62986c3ef5b41ccf766e12353587ee4e4307e27e155a
Referenced In Project/Scope: Simplicite Platform:compile
cache-api-1.1.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.ehcache/ehcache@3.10.8

Identifiers

caffeine-3.1.6.jar

Description:

A high performance caching library

License:

Apache License, Version 2.0: https://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /var/simplicite/.m2/repository/com/github/ben-manes/caffeine/caffeine/3.1.6/caffeine-3.1.6.jar
MD5: 7661b25999918646ec802846cc4c16bc
SHA1: 3646a0d1b1abe6a31f72f2237d9004d10a5be91d
SHA256:0311f9d5d9750aa2a1c11cbdba5a5cb7fec91c8870d6f179f324b3f5295b87dd
Referenced In Project/Scope: Simplicite Platform:compile
caffeine-3.1.6.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.simplicite/simplicite@5.3.40

Identifiers

chart.js:3.9.1

Description:

Simple HTML5 charts using the canvas element.

License:

MIT
File Path: /var/simplicite/simplicite-5.3/package.json?/chart.js:3.9.1

Referenced In Project/Scope: simplicite-js:5.3.40

Identifiers

chartjs-adapter-moment:1.0.1

Description:

Chart.js adapter to use Moment.js for time functionalities

License:

MIT
File Path: /var/simplicite/simplicite-5.3/package.json?/chartjs-adapter-moment:1.0.1

Referenced In Project/Scope: simplicite-js:5.3.40

Identifiers

checker-compat-qual-2.5.5.jar

Description:

        Checker Qual is the set of annotations (qualifiers) and supporting classes
        used by the Checker Framework to type check Java source code.  Please
        see artifact:
        org.checkerframework:checker
    

License:

GNU General Public License, version 2 (GPL2), with the classpath exception: http://www.gnu.org/software/classpath/license.html
The MIT License: http://opensource.org/licenses/MIT
File Path: /var/simplicite/.m2/repository/org/checkerframework/checker-compat-qual/2.5.5/checker-compat-qual-2.5.5.jar
MD5: b7a5c96547fb3fb6869f5f76bcd19b15
SHA1: 435dc33e3019c9f019e15f01aa111de9d6b2b79c
SHA256:11d134b245e9cacc474514d2d66b5b8618f8039a1465cdc55bbc0b34e0008b7a
Referenced In Project/Scope: Simplicite Platform:compile
checker-compat-qual-2.5.5.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.google.firebase/firebase-admin@8.1.0

Identifiers

checker-qual-3.33.0.jar

Description:

checker-qual contains annotations (type qualifiers) that a programmer
writes to specify Java code for type-checking by the Checker Framework.

License:

The MIT License: http://opensource.org/licenses/MIT
File Path: /var/simplicite/.m2/repository/org/checkerframework/checker-qual/3.33.0/checker-qual-3.33.0.jar
MD5: fc9418b779d9d57dcd52197006cbdb9b
SHA1: de2b60b62da487644fc11f734e73c8b0b431238f
SHA256:e316255bbfcd9fe50d165314b85abb2b33cb2a66a93c491db648e498a82c2de1
Referenced In Project/Scope: Simplicite Platform:compile
checker-qual-3.33.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.simplicite/simplicite@5.3.40

Identifiers

codemodel-3.0.2.jar

Description:

The core functionality of the CodeModel java source code generation library

License:

http://www.eclipse.org/org/documents/edl-v10.php
File Path: /var/simplicite/.m2/repository/org/glassfish/jaxb/codemodel/3.0.2/codemodel-3.0.2.jar
MD5: b0847dc199eb2cd4ee6e8d3627eedaa7
SHA1: 0b7caeacad98da5c40de8650317cfa573b0674c7
SHA256:693c03822476403b9fcb6578cf6b07b20c7f9d0d36a2d27cccf0c08dc587ee27
Referenced In Project/Scope: Simplicite Platform:compile
codemodel-3.0.2.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.glassfish.jaxb/jaxb-xjc@3.0.2

Identifiers

commonmark-0.21.0.jar

Description:

Core of commonmark-java (implementation of CommonMark for parsing markdown and rendering to HTML)

File Path: /var/simplicite/.m2/repository/org/commonmark/commonmark/0.21.0/commonmark-0.21.0.jar
MD5: c0c0bf595a23b868d229b5f5806b0646
SHA1: c98f0473b17c87fe4fa2fc62a7c6523a2fe018f0
SHA256:81084a7035046fe306f0dbf16ef57a68d08ee5c97004ea867e62b5db46e98afb
Referenced In Project/Scope: Simplicite Platform:compile
commonmark-0.21.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.simplicite/simplicite@5.3.40

Identifiers

commonmark-ext-autolink-0.21.0.jar

Description:

commonmark-java extension for turning plain URLs and email addresses into links

File Path: /var/simplicite/.m2/repository/org/commonmark/commonmark-ext-autolink/0.21.0/commonmark-ext-autolink-0.21.0.jar
MD5: eafd2cf973eb3d6b88cfbf825f53353b
SHA1: 55c0312cf443fa3d5af0daeeeca00d6deee3cf90
SHA256:3cd57d5d1dbde724e6700c53a590534bb24f3e2695ff3505eba32dc4c7781ba9
Referenced In Project/Scope: Simplicite Platform:compile
commonmark-ext-autolink-0.21.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.simplicite/simplicite@5.3.40

Identifiers

commonmark-ext-gfm-strikethrough-0.21.0.jar

Description:

commonmark-java extension for GFM strikethrough using ~~ (GitHub Flavored Markdown)

File Path: /var/simplicite/.m2/repository/org/commonmark/commonmark-ext-gfm-strikethrough/0.21.0/commonmark-ext-gfm-strikethrough-0.21.0.jar
MD5: 0d67b70370ae58992db317e6f59c4b6c
SHA1: 953f4b71e133a98fcca93f3c3f4e58b895b76d1f
SHA256:b5ed6fa18214e588e502385d95e878a8150f122c7a874a75a389682837b906f8
Referenced In Project/Scope: Simplicite Platform:compile
commonmark-ext-gfm-strikethrough-0.21.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.simplicite/simplicite@5.3.40

Identifiers

commonmark-ext-gfm-tables-0.21.0.jar

Description:

commonmark-java extension for GFM tables using "|" pipes (GitHub Flavored Markdown)

File Path: /var/simplicite/.m2/repository/org/commonmark/commonmark-ext-gfm-tables/0.21.0/commonmark-ext-gfm-tables-0.21.0.jar
MD5: 94435093a666e5b7c26b3fa497a314c8
SHA1: fb7d65fa89a4cfcd2f51535d2549b570cf1dbd1a
SHA256:fc05fe991f2254ab0c8f6ccb9f0b6ec1c2b6df350389ed3e411ac6f52e7a75e5
Referenced In Project/Scope: Simplicite Platform:compile
commonmark-ext-gfm-tables-0.21.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.simplicite/simplicite@5.3.40

Identifiers

commonmark-ext-heading-anchor-0.21.0.jar

Description:

commonmark-java extension for adding unique id attributes to header tags

File Path: /var/simplicite/.m2/repository/org/commonmark/commonmark-ext-heading-anchor/0.21.0/commonmark-ext-heading-anchor-0.21.0.jar
MD5: c50cfa7efc450625f763d7840db083cc
SHA1: 92529c00bb762aa3ab83ba3cd50dceb5e5e9f8e4
SHA256:e4d53590e0eefe2987786b5b5a9145c0a66c64f570eb4955b52b0255ee333e16
Referenced In Project/Scope: Simplicite Platform:compile
commonmark-ext-heading-anchor-0.21.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.simplicite/simplicite@5.3.40

Identifiers

commonmark-ext-image-attributes-0.21.0.jar

Description:

commonmark-java extension for adding attributes to images

File Path: /var/simplicite/.m2/repository/org/commonmark/commonmark-ext-image-attributes/0.21.0/commonmark-ext-image-attributes-0.21.0.jar
MD5: b31855c624f339806124fc055f8ddcd0
SHA1: a4ea23623ed6e7546425077f5161af209d302a7f
SHA256:6caf48abe76f66b857577b1c006ec31e2b56f73e321779d233f035fa2cddde1f
Referenced In Project/Scope: Simplicite Platform:compile
commonmark-ext-image-attributes-0.21.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.simplicite/simplicite@5.3.40

Identifiers

commonmark-ext-ins-0.21.0.jar

Description:

commonmark-java extension for using ++

File Path: /var/simplicite/.m2/repository/org/commonmark/commonmark-ext-ins/0.21.0/commonmark-ext-ins-0.21.0.jar
MD5: 9e05ae2e9e40e7cf30f3b90f7c437439
SHA1: 5d2126c4af5e25a0ac67aa7cd0892a562c4bfd9e
SHA256:3b544e076d3cf2259f008b168ffe6bdff4fb2871537c56f3b2a1cf3a93c84250
Referenced In Project/Scope: Simplicite Platform:compile
commonmark-ext-ins-0.21.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.simplicite/simplicite@5.3.40

Identifiers

commonmark-ext-task-list-items-0.21.0.jar

Description:

commonmark-java extension for task list items

File Path: /var/simplicite/.m2/repository/org/commonmark/commonmark-ext-task-list-items/0.21.0/commonmark-ext-task-list-items-0.21.0.jar
MD5: e03887a06f645da25e87f8f0c953365e
SHA1: 3aafb756507be546e1aa1f6f8ee6c0f1e71ebf4a
SHA256:53a3c76cf56947af1f6882a9a1ce962f3b338ca952d83dd402b7f5711c14bee0
Referenced In Project/Scope: Simplicite Platform:compile
commonmark-ext-task-list-items-0.21.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.simplicite/simplicite@5.3.40

Identifiers

commonmark-ext-yaml-front-matter-0.21.0.jar

Description:

commonmark-java extension for YAML front matter

File Path: /var/simplicite/.m2/repository/org/commonmark/commonmark-ext-yaml-front-matter/0.21.0/commonmark-ext-yaml-front-matter-0.21.0.jar
MD5: a59fa78ad0444d1bb245d35b103a3f0a
SHA1: d99588df09445d3e70627dffdb02da4338851ff2
SHA256:0683332fd8ef7aafdf28de2658fa4200e5c9a9e219c331bfde3f501854b8f798
Referenced In Project/Scope: Simplicite Platform:compile
commonmark-ext-yaml-front-matter-0.21.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.simplicite/simplicite@5.3.40

Identifiers

commons-beanutils-1.9.4.jar

Description:

Apache Commons BeanUtils provides an easy-to-use but flexible wrapper around reflection and introspection.

License:

https://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /var/simplicite/.m2/repository/commons-beanutils/commons-beanutils/1.9.4/commons-beanutils-1.9.4.jar
MD5: 07dc532ee316fe1f2f0323e9bd2f8df4
SHA1: d52b9abcd97f38c81342bb7e7ae1eee9b73cba51
SHA256:7d938c81789028045c08c065e94be75fc280527620d5bd62b519d5838532368a
Referenced In Project/Scope: Simplicite Platform:compile
commons-beanutils-1.9.4.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.simplicite/simplicite@5.3.40

Identifiers

commons-cli-1.5.0.jar

Description:

    Apache Commons CLI provides a simple API for presenting, processing and validating a Command Line Interface.
  

License:

https://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /var/simplicite/.m2/repository/commons-cli/commons-cli/1.5.0/commons-cli-1.5.0.jar
MD5: 6c3b2052160144196118b1f019504388
SHA1: dc98be5d5390230684a092589d70ea76a147925c
SHA256:bc8bb01fc0fad250385706e20f927ddcff6173f6339b387dc879237752567ac6
Referenced In Project/Scope: Simplicite Platform:compile
commons-cli-1.5.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.simplicite/simplicite@5.3.40

Identifiers

commons-codec-1.15.jar

Description:

     The Apache Commons Codec package contains simple encoder and decoders for
     various formats such as Base64 and Hexadecimal.  In addition to these
     widely used encoders and decoders, the codec package also maintains a
     collection of phonetic encoding utilities.
  

License:

https://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /var/simplicite/.m2/repository/commons-codec/commons-codec/1.15/commons-codec-1.15.jar
MD5: 303baf002ce6d382198090aedd9d79a2
SHA1: 49d94806b6e3dc933dacbd8acb0fdbab8ebd1e5d
SHA256:b3e9f6d63a790109bf0d056611fbed1cf69055826defeb9894a71369d246ed63
Referenced In Project/Scope: Simplicite Platform:compile
commons-codec-1.15.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.simplicite/simplicite@5.3.40

Identifiers

commons-collections-3.2.2.jar

Description:

Types that extend and augment the Java Collections Framework.

License:

http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /var/simplicite/.m2/repository/commons-collections/commons-collections/3.2.2/commons-collections-3.2.2.jar
MD5: f54a8510f834a1a57166970bfc982e94
SHA1: 8ad72fe39fa8c91eaaf12aadb21e0c3661fe26d5
SHA256:eeeae917917144a68a741d4c0dff66aa5c5c5fd85593ff217bced3fc8ca783b8
Referenced In Project/Scope: Simplicite Platform:compile
commons-collections-3.2.2.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.simplicite/simplicite@5.3.40

Identifiers

commons-collections4-4.4.jar

Description:

The Apache Commons Collections package contains types that extend and augment the Java Collections Framework.

License:

https://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /var/simplicite/.m2/repository/org/apache/commons/commons-collections4/4.4/commons-collections4-4.4.jar
MD5: 4a37023740719b391f10030362c86be6
SHA1: 62ebe7544cb7164d87e0637a2a6a2bdc981395e8
SHA256:1df8b9430b5c8ed143d7815e403e33ef5371b2400aadbe9bda0883762e0846d1
Referenced In Project/Scope: Simplicite Platform:compile
commons-collections4-4.4.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.simplicite/simplicite@5.3.40

Identifiers

commons-compress-1.23.0.jar

Description:

Apache Commons Compress software defines an API for working with
compression and archive formats.  These include: bzip2, gzip, pack200,
lzma, xz, Snappy, traditional Unix Compress, DEFLATE, DEFLATE64, LZ4,
Brotli, Zstandard and ar, cpio, jar, tar, zip, dump, 7z, arj.
  

License:

https://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /var/simplicite/.m2/repository/org/apache/commons/commons-compress/1.23.0/commons-compress-1.23.0.jar
MD5: 96b88349958aeaa15cdf6e5e877bdced
SHA1: 4af2060ea9b0c8b74f1854c6cafe4d43cfc161fc
SHA256:c267f17160e9ef662b4d78b7f29dca7c82b15c5cff2cb6a9865ef4ab3dd5b787
Referenced In Project/Scope: Simplicite Platform:compile
commons-compress-1.23.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.simplicite/simplicite@5.3.40

Identifiers

CVE-2023-42503  

Improper Input Validation, Uncontrolled Resource Consumption vulnerability in Apache Commons Compress in TAR parsing.This issue affects Apache Commons Compress:��from 1.22 before 1.24.0.

Users are recommended to upgrade to version 1.24.0, which fixes the issue.

A third party can create a malformed TAR file by manipulating file modification times headers, which when parsed with Apache Commons Compress, will cause a denial of service issue via CPU consumption.

In version 1.22 of Apache Commons Compress, support was added for file modification times with higher precision (issue # COMPRESS-612 [1]). The format for the PAX extended headers carrying this data consists of two numbers separated by a period [2], indicating seconds and subsecond precision (for example ���1647221103.5998539���). The impacted fields are ���atime���, ���ctime���, ���mtime��� and ���LIBARCHIVE.creationtime���. No input validation is performed prior to the parsing of header values.

Parsing of these numbers uses the BigDecimal [3] class from the JDK which has a publicly known algorithmic complexity issue when doing operations on large numbers, causing denial of service (see issue # JDK-6560193 [4]). A third party can manipulate file time headers in a TAR file by placing a number with a very long fraction (300,000 digits) or a number with exponent notation (such as ���9e9999999���) within a file modification time header, and the parsing of files with these headers will take hours instead of seconds, leading to a denial of service via exhaustion of CPU resources. This issue is similar to CVE-2012-2098 [5].

[1]:  https://issues.apache.org/jira/browse/COMPRESS-612 
[2]:  https://pubs.opengroup.org/onlinepubs/9699919799/utilities/pax.html#tag_20_92_13_05 
[3]:  https://docs.oracle.com/javase/8/docs/api/java/math/BigDecimal.html 
[4]:  https://bugs.openjdk.org/browse/JDK-6560193 
[5]:  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2098 

Only applications using CompressorStreamFactory class (with auto-detection of file types), TarArchiveInputStream and TarFile classes to parse TAR files are impacted. Since this code was introduced in v1.22, only that version and later versions are impacted.

CWE-400 Uncontrolled Resource Consumption, CWE-20 Improper Input Validation, NVD-CWE-noinfo

CVSSv3:
  • Base Score: MEDIUM (5.5)
  • Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:1.8/RC:R/MAV:A

References:

Vulnerable Software & Versions:

CVE-2024-25710  

Loop with Unreachable Exit Condition ('Infinite Loop') vulnerability in Apache Commons Compress.This issue affects Apache Commons Compress: from 1.3 through 1.25.0.

Users are recommended to upgrade to version 1.26.0 which fixes the issue.

CWE-835 Loop with Unreachable Exit Condition ('Infinite Loop')

CVSSv3:
  • Base Score: MEDIUM (5.5)
  • Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:1.8/RC:R/MAV:A

References:

Vulnerable Software & Versions:

CVE-2024-26308  

Allocation of Resources Without Limits or Throttling vulnerability in Apache Commons Compress.This issue affects Apache Commons Compress: from 1.21 before 1.26.

Users are recommended to upgrade to version 1.26, which fixes the issue.

CWE-770 Allocation of Resources Without Limits or Throttling

CVSSv3:
  • Base Score: MEDIUM (5.5)
  • Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:1.8/RC:R/MAV:A

References:

Vulnerable Software & Versions:

commons-csv-1.10.0.jar

Description:

The Apache Commons CSV library provides a simple interface for reading and writing CSV files of various types.

License:

https://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /var/simplicite/.m2/repository/org/apache/commons/commons-csv/1.10.0/commons-csv-1.10.0.jar
MD5: 9b3be74e726a151524bf31ec293ff285
SHA1: 8669bee353424c3223c93723291b5c3753260c1c
SHA256:2d06e6a07a636baf777ad8e659256f2119109dde23551c9b80c5422d424b808c
Referenced In Project/Scope: Simplicite Platform:compile
commons-csv-1.10.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.simplicite/simplicite@5.3.40

Identifiers

commons-digester-2.1.jar

Description:

    The Digester package lets you configure an XML to Java object mapping module
    which triggers certain actions called rules whenever a particular 
    pattern of nested XML elements is recognized.
  

License:

http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /var/simplicite/.m2/repository/commons-digester/commons-digester/2.1/commons-digester-2.1.jar
MD5: 528445033f22da28f5047b6abcd1c7c9
SHA1: 73a8001e7a54a255eef0f03521ec1805dc738ca0
SHA256:e0b2b980a84fc6533c5ce291f1917b32c507f62bcad64198fff44368c2196a3d
Referenced In Project/Scope: Simplicite Platform:compile
commons-digester-2.1.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/commons-validator/commons-validator@1.7

Identifiers

commons-discovery-0.5.jar

Description:

The Apache Commons Discovery component is about discovering, or finding,
  implementations for pluggable interfaces.

License:

http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /var/simplicite/.m2/repository/commons-discovery/commons-discovery/0.5/commons-discovery-0.5.jar
MD5: b35120680c3a22cec7a037fce196cd97
SHA1: 3a8ac816bbe02d2f88523ef22cbf2c4abd71d6a8
SHA256:e5b7d58ae62e5b309d5c0ffa5a5b1d9d1e0f0c4c3cc18d1fe3103fd29f90149d
Referenced In Project/Scope: Simplicite Platform:compile
commons-discovery-0.5.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.simplicite/simplicite@5.3.40

Identifiers

CVE-2022-0869  

Multiple Open Redirect in GitHub repository nitely/spirit prior to 0.12.3.
CWE-601 URL Redirection to Untrusted Site ('Open Redirect')

CVSSv2:
  • Base Score: MEDIUM (5.8)
  • Vector: /AV:N/AC:M/Au:N/C:P/I:P/A:N
CVSSv3:
  • Base Score: MEDIUM (6.1)
  • Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:2.8/RC:R/MAV:A

References:

Vulnerable Software & Versions:

commons-email-1.5.jar

Description:

        Apache Commons Email aims to provide an API for sending email. It is built on top of
        the JavaMail API, which it aims to simplify.
    

License:

http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /var/simplicite/.m2/repository/org/apache/commons/commons-email/1.5/commons-email-1.5.jar
MD5: e72657496d31f152aa26d4122e0850d9
SHA1: e8e677c6362eba14ff3c476ba63ccb83132dbd52
SHA256:ee8479906abb2c355a46a0a9845cfa1803bcc3c520a34baea4a6cf4e1f0f0cc1
Referenced In Project/Scope: Simplicite Platform:compile
commons-email-1.5.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.simplicite/simplicite@5.3.40

Identifiers

commons-exec-1.3.jar

Description:

Apache Commons Exec is a library to reliably execute external processes from within the JVM.

License:

http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /var/simplicite/.m2/repository/org/apache/commons/commons-exec/1.3/commons-exec-1.3.jar
MD5: 8bb8fa2edfd60d5c7ed6bf9923d14aa8
SHA1: 8dfb9facd0830a27b1b5f29f84593f0aeee7773b
SHA256:cb49812dc1bfb0ea4f20f398bcae1a88c6406e213e67f7524fb10d4f8ad9347b
Referenced In Project/Scope: Simplicite Platform:compile
commons-exec-1.3.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.simplicite/simplicite@5.3.40

Identifiers

commons-fileupload-1.5.jar

Description:

    The Apache Commons FileUpload component provides a simple yet flexible means of adding support for multipart
    file upload functionality to servlets and web applications.
  

License:

https://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /var/simplicite/.m2/repository/commons-fileupload/commons-fileupload/1.5/commons-fileupload-1.5.jar
MD5: e57ac8a1a6412886a133a2fa08b89735
SHA1: ad4ad2ab2961b4e1891472bd1a33fabefb0385f3
SHA256:51f7b3dcb4e50c7662994da2f47231519ff99707a5c7fb7b05f4c4d3a1728c14
Referenced In Project/Scope: Simplicite Platform:compile
commons-fileupload-1.5.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.simplicite/simplicite@5.3.40

Identifiers

commons-imaging-1.0-alpha3.jar

Description:

Apache Commons Imaging (previously Sanselan) is a pure-Java image library.

License:

https://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /var/simplicite/.m2/repository/org/apache/commons/commons-imaging/1.0-alpha3/commons-imaging-1.0-alpha3.jar
MD5: c08d610dd64f970d286444654733a38f
SHA1: 6c753938422d5810ab815a24337d062bf4e22614
SHA256:3c5efe8c6654eae6384f0c2e382fafec1f164be527117803d869f8df27b84853
Referenced In Project/Scope: Simplicite Platform:compile
commons-imaging-1.0-alpha3.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.simplicite/simplicite@5.3.40

Identifiers

commons-io-2.11.0.jar

Description:

The Apache Commons IO library contains utility classes, stream implementations, file filters,
file comparators, endian transformation classes, and much more.
  

License:

https://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /var/simplicite/.m2/repository/commons-io/commons-io/2.11.0/commons-io-2.11.0.jar
MD5: 3b4b7ccfaeceeac240b804839ee1a1ca
SHA1: a2503f302b11ebde7ebc3df41daebe0e4eea3689
SHA256:961b2f6d87dbacc5d54abf45ab7a6e2495f89b75598962d8c723cea9bc210908
Referenced In Project/Scope: Simplicite Platform:compile
commons-io-2.11.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.simplicite/simplicite@5.3.40

Identifiers

commons-lang-2.6.jar

Description:

        Commons Lang, a package of Java utility classes for the
        classes that are in java.lang's hierarchy, or are considered to be so
        standard as to justify existence in java.lang.
    

License:

http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /var/simplicite/.m2/repository/commons-lang/commons-lang/2.6/commons-lang-2.6.jar
MD5: 4d5c1693079575b362edf41500630bbd
SHA1: 0ce1edb914c94ebc388f086c6827e8bdeec71ac2
SHA256:50f11b09f877c294d56f24463f47d28f929cf5044f648661c0f0cfbae9a2f49c
Referenced In Project/Scope: Simplicite Platform:compile
commons-lang-2.6.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.simplicite/simplicite@5.3.40

Identifiers

commons-lang3-3.12.0.jar

Description:

  Apache Commons Lang, a package of Java utility classes for the
  classes that are in java.lang's hierarchy, or are considered to be so
  standard as to justify existence in java.lang.
  

License:

https://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /var/simplicite/.m2/repository/org/apache/commons/commons-lang3/3.12.0/commons-lang3-3.12.0.jar
MD5: 19fe50567358922bdad277959ea69545
SHA1: c6842c86792ff03b9f1d1fe2aab8dc23aa6c6f0e
SHA256:d919d904486c037f8d193412da0c92e22a9fa24230b9d67a57855c5c31c7e94e
Referenced In Project/Scope: Simplicite Platform:compile
commons-lang3-3.12.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.simplicite/simplicite@5.3.40

Identifiers

commons-logging-1.2.jar

Description:

Apache Commons Logging is a thin adapter allowing configurable bridging to other,
    well known logging systems.

License:

http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /var/simplicite/.m2/repository/commons-logging/commons-logging/1.2/commons-logging-1.2.jar
MD5: 040b4b4d8eac886f6b4a2a3bd2f31b00
SHA1: 4bfc12adfe4842bf07b657f0369c4cb522955686
SHA256:daddea1ea0be0f56978ab3006b8ac92834afeefbd9b7e4e6316fca57df0fa636
Referenced In Project/Scope: Simplicite Platform:compile
commons-logging-1.2.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.simplicite/simplicite@5.3.40

Identifiers

commons-math3-3.6.1.jar

Description:

The Apache Commons Math project is a library of lightweight, self-contained mathematics and statistics components addressing the most common practical problems not immediately available in the Java programming language or commons-lang.

License:

http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /var/simplicite/.m2/repository/org/apache/commons/commons-math3/3.6.1/commons-math3-3.6.1.jar
MD5: 5b730d97e4e6368069de1983937c508e
SHA1: e4ba98f1d4b3c80ec46392f25e094a6a2e58fcbf
SHA256:1e56d7b058d28b65abd256b8458e3885b674c1d588fa43cd7d1cbb9c7ef2b308
Referenced In Project/Scope: Simplicite Platform:compile
commons-math3-3.6.1.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.simplicite/simplicite@5.3.40

Identifiers

commons-net-3.9.0.jar

Description:

Apache Commons Net library contains a collection of network utilities and protocol implementations.
Supported protocols include: Echo, Finger, FTP, NNTP, NTP, POP3(S), SMTP(S), Telnet, Whois
    

License:

https://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /var/simplicite/.m2/repository/commons-net/commons-net/3.9.0/commons-net-3.9.0.jar
MD5: 5254d7c277c30a378518e99b9d1d3522
SHA1: 5a4e26802e0a5a42938f987976b55dae4a6cc636
SHA256:e3c1566f821b84489308cd933f57e8c00dd8714dc96b898bef844386510d3461
Referenced In Project/Scope: Simplicite Platform:compile
commons-net-3.9.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.simplicite/simplicite@5.3.40

Identifiers

commons-pool2-2.11.1.jar

Description:

The Apache Commons Object Pooling Library.

License:

https://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /var/simplicite/.m2/repository/org/apache/commons/commons-pool2/2.11.1/commons-pool2-2.11.1.jar
MD5: 2210a041929e7c94485d5402458340b9
SHA1: 8970fd110c965f285ed4c6e40be7630c62db6f68
SHA256:ea0505ee7515e58b1ac0e686e4d1a5d9f7d808e251a61bc371aa0595b9963f83
Referenced In Project/Scope: Simplicite Platform:compile
commons-pool2-2.11.1.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.simplicite/simplicite@5.3.40