Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies;
false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and
the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties,
implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided
is at the user’s risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever
arising out of or in connection with the use of this tool, the analysis performed, or the resulting report.
Scan Information (
show all ):
dependency-check version : 8.4.3Report Generated On : Tue, 2 Jan 2024 02:23:27 GMTDependencies Scanned : 227 (209 unique)Vulnerable Dependencies : 20 Vulnerabilities Found : 45Vulnerabilities Suppressed : 0 ... NVD CVE Checked : 2024-01-02T02:23:04NVD CVE Modified : 2024-01-02T01:00:01VersionCheckOn : 2024-01-02T02:23:13kev.checked : 1704162193Summary Display:
Showing Vulnerable Dependencies (click to show all) Description:
A set of annotations used for code inspection support and code documentation. License:
The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /home/runner/.m2/repository/org/jetbrains/annotations/15.0/annotations-15.0.jar
MD5: b2e51424d010bd1cf386cc203db8ae84
SHA1: d40ab99147584cf6cfb5245be67b3fee2c7220f9
SHA256: d74599cef2b363fdb3cdd3198515aca090e3ea3e98b2ba473c6e46f114dab272
Evidence Type Source Name Value Confidence Vendor file name annotations High Vendor jar package name annotations Highest Vendor jar package name annotations Low Vendor jar package name intellij Highest Vendor jar package name intellij Low Vendor jar package name jetbrains Highest Vendor jar package name lang Low Vendor pom artifactid annotations Low Vendor pom developer id JetBrains Medium Vendor pom developer name JetBrains Team Medium Vendor pom developer org JetBrains Medium Vendor pom developer org URL https://www.jetbrains.com Medium Vendor pom groupid org.jetbrains Highest Vendor pom name IntelliJ IDEA Annotations High Vendor pom url http://www.jetbrains.org Highest Product file name annotations High Product jar package name annotations Highest Product jar package name annotations Low Product jar package name intellij Highest Product jar package name jetbrains Highest Product jar package name lang Low Product pom artifactid annotations Highest Product pom developer id JetBrains Low Product pom developer name JetBrains Team Low Product pom developer org JetBrains Low Product pom developer org URL https://www.jetbrains.com Low Product pom groupid org.jetbrains Highest Product pom name IntelliJ IDEA Annotations High Product pom url http://www.jetbrains.org Medium Version file version 15.0 High Version pom version 15.0 Highest
Description:
Point out your outdated dependencies License:
Eclipse Public License - v 2.0: https://www.eclipse.org/legal/epl-2.0/ File Path: /home/runner/.m2/repository/com/github/liquidz/antq/2.7.1147/antq-2.7.1147.jar
MD5: f49ee096615eb0e29eb2578b7cc62365
SHA1: 9117ccb64235877a54c5017bf316939e2cc9184d
SHA256: 27c8f13bc755dcca27c1a7e13d3a0a62580f5774349a87f43745f2adcaedad08
Evidence Type Source Name Value Confidence Vendor file name antq High Vendor Manifest build-jdk-spec 11 Low Vendor pom artifactid antq Low Vendor pom groupid antq Highest Vendor pom groupid com.github.liquidz Highest Vendor pom name antq High Product file name antq High Product Manifest build-jdk-spec 11 Low Product pom artifactid antq Highest Product pom groupid antq Highest Product pom groupid com.github.liquidz Highest Product pom name antq High Version file version 2.7.1147 High Version pom version 2.7.1147 Highest
Description:
AOP Alliance License:
Public Domain File Path: /home/runner/.m2/repository/aopalliance/aopalliance/1.0/aopalliance-1.0.jar
MD5: 04177054e180d09e3998808efa0401c7
SHA1: 0235ba8b489512805ac13a8f9ea77a1ca5ebe3e8
SHA256: 0addec670fedcd3f113c5c8091d783280d23f75e3acb841b61a9cdb079376a08
Evidence Type Source Name Value Confidence Vendor file name aopalliance High Vendor jar package name aop Highest Vendor jar package name aopalliance Highest Vendor jar package name aopalliance Low Vendor jar package name intercept Low Vendor pom artifactid aopalliance Low Vendor pom groupid aopalliance Highest Vendor pom name AOP alliance High Vendor pom url http://aopalliance.sourceforge.net Highest Product file name aopalliance High Product jar package name aop Highest Product jar package name aopalliance Highest Product jar package name intercept Low Product pom artifactid aopalliance Highest Product pom groupid aopalliance Highest Product pom name AOP alliance High Product pom url http://aopalliance.sourceforge.net Medium Version file version 1.0 High Version pom version 1.0 Highest
Description:
A Clojure API for the AWS API License:
The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /home/runner/.m2/repository/com/cognitect/aws/api/0.8.686/api-0.8.686.jar
MD5: dda7ecf88b44283ffa495546da8cf28b
SHA1: 205993a9295e0a77e7d36c6bccaa8ac68cd2a858
SHA256: 3127804f4b6c44fe3320cf623c4813169ca2bec16ee111c70e69bfb04e017d9b
Evidence Type Source Name Value Confidence Vendor file name api High Vendor Manifest build-jdk-spec 11 Low Vendor pom artifactid api Low Vendor pom developer email labs@cognitect.com Low Vendor pom developer name Cognitect Medium Vendor pom developer org Cognitect Medium Vendor pom developer org URL http://cognitect.com Medium Vendor pom groupid com.cognitect.aws Highest Vendor pom name aws-api High Vendor pom url http://github.com/cognitect-labs/aws-api Highest Product file name api High Product Manifest build-jdk-spec 11 Low Product pom artifactid api Highest Product pom developer email labs@cognitect.com Low Product pom developer name Cognitect Low Product pom developer org Cognitect Low Product pom developer org URL http://cognitect.com Low Product pom groupid com.cognitect.aws Highest Product pom name aws-api High Product pom url http://github.com/cognitect-labs/aws-api Medium Version file version 0.8.686 High Version pom version 0.8.686 Highest
Description:
A micro library that provides a Clojure implementation of the Apache Software Foundation's 3rd Party License Policy (https://www.apache.org/legal/resolved.html). License:
Apache License 2.0: http://www.apache.org/licenses/LICENSE-2.0.html File Path: /home/runner/.m2/repository/com/github/pmonks/asf-cat/2.0.116/asf-cat-2.0.116.jar
MD5: 5e49866c64820238b12651568267c8a2
SHA1: 5bdddea8fce7e45cd92c32c0579added18f44ca2
SHA256: 5a727067c274d84992efdcc55e0a2837c55964c1cbb419365667df835914fa16
Evidence Type Source Name Value Confidence Vendor file name asf-cat High Vendor Manifest build-jdk-spec 21 Low Vendor pom artifactid asf-cat Low Vendor pom developer email pmonks+asf-cat@gmail.com Low Vendor pom developer id pmonks Medium Vendor pom developer name Peter Monks Medium Vendor pom groupid com.github.pmonks Highest Vendor pom name asf-cat High Vendor pom url pmonks/asf-cat Highest Product file name asf-cat High Product Manifest build-jdk-spec 21 Low Product pom artifactid asf-cat Highest Product pom developer email pmonks+asf-cat@gmail.com Low Product pom developer id pmonks Low Product pom developer name Peter Monks Low Product pom groupid com.github.pmonks Highest Product pom name asf-cat High Product pom url pmonks/asf-cat High Version file version 2.0.116 High Version pom version 2.0.116 Highest
Description:
ASM, a very small and fast Java bytecode manipulation framework License:
BSD-3-Clause: https://asm.ow2.io/license.html File Path: /home/runner/.m2/repository/org/ow2/asm/asm/9.4/asm-9.4.jar
MD5: ffa64f03a23a4823d98703e6ce6ff397
SHA1: b4e0e2d2e023aa317b7cfcfc916377ea348e07d1
SHA256: 39d0e2b3dc45af65a09b097945750a94a126e052e124f93468443a1d0e15f381
Evidence Type Source Name Value Confidence Vendor file name asm High Vendor jar package name asm Highest Vendor jar package name objectweb Highest Vendor Manifest bundle-docurl http://asm.ow2.org Low Vendor Manifest bundle-requiredexecutionenvironment J2SE-1.5 Low Vendor Manifest bundle-symbolicname org.objectweb.asm Medium Vendor pom artifactid asm Low Vendor pom developer email ebruneton@free.fr Low Vendor pom developer email eu@javatx.org Low Vendor pom developer email forax@univ-mlv.fr Low Vendor pom developer id ebruneton Medium Vendor pom developer id eu Medium Vendor pom developer id forax Medium Vendor pom developer name Eric Bruneton Medium Vendor pom developer name Eugene Kuleshov Medium Vendor pom developer name Remi Forax Medium Vendor pom groupid org.ow2.asm Highest Vendor pom name asm High Vendor pom organization name OW2 High Vendor pom organization url http://www.ow2.org/ Medium Vendor pom parent-artifactid ow2 Low Vendor pom parent-groupid org.ow2 Medium Vendor pom url http://asm.ow2.io/ Highest Product file name asm High Product jar package name asm Highest Product jar package name objectweb Highest Product Manifest bundle-docurl http://asm.ow2.org Low Product Manifest Bundle-Name org.objectweb.asm Medium Product Manifest bundle-requiredexecutionenvironment J2SE-1.5 Low Product Manifest bundle-symbolicname org.objectweb.asm Medium Product Manifest Implementation-Title ASM, a very small and fast Java bytecode manipulation framework High Product pom artifactid asm Highest Product pom developer email ebruneton@free.fr Low Product pom developer email eu@javatx.org Low Product pom developer email forax@univ-mlv.fr Low Product pom developer id ebruneton Low Product pom developer id eu Low Product pom developer id forax Low Product pom developer name Eric Bruneton Low Product pom developer name Eugene Kuleshov Low Product pom developer name Remi Forax Low Product pom groupid org.ow2.asm Highest Product pom name asm High Product pom organization name OW2 Low Product pom organization url http://www.ow2.org/ Low Product pom parent-artifactid ow2 Medium Product pom parent-groupid org.ow2 Medium Product pom url http://asm.ow2.io/ Medium Version file version 9.4 High Version Manifest Implementation-Version 9.4 High Version pom parent-version 9.4 Low Version pom version 9.4 Highest
File Path: /home/runner/.m2/repository/org/ow2/asm/asm-all/5.2/asm-all-5.2.jarMD5: f5ad16c7f0338b541978b0430d51dc83SHA1: 2ea49e08b876bbd33e0a7ce75c8f371d29e1f10aSHA256: 7fbffbc1db3422e2101689fd88df8384b15817b52b9b2b267b9f6d2511dc198d
Evidence Type Source Name Value Confidence Vendor file name asm-all High Vendor jar package name asm Highest Vendor jar package name objectweb Highest Vendor Manifest bundle-docurl http://asm.objectweb.org Low Vendor Manifest bundle-requiredexecutionenvironment J2SE-1.3 Low Vendor Manifest bundle-symbolicname org.objectweb.asm.all Medium Vendor Manifest Implementation-Vendor France Telecom R&D High Vendor pom artifactid asm-all Low Vendor pom groupid org.ow2.asm Highest Vendor pom name ASM All High Vendor pom parent-artifactid asm-parent Low Product file name asm-all High Product jar package name asm Highest Product jar package name objectweb Highest Product Manifest bundle-docurl http://asm.objectweb.org Low Product Manifest Bundle-Name ASM all classes with debug info Medium Product Manifest bundle-requiredexecutionenvironment J2SE-1.3 Low Product Manifest bundle-symbolicname org.objectweb.asm.all Medium Product Manifest Implementation-Title ASM all classes High Product pom artifactid asm-all Highest Product pom groupid org.ow2.asm Highest Product pom name ASM All High Product pom parent-artifactid asm-parent Medium Version file version 5.2 High Version Manifest Bundle-Version 5.2 High Version Manifest Implementation-Version 5.2 High Version pom version 5.2 Highest
Description:
Java library to extract links (URLs, email addresses) from plain text;
fast, small and smart about recognizing where links end
License:
MIT License: http://www.opensource.org/licenses/mit-license.php File Path: /home/runner/.m2/repository/org/nibor/autolink/autolink/0.6.0/autolink-0.6.0.jar
MD5: f2633571471a5957ee12e61b184e6219
SHA1: 3986d016a14e8c81afeec752f19af29b20e8367b
SHA256: a80be030f6386f18111cad9161c0b6983157352a1b59a59e6002172f0d321c04
Evidence Type Source Name Value Confidence Vendor file name autolink High Vendor jar package name autolink Highest Vendor jar package name autolink Low Vendor jar package name nibor Highest Vendor jar package name nibor Low Vendor pom artifactid autolink Low Vendor pom developer email robin@nibor.org Low Vendor pom developer name Robin Stocker Medium Vendor pom groupid org.nibor.autolink Highest Vendor pom name autolink-java High Vendor pom url robinst/autolink-java Highest Product file name autolink High Product jar package name autolink Highest Product jar package name autolink Low Product jar package name nibor Highest Product pom artifactid autolink Highest Product pom developer email robin@nibor.org Low Product pom developer name Robin Stocker Low Product pom groupid org.nibor.autolink Highest Product pom name autolink-java High Product pom url robinst/autolink-java High Version file version 0.6.0 High Version pom version 0.6.0 Highest
Description:
The Amazon Web Services SDK for Java provides Java APIs for building software on AWS’ cost-effective, scalable, and reliable infrastructure products. The AWS Java SDK allows developers to code against APIs for all of Amazon's infrastructure web services (Amazon S3, Amazon EC2, Amazon SQS, Amazon Relational Database Service, Amazon AutoScaling, etc). License:
Apache License, Version 2.0: https://aws.amazon.com/apache2.0 File Path: /home/runner/.m2/repository/com/amazonaws/aws-java-sdk/1.4.3/aws-java-sdk-1.4.3.jar
MD5: e0e82750a0067721fc0296238e8277fa
SHA1: 4fa5f969d60615cd48672a3e0fc9468f4a4ab022
SHA256: 5e2777d20c5d0bbd493fb8403ce1796760a0379b044b334285fcd816a07fdf8f
Evidence Type Source Name Value Confidence Vendor file name aws-java-sdk High Vendor jar package name amazonaws Highest Vendor jar package name amazonaws Low Vendor jar package name autoscaling Highest Vendor jar package name ec2 Highest Vendor jar package name s3 Highest Vendor jar package name services Highest Vendor jar package name services Low Vendor jar package name sqs Highest Vendor pom artifactid aws-java-sdk Low Vendor pom developer id amazonwebservices Medium Vendor pom developer org Amazon Web Services Medium Vendor pom developer org URL https://aws.amazon.com Medium Vendor pom groupid com.amazonaws Highest Vendor pom name AWS SDK for Java High Vendor pom url https://aws.amazon.com/sdkforjava Highest Product file name aws-java-sdk High Product jar package name amazonaws Highest Product jar package name autoscaling Highest Product jar package name ec2 Highest Product jar package name model Low Product jar package name s3 Highest Product jar package name services Highest Product jar package name services Low Product jar package name sqs Highest Product pom artifactid aws-java-sdk Highest Product pom developer id amazonwebservices Low Product pom developer org Amazon Web Services Low Product pom developer org URL https://aws.amazon.com Low Product pom groupid com.amazonaws Highest Product pom name AWS SDK for Java High Product pom url https://aws.amazon.com/sdkforjava Medium Version file version 1.4.3 High Version pom version 1.4.3 Highest
CVE-2022-31159 suppress
The AWS SDK for Java enables Java developers to work with Amazon Web Services. A partial-path traversal issue exists within the `downloadDirectory` method in the AWS S3 TransferManager component of the AWS SDK for Java v1 prior to version 1.12.261. Applications using the SDK control the `destinationDirectory` argument, but S3 object keys are determined by the application that uploaded the objects. The `downloadDirectory` method allows the caller to pass a filesystem object in the object key but contained an issue in the validation logic for the key name. A knowledgeable actor could bypass the validation logic by including a UNIX double-dot in the bucket key. Under certain conditions, this could permit them to retrieve a directory from their S3 bucket that is one level up in the filesystem from their working directory. This issue’s scope is limited to directories whose name prefix matches the destinationDirectory. E.g. for destination directory`/tmp/foo`, the actor can cause a download to `/tmp/foo-bar`, but not `/tmp/bar`. If `com.amazonaws.services.s3.transfer.TransferManager::downloadDirectory` is used to download an untrusted buckets contents, the contents of that bucket can be written outside of the intended destination directory. Version 1.12.261 contains a patch for this issue. As a workaround, when calling `com.amazonaws.services.s3.transfer.TransferManager::downloadDirectory`, pass a `KeyFilter` that forbids `S3ObjectSummary` objects that `getKey` method return a string containing the substring `..` . CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVSSv3:
Base Score: MEDIUM (6.5) Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N References:
Vulnerable Software & Versions:
Description:
The AWS SDK for Java - Core module holds the classes that are used by the individual service clients to interact with Amazon Web Services. Users need to depend on aws-java-sdk artifact for accessing individual client classes. File Path: /home/runner/.m2/repository/com/amazonaws/aws-java-sdk-core/1.12.49/aws-java-sdk-core-1.12.49.jarMD5: 95a04d0366360afab235ac1c073de70aSHA1: 3eeb58697abeed8bf6cb2c2bad9fd8c61cb1670fSHA256: e14683558e39ff2387888f6784de1457fbbe2fbca139de2548b432c90cd66da8
Evidence Type Source Name Value Confidence Vendor file name aws-java-sdk-core High Vendor jar package name amazonaws Highest Vendor jar package name amazonaws Low Vendor jar package name classes Highest Vendor jar package name service Highest Vendor pom artifactid aws-java-sdk-core Low Vendor pom groupid com.amazonaws Highest Vendor pom name AWS SDK for Java - Core High Vendor pom parent-artifactid aws-java-sdk-pom Low Vendor pom url https://aws.amazon.com/sdkforjava Highest Product file name aws-java-sdk-core High Product jar package name amazonaws Highest Product jar package name classes Highest Product jar package name service Highest Product pom artifactid aws-java-sdk-core Highest Product pom groupid com.amazonaws Highest Product pom name AWS SDK for Java - Core High Product pom parent-artifactid aws-java-sdk-pom Medium Product pom url https://aws.amazon.com/sdkforjava Medium Version file version 1.12.49 High Version pom version 1.12.49 Highest
Related Dependencies aws-java-sdk-kms-1.12.49.jarFile Path: /home/runner/.m2/repository/com/amazonaws/aws-java-sdk-kms/1.12.49/aws-java-sdk-kms-1.12.49.jar MD5: 3b1394818a834a2a8f53bffdc5b7c0a0 SHA1: bcab71a37216898a746eb42bf6e5862f5a5b55b7 SHA256: ba048dd7cd4e4e05cf52af6e1040ae9a837623f557493baada141f0b187ddeb8 pkg:maven/com.amazonaws/aws-java-sdk-kms@1.12.49 aws-java-sdk-s3-1.12.49.jarFile Path: /home/runner/.m2/repository/com/amazonaws/aws-java-sdk-s3/1.12.49/aws-java-sdk-s3-1.12.49.jar MD5: 8e00569d39c500f24becd6a884f6b7af SHA1: f90eb3eb25316e016cff245bb2312cc98b0818ca SHA256: e68567994242bd0a43810bee965bf706a8ddc78565ef6033d87a4ef616b9589e pkg:maven/com.amazonaws/aws-java-sdk-s3@1.12.49 aws-java-sdk-sts-1.12.49.jarFile Path: /home/runner/.m2/repository/com/amazonaws/aws-java-sdk-sts/1.12.49/aws-java-sdk-sts-1.12.49.jar MD5: b58a4e7972eb4408c5bdd4aa9655a03d SHA1: a0579ee5b29fe443371d49b59369abfb70383044 SHA256: fc062044bea46ecd1b51147865e0c7c1d9c3562d818ff9e590e2c685d83a1c90 pkg:maven/com.amazonaws/aws-java-sdk-sts@1.12.49 CVE-2022-31159 suppress
The AWS SDK for Java enables Java developers to work with Amazon Web Services. A partial-path traversal issue exists within the `downloadDirectory` method in the AWS S3 TransferManager component of the AWS SDK for Java v1 prior to version 1.12.261. Applications using the SDK control the `destinationDirectory` argument, but S3 object keys are determined by the application that uploaded the objects. The `downloadDirectory` method allows the caller to pass a filesystem object in the object key but contained an issue in the validation logic for the key name. A knowledgeable actor could bypass the validation logic by including a UNIX double-dot in the bucket key. Under certain conditions, this could permit them to retrieve a directory from their S3 bucket that is one level up in the filesystem from their working directory. This issue’s scope is limited to directories whose name prefix matches the destinationDirectory. E.g. for destination directory`/tmp/foo`, the actor can cause a download to `/tmp/foo-bar`, but not `/tmp/bar`. If `com.amazonaws.services.s3.transfer.TransferManager::downloadDirectory` is used to download an untrusted buckets contents, the contents of that bucket can be written outside of the intended destination directory. Version 1.12.261 contains a patch for this issue. As a workaround, when calling `com.amazonaws.services.s3.transfer.TransferManager::downloadDirectory`, pass a `KeyFilter` that forbids `S3ObjectSummary` objects that `getKey` method return a string containing the substring `..` . CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVSSv3:
Base Score: MEDIUM (6.5) Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N References:
Vulnerable Software & Versions:
Description:
Standard Maven wagon support for s3:// urls License:
Apache License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0 File Path: /home/runner/.m2/repository/org/springframework/build/aws-maven/4.8.0.RELEASE/aws-maven-4.8.0.RELEASE.jar
MD5: b884f5373acf25b89b9c27fb18be91f6
SHA1: fbd8e2a04ee99a0ff854c2b69aecef7a2095d71f
SHA256: 00dec69ddcddf05c947fb0a87d5178d986baab053471f80d52699590e1fb3ba8
Evidence Type Source Name Value Confidence Vendor file name aws-maven High Vendor hint analyzer vendor pivotal software Highest Vendor hint analyzer vendor SpringSource Highest Vendor hint analyzer vendor vmware Highest Vendor jar package name aws Highest Vendor jar package name aws Low Vendor jar package name build Highest Vendor jar package name build Low Vendor jar package name maven Highest Vendor jar package name springframework Highest Vendor jar package name springframework Low Vendor pom artifactid aws-maven Low Vendor pom developer email bhale@vmware.com Low Vendor pom developer id nebhale Medium Vendor pom developer name Ben Hale Medium Vendor pom groupid org.springframework.build Highest Vendor pom name Amazon Web Services S3 Maven Wagon Support High Vendor pom organization name Spring Framework High Vendor pom organization url http://www.springframework.org Medium Vendor pom url SpringSource/aws-maven Highest Product file name aws-maven High Product jar package name aws Highest Product jar package name aws Low Product jar package name build Highest Product jar package name build Low Product jar package name maven Highest Product jar package name maven Low Product jar package name springframework Highest Product pom artifactid aws-maven Highest Product pom developer email bhale@vmware.com Low Product pom developer id nebhale Low Product pom developer name Ben Hale Low Product pom groupid org.springframework.build Highest Product pom name Amazon Web Services S3 Maven Wagon Support High Product pom organization name Spring Framework Low Product pom organization url http://www.springframework.org Low Product pom url SpringSource/aws-maven High Version pom version 4.8.0.RELEASE Highest
Description:
A netstring and bencode implementation for Clojure. License:
Eclipse Public License: http://www.eclipse.org/legal/epl-v10.html File Path: /home/runner/.m2/repository/nrepl/bencode/1.1.0/bencode-1.1.0.jar
MD5: 19f2ff93a119a6055af40d1104960cc4
SHA1: 48e0674aeb221294c8728ad68571c01b95df4f5b
SHA256: 5754da7721b135f2a3551a67f3fa46a987bfe93ca2e73b768e9d9a33bac6de6b
Evidence Type Source Name Value Confidence Vendor file name bencode High Vendor Manifest leiningen-project-artifactid bencode Low Vendor Manifest leiningen-project-groupid nrepl Low Vendor pom artifactid bencode Low Vendor pom groupid nrepl Highest Vendor pom name bencode High Vendor pom url nrepl/bencode Highest Product file name bencode High Product Manifest leiningen-project-artifactid bencode Low Product Manifest leiningen-project-groupid nrepl Low Product pom artifactid bencode Highest Product pom groupid nrepl Highest Product pom name bencode High Product pom url nrepl/bencode High Version file version 1.1.0 High Version Manifest leiningen-project-version 1.1.0 Medium Version pom version 1.1.0 Highest
Description:
A library for finding Clojure namespaces on the classpath. License:
Eclipse Public License 1.0 File Path: /home/runner/.m2/repository/timofreiberg/bultitude/0.3.1/bultitude-0.3.1.jar
MD5: e224e1c3d3df9ee424d689f80adc680d
SHA1: f5d43f54e9a4cd71346b8923e948ceab418433d7
SHA256: 256a83bc7274c967ad2bbe52819da891b18bea682802216cd4907bdb086a831d
Evidence Type Source Name Value Confidence Vendor file name bultitude High Vendor Manifest leiningen-project-artifactid bultitude Low Vendor Manifest leiningen-project-groupid timofreiberg Low Vendor pom artifactid bultitude Low Vendor pom groupid timofreiberg Highest Vendor pom name bultitude High Vendor pom url timofreiberg/bultitude Highest Product file name bultitude High Product Manifest leiningen-project-artifactid bultitude Low Product Manifest leiningen-project-groupid timofreiberg Low Product pom artifactid bultitude Highest Product pom groupid timofreiberg Highest Product pom name bultitude High Product pom url timofreiberg/bultitude High Version file version 0.3.1 High Version Manifest leiningen-project-version 0.3.1 Medium Version pom version 0.3.1 Highest
Description:
A library for word case conversions. License:
Eclipse Public License 1.0: http://www.eclipse.org/legal/epl-v10.html File Path: /home/runner/.m2/repository/camel-snake-kebab/camel-snake-kebab/0.4.3/camel-snake-kebab-0.4.3.jar
MD5: 4591ec721d8bbe8347ff82ef91c57514
SHA1: 5ae08f83ceb8959971e6334596bff0214bf6fdf2
SHA256: 8191f335776310d7857a40ad33254be66adb363806b18136d8843196923ac2c8
Evidence Type Source Name Value Confidence Vendor file name camel-snake-kebab High Vendor pom artifactid camel-snake-kebab Low Vendor pom groupid camel-snake-kebab Highest Vendor pom name camel-snake-kebab High Vendor pom url https://clj-commons.org/camel-snake-kebab/ Highest Product file name camel-snake-kebab High Product pom artifactid camel-snake-kebab Highest Product pom groupid camel-snake-kebab Highest Product pom name camel-snake-kebab High Product pom url https://clj-commons.org/camel-snake-kebab/ Medium Version file version 0.4.3 High Version pom version 0.4.3 Highest
Description:
checker-qual contains annotations (type qualifiers) that a programmer
writes to specify Java code for type-checking by the Checker Framework.
License:
The MIT License: http://opensource.org/licenses/MIT File Path: /home/runner/.m2/repository/org/checkerframework/checker-qual/3.12.0/checker-qual-3.12.0.jar
MD5: ab1ae0e2f2f63601597a5a96fca8a54f
SHA1: d5692f0526415fcc6de94bb5bfbd3afd9dd3b3e5
SHA256: ff10785ac2a357ec5de9c293cb982a2cbb605c0309ea4cc1cb9b9bc6dbe7f3cb
Evidence Type Source Name Value Confidence Vendor file name checker-qual High Vendor jar package name checker Highest Vendor jar package name checkerframework Highest Vendor jar package name framework Highest Vendor jar package name qual Highest Vendor Manifest automatic-module-name org.checkerframework.checker.qual Medium Vendor Manifest bundle-symbolicname checker-qual Medium Vendor Manifest implementation-url https://checkerframework.org Low Vendor pom artifactid checker-qual Low Vendor pom developer email mernst@cs.washington.edu Low Vendor pom developer email smillst@cs.washington.edu Low Vendor pom developer id mernst Medium Vendor pom developer id smillst Medium Vendor pom developer name Michael Ernst Medium Vendor pom developer name Suzanne Millstein Medium Vendor pom developer org University of Washington Medium Vendor pom developer org URL https://www.cs.washington.edu/ Medium Vendor pom groupid org.checkerframework Highest Vendor pom name Checker Qual High Vendor pom url https://checkerframework.org Highest Product file name checker-qual High Product jar package name checker Highest Product jar package name checkerframework Highest Product jar package name framework Highest Product jar package name qual Highest Product Manifest automatic-module-name org.checkerframework.checker.qual Medium Product Manifest Bundle-Name checker-qual Medium Product Manifest bundle-symbolicname checker-qual Medium Product Manifest implementation-url https://checkerframework.org Low Product pom artifactid checker-qual Highest Product pom developer email mernst@cs.washington.edu Low Product pom developer email smillst@cs.washington.edu Low Product pom developer id mernst Low Product pom developer id smillst Low Product pom developer name Michael Ernst Low Product pom developer name Suzanne Millstein Low Product pom developer org University of Washington Low Product pom developer org URL https://www.cs.washington.edu/ Low Product pom groupid org.checkerframework Highest Product pom name Checker Qual High Product pom url https://checkerframework.org Medium Version file version 3.12.0 High Version Manifest Bundle-Version 3.12.0 High Version Manifest Implementation-Version 3.12.0 High Version pom version 3.12.0 Highest
Description:
JSON and JSON SMILE encoding, fast. License:
The MIT License: http://opensource.org/licenses/MIT File Path: /home/runner/.m2/repository/cheshire/cheshire/5.11.0/cheshire-5.11.0.jar
MD5: 0e178b62a5176c246f402c7f6a5fedab
SHA1: 1a1231c65bfd6a2033148e88dcbd1ed8dede12a4
SHA256: 1fab069e676b1dda774cf2bda7ae148575988a4d19410fb196f8809f5bb46247
Evidence Type Source Name Value Confidence Vendor file name cheshire High Vendor jar package name cheshire Highest Vendor Manifest leiningen-project-artifactid cheshire Low Vendor Manifest leiningen-project-groupid cheshire Low Vendor pom artifactid cheshire Low Vendor pom groupid cheshire Highest Vendor pom name cheshire High Vendor pom url dakrone/cheshire Highest Product file name cheshire High Product jar package name cheshire Highest Product Manifest leiningen-project-artifactid cheshire Low Product Manifest leiningen-project-groupid cheshire Low Product pom artifactid cheshire Highest Product pom groupid cheshire Highest Product pom name cheshire High Product pom url dakrone/cheshire High Version file version 5.11.0 High Version Manifest leiningen-project-version 5.11.0 Medium Version pom version 5.11.0 Highest
File Path: /home/runner/.m2/repository/classworlds/classworlds/1.1-alpha-2/classworlds-1.1-alpha-2.jarMD5: 82cacb7d9724c4a4e4d20f004884d4daSHA1: 05adf2e681c57d7f48038b602f3ca2254ee82d47SHA256: 2bf4e59f3acd106fea6145a9a88fe8956509f8b9c0fdd11eb96fee757269e3f3
Evidence Type Source Name Value Confidence Vendor file name classworlds High Vendor jar package name classworlds Highest Vendor jar package name codehaus Highest Vendor Manifest extension-name classworlds Medium Vendor Manifest Implementation-Vendor The Codehaus High Vendor Manifest specification-vendor The Codehaus Low Vendor pom artifactid classworlds Low Vendor pom developer email ben@walding.com Low Vendor pom developer email bob@werken.com Low Vendor pom developer email jason@zenplex.com Low Vendor pom developer id bob Medium Vendor pom developer id bwalding Medium Vendor pom developer id jvanzyl Medium Vendor pom developer name Ben Walding Medium Vendor pom developer name bob mcwhirter Medium Vendor pom developer name Jason van Zyl Medium Vendor pom developer org The Werken Company Medium Vendor pom developer org Walding Consulting Services Medium Vendor pom developer org Zenplex Medium Vendor pom groupid classworlds Highest Vendor pom name classworlds High Vendor pom organization name The Codehaus High Vendor pom organization url http://codehaus.org/ Medium Vendor pom url http://classworlds.codehaus.org/ Highest Product file name classworlds High Product jar package name classworlds Highest Product jar package name codehaus Highest Product Manifest extension-name classworlds Medium Product Manifest Implementation-Title org.codehaus.classworlds High Product Manifest specification-title classworlds: Java(tm) ClassLoader Management Framework Medium Product pom artifactid classworlds Highest Product pom developer email ben@walding.com Low Product pom developer email bob@werken.com Low Product pom developer email jason@zenplex.com Low Product pom developer id bob Low Product pom developer id bwalding Low Product pom developer id jvanzyl Low Product pom developer name Ben Walding Low Product pom developer name bob mcwhirter Low Product pom developer name Jason van Zyl Low Product pom developer org The Werken Company Low Product pom developer org Walding Consulting Services Low Product pom developer org Zenplex Low Product pom groupid classworlds Highest Product pom name classworlds High Product pom organization name The Codehaus Low Product pom organization url http://codehaus.org/ Low Product pom url http://classworlds.codehaus.org/ Medium Version Manifest Implementation-Version 1.1-alpha-2 High Version pom version 1.1-alpha-2 Highest
Description:
Base62 encoding and decoding for Clojure File Path: /home/runner/.m2/repository/miikka/clj-base62/0.1.1/clj-base62-0.1.1.jarMD5: 4d1ff2cba176169428c21fb9ddab0528SHA1: e983866be496ce97fc442c07561be31cf1d95ecdSHA256: b835393a3ef4d3f45574824f42d1fcc7980378971b484cd1994d70cbb0d54862
Evidence Type Source Name Value Confidence Vendor file name clj-base62 High Vendor pom artifactid clj-base62 Low Vendor pom groupid miikka Highest Vendor pom name clj-base62 High Vendor pom url https://sr.ht/~miikka/clj-base62 Highest Product file name clj-base62 High Product pom artifactid clj-base62 Highest Product pom groupid miikka Highest Product pom name clj-base62 High Product pom url https://sr.ht/~miikka/clj-base62 Medium Version file version 0.1.1 High Version pom version 0.1.1 Highest
Description:
A linter for Clojure that sparks joy. License:
Eclipse Public License 1.0: http://opensource.org/licenses/eclipse-1.0.php File Path: /home/runner/.m2/repository/clj-kondo/clj-kondo/2023.12.15/clj-kondo-2023.12.15.jar
MD5: cd8f71ece0dd04f16728e92e1382d1b8
SHA1: cce1d6408aaefc17af6e5e96e412511aade4bee4
SHA256: b13f410c9e1b1680e200b5d8bbe64dc73da7f86307a076a3c2bbb84463442474
Evidence Type Source Name Value Confidence Vendor file name clj-kondo High Vendor Manifest leiningen-project-artifactid clj-kondo Low Vendor Manifest leiningen-project-groupid clj-kondo Low Vendor pom artifactid clj-kondo Low Vendor pom groupid clj-kondo Highest Vendor pom name clj-kondo High Vendor pom url clj-kondo/clj-kondo Highest Product file name clj-kondo High Product Manifest leiningen-project-artifactid clj-kondo Low Product Manifest leiningen-project-groupid clj-kondo Low Product pom artifactid clj-kondo Highest Product pom groupid clj-kondo Highest Product pom name clj-kondo High Product pom url clj-kondo/clj-kondo High Version file version 2023.12.15 High Version Manifest leiningen-project-version 2023.12.15 Medium Version pom version 2023.12.15 Highest
Description:
Clojure wrapper around spdx/Spdx-Java-Library. License:
Apache License 2.0: http://www.apache.org/licenses/LICENSE-2.0.html File Path: /home/runner/.m2/repository/com/github/pmonks/clj-spdx/1.0.126/clj-spdx-1.0.126.jar
MD5: 65201a17402214c8e3e84a9b15df914a
SHA1: b1ea26cc9d31ebdd877b1b25c6193075a9f31f01
SHA256: 2432c7285aad096932d89e434690de065de4fe586a48efdb4aec4ecba8dc9094
Evidence Type Source Name Value Confidence Vendor file name clj-spdx High Vendor Manifest build-jdk-spec 21 Low Vendor pom artifactid clj-spdx Low Vendor pom developer email pmonks+clj-spdx@gmail.com Low Vendor pom developer id pmonks Medium Vendor pom developer name Peter Monks Medium Vendor pom groupid com.github.pmonks Highest Vendor pom name clj-spdx High Vendor pom url pmonks/clj-spdx Highest Product file name clj-spdx High Product Manifest build-jdk-spec 21 Low Product pom artifactid clj-spdx Highest Product pom developer email pmonks+clj-spdx@gmail.com Low Product pom developer id pmonks Low Product pom developer name Peter Monks Low Product pom groupid com.github.pmonks Highest Product pom name clj-spdx High Product pom url pmonks/clj-spdx High Version file version 1.0.126 High Version pom version 1.0.126 Highest
Description:
Pure Clojure implementations of wcwidth/wcswidth. License:
Apache License 2.0: http://www.apache.org/licenses/LICENSE-2.0.html File Path: /home/runner/.m2/repository/com/github/pmonks/clj-wcwidth/1.0.85/clj-wcwidth-1.0.85.jar
MD5: eded898b7bb757f97ffaa811a712b3a0
SHA1: f060ccb00b0f5a97330644b137e1ea72578cbf61
SHA256: 985eba01524d6147107e4d56b10163d255edb47a8b353e2653033be764fba978
Evidence Type Source Name Value Confidence Vendor file name clj-wcwidth High Vendor Manifest build-jdk-spec 17 Low Vendor pom artifactid clj-wcwidth Low Vendor pom developer email pmonks+wcwidth@gmail.com Low Vendor pom developer id pmonks Medium Vendor pom developer name Peter Monks Medium Vendor pom groupid com.github.pmonks Highest Vendor pom name clj-wcwidth High Vendor pom url pmonks/clj-wcwidth Highest Product file name clj-wcwidth High Product Manifest build-jdk-spec 17 Low Product pom artifactid clj-wcwidth Highest Product pom developer email pmonks+wcwidth@gmail.com Low Product pom developer id pmonks Low Product pom developer name Peter Monks Low Product pom groupid com.github.pmonks Highest Product pom name clj-wcwidth High Product pom url pmonks/clj-wcwidth High Version file version 1.0.85 High Version pom version 1.0.85 Highest
Description:
Simple XML Schema validation library for Clojure License:
Eclipse Public License: http://www.eclipse.org/legal/epl-v10.html File Path: /home/runner/.m2/repository/clj-xml-validation/clj-xml-validation/1.0.2/clj-xml-validation-1.0.2.jar
MD5: ab69483eecdcab00c0eaa011b056c351
SHA1: be28bbe42941f00acfa073e986fa7b386a7c4f2d
SHA256: e4210b7290f38bf90ce0dfb6c4398b74f54c7636baef37598c05e2852b59bf43
Evidence Type Source Name Value Confidence Vendor file name clj-xml-validation High Vendor pom artifactid clj-xml-validation Low Vendor pom groupid clj-xml-validation Highest Vendor pom name clj-xml-validation High Vendor pom url bbbates/clj-xml-validation Highest Product file name clj-xml-validation High Product pom artifactid clj-xml-validation Highest Product pom groupid clj-xml-validation Highest Product pom name clj-xml-validation High Product pom url bbbates/clj-xml-validation High Version file version 1.0.2 High Version pom version 1.0.2 Highest
Description:
YAML encoding and decoding for Clojure using SnakeYAML License:
Eclipse Public License: http://www.eclipse.org/legal/epl-v10.html File Path: /home/runner/.m2/repository/clj-commons/clj-yaml/1.0.27/clj-yaml-1.0.27.jar
MD5: 9b98c9ed475ebbe6ad3cbf99db208461
SHA1: 897b206b4ea11096bba79feac4b07b016511e984
SHA256: 1d2404b6e818f04a5f546201c2b7b4d344b92396655685784b64ca50ae624db3
Evidence Type Source Name Value Confidence Vendor file name clj-yaml High Vendor Manifest build-jdk-spec 1.8 Low Vendor pom artifactid clj-yaml Low Vendor pom groupid clj-commons Highest Vendor pom name clj-yaml High Vendor pom url clj-commons/clj-yaml Highest Product file name clj-yaml High Product Manifest build-jdk-spec 1.8 Low Product pom artifactid clj-yaml Highest Product pom groupid clj-commons Highest Product pom name clj-yaml High Product pom url clj-commons/clj-yaml High Version file version 1.0.27 High Version pom version 1.0.27 Highest
Description:
Clojure core environment and runtime library. License:
Eclipse Public License 1.0: http://opensource.org/licenses/eclipse-1.0.php File Path: /home/runner/.m2/repository/org/clojure/clojure/1.11.1/clojure-1.11.1.jar
MD5: 88321e4272aa5e10d2b803f47944e27c
SHA1: 2896bc72c90da8125026c0e61df0470a084f9ec3
SHA256: 2381b6e9423ab465151455944903d13a56243d6006b9194afc1bf4f8710cb4de
Evidence Type Source Name Value Confidence Vendor file name clojure High Vendor jar package name clojure Highest Vendor jar package name clojure Low Vendor jar package name core Highest Vendor pom artifactid clojure Low Vendor pom developer email richhickey@gmail.com Low Vendor pom developer name Rich Hickey Medium Vendor pom groupid org.clojure Highest Vendor pom name clojure High Vendor pom url http://clojure.org/ Highest Product file name clojure High Product jar package name clojure Highest Product jar package name core Highest Product pom artifactid clojure Highest Product pom developer email richhickey@gmail.com Low Product pom developer name Rich Hickey Low Product pom groupid org.clojure Highest Product pom name clojure High Product pom url http://clojure.org/ Medium Version file version 1.11.1 High Version pom version 1.11.1 Highest
Description:
ClojureScript compiler and core runtime library.
License:
Eclipse Public License 1.0: http://opensource.org/licenses/eclipse-1.0.php File Path: /home/runner/.m2/repository/org/clojure/clojurescript/1.7.189/clojurescript-1.7.189.jar
MD5: d6d1363b69e0f536bd193a5f78576a5b
SHA1: 140f700ccaa757715cab49993aebd7ca8b0eac50
SHA256: 08a3c66f15d859d39892aca12b9734948ad19038c59e6a45917d6c84037cdd33
Evidence Type Source Name Value Confidence Vendor file name clojurescript High Vendor pom artifactid clojurescript Low Vendor pom developer name Aaron Bedra Medium Vendor pom developer name Alan Dipert Medium Vendor pom developer name Alan Malloy Medium Vendor pom developer name Alen Ribic Medium Vendor pom developer name Alex Redington Medium Vendor pom developer name Bobby Calderwood Medium Vendor pom developer name Brandon Bloom Medium Vendor pom developer name Brenton Ashworth Medium Vendor pom developer name Chris Houser Medium Vendor pom developer name Christopher Redinger Medium Vendor pom developer name Creighton Kirkendall Medium Vendor pom developer name David Nolen Medium Vendor pom developer name Devin Walters Medium Vendor pom developer name Eric Thorsen Medium Vendor pom developer name Frank Failla Medium Vendor pom developer name Hubert Iwaniuk Medium Vendor pom developer name Hugo Duncan Medium Vendor pom developer name Jess Martin Medium Vendor pom developer name John Li Medium Vendor pom developer name Jonas Enlund Medium Vendor pom developer name Juergen Hoetzel Medium Vendor pom developer name Kevin J. Lynagh Medium Vendor pom developer name Laszlo Toeroek Medium Vendor pom developer name Luke VanderHart Medium Vendor pom developer name Michael Fogus Medium Vendor pom developer name Michał Marczyk Medium Vendor pom developer name Moritz Ulrich Medium Vendor pom developer name Nicola Mometto Medium Vendor pom developer name Paul Michael Bauer Medium Vendor pom developer name Rich Hickey Medium Vendor pom developer name Roman Gonzalez Medium Vendor pom developer name Russ Olsen Medium Vendor pom developer name Stuart Halloway Medium Vendor pom developer name Stuart Sierra Medium Vendor pom developer name Takahiro Hozumi Medium Vendor pom developer name Thomas Scheiblauer Medium Vendor pom developer name Tom Hickey Medium Vendor pom developer name Wilkes Joiner Medium Vendor pom groupid org.clojure Highest Vendor pom name ClojureScript High Vendor pom url clojure/clojurescript Highest Product file name clojurescript High Product pom artifactid clojurescript Highest Product pom developer name Aaron Bedra Low Product pom developer name Alan Dipert Low Product pom developer name Alan Malloy Low Product pom developer name Alen Ribic Low Product pom developer name Alex Redington Low Product pom developer name Bobby Calderwood Low Product pom developer name Brandon Bloom Low Product pom developer name Brenton Ashworth Low Product pom developer name Chris Houser Low Product pom developer name Christopher Redinger Low Product pom developer name Creighton Kirkendall Low Product pom developer name David Nolen Low Product pom developer name Devin Walters Low Product pom developer name Eric Thorsen Low Product pom developer name Frank Failla Low Product pom developer name Hubert Iwaniuk Low Product pom developer name Hugo Duncan Low Product pom developer name Jess Martin Low Product pom developer name John Li Low Product pom developer name Jonas Enlund Low Product pom developer name Juergen Hoetzel Low Product pom developer name Kevin J. Lynagh Low Product pom developer name Laszlo Toeroek Low Product pom developer name Luke VanderHart Low Product pom developer name Michael Fogus Low Product pom developer name Michał Marczyk Low Product pom developer name Moritz Ulrich Low Product pom developer name Nicola Mometto Low Product pom developer name Paul Michael Bauer Low Product pom developer name Rich Hickey Low Product pom developer name Roman Gonzalez Low Product pom developer name Russ Olsen Low Product pom developer name Stuart Halloway Low Product pom developer name Stuart Sierra Low Product pom developer name Takahiro Hozumi Low Product pom developer name Thomas Scheiblauer Low Product pom developer name Tom Hickey Low Product pom developer name Wilkes Joiner Low Product pom groupid org.clojure Highest Product pom name ClojureScript High Product pom url clojure/clojurescript High Version file version 1.7.189 High Version pom version 1.7.189 Highest
CVE-2023-0247 suppress
Uncontrolled Search Path Element in GitHub repository bits-and-blooms/bloom prior to 3.3.1. CWE-427 Uncontrolled Search Path Element
CVSSv3:
Base Score: HIGH (7.8) Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H References:
Vulnerable Software & Versions:
File Path: /home/runner/.m2/repository/com/google/javascript/closure-compiler/v20151015/closure-compiler-v20151015.jar/META-INF/maven/args4j/args4j/pom.xmlMD5: ddc0e14b23736a4e7ddd3585226d8f93SHA1: f0aada195340b361a1a45aa9c3d417c7cbb0a6b5SHA256: 003913338d432592bf103042c5a8178fa89143ba16cd981028d9ca5597dda104
Evidence Type Source Name Value Confidence Vendor pom artifactid args4j Low Vendor pom groupid args4j Highest Vendor pom name args4j High Vendor pom parent-artifactid args4j-site Low Product pom artifactid args4j Highest Product pom groupid args4j Highest Product pom name args4j High Product pom parent-artifactid args4j-site Medium Version pom version 2.0.26 Highest
Description:
Guava is a suite of core and expanded libraries that include
utility classes, google's collections, io classes, and much
much more.
Guava has only one code dependency - javax.annotation,
per the JSR-305 spec.
File Path: /home/runner/.m2/repository/com/google/javascript/closure-compiler/v20151015/closure-compiler-v20151015.jar/META-INF/maven/com.google.guava/guava/pom.xmlMD5: e0eb52406b1a3b7ad2fda312c8a22bbdSHA1: 2ec12f8d27a64e970b8be0fbd1d52dfec51cd41cSHA256: e743d61d76f76b5dc060d6f7914fdd41c4418b3529062556920116a716719836
Evidence Type Source Name Value Confidence Vendor pom artifactid guava Low Vendor pom groupid com.google.guava Highest Vendor pom name Guava: Google Core Libraries for Java High Vendor pom parent-artifactid guava-parent Low Product pom artifactid guava Highest Product pom groupid com.google.guava Highest Product pom name Guava: Google Core Libraries for Java High Product pom parent-artifactid guava-parent Medium Version pom version 18.0 Highest
CVE-2023-2976 suppress
Use of Java's default temporary directory for file creation in `FileBackedOutputStream` in Google Guava versions 1.0 to 31.1 on Unix systems and Android Ice Cream Sandwich allows other users and apps on the machine with access to the default Java temporary directory to be able to access the files created by the class.
Even though the security vulnerability is fixed in version 32.0.0, we recommend using version 32.0.1 as version 32.0.0 breaks some functionality under Windows.
CWE-552 Files or Directories Accessible to External Parties
CVSSv3:
Base Score: HIGH (7.1) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N References:
Vulnerable Software & Versions:
CVE-2018-10237 suppress
Unbounded memory allocation in Google Guava 11.0 through 24.x before 24.1.1 allows remote attackers to conduct denial of service attacks against servers that depend on this library and deserialize attacker-provided data, because the AtomicDoubleArray class (when serialized with Java serialization) and the CompoundOrdering class (when serialized with GWT serialization) perform eager allocation without appropriate checks on what a client has sent and whether the data size is reasonable. CWE-770 Allocation of Resources Without Limits or Throttling
CVSSv2:
Base Score: MEDIUM (4.3) Vector: /AV:N/AC:M/Au:N/C:N/I:N/A:P CVSSv3:
Base Score: MEDIUM (5.9) Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H References:
- [activemq-gitbox] 20190530 [GitHub] [activemq-artemis] brusdev opened a new pull request #2687: ARTEMIS-2359 Upgrade to Guava 24.1 - [activemq-issues] 20190516 [jira] [Created] (AMQ-7208) Security Issue related to Guava 18.0 - [activemq-issues] 20190820 [jira] [Created] (AMQ-7279) Security Vulnerabilities in Libraries - jackson-databind-2.9.8.jar, tomcat-servlet-api-8.0.53.jar, tomcat-websocket-api-8.0.53.jar, zookeeper-3.4.6.jar, guava-18.0.jar, jetty-all-9.2.26.v20180806.jar, scala-library-2.11.0.jar - [arrow-github] 20210610 [GitHub] [arrow] projjal opened a new pull request #10501: ARROW-13032: Update guava version - [cassandra-commits] 20190612 [jira] [Assigned] (CASSANDRA-14760) CVE-2018-10237 Security vulnerability in 3.11.3 - [cxf-dev] 20200206 [GitHub] [cxf] davidkarlsen opened a new pull request #638: upgrade guava, CVE-2018-10237 - [cxf-dev] 20200206 [GitHub] [cxf] reta commented on a change in pull request #638: upgrade guava, CVE-2018-10237 - [cxf-dev] 20200211 [GitHub] [cxf] coheigea commented on a change in pull request #638: upgrade guava, CVE-2018-10237 - [cxf-dev] 20200420 [GitHub] [cxf] andrei-ivanov commented on a change in pull request #638: upgrade guava, CVE-2018-10237 - [cxf-dev] 20200420 [GitHub] [cxf] coheigea commented on a change in pull request #638: upgrade guava, CVE-2018-10237 - [cxf-dev] 20200420 [GitHub] [cxf] reta commented on a change in pull request #638: upgrade guava, CVE-2018-10237 - [drill-dev] 20191017 Dependencies used by Drill contain known vulnerabilities - [drill-dev] 20191021 [jira] [Created] (DRILL-7416) Updates required to dependencies to resolve potential security vulnerabilities - [drill-issues] 20191021 [jira] [Created] (DRILL-7416) Updates required to dependencies to resolve potential security vulnerabilities - [flink-dev] 20200806 Dependency vulnerabilities with Apache Flink 1.10.1 version - [flink-dev] 20200806 [jira] [Created] (FLINK-18841) CVE-2018-10237 and CWE-400 occurred in flink dependency - [flink-issues] 20200806 [jira] [Created] (FLINK-18841) CVE-2018-10237 and CWE-400 occurred in flink dependency - [flink-issues] 20200814 [jira] [Commented] (FLINK-18841) CVE-2018-10237 and CWE-400 occurred in flink dependency - [flink-issues] 20210212 [jira] [Closed] (FLINK-18841) CVE-2018-10237 and CWE-400 occurred in flink dependency - [flink-user] 20200806 Dependency vulnerabilities with Apache Flink 1.10.1 version - [hadoop-common-dev] 20190401 Update guava to 27.0-jre in hadoop-project - [hadoop-common-dev] 20200623 Update guava to 27.0-jre in hadoop branch-2.10 - [hadoop-hdfs-dev] 20190401 Update guava to 27.0-jre in hadoop-project - [kafka-users] 20200413 CVEs for the dependency software guava and rocksdbjni of Kafka - [lucene-issues] 20201022 [jira] [Created] (SOLR-14960) Solr-clustering is bringing in CVE-2018-10237 vulnerable guava - [lucene-issues] 20201022 [jira] [Resolved] (SOLR-14960) Solr-clustering is bringing in CVE-2018-10237 vulnerable guava - [lucene-issues] 20201022 [jira] [Updated] (SOLR-14960) Solr-clustering is bringing in CVE-2018-10237 vulnerable guava - [maven-issues] 20210122 [GitHub] [maven-indexer] akurtakov opened a new pull request #75: Remove guava dependency from indexer-core - [pulsar-commits] 20190416 [GitHub] [pulsar] one70six opened a new issue #4057: Security Vulnerabilities - Black Duck Scan - Pulsar v.2.3.1 - [pulsar-commits] 20210406 [GitHub] [pulsar] lhotari opened a new pull request #10149: Upgrade jclouds to 2.3.0 to fix security vulnerabilities - [samza-commits] 20210310 [GitHub] [samza] Telesia opened a new pull request #1471: SAMZA-2630: Upgrade dependencies for security fixes - [storm-issues] 20210315 [jira] [Created] (STORM-3754) Upgrade Guava version because of security vulnerability - [syncope-dev] 20200423 Re: Time to cut 2.1.6 / 2.0.15? CONFIRM - https://groups.google.com/d/topic/guava-announce/xqWALw4W1vs/discussion CONFIRM - https://security.netapp.com/advisory/ntap-20220629-0008/ MISC - https://www.oracle.com/security-alerts/cpujan2021.html MISC - https://www.oracle.com/security-alerts/cpujul2020.html MISC - https://www.oracle.com/security-alerts/cpuoct2021.html N/A - N/A OSSINDEX - [CVE-2018-10237] CWE-770: Allocation of Resources Without Limits or Throttling OSSIndex - http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-10237 OSSIndex - https://blog.sonatype.com/2018/11/welcome-back-to-nexus-intelligence-insights/ OSSIndex - https://github.com/google/guava/wiki/CVE-2018-10237 OSSIndex - https://www.securityfocus.com/bid/104133/references REDHAT - RHSA-2018:2423 REDHAT - RHSA-2018:2424 REDHAT - RHSA-2018:2425 REDHAT - RHSA-2018:2428 REDHAT - RHSA-2018:2598 REDHAT - RHSA-2018:2643 REDHAT - RHSA-2018:2740 REDHAT - RHSA-2018:2741 REDHAT - RHSA-2018:2742 REDHAT - RHSA-2018:2743 REDHAT - RHSA-2018:2927 REDHAT - RHSA-2019:2858 REDHAT - RHSA-2019:3149 SECTRACK - 1041707 Vulnerable Software & Versions: (show all )
CVE-2020-8908 suppress
A temp directory creation vulnerability exists in all versions of Guava, allowing an attacker with access to the machine to potentially access data in a temporary directory created by the Guava API com.google.common.io.Files.createTempDir(). By default, on unix-like systems, the created directory is world-readable (readable by an attacker with access to the system). The method in question has been marked @Deprecated in versions 30.0 and later and should not be used. For Android developers, we recommend choosing a temporary directory API provided by Android, such as context.getCacheDir(). For other Java developers, we recommend migrating to the Java 7 API java.nio.file.Files.createTempDirectory() which explicitly configures permissions of 700, or configuring the Java runtime's java.io.tmpdir system property to point to a location whose permissions are appropriately configured.
CWE-732 Incorrect Permission Assignment for Critical Resource
CVSSv2:
Base Score: LOW (2.1) Vector: /AV:L/AC:L/Au:N/C:P/I:N/A:N CVSSv3:
Base Score: LOW (3.3) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N References:
Vulnerable Software & Versions: (show all )
File Path: /home/runner/.m2/repository/com/google/javascript/closure-compiler/v20151015/closure-compiler-v20151015.jar/META-INF/maven/com.google.javascript/closure-compiler-externs/pom.xmlMD5: 3fc6ce59cfc33c4a8d11df917da3c6ffSHA1: 4eb69660b07598a4da0b841fbf0f4e0e861f5befSHA256: 23fd2364117326f293eaf7f83077ba119d45e11af44d6eea450ea9fab2401f10
Evidence Type Source Name Value Confidence Vendor pom artifactid closure-compiler-externs Low Vendor pom groupid com.google.javascript Highest Vendor pom name Closure Compiler Externs High Vendor pom parent-artifactid closure-compiler-parent Low Product pom artifactid closure-compiler-externs Highest Product pom groupid com.google.javascript Highest Product pom name Closure Compiler Externs High Product pom parent-artifactid closure-compiler-parent Medium Version pom version v20151015 Highest
Description:
Protocol Buffers are a way of encoding structured data in an efficient yet
extensible format.
License:
New BSD license: http://www.opensource.org/licenses/bsd-license.php File Path: /home/runner/.m2/repository/com/google/javascript/closure-compiler/v20151015/closure-compiler-v20151015.jar/META-INF/maven/com.google.protobuf/protobuf-java/pom.xml
MD5: 8f761580cb2cdc4f13e82c1368f99e5e
SHA1: d0b411e81d63761989f1329e8650ef27f6f77d25
SHA256: 9d837a52af87aa417ca14aeec39d0eae34f3fe58aae5e36397e6f0e12d5d4f47
Evidence Type Source Name Value Confidence Vendor pom artifactid protobuf-java Low Vendor pom groupid com.google.protobuf Highest Vendor pom name Protocol Buffer Java API High Vendor pom parent-artifactid google Low Vendor pom parent-groupid com.google Medium Vendor pom url http://code.google.com/p/protobuf Highest Product pom artifactid protobuf-java Highest Product pom groupid com.google.protobuf Highest Product pom name Protocol Buffer Java API High Product pom parent-artifactid google Medium Product pom parent-groupid com.google Medium Product pom url http://code.google.com/p/protobuf Medium Version pom parent-version 2.5.0 Low Version pom version 2.5.0 Highest
CVE-2022-3171 suppress
A parsing issue with binary data in protobuf-java core and lite versions prior to 3.21.7, 3.20.3, 3.19.6 and 3.16.3 can lead to a denial of service attack. Inputs containing multiple instances of non-repeated embedded messages with repeated or unknown fields causes objects to be converted back-n-forth between mutable and immutable forms, resulting in potentially long garbage collection pauses. We recommend updating to the versions mentioned above. NVD-CWE-noinfo
CVSSv3:
Base Score: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H References:
Vulnerable Software & Versions: (show all )
CVE-2022-3509 (OSSINDEX)suppress
A parsing issue similar to CVE-2022-3171, but with textformat in protobuf-java core and lite versions prior to 3.21.7, 3.20.3, 3.19.6 and 3.16.3 can lead to a denial of service attack. Inputs containing multiple instances of non-repeated embedded messages with repeated or unknown fields causes objects to be converted back-n-forth between mutable and immutable forms, resulting in potentially long garbage collection pauses. We recommend updating to the versions mentioned above. CWE-20 Improper Input Validation
CVSSv3:
Base Score: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H References:
Vulnerable Software & Versions (OSSINDEX):
cpe:2.3:a:com.google.protobuf:protobuf-java:2.5.0:*:*:*:*:*:*:* CVE-2021-22569 suppress
An issue in protobuf-java allowed the interleaving of com.google.protobuf.UnknownFieldSet fields in such a way that would be processed out of order. A small malicious payload can occupy the parser for several minutes by creating large numbers of short-lived objects that cause frequent, repeated pauses. We recommend upgrading libraries beyond the vulnerable versions. NVD-CWE-noinfo
CVSSv2:
Base Score: MEDIUM (4.3) Vector: /AV:N/AC:M/Au:N/C:N/I:N/A:P CVSSv3:
Base Score: MEDIUM (5.5) Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H References:
Vulnerable Software & Versions: (show all )
Description:
Closure Compiler is a JavaScript optimizing compiler. It parses your
JavaScript, analyzes it, removes dead code and rewrites and minimizes
what's left. It also checks syntax, variable references, and types, and
warns about common JavaScript pitfalls. It is used in many of Google's
JavaScript apps, including Gmail, Google Web Search, Google Maps, and
Google Docs.
File Path: /home/runner/.m2/repository/com/google/javascript/closure-compiler/v20151015/closure-compiler-v20151015.jarMD5: 1e5ad9ec6e88c683ac161268befb2e86SHA1: 8e20293908bc676ad6ed2013a4f52728b87af460SHA256: 123e6fbc16db518f45f3057fb68162af7e9381c0924fbae0358c4449cebc9b64
Evidence Type Source Name Value Confidence Vendor file name closure-compiler-v20151015 High Vendor jar package name common Highest Vendor jar package name compiler Highest Vendor jar package name google Highest Vendor jar package name google Low Vendor jar package name javascript Highest Vendor jar package name maps Highest Vendor jar package name syntax Highest Vendor jar package name types Highest Vendor pom artifactid closure-compiler Low Vendor pom groupid com.google.javascript Highest Vendor pom name Closure Compiler High Vendor pom parent-artifactid closure-compiler-parent Low Vendor pom url https://developers.google.com/closure/compiler/ Highest Product file name closure-compiler-v20151015 High Product jar package name common Highest Product jar package name compiler Highest Product jar package name google Highest Product jar package name javascript Highest Product jar package name maps Highest Product jar package name syntax Highest Product jar package name types Highest Product pom artifactid closure-compiler Highest Product pom groupid com.google.javascript Highest Product pom name Closure Compiler High Product pom parent-artifactid closure-compiler-parent Medium Product pom url https://developers.google.com/closure/compiler/ Medium Version pom version v20151015 Highest
Description:
Generate documentation from Clojure source files License:
Eclipse Public License: http://www.eclipse.org/legal/epl-v10.html File Path: /home/runner/.m2/repository/codox/codox/0.10.8/codox-0.10.8.jar
MD5: 943760ebd45fda2e8f82de6d48145423
SHA1: 5b59d102bc70da20b91c86666015fa08f6e354bf
SHA256: 00fe5af72920cd4c1740a03e9453a5a409f1fef2ecb63e9a85e0dee2ad7f28b5
Evidence Type Source Name Value Confidence Vendor file name codox High Vendor Manifest leiningen-project-artifactid codox Low Vendor Manifest leiningen-project-groupid codox Low Vendor pom artifactid codox Low Vendor pom groupid codox Highest Vendor pom name codox High Vendor pom url weavejester/codox Highest Product file name codox High Product Manifest leiningen-project-artifactid codox Low Product Manifest leiningen-project-groupid codox Low Product pom artifactid codox Highest Product pom groupid codox Highest Product pom name codox High Product pom url weavejester/codox High Version file version 0.10.8 High Version Manifest leiningen-project-version 0.10.8 Medium Version pom version 0.10.8 Highest
Description:
Apache Commons BeanUtils provides an easy-to-use but flexible wrapper around reflection and introspection. License:
https://www.apache.org/licenses/LICENSE-2.0.txt File Path: /home/runner/.m2/repository/commons-beanutils/commons-beanutils/1.9.4/commons-beanutils-1.9.4.jar
MD5: 07dc532ee316fe1f2f0323e9bd2f8df4
SHA1: d52b9abcd97f38c81342bb7e7ae1eee9b73cba51
SHA256: 7d938c81789028045c08c065e94be75fc280527620d5bd62b519d5838532368a
Evidence Type Source Name Value Confidence Vendor file name commons-beanutils High Vendor jar package name apache Highest Vendor jar package name beanutils Highest Vendor jar package name commons Highest Vendor Manifest bundle-docurl https://commons.apache.org/proper/commons-beanutils/ Low Vendor Manifest bundle-symbolicname org.apache.commons.commons-beanutils Medium Vendor Manifest implementation-build UNKNOWN_BRANCH@r??????; 2019-07-28 22:14:44+0000 Low Vendor Manifest implementation-url https://commons.apache.org/proper/commons-beanutils/ Low Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor Manifest Implementation-Vendor-Id org.apache Medium Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor pom artifactid commons-beanutils Low Vendor pom developer email britter@apache.org Low Vendor pom developer email chtompki@apache.org Low Vendor pom developer email craigmcc@apache.org Low Vendor pom developer email dion@apache.org Low Vendor pom developer email epugh@apache.org Low Vendor pom developer email geirm@apache.org Low Vendor pom developer email ggregory@apache.org Low Vendor pom developer email jcarman@apache.org Low Vendor pom developer email jconlon@apache.org Low Vendor pom developer email jstrachan@apache.org Low Vendor pom developer email morgand@apache.org Low Vendor pom developer email mvdb@apache.org Low Vendor pom developer email niallp@apache.org Low Vendor pom developer email rdonkin@apache.org Low Vendor pom developer email rwaldhoff@apache.org Low Vendor pom developer email sanders@apache.org Low Vendor pom developer email scolebourne@apache.org Low Vendor pom developer email skitching@apache.org Low Vendor pom developer email stain@apache.org Low Vendor pom developer email tobrien@apache.org Low Vendor pom developer email yoavs@apache.org Low Vendor pom developer id britter Medium Vendor pom developer id chtompki Medium Vendor pom developer id craigmcc Medium Vendor pom developer id dion Medium Vendor pom developer id epugh Medium Vendor pom developer id geirm Medium Vendor pom developer id ggregory Medium Vendor pom developer id jcarman Medium Vendor pom developer id jconlon Medium Vendor pom developer id jstrachan Medium Vendor pom developer id morgand Medium Vendor pom developer id mvdb Medium Vendor pom developer id niallp Medium Vendor pom developer id rdonkin Medium Vendor pom developer id rwaldhoff Medium Vendor pom developer id sanders Medium Vendor pom developer id scolebourne Medium Vendor pom developer id skitching Medium Vendor pom developer id stain Medium Vendor pom developer id tobrien Medium Vendor pom developer id yoavs Medium Vendor pom developer name Benedikt Ritter Medium Vendor pom developer name Craig McClanahan Medium Vendor pom developer name David Eric Pugh Medium Vendor pom developer name Dion Gillard Medium Vendor pom developer name Gary Gregory Medium Vendor pom developer name Geir Magnusson Jr. Medium Vendor pom developer name James Carman Medium Vendor pom developer name James Strachan Medium Vendor pom developer name John E. Conlon Medium Vendor pom developer name Martin van den Bemt Medium Vendor pom developer name Morgan James Delagrange Medium Vendor pom developer name Niall Pemberton Medium Vendor pom developer name Rob Tompkins Medium Vendor pom developer name Robert Burrell Donkin Medium Vendor pom developer name Rodney Waldhoff Medium Vendor pom developer name Scott Sanders Medium Vendor pom developer name Simon Kitching Medium Vendor pom developer name Stephen Colebourne Medium Vendor pom developer name Stian Soiland-Reyes Medium Vendor pom developer name Tim O'Brien Medium Vendor pom developer name Yoav Shapira Medium Vendor pom developer org The Apache Software Foundation Medium Vendor pom groupid commons-beanutils Highest Vendor pom name Apache Commons BeanUtils High Vendor pom parent-artifactid commons-parent Low Vendor pom parent-groupid org.apache.commons Medium Vendor pom url https://commons.apache.org/proper/commons-beanutils/ Highest Product file name commons-beanutils High Product jar package name apache Highest Product jar package name beanutils Highest Product jar package name commons Highest Product Manifest bundle-docurl https://commons.apache.org/proper/commons-beanutils/ Low Product Manifest Bundle-Name Apache Commons BeanUtils Medium Product Manifest bundle-symbolicname org.apache.commons.commons-beanutils Medium Product Manifest implementation-build UNKNOWN_BRANCH@r??????; 2019-07-28 22:14:44+0000 Low Product Manifest Implementation-Title Apache Commons BeanUtils High Product Manifest implementation-url https://commons.apache.org/proper/commons-beanutils/ Low Product Manifest specification-title Apache Commons BeanUtils Medium Product pom artifactid commons-beanutils Highest Product pom developer email britter@apache.org Low Product pom developer email chtompki@apache.org Low Product pom developer email craigmcc@apache.org Low Product pom developer email dion@apache.org Low Product pom developer email epugh@apache.org Low Product pom developer email geirm@apache.org Low Product pom developer email ggregory@apache.org Low Product pom developer email jcarman@apache.org Low Product pom developer email jconlon@apache.org Low Product pom developer email jstrachan@apache.org Low Product pom developer email morgand@apache.org Low Product pom developer email mvdb@apache.org Low Product pom developer email niallp@apache.org Low Product pom developer email rdonkin@apache.org Low Product pom developer email rwaldhoff@apache.org Low Product pom developer email sanders@apache.org Low Product pom developer email scolebourne@apache.org Low Product pom developer email skitching@apache.org Low Product pom developer email stain@apache.org Low Product pom developer email tobrien@apache.org Low Product pom developer email yoavs@apache.org Low Product pom developer id britter Low Product pom developer id chtompki Low Product pom developer id craigmcc Low Product pom developer id dion Low Product pom developer id epugh Low Product pom developer id geirm Low Product pom developer id ggregory Low Product pom developer id jcarman Low Product pom developer id jconlon Low Product pom developer id jstrachan Low Product pom developer id morgand Low Product pom developer id mvdb Low Product pom developer id niallp Low Product pom developer id rdonkin Low Product pom developer id rwaldhoff Low Product pom developer id sanders Low Product pom developer id scolebourne Low Product pom developer id skitching Low Product pom developer id stain Low Product pom developer id tobrien Low Product pom developer id yoavs Low Product pom developer name Benedikt Ritter Low Product pom developer name Craig McClanahan Low Product pom developer name David Eric Pugh Low Product pom developer name Dion Gillard Low Product pom developer name Gary Gregory Low Product pom developer name Geir Magnusson Jr. Low Product pom developer name James Carman Low Product pom developer name James Strachan Low Product pom developer name John E. Conlon Low Product pom developer name Martin van den Bemt Low Product pom developer name Morgan James Delagrange Low Product pom developer name Niall Pemberton Low Product pom developer name Rob Tompkins Low Product pom developer name Robert Burrell Donkin Low Product pom developer name Rodney Waldhoff Low Product pom developer name Scott Sanders Low Product pom developer name Simon Kitching Low Product pom developer name Stephen Colebourne Low Product pom developer name Stian Soiland-Reyes Low Product pom developer name Tim O'Brien Low Product pom developer name Yoav Shapira Low Product pom developer org The Apache Software Foundation Low Product pom groupid commons-beanutils Highest Product pom name Apache Commons BeanUtils High Product pom parent-artifactid commons-parent Medium Product pom parent-groupid org.apache.commons Medium Product pom url https://commons.apache.org/proper/commons-beanutils/ Medium Version file version 1.9.4 High Version Manifest Bundle-Version 1.9.4 High Version Manifest Implementation-Version 1.9.4 High Version pom parent-version 1.9.4 Low Version pom version 1.9.4 Highest
Description:
The Apache Commons Codec package contains simple encoder and decoders for
various formats such as Base64 and Hexadecimal. In addition to these
widely used encoders and decoders, the codec package also maintains a
collection of phonetic encoding utilities.
License:
https://www.apache.org/licenses/LICENSE-2.0.txt File Path: /home/runner/.m2/repository/commons-codec/commons-codec/1.15/commons-codec-1.15.jar
MD5: 303baf002ce6d382198090aedd9d79a2
SHA1: 49d94806b6e3dc933dacbd8acb0fdbab8ebd1e5d
SHA256: b3e9f6d63a790109bf0d056611fbed1cf69055826defeb9894a71369d246ed63
Evidence Type Source Name Value Confidence Vendor file name commons-codec High Vendor jar package name apache Highest Vendor jar package name codec Highest Vendor jar package name commons Highest Vendor jar package name encoder Highest Vendor Manifest automatic-module-name org.apache.commons.codec Medium Vendor Manifest build-jdk-spec 1.8 Low Vendor Manifest bundle-docurl https://commons.apache.org/proper/commons-codec/ Low Vendor Manifest bundle-symbolicname org.apache.commons.commons-codec Medium Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor pom artifactid commons-codec Low Vendor pom developer email bayard@apache.org Low Vendor pom developer email chtompki@apache.org Low Vendor pom developer email dgraham@apache.org Low Vendor pom developer email dlr@finemaltcoding.com Low Vendor pom developer email ggregory@apache.org Low Vendor pom developer email jon@collab.net Low Vendor pom developer email julius@apache.org Low Vendor pom developer email rwaldhoff@apache.org Low Vendor pom developer email sanders@totalsync.com Low Vendor pom developer email tn@apache.org Low Vendor pom developer email tobrien@apache.org Low Vendor pom developer id bayard Medium Vendor pom developer id chtompki Medium Vendor pom developer id dgraham Medium Vendor pom developer id dlr Medium Vendor pom developer id ggregory Medium Vendor pom developer id jon Medium Vendor pom developer id julius Medium Vendor pom developer id rwaldhoff Medium Vendor pom developer id sanders Medium Vendor pom developer id tn Medium Vendor pom developer id tobrien Medium Vendor pom developer name Daniel Rall Medium Vendor pom developer name David Graham Medium Vendor pom developer name Gary Gregory Medium Vendor pom developer name Henri Yandell Medium Vendor pom developer name Jon S. Stevens Medium Vendor pom developer name Julius Davies Medium Vendor pom developer name Rob Tompkins Medium Vendor pom developer name Rodney Waldhoff Medium Vendor pom developer name Scott Sanders Medium Vendor pom developer name Thomas Neidhart Medium Vendor pom developer name Tim OBrien Medium Vendor pom developer org URL http://juliusdavies.ca/ Medium Vendor pom groupid commons-codec Highest Vendor pom name Apache Commons Codec High Vendor pom parent-artifactid commons-parent Low Vendor pom parent-groupid org.apache.commons Medium Vendor pom url https://commons.apache.org/proper/commons-codec/ Highest Product file name commons-codec High Product jar package name apache Highest Product jar package name codec Highest Product jar package name commons Highest Product jar package name encoder Highest Product Manifest automatic-module-name org.apache.commons.codec Medium Product Manifest build-jdk-spec 1.8 Low Product Manifest bundle-docurl https://commons.apache.org/proper/commons-codec/ Low Product Manifest Bundle-Name Apache Commons Codec Medium Product Manifest bundle-symbolicname org.apache.commons.commons-codec Medium Product Manifest Implementation-Title Apache Commons Codec High Product Manifest specification-title Apache Commons Codec Medium Product pom artifactid commons-codec Highest Product pom developer email bayard@apache.org Low Product pom developer email chtompki@apache.org Low Product pom developer email dgraham@apache.org Low Product pom developer email dlr@finemaltcoding.com Low Product pom developer email ggregory@apache.org Low Product pom developer email jon@collab.net Low Product pom developer email julius@apache.org Low Product pom developer email rwaldhoff@apache.org Low Product pom developer email sanders@totalsync.com Low Product pom developer email tn@apache.org Low Product pom developer email tobrien@apache.org Low Product pom developer id bayard Low Product pom developer id chtompki Low Product pom developer id dgraham Low Product pom developer id dlr Low Product pom developer id ggregory Low Product pom developer id jon Low Product pom developer id julius Low Product pom developer id rwaldhoff Low Product pom developer id sanders Low Product pom developer id tn Low Product pom developer id tobrien Low Product pom developer name Daniel Rall Low Product pom developer name David Graham Low Product pom developer name Gary Gregory Low Product pom developer name Henri Yandell Low Product pom developer name Jon S. Stevens Low Product pom developer name Julius Davies Low Product pom developer name Rob Tompkins Low Product pom developer name Rodney Waldhoff Low Product pom developer name Scott Sanders Low Product pom developer name Thomas Neidhart Low Product pom developer name Tim OBrien Low Product pom developer org URL http://juliusdavies.ca/ Low Product pom groupid commons-codec Highest Product pom name Apache Commons Codec High Product pom parent-artifactid commons-parent Medium Product pom parent-groupid org.apache.commons Medium Product pom url https://commons.apache.org/proper/commons-codec/ Medium Version file version 1.15 High Version Manifest Implementation-Version 1.15 High Version pom parent-version 1.15 Low Version pom version 1.15 Highest
Description:
Types that extend and augment the Java Collections Framework. License:
http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /home/runner/.m2/repository/commons-collections/commons-collections/3.2.2/commons-collections-3.2.2.jar
MD5: f54a8510f834a1a57166970bfc982e94
SHA1: 8ad72fe39fa8c91eaaf12aadb21e0c3661fe26d5
SHA256: eeeae917917144a68a741d4c0dff66aa5c5c5fd85593ff217bced3fc8ca783b8
Evidence Type Source Name Value Confidence Vendor file name commons-collections High Vendor jar package name apache Highest Vendor jar package name collections Highest Vendor jar package name commons Highest Vendor Manifest bundle-docurl http://commons.apache.org/collections/ Low Vendor Manifest bundle-symbolicname org.apache.commons.collections Medium Vendor Manifest implementation-build tags/COLLECTIONS_3_2_2_RC3@r1714131; 2015-11-13 00:09:45+0100 Low Vendor Manifest implementation-url http://commons.apache.org/collections/ Low Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor Manifest Implementation-Vendor-Id org.apache Medium Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor pom artifactid commons-collections Low Vendor pom developer id amamment Medium Vendor pom developer id bayard Medium Vendor pom developer id craigmcc Medium Vendor pom developer id geirm Medium Vendor pom developer id jcarman Medium Vendor pom developer id matth Medium Vendor pom developer id morgand Medium Vendor pom developer id psteitz Medium Vendor pom developer id rdonkin Medium Vendor pom developer id rwaldhoff Medium Vendor pom developer id scolebourne Medium Vendor pom developer name Arun M. Thomas Medium Vendor pom developer name Craig McClanahan Medium Vendor pom developer name Geir Magnusson Medium Vendor pom developer name Henri Yandell Medium Vendor pom developer name James Carman Medium Vendor pom developer name Matthew Hawthorne Medium Vendor pom developer name Morgan Delagrange Medium Vendor pom developer name Phil Steitz Medium Vendor pom developer name Robert Burrell Donkin Medium Vendor pom developer name Rodney Waldhoff Medium Vendor pom developer name Stephen Colebourne Medium Vendor pom groupid commons-collections Highest Vendor pom name Apache Commons Collections High Vendor pom parent-artifactid commons-parent Low Vendor pom parent-groupid org.apache.commons Medium Vendor pom url http://commons.apache.org/collections/ Highest Product file name commons-collections High Product jar package name apache Highest Product jar package name collections Highest Product jar package name commons Highest Product Manifest bundle-docurl http://commons.apache.org/collections/ Low Product Manifest Bundle-Name Apache Commons Collections Medium Product Manifest bundle-symbolicname org.apache.commons.collections Medium Product Manifest implementation-build tags/COLLECTIONS_3_2_2_RC3@r1714131; 2015-11-13 00:09:45+0100 Low Product Manifest Implementation-Title Apache Commons Collections High Product Manifest implementation-url http://commons.apache.org/collections/ Low Product Manifest specification-title Apache Commons Collections Medium Product pom artifactid commons-collections Highest Product pom developer id amamment Low Product pom developer id bayard Low Product pom developer id craigmcc Low Product pom developer id geirm Low Product pom developer id jcarman Low Product pom developer id matth Low Product pom developer id morgand Low Product pom developer id psteitz Low Product pom developer id rdonkin Low Product pom developer id rwaldhoff Low Product pom developer id scolebourne Low Product pom developer name Arun M. Thomas Low Product pom developer name Craig McClanahan Low Product pom developer name Geir Magnusson Low Product pom developer name Henri Yandell Low Product pom developer name James Carman Low Product pom developer name Matthew Hawthorne Low Product pom developer name Morgan Delagrange Low Product pom developer name Phil Steitz Low Product pom developer name Robert Burrell Donkin Low Product pom developer name Rodney Waldhoff Low Product pom developer name Stephen Colebourne Low Product pom groupid commons-collections Highest Product pom name Apache Commons Collections High Product pom parent-artifactid commons-parent Medium Product pom parent-groupid org.apache.commons Medium Product pom url http://commons.apache.org/collections/ Medium Version file version 3.2.2 High Version Manifest Bundle-Version 3.2.2 High Version Manifest Implementation-Version 3.2.2 High Version pom parent-version 3.2.2 Low Version pom version 3.2.2 Highest
Description:
The Digester package lets you configure an XML to Java object mapping module
which triggers certain actions called rules whenever a particular
pattern of nested XML elements is recognized.
License:
http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /home/runner/.m2/repository/commons-digester/commons-digester/2.1/commons-digester-2.1.jar
MD5: 528445033f22da28f5047b6abcd1c7c9
SHA1: 73a8001e7a54a255eef0f03521ec1805dc738ca0
SHA256: e0b2b980a84fc6533c5ce291f1917b32c507f62bcad64198fff44368c2196a3d
Evidence Type Source Name Value Confidence Vendor file name commons-digester High Vendor jar package name apache Highest Vendor jar package name commons Highest Vendor jar package name digester Highest Vendor jar package name rules Highest Vendor Manifest bundle-docurl http://commons.apache.org/digester/ Low Vendor Manifest bundle-symbolicname org.apache.commons.digester Medium Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor Manifest Implementation-Vendor-Id org.apache Medium Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor pom artifactid commons-digester Low Vendor pom developer email craigmcc@apache.org Low Vendor pom developer email jfarcand@apache.org Low Vendor pom developer email jstrachan@apache.org Low Vendor pom developer email jvanzyl@apache.org Low Vendor pom developer email rahul AT apache DOT org Low Vendor pom developer email rdonkin@apache.org Low Vendor pom developer email sanders@totalsync.com Low Vendor pom developer email simonetripodi AT apache DOT org Low Vendor pom developer email skitching@apache.org Low Vendor pom developer email tobrien@apache.org Low Vendor pom developer id craigmcc Medium Vendor pom developer id jfarcand Medium Vendor pom developer id jstrachan Medium Vendor pom developer id jvanzyl Medium Vendor pom developer id rahul Medium Vendor pom developer id rdonkin Medium Vendor pom developer id sanders Medium Vendor pom developer id simonetripodi Medium Vendor pom developer id skitching Medium Vendor pom developer id tobrien Medium Vendor pom developer name Craig McClanahan Medium Vendor pom developer name James Strachan Medium Vendor pom developer name Jason van Zyl Medium Vendor pom developer name Jean-Francois Arcand Medium Vendor pom developer name Rahul Akolkar Medium Vendor pom developer name Robert Burrell Donkin Medium Vendor pom developer name Scott Sanders Medium Vendor pom developer name Simon Kitching Medium Vendor pom developer name Simone Tripodi Medium Vendor pom developer name Tim OBrien Medium Vendor pom groupid commons-digester Highest Vendor pom name Commons Digester High Vendor pom parent-artifactid commons-parent Low Vendor pom parent-groupid org.apache.commons Medium Vendor pom url http://commons.apache.org/digester/ Highest Product file name commons-digester High Product jar package name apache Highest Product jar package name commons Highest Product jar package name digester Highest Product jar package name rules Highest Product Manifest bundle-docurl http://commons.apache.org/digester/ Low Product Manifest Bundle-Name Commons Digester Medium Product Manifest bundle-symbolicname org.apache.commons.digester Medium Product Manifest Implementation-Title Commons Digester High Product Manifest specification-title Commons Digester Medium Product pom artifactid commons-digester Highest Product pom developer email craigmcc@apache.org Low Product pom developer email jfarcand@apache.org Low Product pom developer email jstrachan@apache.org Low Product pom developer email jvanzyl@apache.org Low Product pom developer email rahul AT apache DOT org Low Product pom developer email rdonkin@apache.org Low Product pom developer email sanders@totalsync.com Low Product pom developer email simonetripodi AT apache DOT org Low Product pom developer email skitching@apache.org Low Product pom developer email tobrien@apache.org Low Product pom developer id craigmcc Low Product pom developer id jfarcand Low Product pom developer id jstrachan Low Product pom developer id jvanzyl Low Product pom developer id rahul Low Product pom developer id rdonkin Low Product pom developer id sanders Low Product pom developer id simonetripodi Low Product pom developer id skitching Low Product pom developer id tobrien Low Product pom developer name Craig McClanahan Low Product pom developer name James Strachan Low Product pom developer name Jason van Zyl Low Product pom developer name Jean-Francois Arcand Low Product pom developer name Rahul Akolkar Low Product pom developer name Robert Burrell Donkin Low Product pom developer name Scott Sanders Low Product pom developer name Simon Kitching Low Product pom developer name Simone Tripodi Low Product pom developer name Tim OBrien Low Product pom groupid commons-digester Highest Product pom name Commons Digester High Product pom parent-artifactid commons-parent Medium Product pom parent-groupid org.apache.commons Medium Product pom url http://commons.apache.org/digester/ Medium Version file version 2.1 High Version Manifest Bundle-Version 2.1 High Version Manifest Implementation-Version 2.1 High Version pom parent-version 2.1 Low Version pom version 2.1 Highest
Description:
The Apache Commons IO library contains utility classes, stream implementations, file filters,
file comparators, endian transformation classes, and much more.
License:
https://www.apache.org/licenses/LICENSE-2.0.txt File Path: /home/runner/.m2/repository/commons-io/commons-io/2.15.1/commons-io-2.15.1.jar
MD5: 84351f7991a0e6722f00e96a4ccc376f
SHA1: f11560da189ab563a5c8e351941415430e9304ea
SHA256: a58af12ee1b68cfd2ebb0c27caef164f084381a00ec81a48cc275fd7ea54e154
Evidence Type Source Name Value Confidence Vendor file name commons-io High Vendor jar package name apache Highest Vendor jar package name commons Highest Vendor jar package name file Highest Vendor jar package name io Highest Vendor Manifest automatic-module-name org.apache.commons.io Medium Vendor Manifest build-jdk-spec 21 Low Vendor Manifest bundle-docurl https://commons.apache.org/proper/commons-io/ Low Vendor Manifest bundle-symbolicname org.apache.commons.commons-io Medium Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor Manifest multi-release true Low Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor pom artifactid commons-io Low Vendor pom developer email bayard@apache.org Low Vendor pom developer email dion@apache.org Low Vendor pom developer email ggregory at apache.org Low Vendor pom developer email jeremias@apache.org Low Vendor pom developer email jochen.wiedmann@gmail.com Low Vendor pom developer email krosenvold@apache.org Low Vendor pom developer email martinc@apache.org Low Vendor pom developer email matth@apache.org Low Vendor pom developer email nicolaken@apache.org Low Vendor pom developer email roxspring@apache.org Low Vendor pom developer email sanders@apache.org Low Vendor pom developer id bayard Medium Vendor pom developer id dion Medium Vendor pom developer id ggregory Medium Vendor pom developer id jeremias Medium Vendor pom developer id jochen Medium Vendor pom developer id jukka Medium Vendor pom developer id krosenvold Medium Vendor pom developer id martinc Medium Vendor pom developer id matth Medium Vendor pom developer id niallp Medium Vendor pom developer id nicolaken Medium Vendor pom developer id roxspring Medium Vendor pom developer id sanders Medium Vendor pom developer id scolebourne Medium Vendor pom developer name dIon Gillard Medium Vendor pom developer name Gary Gregory Medium Vendor pom developer name Henri Yandell Medium Vendor pom developer name Jeremias Maerki Medium Vendor pom developer name Jochen Wiedmann Medium Vendor pom developer name Jukka Zitting Medium Vendor pom developer name Kristian Rosenvold Medium Vendor pom developer name Martin Cooper Medium Vendor pom developer name Matthew Hawthorne Medium Vendor pom developer name Niall Pemberton Medium Vendor pom developer name Nicola Ken Barozzi Medium Vendor pom developer name Rob Oxspring Medium Vendor pom developer name Scott Sanders Medium Vendor pom developer name Stephen Colebourne Medium Vendor pom developer org The Apache Software Foundation Medium Vendor pom developer org URL https://www.apache.org/ Medium Vendor pom groupid commons-io Highest Vendor pom name Apache Commons IO High Vendor pom parent-artifactid commons-parent Low Vendor pom parent-groupid org.apache.commons Medium Vendor pom url https://commons.apache.org/proper/commons-io/ Highest Product file name commons-io High Product jar package name apache Highest Product jar package name commons Highest Product jar package name file Highest Product jar package name io Highest Product Manifest automatic-module-name org.apache.commons.io Medium Product Manifest build-jdk-spec 21 Low Product Manifest bundle-docurl https://commons.apache.org/proper/commons-io/ Low Product Manifest Bundle-Name Apache Commons IO Medium Product Manifest bundle-symbolicname org.apache.commons.commons-io Medium Product Manifest Implementation-Title Apache Commons IO High Product Manifest multi-release true Low Product Manifest specification-title Apache Commons IO Medium Product pom artifactid commons-io Highest Product pom developer email bayard@apache.org Low Product pom developer email dion@apache.org Low Product pom developer email ggregory at apache.org Low Product pom developer email jeremias@apache.org Low Product pom developer email jochen.wiedmann@gmail.com Low Product pom developer email krosenvold@apache.org Low Product pom developer email martinc@apache.org Low Product pom developer email matth@apache.org Low Product pom developer email nicolaken@apache.org Low Product pom developer email roxspring@apache.org Low Product pom developer email sanders@apache.org Low Product pom developer id bayard Low Product pom developer id dion Low Product pom developer id ggregory Low Product pom developer id jeremias Low Product pom developer id jochen Low Product pom developer id jukka Low Product pom developer id krosenvold Low Product pom developer id martinc Low Product pom developer id matth Low Product pom developer id niallp Low Product pom developer id nicolaken Low Product pom developer id roxspring Low Product pom developer id sanders Low Product pom developer id scolebourne Low Product pom developer name dIon Gillard Low Product pom developer name Gary Gregory Low Product pom developer name Henri Yandell Low Product pom developer name Jeremias Maerki Low Product pom developer name Jochen Wiedmann Low Product pom developer name Jukka Zitting Low Product pom developer name Kristian Rosenvold Low Product pom developer name Martin Cooper Low Product pom developer name Matthew Hawthorne Low Product pom developer name Niall Pemberton Low Product pom developer name Nicola Ken Barozzi Low Product pom developer name Rob Oxspring Low Product pom developer name Scott Sanders Low Product pom developer name Stephen Colebourne Low Product pom developer org The Apache Software Foundation Low Product pom developer org URL https://www.apache.org/ Low Product pom groupid commons-io Highest Product pom name Apache Commons IO High Product pom parent-artifactid commons-parent Medium Product pom parent-groupid org.apache.commons Medium Product pom url https://commons.apache.org/proper/commons-io/ Medium Version file version 2.15.1 High Version Manifest Bundle-Version 2.15.1 High Version Manifest Implementation-Version 2.15.1 High Version pom parent-version 2.15.1 Low Version pom version 2.15.1 Highest
Description:
Apache Commons Lang, a package of Java utility classes for the
classes that are in java.lang's hierarchy, or are considered to be so
standard as to justify existence in java.lang.
License:
https://www.apache.org/licenses/LICENSE-2.0.txt File Path: /home/runner/.m2/repository/org/apache/commons/commons-lang3/3.12.0/commons-lang3-3.12.0.jar
MD5: 19fe50567358922bdad277959ea69545
SHA1: c6842c86792ff03b9f1d1fe2aab8dc23aa6c6f0e
SHA256: d919d904486c037f8d193412da0c92e22a9fa24230b9d67a57855c5c31c7e94e
Evidence Type Source Name Value Confidence Vendor file name commons-lang3 High Vendor jar package name apache Highest Vendor jar package name commons Highest Vendor jar package name lang3 Highest Vendor Manifest automatic-module-name org.apache.commons.lang3 Medium Vendor Manifest build-jdk-spec 1.8 Low Vendor Manifest bundle-docurl https://commons.apache.org/proper/commons-lang/ Low Vendor Manifest bundle-symbolicname org.apache.commons.lang3 Medium Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor pom artifactid commons-lang3 Low Vendor pom developer email bayard@apache.org Low Vendor pom developer email britter@apache.org Low Vendor pom developer email chtompki@apache.org Low Vendor pom developer email djones@apache.org Low Vendor pom developer email dlr@finemaltcoding.com Low Vendor pom developer email ggregory@apache.org Low Vendor pom developer email jcarman@apache.org Low Vendor pom developer email joerg.schaible@gmx.de Low Vendor pom developer email lguibert@apache.org Low Vendor pom developer email oheger@apache.org Low Vendor pom developer email pbenedict@apache.org Low Vendor pom developer email rdonkin@apache.org Low Vendor pom developer email scolebourne@joda.org Low Vendor pom developer email stevencaswell@apache.org Low Vendor pom developer id bayard Medium Vendor pom developer id britter Medium Vendor pom developer id chtompki Medium Vendor pom developer id djones Medium Vendor pom developer id dlr Medium Vendor pom developer id fredrik Medium Vendor pom developer id ggregory Medium Vendor pom developer id jcarman Medium Vendor pom developer id joehni Medium Vendor pom developer id lguibert Medium Vendor pom developer id mbenson Medium Vendor pom developer id niallp Medium Vendor pom developer id oheger Medium Vendor pom developer id pbenedict Medium Vendor pom developer id rdonkin Medium Vendor pom developer id scaswell Medium Vendor pom developer id scolebourne Medium Vendor pom developer name Benedikt Ritter Medium Vendor pom developer name Daniel Rall Medium Vendor pom developer name Duncan Jones Medium Vendor pom developer name Fredrik Westermarck Medium Vendor pom developer name Gary D. Gregory Medium Vendor pom developer name Henri Yandell Medium Vendor pom developer name James Carman Medium Vendor pom developer name Joerg Schaible Medium Vendor pom developer name Loic Guibert Medium Vendor pom developer name Matt Benson Medium Vendor pom developer name Niall Pemberton Medium Vendor pom developer name Oliver Heger Medium Vendor pom developer name Paul Benedict Medium Vendor pom developer name Rob Tompkins Medium Vendor pom developer name Robert Burrell Donkin Medium Vendor pom developer name Stephen Colebourne Medium Vendor pom developer name Steven Caswell Medium Vendor pom developer org Carman Consulting, Inc. Medium Vendor pom developer org CollabNet, Inc. Medium Vendor pom developer org SITA ATS Ltd Medium Vendor pom groupid org.apache.commons Highest Vendor pom name Apache Commons Lang High Vendor pom parent-artifactid commons-parent Low Vendor pom url https://commons.apache.org/proper/commons-lang/ Highest Product file name commons-lang3 High Product jar package name apache Highest Product jar package name commons Highest Product jar package name lang3 Highest Product Manifest automatic-module-name org.apache.commons.lang3 Medium Product Manifest build-jdk-spec 1.8 Low Product Manifest bundle-docurl https://commons.apache.org/proper/commons-lang/ Low Product Manifest Bundle-Name Apache Commons Lang Medium Product Manifest bundle-symbolicname org.apache.commons.lang3 Medium Product Manifest Implementation-Title Apache Commons Lang High Product Manifest specification-title Apache Commons Lang Medium Product pom artifactid commons-lang3 Highest Product pom developer email bayard@apache.org Low Product pom developer email britter@apache.org Low Product pom developer email chtompki@apache.org Low Product pom developer email djones@apache.org Low Product pom developer email dlr@finemaltcoding.com Low Product pom developer email ggregory@apache.org Low Product pom developer email jcarman@apache.org Low Product pom developer email joerg.schaible@gmx.de Low Product pom developer email lguibert@apache.org Low Product pom developer email oheger@apache.org Low Product pom developer email pbenedict@apache.org Low Product pom developer email rdonkin@apache.org Low Product pom developer email scolebourne@joda.org Low Product pom developer email stevencaswell@apache.org Low Product pom developer id bayard Low Product pom developer id britter Low Product pom developer id chtompki Low Product pom developer id djones Low Product pom developer id dlr Low Product pom developer id fredrik Low Product pom developer id ggregory Low Product pom developer id jcarman Low Product pom developer id joehni Low Product pom developer id lguibert Low Product pom developer id mbenson Low Product pom developer id niallp Low Product pom developer id oheger Low Product pom developer id pbenedict Low Product pom developer id rdonkin Low Product pom developer id scaswell Low Product pom developer id scolebourne Low Product pom developer name Benedikt Ritter Low Product pom developer name Daniel Rall Low Product pom developer name Duncan Jones Low Product pom developer name Fredrik Westermarck Low Product pom developer name Gary D. Gregory Low Product pom developer name Henri Yandell Low Product pom developer name James Carman Low Product pom developer name Joerg Schaible Low Product pom developer name Loic Guibert Low Product pom developer name Matt Benson Low Product pom developer name Niall Pemberton Low Product pom developer name Oliver Heger Low Product pom developer name Paul Benedict Low Product pom developer name Rob Tompkins Low Product pom developer name Robert Burrell Donkin Low Product pom developer name Stephen Colebourne Low Product pom developer name Steven Caswell Low Product pom developer org Carman Consulting, Inc. Low Product pom developer org CollabNet, Inc. Low Product pom developer org SITA ATS Ltd Low Product pom groupid org.apache.commons Highest Product pom name Apache Commons Lang High Product pom parent-artifactid commons-parent Medium Product pom url https://commons.apache.org/proper/commons-lang/ Medium Version file version 3.12.0 High Version Manifest Bundle-Version 3.12.0 High Version Manifest Implementation-Version 3.12.0 High Version pom parent-version 3.12.0 Low Version pom version 3.12.0 Highest
Description:
Apache Commons Logging is a thin adapter allowing configurable bridging to other,
well known logging systems. License:
https://www.apache.org/licenses/LICENSE-2.0.txt File Path: /home/runner/.m2/repository/commons-logging/commons-logging/1.3.0/commons-logging-1.3.0.jar
MD5: 522cc4b1f42b7db1554474cb989adfb2
SHA1: f5e064b541f5c5fbc5e4fb49c4e8cd4eabb3afd6
SHA256: 66d3c980470b99b0c511dad3dfc0ae7b265ec1fb144e96bc0253a8a175fd34d9
Evidence Type Source Name Value Confidence Vendor file name commons-logging High Vendor jar package name apache Highest Vendor jar package name commons Highest Vendor jar package name logging Highest Vendor Manifest automatic-module-name org.apache.commons.logging Medium Vendor Manifest build-jdk-spec 21 Low Vendor Manifest bundle-docurl https://commons.apache.org/proper/commons-logging/ Low Vendor Manifest bundle-symbolicname org.apache.commons.commons-logging Medium Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor Manifest multi-release true Low Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor pom artifactid commons-logging Low Vendor pom developer email baliuka@apache.org Low Vendor pom developer email costin@apache.org Low Vendor pom developer email craigmcc@apache.org Low Vendor pom developer email dennisl@apache.org Low Vendor pom developer email donaldp@apache.org Low Vendor pom developer email ggregory at apache.org Low Vendor pom developer email morgand@apache.org Low Vendor pom developer email rdonkin@apache.org Low Vendor pom developer email rsitze@apache.org Low Vendor pom developer email rwaldhoff@apache.org Low Vendor pom developer email sanders@apache.org Low Vendor pom developer email skitching@apache.org Low Vendor pom developer email tn@apache.org Low Vendor pom developer id baliuka Medium Vendor pom developer id bstansberry Medium Vendor pom developer id costin Medium Vendor pom developer id craigmcc Medium Vendor pom developer id dennisl Medium Vendor pom developer id donaldp Medium Vendor pom developer id ggregory Medium Vendor pom developer id morgand Medium Vendor pom developer id rdonkin Medium Vendor pom developer id rsitze Medium Vendor pom developer id rwaldhoff Medium Vendor pom developer id sanders Medium Vendor pom developer id skitching Medium Vendor pom developer id tn Medium Vendor pom developer name Brian Stansberry Medium Vendor pom developer name Costin Manolache Medium Vendor pom developer name Craig McClanahan Medium Vendor pom developer name Dennis Lundberg Medium Vendor pom developer name Gary Gregory Medium Vendor pom developer name Juozas Baliuka Medium Vendor pom developer name Morgan Delagrange Medium Vendor pom developer name Peter Donald Medium Vendor pom developer name Richard Sitze Medium Vendor pom developer name Robert Burrell Donkin Medium Vendor pom developer name Rodney Waldhoff Medium Vendor pom developer name Scott Sanders Medium Vendor pom developer name Simon Kitching Medium Vendor pom developer name Thomas Neidhart Medium Vendor pom developer org Apache Medium Vendor pom developer org The Apache Software Foundation Medium Vendor pom developer org URL https://www.apache.org/ Medium Vendor pom groupid commons-logging Highest Vendor pom name Apache Commons Logging High Vendor pom parent-artifactid commons-parent Low Vendor pom parent-groupid org.apache.commons Medium Vendor pom url https://commons.apache.org/proper/commons-logging/ Highest Product file name commons-logging High Product jar package name apache Highest Product jar package name commons Highest Product jar package name logging Highest Product Manifest automatic-module-name org.apache.commons.logging Medium Product Manifest build-jdk-spec 21 Low Product Manifest bundle-docurl https://commons.apache.org/proper/commons-logging/ Low Product Manifest Bundle-Name Apache Commons Logging Medium Product Manifest bundle-symbolicname org.apache.commons.commons-logging Medium Product Manifest Implementation-Title Apache Commons Logging High Product Manifest multi-release true Low Product Manifest specification-title Apache Commons Logging Medium Product pom artifactid commons-logging Highest Product pom developer email baliuka@apache.org Low Product pom developer email costin@apache.org Low Product pom developer email craigmcc@apache.org Low Product pom developer email dennisl@apache.org Low Product pom developer email donaldp@apache.org Low Product pom developer email ggregory at apache.org Low Product pom developer email morgand@apache.org Low Product pom developer email rdonkin@apache.org Low Product pom developer email rsitze@apache.org Low Product pom developer email rwaldhoff@apache.org Low Product pom developer email sanders@apache.org Low Product pom developer email skitching@apache.org Low Product pom developer email tn@apache.org Low Product pom developer id baliuka Low Product pom developer id bstansberry Low Product pom developer id costin Low Product pom developer id craigmcc Low Product pom developer id dennisl Low Product pom developer id donaldp Low Product pom developer id ggregory Low Product pom developer id morgand Low Product pom developer id rdonkin Low Product pom developer id rsitze Low Product pom developer id rwaldhoff Low Product pom developer id sanders Low Product pom developer id skitching Low Product pom developer id tn Low Product pom developer name Brian Stansberry Low Product pom developer name Costin Manolache Low Product pom developer name Craig McClanahan Low Product pom developer name Dennis Lundberg Low Product pom developer name Gary Gregory Low Product pom developer name Juozas Baliuka Low Product pom developer name Morgan Delagrange Low Product pom developer name Peter Donald Low Product pom developer name Richard Sitze Low Product pom developer name Robert Burrell Donkin Low Product pom developer name Rodney Waldhoff Low Product pom developer name Scott Sanders Low Product pom developer name Simon Kitching Low Product pom developer name Thomas Neidhart Low Product pom developer org Apache Low Product pom developer org The Apache Software Foundation Low Product pom developer org URL https://www.apache.org/ Low Product pom groupid commons-logging Highest Product pom name Apache Commons Logging High Product pom parent-artifactid commons-parent Medium Product pom parent-groupid org.apache.commons Medium Product pom url https://commons.apache.org/proper/commons-logging/ Medium Version file version 1.3.0 High Version Manifest Bundle-Version 1.3.0 High Version Manifest Implementation-Version 1.3.0 High Version pom parent-version 1.3.0 Low Version pom version 1.3.0 Highest
Description:
Apache Commons Validator provides the building blocks for both client side validation and server side data validation.
It may be used standalone or with a framework like Struts.
License:
https://www.apache.org/licenses/LICENSE-2.0.txt File Path: /home/runner/.m2/repository/commons-validator/commons-validator/1.8.0/commons-validator-1.8.0.jar
MD5: 28fac5309e05b1ce9d83285a8500cad2
SHA1: 49bb9f45e0aa3c8b2261394c76675fba6f20d2e4
SHA256: 1292e4bd956936461a6096b094400f5c2a946267c2e20324512ac7532c0c6eb3
Evidence Type Source Name Value Confidence Vendor file name commons-validator High Vendor jar package name apache Highest Vendor jar package name commons Highest Vendor jar package name validator Highest Vendor Manifest build-jdk-spec 21 Low Vendor Manifest bundle-docurl http://commons.apache.org/proper/commons-validator/ Low Vendor Manifest bundle-symbolicname org.apache.commons.commons-validator Medium Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor Manifest Implementation-Vendor-Id org.apache Medium Vendor Manifest multi-release true Low Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor pom artifactid commons-validator Low Vendor pom developer email craigmcc@apache.org Low Vendor pom developer email dgraham@apache.org Low Vendor pom developer email dwinterfeldt@apache.org Low Vendor pom developer email ggregory at apache.org Low Vendor pom developer email husted@apache.org Low Vendor pom developer email jmitchell NOSPAM apache.org Low Vendor pom developer email martinc@apache.org Low Vendor pom developer email mrdon@apache.org Low Vendor pom developer email rleland at apache.org Low Vendor pom developer email turner@apache.org Low Vendor pom developer id bayard Medium Vendor pom developer id britter Medium Vendor pom developer id bspeakmon Medium Vendor pom developer id craigmcc Medium Vendor pom developer id dgraham Medium Vendor pom developer id dwinterfeldt Medium Vendor pom developer id ggregory Medium Vendor pom developer id husted Medium Vendor pom developer id jmitchell Medium Vendor pom developer id martinc Medium Vendor pom developer id mrdon Medium Vendor pom developer id niallp Medium Vendor pom developer id nick Medium Vendor pom developer id rleland Medium Vendor pom developer id simonetripodi Medium Vendor pom developer id turner Medium Vendor pom developer name Ben Speakmon Medium Vendor pom developer name Benedikt Ritter Medium Vendor pom developer name Craig McClanahan Medium Vendor pom developer name David Graham Medium Vendor pom developer name David Winterfeldt Medium Vendor pom developer name Don Brown Medium Vendor pom developer name Gary Gregory Medium Vendor pom developer name Henri Yandell Medium Vendor pom developer name James Mitchell Medium Vendor pom developer name James Turner Medium Vendor pom developer name Martin Cooper Medium Vendor pom developer name Niall Pemberton Medium Vendor pom developer name Nick Burch Medium Vendor pom developer name Rob Leland Medium Vendor pom developer name SimoneTripodi Medium Vendor pom developer name Ted Husted Medium Vendor pom developer org EdgeTech, Inc Medium Vendor pom developer org The Apache Software Foundation Medium Vendor pom developer org URL https://www.apache.org/ Medium Vendor pom groupid commons-validator Highest Vendor pom name Apache Commons Validator High Vendor pom parent-artifactid commons-parent Low Vendor pom parent-groupid org.apache.commons Medium Vendor pom url http://commons.apache.org/proper/commons-validator/ Highest Product file name commons-validator High Product jar package name apache Highest Product jar package name commons Highest Product jar package name validator Highest Product Manifest build-jdk-spec 21 Low Product Manifest bundle-docurl http://commons.apache.org/proper/commons-validator/ Low Product Manifest Bundle-Name Apache Commons Validator Medium Product Manifest bundle-symbolicname org.apache.commons.commons-validator Medium Product Manifest Implementation-Title Apache Commons Validator High Product Manifest multi-release true Low Product Manifest specification-title Apache Commons Validator Medium Product pom artifactid commons-validator Highest Product pom developer email craigmcc@apache.org Low Product pom developer email dgraham@apache.org Low Product pom developer email dwinterfeldt@apache.org Low Product pom developer email ggregory at apache.org Low Product pom developer email husted@apache.org Low Product pom developer email jmitchell NOSPAM apache.org Low Product pom developer email martinc@apache.org Low Product pom developer email mrdon@apache.org Low Product pom developer email rleland at apache.org Low Product pom developer email turner@apache.org Low Product pom developer id bayard Low Product pom developer id britter Low Product pom developer id bspeakmon Low Product pom developer id craigmcc Low Product pom developer id dgraham Low Product pom developer id dwinterfeldt Low Product pom developer id ggregory Low Product pom developer id husted Low Product pom developer id jmitchell Low Product pom developer id martinc Low Product pom developer id mrdon Low Product pom developer id niallp Low Product pom developer id nick Low Product pom developer id rleland Low Product pom developer id simonetripodi Low Product pom developer id turner Low Product pom developer name Ben Speakmon Low Product pom developer name Benedikt Ritter Low Product pom developer name Craig McClanahan Low Product pom developer name David Graham Low Product pom developer name David Winterfeldt Low Product pom developer name Don Brown Low Product pom developer name Gary Gregory Low Product pom developer name Henri Yandell Low Product pom developer name James Mitchell Low Product pom developer name James Turner Low Product pom developer name Martin Cooper Low Product pom developer name Niall Pemberton Low Product pom developer name Nick Burch Low Product pom developer name Rob Leland Low Product pom developer name SimoneTripodi Low Product pom developer name Ted Husted Low Product pom developer org EdgeTech, Inc Low Product pom developer org The Apache Software Foundation Low Product pom developer org URL https://www.apache.org/ Low Product pom groupid commons-validator Highest Product pom name Apache Commons Validator High Product pom parent-artifactid commons-parent Medium Product pom parent-groupid org.apache.commons Medium Product pom url http://commons.apache.org/proper/commons-validator/ Medium Version file version 1.8.0 High Version Manifest Bundle-Version 1.8.0 High Version Manifest Implementation-Version 1.8.0 High Version pom parent-version 1.8.0 Low Version pom version 1.8.0 Highest
Description:
Facilities for async programming and communication in Clojure File Path: /home/runner/.m2/repository/org/clojure/core.async/1.6.681/core.async-1.6.681.jarMD5: cd4c21ae75387435e5497ab10282afc3SHA1: 99ae66f06f681ab8af0e0ebd01355e5e635ce53cSHA256: 2e9160118c381d418ab1c4d330b6323ff76b7947e6e2d9b1cd1be950fd269d9f
Evidence Type Source Name Value Confidence Vendor file name core.async High Vendor pom artifactid core.async Low Vendor pom developer id richhickey Medium Vendor pom developer name Rich Hickey Medium Vendor pom groupid org.clojure Highest Vendor pom name core.async High Vendor pom parent-artifactid pom.contrib Low Vendor pom url clojure/core.async Highest Product file name core.async High Product pom artifactid core.async Highest Product pom developer id richhickey Low Product pom developer name Rich Hickey Low Product pom groupid org.clojure Highest Product pom name core.async High Product pom parent-artifactid pom.contrib Medium Product pom url clojure/core.async High Version file version 1.6.681 High Version pom parent-version 1.6.681 Low Version pom version 1.6.681 Highest
Description:
Cache library for Clojure. License:
Eclipse Public License 1.0: http://opensource.org/licenses/eclipse-1.0.php File Path: /home/runner/.m2/repository/org/clojure/core.cache/1.0.225/core.cache-1.0.225.jar
MD5: 3820b6de04123c74459e2216d794e24c
SHA1: ddd58c0d29cf1515d13351cc0770634ecac884f0
SHA256: c153aa947eda5cdbd8a93882c8fbabd5037d4ad7311802b4bcd8015469f6a5b1
Evidence Type Source Name Value Confidence Vendor file name core.cache High Vendor pom artifactid core.cache Low Vendor pom developer id fogus Medium Vendor pom developer name Michael Fogus Medium Vendor pom groupid org.clojure Highest Vendor pom name core.cache High Vendor pom parent-artifactid pom.contrib Low Product file name core.cache High Product pom artifactid core.cache Highest Product pom developer id fogus Low Product pom developer name Michael Fogus Low Product pom groupid org.clojure Highest Product pom name core.cache High Product pom parent-artifactid pom.contrib Medium Version file version 1.0.225 High Version pom parent-version 1.0.225 Low Version pom version 1.0.225 Highest
Description:
A memoization library for Clojure License:
Eclipse Public License 1.0: http://opensource.org/licenses/eclipse-1.0.php File Path: /home/runner/.m2/repository/org/clojure/core.memoize/1.0.253/core.memoize-1.0.253.jar
MD5: 5b317b3cd92d01b08757de9d00033991
SHA1: bfa3ac940d93d50a14e4301b4cf8295e451b97c4
SHA256: 4a910585182ab326c1d0a20d34315be1563b5a58437d41c021dd7fe9911e1ed6
Evidence Type Source Name Value Confidence Vendor file name core.memoize High Vendor pom artifactid core.memoize Low Vendor pom developer id fogus Medium Vendor pom developer name Fogus Medium Vendor pom groupid org.clojure Highest Vendor pom name core.memoize High Vendor pom parent-artifactid pom.contrib Low Product file name core.memoize High Product pom artifactid core.memoize Highest Product pom developer id fogus Low Product pom developer name Fogus Low Product pom groupid org.clojure Highest Product pom name core.memoize High Product pom parent-artifactid pom.contrib Medium Version file version 1.0.253 High Version pom parent-version 1.0.253 Low Version pom version 1.0.253 Highest
Description:
Specs for clojure.core License:
Eclipse Public License 1.0: http://opensource.org/licenses/eclipse-1.0.php File Path: /home/runner/.m2/repository/org/clojure/core.specs.alpha/0.2.62/core.specs.alpha-0.2.62.jar
MD5: b1e37e6e8efdade6b7c2a4dd17c0d437
SHA1: a2a7ea21a695561924bc8506f3feb5d8c8f894d5
SHA256: 06eea8c070bbe45c158567e443439681bc8c46e9123414f81bfa32ba42d6cbc8
Evidence Type Source Name Value Confidence Vendor file name core.specs.alpha High Vendor pom artifactid core.specs.alpha Low Vendor pom developer id puredanger Medium Vendor pom developer name Alex Miller Medium Vendor pom groupid org.clojure Highest Vendor pom name core.specs.alpha High Vendor pom parent-artifactid pom.contrib Low Product file name core.specs.alpha High Product pom artifactid core.specs.alpha Highest Product pom developer id puredanger Low Product pom developer name Alex Miller Low Product pom groupid org.clojure Highest Product pom name core.specs.alpha High Product pom parent-artifactid pom.contrib Medium Version file version 0.2.62 High Version pom parent-version 0.2.62 Low Version pom version 0.2.62 Highest
Description:
Generating/parsing JSON from/to Clojure data structures File Path: /home/runner/.m2/repository/org/clojure/data.json/2.5.0/data.json-2.5.0.jarMD5: 6460660af8158b4cf54add2a3a965645SHA1: dab2f10e914d1953898f1b71306c18bc3f7b9799SHA256: 6779c36ee1f90d70f35feb872fb31756aa0e1b8bd6c65e105e780babb4b25704
Evidence Type Source Name Value Confidence Vendor file name data.json High Vendor pom artifactid data.json Low Vendor pom developer email mail@stuartsierra.com Low Vendor pom developer name Stuart Sierra Medium Vendor pom groupid org.clojure Highest Vendor pom name data.json High Vendor pom parent-artifactid pom.contrib Low Vendor pom url clojure/data.json Highest Product file name data.json High Product pom artifactid data.json Highest Product pom developer email mail@stuartsierra.com Low Product pom developer name Stuart Sierra Low Product pom groupid org.clojure Highest Product pom name data.json High Product pom parent-artifactid pom.contrib Medium Product pom url clojure/data.json High Version file version 2.5.0 High Version pom parent-version 2.5.0 Low Version pom version 2.5.0 Highest
File Path: /home/runner/.m2/repository/org/clojure/data.priority-map/1.1.0/data.priority-map-1.1.0.jarMD5: 1d7258593b5e40bb5484727da24cb728SHA1: fc412d06788c1ea186117f8ea656d44fba654788SHA256: fe51af4472fa0f1bfd66f3871de55076402ff6615a74bcb17b37c402a0ea6f4c
Evidence Type Source Name Value Confidence Vendor file name data.priority-map High Vendor pom artifactid data.priority-map Low Vendor pom developer name Mark Engelberg Medium Vendor pom groupid org.clojure Highest Vendor pom name data.priority-map High Vendor pom parent-artifactid pom.contrib Low Product file name data.priority-map High Product pom artifactid data.priority-map Highest Product pom developer name Mark Engelberg Low Product pom groupid org.clojure Highest Product pom name data.priority-map High Product pom parent-artifactid pom.contrib Medium Version file version 1.1.0 High Version pom version 1.1.0 Highest
Description:
Functions to parse XML into lazy sequences and lazy trees and emit these as text File Path: /home/runner/.m2/repository/org/clojure/data.xml/0.2.0-alpha8/data.xml-0.2.0-alpha8.jarMD5: ecf740cd730cad5fdbaf16e401027290SHA1: c3dd8907b0a63a67082bc3091e304d9e1676d4b0SHA256: b5b10c4f6df654c36c610f2b218cd8f52af3b2677ef9ffb5a3f901ab9fbb3a95
Evidence Type Source Name Value Confidence Vendor file name data.xml High Vendor pom artifactid data.xml Low Vendor pom developer email amalloy@4clojure.com Low Vendor pom developer email chouser@n01se.net Low Vendor pom developer email herwig@bendlas.net Low Vendor pom developer email senior.ryan@gmail.com Low Vendor pom developer name Alan Malloy Medium Vendor pom developer name Chouser Medium Vendor pom developer name Herwig Hochleitner Medium Vendor pom developer name Ryan Senior Medium Vendor pom groupid org.clojure Highest Vendor pom name data.xml High Vendor pom parent-artifactid pom.contrib Low Product file name data.xml High Product pom artifactid data.xml Highest Product pom developer email amalloy@4clojure.com Low Product pom developer email chouser@n01se.net Low Product pom developer email herwig@bendlas.net Low Product pom developer email senior.ryan@gmail.com Low Product pom developer name Alan Malloy Low Product pom developer name Chouser Low Product pom developer name Herwig Hochleitner Low Product pom developer name Ryan Senior Low Product pom groupid org.clojure Highest Product pom name data.xml High Product pom parent-artifactid pom.contrib Medium Version pom parent-version 0.2.0-alpha8 Low Version pom version 0.2.0-alpha8 Highest
File Path: /home/runner/.m2/repository/org/clojure/data.zip/1.0.0/data.zip-1.0.0.jarMD5: fa47f7c4d114d2637e7f2498754dd374SHA1: 5f77c8874d674e9dc8c3a515812e80e831de9980SHA256: 37a0a4e0cb8916fed5443a686d6319503d6a67d262b01e8630290fa94291ad39
Evidence Type Source Name Value Confidence Vendor file name data.zip High Vendor pom artifactid data.zip Low Vendor pom developer name Chris Houser Medium Vendor pom groupid org.clojure Highest Vendor pom name data.zip High Vendor pom parent-artifactid pom.contrib Low Product file name data.zip High Product pom artifactid data.zip Highest Product pom developer name Chris Houser Low Product pom groupid org.clojure Highest Product pom name data.zip High Product pom parent-artifactid pom.contrib Medium Version file version 1.0.0 High Version pom parent-version 1.0.0 Low Version pom version 1.0.0 Highest
File Path: /home/runner/.m2/repository/io/replikativ/datalog-parser/0.2.25/datalog-parser-0.2.25.jarMD5: 556c4e27d6c5f51ba115411ef28210aeSHA1: 4d59fde5929044463b0385e9161709a64a4f3d32SHA256: 0f5ad805619720d132aad1064d209589b929dde043c08cd789f93cf7f4cd7c51
Evidence Type Source Name Value Confidence Vendor file name datalog-parser High Vendor Manifest build-jdk-spec 17 Low Vendor pom artifactid datalog-parser Low Vendor pom groupid io.replikativ Highest Vendor pom name datalog-parser High Product file name datalog-parser High Product Manifest build-jdk-spec 17 Low Product pom artifactid datalog-parser Highest Product pom groupid io.replikativ Highest Product pom name datalog-parser High Version file version 0.2.25 High Version pom version 0.2.25 Highest
File Path: /home/runner/.m2/repository/slipset/deps-deploy/0.2.2/deps-deploy-0.2.2.jarMD5: 787fcbcdf52798dce4cdeea1ab8996baSHA1: e97534ef0cb28cca28c93295ebc5583ea9d97b0eSHA256: 4b473d5c6486aa36cef0f12971dbdf2371c604921b8c85cc93502b986537bbc9
Evidence Type Source Name Value Confidence Vendor file name deps-deploy High Vendor pom artifactid deps-deploy Low Vendor pom groupid slipset Highest Vendor pom name deps-deploy High Product file name deps-deploy High Product pom artifactid deps-deploy Highest Product pom groupid slipset Highest Product pom name deps-deploy High Version file version 0.2.2 High Version pom version 0.2.2 Highest
Description:
An abstraction for modifiable/readable class loaders. License:
Eclipse Public License: http://www.eclipse.org/legal/epl-v10.html File Path: /home/runner/.m2/repository/org/tcrawley/dynapath/1.1.0/dynapath-1.1.0.jar
MD5: 39bd85f61a745b4214f208e60a587319
SHA1: b2c797ef27c575488c07f6df5da8c082a2223e07
SHA256: 9fc7aa3be6385da3ad22a06526f15a5d335d9e89d40f39bf2f9a00e0bbbd8ae8
Evidence Type Source Name Value Confidence Vendor file name dynapath High Vendor Manifest leiningen-project-artifactid dynapath Low Vendor pom artifactid dynapath Low Vendor pom developer email toby@tcrawley.org Low Vendor pom developer name Toby Crawley Medium Vendor pom groupid org.tcrawley Highest Vendor pom name dynapath High Vendor pom url tobias/dynapath Highest Product file name dynapath High Product Manifest leiningen-project-artifactid dynapath Low Product pom artifactid dynapath Highest Product pom developer email toby@tcrawley.org Low Product pom developer name Toby Crawley Low Product pom groupid org.tcrawley Highest Product pom name dynapath High Product pom url tobias/dynapath High Version file version 1.1.0 High Version Manifest leiningen-project-version 1.1.0 Medium Version pom version 1.1.0 Highest
Description:
A Clojure lint tool License:
Eclipse Public License: http://www.eclipse.org/legal/epl-v10.html File Path: /home/runner/.m2/repository/jonase/eastwood/1.4.0/eastwood-1.4.0.jar
MD5: 0f983ad1a1f3117f5806748ebc825546
SHA1: 6162f98f9939783df09dfd8ff296e3e3965e59c0
SHA256: c3682df6d69ac80625889de1c046d9386efa71bfbedd51ba793faa89f58ecef0
Evidence Type Source Name Value Confidence Vendor file name eastwood High Vendor Manifest leiningen-project-artifactid eastwood Low Vendor Manifest leiningen-project-groupid jonase Low Vendor pom artifactid eastwood Low Vendor pom groupid jonase Highest Vendor pom name eastwood High Vendor pom url jonase/eastwood Highest Product file name eastwood High Product Manifest leiningen-project-artifactid eastwood Low Product Manifest leiningen-project-groupid jonase Low Product pom artifactid eastwood Highest Product pom groupid jonase Highest Product pom name eastwood High Product pom url jonase/eastwood High Version file version 1.4.0 High Version Manifest leiningen-project-version 1.4.0 Medium Version pom version 1.4.0 Highest
Description:
EDN parser with location metadata and pluggable dispatch table. License:
Eclipse Public License 1.0: http://opensource.org/licenses/eclipse-1.0.php File Path: /home/runner/.m2/repository/borkdude/edamame/1.3.23/edamame-1.3.23.jar
MD5: 0d4280856af1c5b5702ec30342845638
SHA1: 254d023e97ed438f0f44532b5a06d928d031ede4
SHA256: 9e6e81999eba0bfcf70fad4c9710354da355dfb9d2400c1ea4ba462bd4eff550
Evidence Type Source Name Value Confidence Vendor file name edamame High Vendor Manifest leiningen-project-artifactid edamame Low Vendor Manifest leiningen-project-groupid borkdude Low Vendor pom artifactid edamame Low Vendor pom groupid borkdude Highest Vendor pom name edamame High Vendor pom url borkdude/edamame Highest Product file name edamame High Product Manifest leiningen-project-artifactid edamame Low Product Manifest leiningen-project-groupid borkdude Low Product pom artifactid edamame Highest Product pom groupid borkdude Highest Product pom name edamame High Product pom url borkdude/edamame High Version file version 1.3.23 High Version Manifest leiningen-project-version 1.3.23 Medium Version pom version 1.3.23 Highest
Description:
A Clojure micro-library for leveraging virtual threads on JVMs that support them. License:
Apache-2.0: http://www.apache.org/licenses/LICENSE-2.0.html File Path: /home/runner/.m2/repository/com/github/pmonks/embroidery/0.1.13/embroidery-0.1.13.jar
MD5: 47e473a21f2003906f55c691b711995c
SHA1: 91ab777ab08a60d6453e36fe93fbdc390f9ce6b0
SHA256: 89f8fb60be5164b96e6066cb7d389ebc775672605e99dca0f9658197805bdc4f
Evidence Type Source Name Value Confidence Vendor file name embroidery High Vendor Manifest build-jdk-spec 21 Low Vendor pom artifactid embroidery Low Vendor pom developer email pmonks+embroidery@gmail.com Low Vendor pom developer id pmonks Medium Vendor pom developer name Peter Monks Medium Vendor pom groupid com.github.pmonks Highest Vendor pom name embroidery High Vendor pom url pmonks/embroidery Highest Product file name embroidery High Product Manifest build-jdk-spec 21 Low Product pom artifactid embroidery Highest Product pom developer email pmonks+embroidery@gmail.com Low Product pom developer id pmonks Low Product pom developer name Peter Monks Low Product pom groupid com.github.pmonks Highest Product pom name embroidery High Product pom url pmonks/embroidery High Version file version 0.1.13 High Version pom version 0.1.13 Highest
Description:
endpoints resources for com.cognitect.aws/api License:
The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /home/runner/.m2/repository/com/cognitect/aws/endpoints/1.1.12.504/endpoints-1.1.12.504.jar
MD5: 11c8252e80adcb1ffe1664dfb27ae331
SHA1: 4f4a8a7392e74f3b6eb68d54bdc6879041e0b66e
SHA256: 807be9eb591bfe50c8e4bef763f1cab301d5ece79d449dd895a9f1e9c2fde3a4
Evidence Type Source Name Value Confidence Vendor file name endpoints High Vendor Manifest build-jdk-spec 11 Low Vendor pom artifactid endpoints Low Vendor pom developer email labs@cognitect.com Low Vendor pom developer name Cognitect Medium Vendor pom developer org Cognitect Medium Vendor pom developer org URL http://cognitect.com Medium Vendor pom groupid com.cognitect.aws Highest Vendor pom name endpoints High Vendor pom url http://github.com/cognitect-labs/aws-api Highest Product file name endpoints High Product Manifest build-jdk-spec 11 Low Product pom artifactid endpoints Highest Product pom developer email labs@cognitect.com Low Product pom developer name Cognitect Low Product pom developer org Cognitect Low Product pom developer org URL http://cognitect.com Low Product pom groupid com.cognitect.aws Highest Product pom name endpoints High Product pom url http://github.com/cognitect-labs/aws-api Medium Version file version 1.1.12.504 High Version pom version 1.1.12.504 Highest
Description:
a HTML selector-based (à la CSS) templating and transformation system for Clojure License:
Eclipse Public License - v 1.0: http://www.eclipse.org/legal/epl-v10.html File Path: /home/runner/.m2/repository/enlive/enlive/1.1.6/enlive-1.1.6.jar
MD5: 43c3c888886fc7a5ebdcd734ede5a82d
SHA1: 28827bb650b1e786be9d7ab6de2295c39d351bad
SHA256: 07052a6948b79a7d1c0752ad040203d0a203c9f4f9be54a7d1c93d8505478ba5
Evidence Type Source Name Value Confidence Vendor file name enlive High Vendor pom artifactid enlive Low Vendor pom groupid enlive Highest Vendor pom name enlive High Vendor pom url http://github.com/cgrand/enlive/ Highest Product file name enlive High Product pom artifactid enlive Highest Product pom groupid enlive Highest Product pom name enlive High Product pom url http://github.com/cgrand/enlive/ Medium Version file version 1.1.6 High Version pom version 1.1.6 Highest
License:
Apache 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /home/runner/.m2/repository/com/google/errorprone/error_prone_annotations/2.11.0/error_prone_annotations-2.11.0.jar
MD5: 656ad66261b7e7ea472ed0ffeea773ea
SHA1: c5a0ace696d3f8b1c1d8cc036d8c03cc0cbe6b69
SHA256: 721cb91842b46fa056847d104d5225c8b8e1e8b62263b993051e1e5a0137b7ec
Evidence Type Source Name Value Confidence Vendor file name error_prone_annotations High Vendor jar package name annotations Highest Vendor jar package name errorprone Highest Vendor jar package name google Highest Vendor Manifest automatic-module-name com.google.errorprone.annotations Medium Vendor Manifest build-jdk-spec 11 Low Vendor pom artifactid error_prone_annotations Low Vendor pom groupid com.google.errorprone Highest Vendor pom name error-prone annotations High Vendor pom parent-artifactid error_prone_parent Low Product file name error_prone_annotations High Product jar package name annotations Highest Product jar package name errorprone Highest Product jar package name google Highest Product Manifest automatic-module-name com.google.errorprone.annotations Medium Product Manifest build-jdk-spec 11 Low Product pom artifactid error_prone_annotations Highest Product pom groupid com.google.errorprone Highest Product pom name error-prone annotations High Product pom parent-artifactid error_prone_parent Medium Version file version 2.11.0 High Version pom version 2.11.0 Highest
Description:
Contains
com.google.common.util.concurrent.internal.InternalFutureFailureAccess and
InternalFutures. Most users will never need to use this artifact. Its
classes is conceptually a part of Guava, but they're in this separate
artifact so that Android libraries can use them without pulling in all of
Guava (just as they can use ListenableFuture by depending on the
listenablefuture artifact).
License:
http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /home/runner/.m2/repository/com/google/guava/failureaccess/1.0.1/failureaccess-1.0.1.jar
MD5: 091883993ef5bfa91da01dcc8fc52236
SHA1: 1dcf1de382a0bf95a3d8b0849546c88bac1292c9
SHA256: a171ee4c734dd2da837e4b16be9df4661afab72a41adaf31eb84dfdaf936ca26
Evidence Type Source Name Value Confidence Vendor file name failureaccess High Vendor jar package name common Highest Vendor jar package name concurrent Highest Vendor jar package name google Highest Vendor jar package name util Highest Vendor Manifest bundle-docurl https://github.com/google/guava/ Low Vendor Manifest bundle-symbolicname com.google.guava.failureaccess Medium Vendor pom artifactid failureaccess Low Vendor pom groupid com.google.guava Highest Vendor pom name Guava InternalFutureFailureAccess and InternalFutures High Vendor pom parent-artifactid guava-parent Low Product file name failureaccess High Product jar package name common Highest Product jar package name concurrent Highest Product jar package name google Highest Product jar package name util Highest Product Manifest bundle-docurl https://github.com/google/guava/ Low Product Manifest Bundle-Name Guava InternalFutureFailureAccess and InternalFutures Medium Product Manifest bundle-symbolicname com.google.guava.failureaccess Medium Product pom artifactid failureaccess Highest Product pom groupid com.google.guava Highest Product pom name Guava InternalFutureFailureAccess and InternalFutures High Product pom parent-artifactid guava-parent Medium Version file version 1.0.1 High Version Manifest Bundle-Version 1.0.1 High Version pom parent-version 1.0.1 Low Version pom version 1.0.1 Highest
Description:
Core of flexmark-java (implementation of CommonMark for parsing markdown and rendering to HTML) File Path: /home/runner/.m2/repository/com/vladsch/flexmark/flexmark/0.62.2/flexmark-0.62.2.jarMD5: aea61cd8a9dc5aef8321e43e6fcbc3a7SHA1: 606a88e1d15aa8debd97cb5dfdf788ddc6fb5b5eSHA256: 5ebc1707b86c22c70a0ef7c5b7b38a9361c80b89b6bfd0e17be39ab0ed3272a6
Evidence Type Source Name Value Confidence Vendor file name flexmark High Vendor jar package name core Highest Vendor jar package name flexmark Highest Vendor jar package name flexmark Low Vendor jar package name html Highest Vendor jar package name vladsch Highest Vendor jar package name vladsch Low Vendor pom artifactid flexmark Low Vendor pom groupid com.vladsch.flexmark Highest Vendor pom name flexmark-java core High Vendor pom parent-artifactid flexmark-java Low Product file name flexmark High Product jar package name core Highest Product jar package name flexmark Highest Product jar package name flexmark Low Product jar package name html Highest Product jar package name vladsch Highest Product pom artifactid flexmark Highest Product pom groupid com.vladsch.flexmark Highest Product pom name flexmark-java core High Product pom parent-artifactid flexmark-java Medium Version file version 0.62.2 High Version pom version 0.62.2 Highest
Description:
flexmark-java extension for defining abbreviations and turning appearance of these abbreviations in text into links with titles consisting of the expansion of the abbreviation File Path: /home/runner/.m2/repository/com/vladsch/flexmark/flexmark-ext-abbreviation/0.62.2/flexmark-ext-abbreviation-0.62.2.jarMD5: 6a520afb01464236b55aee5d59c6283dSHA1: d54dfe9adb0a57609c586c47fce407e925ad7fdbSHA256: 874511f0f08d0a0d58dbf8a2e08d55c055b642a4225cd54f6dd8101c93e16f4d
Evidence Type Source Name Value Confidence Vendor file name flexmark-ext-abbreviation High Vendor jar package name abbreviation Highest Vendor jar package name ext Highest Vendor jar package name ext Low Vendor jar package name flexmark Highest Vendor jar package name flexmark Low Vendor jar package name vladsch Highest Vendor jar package name vladsch Low Vendor pom artifactid flexmark-ext-abbreviation Low Vendor pom groupid com.vladsch.flexmark Highest Vendor pom name flexmark-java extension for abbreviations in text High Vendor pom parent-artifactid flexmark-java Low Product file name flexmark-ext-abbreviation High Product jar package name abbreviation Highest Product jar package name abbreviation Low Product jar package name ext Highest Product jar package name ext Low Product jar package name flexmark Highest Product jar package name flexmark Low Product jar package name vladsch Highest Product pom artifactid flexmark-ext-abbreviation Highest Product pom groupid com.vladsch.flexmark Highest Product pom name flexmark-java extension for abbreviations in text High Product pom parent-artifactid flexmark-java Medium Version file version 0.62.2 High Version pom version 0.62.2 Highest
Description:
flexmark-java extension for converting | to aside tags File Path: /home/runner/.m2/repository/com/vladsch/flexmark/flexmark-ext-aside/0.62.2/flexmark-ext-aside-0.62.2.jarMD5: f22cca83d7fad180daabeeacc1e375d1SHA1: 181dc21671713c8048536bb38cbb98b6bd335938SHA256: a595e617c9f0cf0eaaffb50ba9a4e2a8feb9f8b57a09fd17e873f04eb40ef4d0
Evidence Type Source Name Value Confidence Vendor file name flexmark-ext-aside High Vendor jar package name aside Highest Vendor jar package name ext Highest Vendor jar package name ext Low Vendor jar package name flexmark Highest Vendor jar package name flexmark Low Vendor jar package name vladsch Highest Vendor jar package name vladsch Low Vendor pom artifactid flexmark-ext-aside Low Vendor pom groupid com.vladsch.flexmark Highest Vendor pom name flexmark-java extension for converting | to aside tags High Vendor pom parent-artifactid flexmark-java Low Product file name flexmark-ext-aside High Product jar package name aside Highest Product jar package name aside Low Product jar package name ext Highest Product jar package name ext Low Product jar package name flexmark Highest Product jar package name flexmark Low Product jar package name vladsch Highest Product pom artifactid flexmark-ext-aside Highest Product pom groupid com.vladsch.flexmark Highest Product pom name flexmark-java extension for converting | to aside tags High Product pom parent-artifactid flexmark-java Medium Version file version 0.62.2 High Version pom version 0.62.2 Highest
Description:
flexmark-java extension for turning plain URLs and email addresses into links File Path: /home/runner/.m2/repository/com/vladsch/flexmark/flexmark-ext-autolink/0.62.2/flexmark-ext-autolink-0.62.2.jarMD5: 5707f445af14418d83c059840874bb38SHA1: e72d9a9beffc30512e0231a2754d65dd32144744SHA256: 527d4a294778d7dcc7f309d407eba0526816ced2d691c51308606b286abf6573
Evidence Type Source Name Value Confidence Vendor file name flexmark-ext-autolink High Vendor jar package name autolink Highest Vendor jar package name ext Highest Vendor jar package name ext Low Vendor jar package name flexmark Highest Vendor jar package name flexmark Low Vendor jar package name vladsch Highest Vendor jar package name vladsch Low Vendor pom artifactid flexmark-ext-autolink Low Vendor pom groupid com.vladsch.flexmark Highest Vendor pom name flexmark-java extension for autolinking High Vendor pom parent-artifactid flexmark-java Low Product file name flexmark-ext-autolink High Product jar package name autolink Highest Product jar package name autolink Low Product jar package name ext Highest Product jar package name ext Low Product jar package name flexmark Highest Product jar package name flexmark Low Product jar package name vladsch Highest Product pom artifactid flexmark-ext-autolink Highest Product pom groupid com.vladsch.flexmark Highest Product pom name flexmark-java extension for autolinking High Product pom parent-artifactid flexmark-java Medium Version file version 0.62.2 High Version pom version 0.62.2 Highest
Description:
flexmark-java extension for definition File Path: /home/runner/.m2/repository/com/vladsch/flexmark/flexmark-ext-definition/0.62.2/flexmark-ext-definition-0.62.2.jarMD5: 414c413ba8b67f6c21af8b17878a053cSHA1: f83d90ac885b24119be26f0505be6fe56ae63fd1SHA256: 0884b4d242bb8b6568d75f84380e07e7b7e99913b50b29d23c42617fdcbf4ede
Evidence Type Source Name Value Confidence Vendor file name flexmark-ext-definition High Vendor jar package name definition Highest Vendor jar package name ext Highest Vendor jar package name ext Low Vendor jar package name flexmark Highest Vendor jar package name flexmark Low Vendor jar package name vladsch Highest Vendor jar package name vladsch Low Vendor pom artifactid flexmark-ext-definition Low Vendor pom groupid com.vladsch.flexmark Highest Vendor pom name flexmark-java extension for definition High Vendor pom parent-artifactid flexmark-java Low Product file name flexmark-ext-definition High Product jar package name definition Highest Product jar package name definition Low Product jar package name ext Highest Product jar package name ext Low Product jar package name flexmark Highest Product jar package name flexmark Low Product jar package name vladsch Highest Product pom artifactid flexmark-ext-definition Highest Product pom groupid com.vladsch.flexmark Highest Product pom name flexmark-java extension for definition High Product pom parent-artifactid flexmark-java Medium Version file version 0.62.2 High Version pom version 0.62.2 Highest
Description:
flexmark-java extension for emoji shortcuts using Emoji-Cheat-Sheet.com http://www.emoji-cheat-sheet.com/ File Path: /home/runner/.m2/repository/com/vladsch/flexmark/flexmark-ext-emoji/0.62.2/flexmark-ext-emoji-0.62.2.jarMD5: 751390b9c95a5f44aaf021b42076669bSHA1: c1f1b1909bfb6c0f4301a9227745a3ab33b0d08fSHA256: dcdefc2da8ec742ab81605276ebf300962613499c1196fb87e082bd76bc61789
Evidence Type Source Name Value Confidence Vendor file name flexmark-ext-emoji High Vendor jar package name emoji Highest Vendor jar package name ext Highest Vendor jar package name ext Low Vendor jar package name flexmark Highest Vendor jar package name flexmark Low Vendor jar package name vladsch Highest Vendor jar package name vladsch Low Vendor pom artifactid flexmark-ext-emoji Low Vendor pom groupid com.vladsch.flexmark Highest Vendor pom name flexmark-java extension for emoji shortcuts High Vendor pom parent-artifactid flexmark-java Low Product file name flexmark-ext-emoji High Product jar package name emoji Highest Product jar package name emoji Low Product jar package name ext Highest Product jar package name ext Low Product jar package name flexmark Highest Product jar package name flexmark Low Product jar package name vladsch Highest Product pom artifactid flexmark-ext-emoji Highest Product pom groupid com.vladsch.flexmark Highest Product pom name flexmark-java extension for emoji shortcuts High Product pom parent-artifactid flexmark-java Medium Version file version 0.62.2 High Version pom version 0.62.2 Highest
Description:
flexmark-java extension for escaped_character File Path: /home/runner/.m2/repository/com/vladsch/flexmark/flexmark-ext-escaped-character/0.62.2/flexmark-ext-escaped-character-0.62.2.jarMD5: a571aa977f940e059b57dccfc15f285aSHA1: 204e4fd60f56ca02ebbd66f46c6da9ed2d2a2922SHA256: ab4e540ee67cbd56356d338787b9804fd67df1c99f57b4bc77789e38464e4116
Evidence Type Source Name Value Confidence Vendor file name flexmark-ext-escaped-character High Vendor jar package name escaped Highest Vendor jar package name ext Highest Vendor jar package name ext Low Vendor jar package name flexmark Highest Vendor jar package name flexmark Low Vendor jar package name vladsch Highest Vendor jar package name vladsch Low Vendor pom artifactid flexmark-ext-escaped-character Low Vendor pom groupid com.vladsch.flexmark Highest Vendor pom name flexmark-java extension for escaped_character High Vendor pom parent-artifactid flexmark-java Low Product file name flexmark-ext-escaped-character High Product jar package name escaped Highest Product jar package name escaped Low Product jar package name ext Highest Product jar package name ext Low Product jar package name flexmark Highest Product jar package name flexmark Low Product jar package name vladsch Highest Product pom artifactid flexmark-ext-escaped-character Highest Product pom groupid com.vladsch.flexmark Highest Product pom name flexmark-java extension for escaped_character High Product pom parent-artifactid flexmark-java Medium Version file version 0.62.2 High Version pom version 0.62.2 Highest
Description:
flexmark-java extension for footnote inline elments and footnote definitions File Path: /home/runner/.m2/repository/com/vladsch/flexmark/flexmark-ext-footnotes/0.62.2/flexmark-ext-footnotes-0.62.2.jarMD5: 85ac1b0ad5873f25da53f60cde8ee34aSHA1: 10419ebf4e93e60cfd58e8a2ec07c865ad73eaf5SHA256: 70cf00622d7a46f3b37b670da0771c9c5976b8a7f0e1f10e1466d0b190d3a1ee
Evidence Type Source Name Value Confidence Vendor file name flexmark-ext-footnotes High Vendor jar package name ext Highest Vendor jar package name ext Low Vendor jar package name flexmark Highest Vendor jar package name flexmark Low Vendor jar package name footnotes Highest Vendor jar package name vladsch Highest Vendor jar package name vladsch Low Vendor pom artifactid flexmark-ext-footnotes Low Vendor pom groupid com.vladsch.flexmark Highest Vendor pom name flexmark-java extension for footnotes High Vendor pom parent-artifactid flexmark-java Low Product file name flexmark-ext-footnotes High Product jar package name ext Highest Product jar package name ext Low Product jar package name flexmark Highest Product jar package name flexmark Low Product jar package name footnotes Highest Product jar package name footnotes Low Product jar package name vladsch Highest Product pom artifactid flexmark-ext-footnotes Highest Product pom groupid com.vladsch.flexmark Highest Product pom name flexmark-java extension for footnotes High Product pom parent-artifactid flexmark-java Medium Version file version 0.62.2 High Version pom version 0.62.2 Highest
Description:
flexmark-java extension for GFM strikethrough using ~~ (GitHub Flavored Markdown) File Path: /home/runner/.m2/repository/com/vladsch/flexmark/flexmark-ext-gfm-strikethrough/0.62.2/flexmark-ext-gfm-strikethrough-0.62.2.jarMD5: 9d9ca4009f73d89f0d3f2bdd0658e7dfSHA1: 7c0657d663269223c7a5bf29f12982d38d382168SHA256: a46a7c2abd5e8f2d6655b7e870408053e0beb2dd14a5acec4f2b18f6e5b1f0cf
Evidence Type Source Name Value Confidence Vendor file name flexmark-ext-gfm-strikethrough High Vendor jar package name ext Highest Vendor jar package name ext Low Vendor jar package name flexmark Highest Vendor jar package name flexmark Low Vendor jar package name gfm Highest Vendor jar package name vladsch Highest Vendor jar package name vladsch Low Vendor pom artifactid flexmark-ext-gfm-strikethrough Low Vendor pom groupid com.vladsch.flexmark Highest Vendor pom name flexmark-java extension for strikethrough High Vendor pom parent-artifactid flexmark-java Low Product file name flexmark-ext-gfm-strikethrough High Product jar package name ext Highest Product jar package name ext Low Product jar package name flexmark Highest Product jar package name flexmark Low Product jar package name gfm Highest Product jar package name gfm Low Product jar package name vladsch Highest Product pom artifactid flexmark-ext-gfm-strikethrough Highest Product pom groupid com.vladsch.flexmark Highest Product pom name flexmark-java extension for strikethrough High Product pom parent-artifactid flexmark-java Medium Version file version 0.62.2 High Version pom version 0.62.2 Highest
Description:
flexmark-java extension to convert bullet list items that start with [ ] to a TaskListItem node File Path: /home/runner/.m2/repository/com/vladsch/flexmark/flexmark-ext-gfm-tasklist/0.62.2/flexmark-ext-gfm-tasklist-0.62.2.jarMD5: 2f5398f2b0aa4c50e2c9bf875c9f271bSHA1: 1c0fd7a70afac3a93459e49089e2d1b2bf72e590SHA256: b97cb3df6dbd38a32bc1f90a7c81f5b112d8a390984e7a5f9fff7d83f6e2d2c9
Evidence Type Source Name Value Confidence Vendor file name flexmark-ext-gfm-tasklist High Vendor jar package name ext Highest Vendor jar package name ext Low Vendor jar package name flexmark Highest Vendor jar package name flexmark Low Vendor jar package name gfm Highest Vendor jar package name vladsch Highest Vendor jar package name vladsch Low Vendor pom artifactid flexmark-ext-gfm-tasklist Low Vendor pom groupid com.vladsch.flexmark Highest Vendor pom name flexmark-java extension for generating GitHub style task list items High Vendor pom parent-artifactid flexmark-java Low Product file name flexmark-ext-gfm-tasklist High Product jar package name ext Highest Product jar package name ext Low Product jar package name flexmark Highest Product jar package name flexmark Low Product jar package name gfm Highest Product jar package name gfm Low Product jar package name vladsch Highest Product pom artifactid flexmark-ext-gfm-tasklist Highest Product pom groupid com.vladsch.flexmark Highest Product pom name flexmark-java extension for generating GitHub style task list items High Product pom parent-artifactid flexmark-java Medium Version file version 0.62.2 High Version pom version 0.62.2 Highest
Description:
flexmark-java extension for ins File Path: /home/runner/.m2/repository/com/vladsch/flexmark/flexmark-ext-ins/0.62.2/flexmark-ext-ins-0.62.2.jarMD5: 4087d1db3d5b7914ad74641a6f7a083dSHA1: 234bf93924c93ee2d6d948da5ed82120b0e455c9SHA256: 15d217ef8f4d7702da4c7c11a9fd192eec3d67e9ab5486344df95584e73336fa
Evidence Type Source Name Value Confidence Vendor file name flexmark-ext-ins High Vendor jar package name ext Highest Vendor jar package name ext Low Vendor jar package name flexmark Highest Vendor jar package name flexmark Low Vendor jar package name ins Highest Vendor jar package name vladsch Highest Vendor jar package name vladsch Low Vendor pom artifactid flexmark-ext-ins Low Vendor pom groupid com.vladsch.flexmark Highest Vendor pom name flexmark-java extension for ins High Vendor pom parent-artifactid flexmark-java Low Product file name flexmark-ext-ins High Product jar package name ext Highest Product jar package name ext Low Product jar package name flexmark Highest Product jar package name flexmark Low Product jar package name ins Highest Product jar package name ins Low Product jar package name vladsch Highest Product pom artifactid flexmark-ext-ins Highest Product pom groupid com.vladsch.flexmark Highest Product pom name flexmark-java extension for ins High Product pom parent-artifactid flexmark-java Medium Version file version 0.62.2 High Version pom version 0.62.2 Highest
Description:
flexmark-java extension for jekyll_front_matter File Path: /home/runner/.m2/repository/com/vladsch/flexmark/flexmark-ext-jekyll-front-matter/0.62.2/flexmark-ext-jekyll-front-matter-0.62.2.jarMD5: 4f447d4ddfed5e7dddfdb534707c46b2SHA1: 057e3249952ca0d7c247f5999f4ba1fb1c82d90cSHA256: f815c49a465a81bcafc85240144752fb410664a5bc4a46e5deb5a1a4a13af5cd
Evidence Type Source Name Value Confidence Vendor file name flexmark-ext-jekyll-front-matter High Vendor jar package name ext Highest Vendor jar package name ext Low Vendor jar package name flexmark Highest Vendor jar package name flexmark Low Vendor jar package name jekyll Highest Vendor jar package name vladsch Highest Vendor jar package name vladsch Low Vendor pom artifactid flexmark-ext-jekyll-front-matter Low Vendor pom groupid com.vladsch.flexmark Highest Vendor pom name flexmark-java extension for jekyll_front_matter High Vendor pom parent-artifactid flexmark-java Low Product file name flexmark-ext-jekyll-front-matter High Product jar package name ext Highest Product jar package name ext Low Product jar package name flexmark Highest Product jar package name flexmark Low Product jar package name jekyll Highest Product jar package name jekyll Low Product jar package name vladsch Highest Product pom artifactid flexmark-ext-jekyll-front-matter Highest Product pom groupid com.vladsch.flexmark Highest Product pom name flexmark-java extension for jekyll_front_matter High Product pom parent-artifactid flexmark-java Medium Version file version 0.62.2 High Version pom version 0.62.2 Highest
Description:
flexmark-java extension for superscript File Path: /home/runner/.m2/repository/com/vladsch/flexmark/flexmark-ext-superscript/0.62.2/flexmark-ext-superscript-0.62.2.jarMD5: c1141bc7d3e6e9059559417b87f2051bSHA1: 4bbdbed56d2da352177fdd5ae1c64ac07ace52d9SHA256: c60fe12c39d48f548ef27ba55221483d76d4fbfc1476f4903414ad5aacd2395f
Evidence Type Source Name Value Confidence Vendor file name flexmark-ext-superscript High Vendor jar package name ext Highest Vendor jar package name ext Low Vendor jar package name flexmark Highest Vendor jar package name flexmark Low Vendor jar package name superscript Highest Vendor jar package name vladsch Highest Vendor jar package name vladsch Low Vendor pom artifactid flexmark-ext-superscript Low Vendor pom groupid com.vladsch.flexmark Highest Vendor pom name flexmark-java extension for superscript High Vendor pom parent-artifactid flexmark-java Low Product file name flexmark-ext-superscript High Product jar package name ext Highest Product jar package name ext Low Product jar package name flexmark Highest Product jar package name flexmark Low Product jar package name superscript Highest Product jar package name superscript Low Product jar package name vladsch Highest Product pom artifactid flexmark-ext-superscript Highest Product pom groupid com.vladsch.flexmark Highest Product pom name flexmark-java extension for superscript High Product pom parent-artifactid flexmark-java Medium Version file version 0.62.2 High Version pom version 0.62.2 Highest
Description:
flexmark-java extension for tables using "|" pipes with optional column spans and table caption File Path: /home/runner/.m2/repository/com/vladsch/flexmark/flexmark-ext-tables/0.62.2/flexmark-ext-tables-0.62.2.jarMD5: b4b66ab6c57e544084d7545a97f03f0cSHA1: c95068a1450835c2695750ece82c996a7b57bbd3SHA256: 761943d94020b78ac27c89840d9979328fc4cb18cb03aed23ee3b9767bf924b5
Evidence Type Source Name Value Confidence Vendor file name flexmark-ext-tables High Vendor jar package name ext Highest Vendor jar package name ext Low Vendor jar package name flexmark Highest Vendor jar package name flexmark Low Vendor jar package name tables Highest Vendor jar package name vladsch Highest Vendor jar package name vladsch Low Vendor pom artifactid flexmark-ext-tables Low Vendor pom groupid com.vladsch.flexmark Highest Vendor pom name flexmark-java extension for tables High Vendor pom parent-artifactid flexmark-java Low Product file name flexmark-ext-tables High Product jar package name ext Highest Product jar package name ext Low Product jar package name flexmark Highest Product jar package name flexmark Low Product jar package name tables Highest Product jar package name tables Low Product jar package name vladsch Highest Product pom artifactid flexmark-ext-tables Highest Product pom groupid com.vladsch.flexmark Highest Product pom name flexmark-java extension for tables High Product pom parent-artifactid flexmark-java Medium Version file version 0.62.2 High Version pom version 0.62.2 Highest
Description:
flexmark-java extension for toc File Path: /home/runner/.m2/repository/com/vladsch/flexmark/flexmark-ext-toc/0.62.2/flexmark-ext-toc-0.62.2.jarMD5: efcef1f8ae7e41e448e7e7a658e60dd2SHA1: f922fc61dc6fbb777f643861b134ed49439c1053SHA256: 4c85c4e7205b73bcdaa96d298d8a953705d34cb4bcddd286fc686d80cfd553ed
Evidence Type Source Name Value Confidence Vendor file name flexmark-ext-toc High Vendor jar package name ext Highest Vendor jar package name ext Low Vendor jar package name flexmark Highest Vendor jar package name flexmark Low Vendor jar package name toc Highest Vendor jar package name vladsch Highest Vendor jar package name vladsch Low Vendor pom artifactid flexmark-ext-toc Low Vendor pom groupid com.vladsch.flexmark Highest Vendor pom name flexmark-java extension for toc High Vendor pom parent-artifactid flexmark-java Low Product file name flexmark-ext-toc High Product jar package name ext Highest Product jar package name ext Low Product jar package name flexmark Highest Product jar package name flexmark Low Product jar package name toc Highest Product jar package name toc Low Product jar package name vladsch Highest Product pom artifactid flexmark-ext-toc Highest Product pom groupid com.vladsch.flexmark Highest Product pom name flexmark-java extension for toc High Product pom parent-artifactid flexmark-java Medium Version file version 0.62.2 High Version pom version 0.62.2 Highest
Description:
flexmark-java extension for typographic File Path: /home/runner/.m2/repository/com/vladsch/flexmark/flexmark-ext-typographic/0.62.2/flexmark-ext-typographic-0.62.2.jarMD5: a5e2fc90fd16865dbf19e58483811824SHA1: fe4cc95b2aa47b7614b52c5b6fa998de2682dd2dSHA256: 0bbf8e501174ed9536a95aaba329f1da0481d3a4c486b9b1901d02211f3bf3e0
Evidence Type Source Name Value Confidence Vendor file name flexmark-ext-typographic High Vendor jar package name ext Highest Vendor jar package name ext Low Vendor jar package name flexmark Highest Vendor jar package name flexmark Low Vendor jar package name typographic Highest Vendor jar package name vladsch Highest Vendor jar package name vladsch Low Vendor pom artifactid flexmark-ext-typographic Low Vendor pom groupid com.vladsch.flexmark Highest Vendor pom name flexmark-java extension for typographic High Vendor pom parent-artifactid flexmark-java Low Product file name flexmark-ext-typographic High Product jar package name ext Highest Product jar package name ext Low Product jar package name flexmark Highest Product jar package name flexmark Low Product jar package name typographic Highest Product jar package name typographic Low Product jar package name vladsch Highest Product pom artifactid flexmark-ext-typographic Highest Product pom groupid com.vladsch.flexmark Highest Product pom name flexmark-java extension for typographic High Product pom parent-artifactid flexmark-java Medium Version file version 0.62.2 High Version pom version 0.62.2 Highest
Description:
flexmark-java extension parsing and rendering wiki links File Path: /home/runner/.m2/repository/com/vladsch/flexmark/flexmark-ext-wikilink/0.62.2/flexmark-ext-wikilink-0.62.2.jarMD5: f19548e7d817b402b173df3d97aab026SHA1: e07a39268a2091451f3456cb5d9e955bf276f3f4SHA256: 370676119e0db87453fe00d823c5b40172980cb24891ea4fedacf88eff909da3
Evidence Type Source Name Value Confidence Vendor file name flexmark-ext-wikilink High Vendor jar package name ext Highest Vendor jar package name ext Low Vendor jar package name flexmark Highest Vendor jar package name flexmark Low Vendor jar package name vladsch Highest Vendor jar package name vladsch Low Vendor jar package name wikilink Highest Vendor pom artifactid flexmark-ext-wikilink Low Vendor pom groupid com.vladsch.flexmark Highest Vendor pom name flexmark-java extension for wiki links High Vendor pom parent-artifactid flexmark-java Low Product file name flexmark-ext-wikilink High Product jar package name ext Highest Product jar package name ext Low Product jar package name flexmark Highest Product jar package name flexmark Low Product jar package name vladsch Highest Product jar package name wikilink Highest Product jar package name wikilink Low Product pom artifactid flexmark-ext-wikilink Highest Product pom groupid com.vladsch.flexmark Highest Product pom name flexmark-java extension for wiki links High Product pom parent-artifactid flexmark-java Medium Version file version 0.62.2 High Version pom version 0.62.2 Highest
Related Dependencies flexmark-ext-anchorlink-0.62.2.jarFile Path: /home/runner/.m2/repository/com/vladsch/flexmark/flexmark-ext-anchorlink/0.62.2/flexmark-ext-anchorlink-0.62.2.jar MD5: 2a8d87b5e5214578e41daa9a8e8a2c9c SHA1: 3aa453b87258a448dfd8d01010d94e3a2832884d SHA256: 996f33ef589d0aa851e8bc3e0e2a0faff1b0447c35a9cd02ac9bec4c400d7a94 pkg:maven/com.vladsch.flexmark/flexmark-ext-anchorlink@0.62.2 Description:
flexmark-java extension for YAML front matter File Path: /home/runner/.m2/repository/com/vladsch/flexmark/flexmark-ext-yaml-front-matter/0.62.2/flexmark-ext-yaml-front-matter-0.62.2.jarMD5: 981ac75e51f5c714b3c5d406b50f0cb7SHA1: ab1caa230841406bf39fb8f3d69bf82a145fbec3SHA256: d59096960d6c80b29b64d4d9dac936b2c121d0b11c3e00b3dfcc1329dbc113b1
Evidence Type Source Name Value Confidence Vendor file name flexmark-ext-yaml-front-matter High Vendor jar package name ext Highest Vendor jar package name ext Low Vendor jar package name flexmark Highest Vendor jar package name flexmark Low Vendor jar package name vladsch Highest Vendor jar package name vladsch Low Vendor jar package name yaml Highest Vendor pom artifactid flexmark-ext-yaml-front-matter Low Vendor pom groupid com.vladsch.flexmark Highest Vendor pom name flexmark-java extension for YAML front matter High Vendor pom parent-artifactid flexmark-java Low Product file name flexmark-ext-yaml-front-matter High Product jar package name ext Highest Product jar package name ext Low Product jar package name flexmark Highest Product jar package name flexmark Low Product jar package name vladsch Highest Product jar package name yaml Highest Product jar package name yaml Low Product pom artifactid flexmark-ext-yaml-front-matter Highest Product pom groupid com.vladsch.flexmark Highest Product pom name flexmark-java extension for YAML front matter High Product pom parent-artifactid flexmark-java Medium Version file version 0.62.2 High Version pom version 0.62.2 Highest
Description:
flexmark-java extension for jira_converter File Path: /home/runner/.m2/repository/com/vladsch/flexmark/flexmark-jira-converter/0.62.2/flexmark-jira-converter-0.62.2.jarMD5: a4cb8d37a0e3d910464c30eaf47f4a97SHA1: c172ad9cde6317d84fc15fae53f8eab42d982adeSHA256: e464fb813d747712e88784ed7459f9e1b1300fb53f8e5dcfee90220811271512
Evidence Type Source Name Value Confidence Vendor file name flexmark-jira-converter High Vendor jar package name converter Highest Vendor jar package name flexmark Highest Vendor jar package name flexmark Low Vendor jar package name jira Highest Vendor jar package name jira Low Vendor jar package name vladsch Highest Vendor jar package name vladsch Low Vendor pom artifactid flexmark-jira-converter Low Vendor pom groupid com.vladsch.flexmark Highest Vendor pom name flexmark-java extension for jira_converter High Vendor pom parent-artifactid flexmark-java Low Product file name flexmark-jira-converter High Product jar package name converter Highest Product jar package name converter Low Product jar package name flexmark Highest Product jar package name flexmark Low Product jar package name jira Highest Product jar package name jira Low Product jar package name vladsch Highest Product pom artifactid flexmark-jira-converter Highest Product pom groupid com.vladsch.flexmark Highest Product pom name flexmark-java extension for jira_converter High Product pom parent-artifactid flexmark-java Medium Version file version 0.62.2 High Version pom version 0.62.2 Highest
Description:
flexmark-java extension for setting flexmark options by using pegdown extension flags File Path: /home/runner/.m2/repository/com/vladsch/flexmark/flexmark-profile-pegdown/0.62.2/flexmark-profile-pegdown-0.62.2.jarMD5: 8c479531f2439c6b61661c5500e876e8SHA1: 4616e21946341fb4af1802c1245b1aaae6729b63SHA256: 028fc55eb1b0b2a3ccd5b398d4259285ce9d05783b1c4b829c5f7788e8339843
Evidence Type Source Name Value Confidence Vendor file name flexmark-profile-pegdown High Vendor jar package name flexmark Highest Vendor jar package name flexmark Low Vendor jar package name pegdown Highest Vendor jar package name profile Highest Vendor jar package name profile Low Vendor jar package name vladsch Highest Vendor jar package name vladsch Low Vendor pom artifactid flexmark-profile-pegdown Low Vendor pom groupid com.vladsch.flexmark Highest Vendor pom name flexmark-java pegdown profile High Vendor pom parent-artifactid flexmark-java Low Product file name flexmark-profile-pegdown High Product jar package name flexmark Highest Product jar package name flexmark Low Product jar package name pegdown Highest Product jar package name pegdown Low Product jar package name profile Highest Product jar package name profile Low Product jar package name vladsch Highest Product pom artifactid flexmark-profile-pegdown Highest Product pom groupid com.vladsch.flexmark Highest Product pom name flexmark-java pegdown profile High Product pom parent-artifactid flexmark-java Medium Version file version 0.62.2 High Version pom version 0.62.2 Highest
Description:
flexmark-java utility classes File Path: /home/runner/.m2/repository/com/vladsch/flexmark/flexmark-util/0.62.2/flexmark-util-0.62.2.jarMD5: 69fa8d168fb3488a84fb770302895823SHA1: 6e38dcd6bb4ccfc13d513aaba350404977fa85bdSHA256: 36bb72a3b57a99ff751190cb538ad553499bd49bc24763c642d58c61e9d5b171
Evidence Type Source Name Value Confidence Vendor file name flexmark-util High Vendor pom artifactid flexmark-util Low Vendor pom groupid com.vladsch.flexmark Highest Vendor pom name flexmark-java utilities High Vendor pom parent-artifactid flexmark-java Low Product file name flexmark-util High Product pom artifactid flexmark-util Highest Product pom groupid com.vladsch.flexmark Highest Product pom name flexmark-java utilities High Product pom parent-artifactid flexmark-java Medium Version file version 0.62.2 High Version pom version 0.62.2 Highest
Description:
flexmark-java ast utility classes File Path: /home/runner/.m2/repository/com/vladsch/flexmark/flexmark-util-ast/0.62.2/flexmark-util-ast-0.62.2.jarMD5: 04fba35fb4d2a4df60f369b386cef503SHA1: c0b998d5570295f104a4ffee4f8eec305d7db327SHA256: 762c1c2b9cec0cdf53fe1fa1068061265a44f7bc33e672c13f838a697189e434
Evidence Type Source Name Value Confidence Vendor file name flexmark-util-ast High Vendor jar package name ast Highest Vendor jar package name flexmark Highest Vendor jar package name flexmark Low Vendor jar package name util Highest Vendor jar package name util Low Vendor jar package name vladsch Highest Vendor jar package name vladsch Low Vendor pom artifactid flexmark-util-ast Low Vendor pom groupid com.vladsch.flexmark Highest Vendor pom name flexmark-java ast utilities High Vendor pom parent-artifactid flexmark-java Low Product file name flexmark-util-ast High Product jar package name ast Highest Product jar package name ast Low Product jar package name flexmark Highest Product jar package name flexmark Low Product jar package name util Highest Product jar package name util Low Product jar package name vladsch Highest Product pom artifactid flexmark-util-ast Highest Product pom groupid com.vladsch.flexmark Highest Product pom name flexmark-java ast utilities High Product pom parent-artifactid flexmark-java Medium Version file version 0.62.2 High Version pom version 0.62.2 Highest
Description:
flexmark-java builder utility classes File Path: /home/runner/.m2/repository/com/vladsch/flexmark/flexmark-util-builder/0.62.2/flexmark-util-builder-0.62.2.jarMD5: 767b36cd2e3957a1443c6a6b6ccc37feSHA1: 22c85efb51d4aa25540b8b0d880be7ad4a8baec1SHA256: 1f3177abf51b4e26e2bba994df4902b392c7336e16dfee7ab2c492e0685d52f5
Evidence Type Source Name Value Confidence Vendor file name flexmark-util-builder High Vendor jar package name builder Highest Vendor jar package name flexmark Highest Vendor jar package name flexmark Low Vendor jar package name util Highest Vendor jar package name util Low Vendor jar package name vladsch Highest Vendor jar package name vladsch Low Vendor pom artifactid flexmark-util-builder Low Vendor pom groupid com.vladsch.flexmark Highest Vendor pom name flexmark-java builder utilities High Vendor pom parent-artifactid flexmark-java Low Product file name flexmark-util-builder High Product jar package name builder Highest Product jar package name builder Low Product jar package name flexmark Highest Product jar package name flexmark Low Product jar package name util Highest Product jar package name util Low Product jar package name vladsch Highest Product pom artifactid flexmark-util-builder Highest Product pom groupid com.vladsch.flexmark Highest Product pom name flexmark-java builder utilities High Product pom parent-artifactid flexmark-java Medium Version file version 0.62.2 High Version pom version 0.62.2 Highest
Description:
flexmark-java collection utility classes File Path: /home/runner/.m2/repository/com/vladsch/flexmark/flexmark-util-collection/0.62.2/flexmark-util-collection-0.62.2.jarMD5: 18238bc16fae5cdd06e5a0653f89a37aSHA1: 85253a62761533ce7709f81b0c581c8473f825ecSHA256: 59f350f064aeb3d0e01e97fb773fb9701e3605d9db7a6eb12bce0686412b3809
Evidence Type Source Name Value Confidence Vendor file name flexmark-util-collection High Vendor jar package name collection Highest Vendor jar package name flexmark Highest Vendor jar package name flexmark Low Vendor jar package name util Highest Vendor jar package name util Low Vendor jar package name vladsch Highest Vendor jar package name vladsch Low Vendor pom artifactid flexmark-util-collection Low Vendor pom groupid com.vladsch.flexmark Highest Vendor pom name flexmark-java collection utilities High Vendor pom parent-artifactid flexmark-java Low Product file name flexmark-util-collection High Product jar package name collection Highest Product jar package name collection Low Product jar package name flexmark Highest Product jar package name flexmark Low Product jar package name util Highest Product jar package name util Low Product jar package name vladsch Highest Product pom artifactid flexmark-util-collection Highest Product pom groupid com.vladsch.flexmark Highest Product pom name flexmark-java collection utilities High Product pom parent-artifactid flexmark-java Medium Version file version 0.62.2 High Version pom version 0.62.2 Highest
Description:
flexmark-java data utility classes File Path: /home/runner/.m2/repository/com/vladsch/flexmark/flexmark-util-data/0.62.2/flexmark-util-data-0.62.2.jarMD5: a107f9950e58f43f9180ff2d186dbb3fSHA1: 2df8ce1abab2e40edc7d340962025ee1dd09fe02SHA256: 4ec42683f8ae51ee8227f3443a54ef0d70d076b593890abac24648d93eecc39c
Evidence Type Source Name Value Confidence Vendor file name flexmark-util-data High Vendor jar package name data Highest Vendor jar package name flexmark Highest Vendor jar package name flexmark Low Vendor jar package name util Highest Vendor jar package name util Low Vendor jar package name vladsch Highest Vendor jar package name vladsch Low Vendor pom artifactid flexmark-util-data Low Vendor pom groupid com.vladsch.flexmark Highest Vendor pom name flexmark-java data utilities High Vendor pom parent-artifactid flexmark-java Low Product file name flexmark-util-data High Product jar package name data Highest Product jar package name data Low Product jar package name flexmark Highest Product jar package name flexmark Low Product jar package name util Highest Product jar package name util Low Product jar package name vladsch Highest Product pom artifactid flexmark-util-data Highest Product pom groupid com.vladsch.flexmark Highest Product pom name flexmark-java data utilities High Product pom parent-artifactid flexmark-java Medium Version file version 0.62.2 High Version pom version 0.62.2 Highest
Description:
flexmark-java dependency utility classes File Path: /home/runner/.m2/repository/com/vladsch/flexmark/flexmark-util-dependency/0.62.2/flexmark-util-dependency-0.62.2.jarMD5: c7e16dc63d2eadc33ca1618c6bffc3e9SHA1: ae5afa76a669e06b3a65255c2ed775ede5cd3eb1SHA256: 582d01d2f3f42a9ea966551b354edbd6c19dfc70be74f470bc847db255de1367
Evidence Type Source Name Value Confidence Vendor file name flexmark-util-dependency High Vendor jar package name dependency Highest Vendor jar package name flexmark Highest Vendor jar package name flexmark Low Vendor jar package name util Highest Vendor jar package name util Low Vendor jar package name vladsch Highest Vendor jar package name vladsch Low Vendor pom artifactid flexmark-util-dependency Low Vendor pom groupid com.vladsch.flexmark Highest Vendor pom name flexmark-java dependency utilities High Vendor pom parent-artifactid flexmark-java Low Product file name flexmark-util-dependency High Product jar package name dependency Highest Product jar package name dependency Low Product jar package name flexmark Highest Product jar package name flexmark Low Product jar package name util Highest Product jar package name util Low Product jar package name vladsch Highest Product pom artifactid flexmark-util-dependency Highest Product pom groupid com.vladsch.flexmark Highest Product pom name flexmark-java dependency utilities High Product pom parent-artifactid flexmark-java Medium Version file version 0.62.2 High Version pom version 0.62.2 Highest
Description:
flexmark-java format utility classes File Path: /home/runner/.m2/repository/com/vladsch/flexmark/flexmark-util-format/0.62.2/flexmark-util-format-0.62.2.jarMD5: 2f23abb159fc058176c296b3b780ee8cSHA1: 058548be1fc0682698721c0c278451a41f361d3aSHA256: 78ced2e678e746a78948ce9469fe95ec78c22d085b0254cce7f826b40231087f
Evidence Type Source Name Value Confidence Vendor file name flexmark-util-format High Vendor jar package name flexmark Highest Vendor jar package name flexmark Low Vendor jar package name format Highest Vendor jar package name util Highest Vendor jar package name util Low Vendor jar package name vladsch Highest Vendor jar package name vladsch Low Vendor pom artifactid flexmark-util-format Low Vendor pom groupid com.vladsch.flexmark Highest Vendor pom name flexmark-java format utilities High Vendor pom parent-artifactid flexmark-java Low Product file name flexmark-util-format High Product jar package name flexmark Highest Product jar package name flexmark Low Product jar package name format Highest Product jar package name format Low Product jar package name util Highest Product jar package name util Low Product jar package name vladsch Highest Product pom artifactid flexmark-util-format Highest Product pom groupid com.vladsch.flexmark Highest Product pom name flexmark-java format utilities High Product pom parent-artifactid flexmark-java Medium Version file version 0.62.2 High Version pom version 0.62.2 Highest
Description:
flexmark-java html utility classes File Path: /home/runner/.m2/repository/com/vladsch/flexmark/flexmark-util-html/0.62.2/flexmark-util-html-0.62.2.jarMD5: dff60ecf00dcf14adb75a16d1f1d7bb5SHA1: 6d830cb37e48fd9dca44bf15fbc3a86aa7d82c5aSHA256: 377bbf407bc7d7b091ada9eba16b058b7e7fa60ed4a3ee3c584c5d514e159786
Evidence Type Source Name Value Confidence Vendor file name flexmark-util-html High Vendor jar package name flexmark Highest Vendor jar package name flexmark Low Vendor jar package name html Highest Vendor jar package name util Highest Vendor jar package name util Low Vendor jar package name vladsch Highest Vendor jar package name vladsch Low Vendor pom artifactid flexmark-util-html Low Vendor pom groupid com.vladsch.flexmark Highest Vendor pom name flexmark-java html utilities High Vendor pom parent-artifactid flexmark-java Low Product file name flexmark-util-html High Product jar package name flexmark Highest Product jar package name flexmark Low Product jar package name html Highest Product jar package name html Low Product jar package name util Highest Product jar package name util Low Product jar package name vladsch Highest Product pom artifactid flexmark-util-html Highest Product pom groupid com.vladsch.flexmark Highest Product pom name flexmark-java html utilities High Product pom parent-artifactid flexmark-java Medium Version file version 0.62.2 High Version pom version 0.62.2 Highest
Description:
flexmark-java misc utility classes File Path: /home/runner/.m2/repository/com/vladsch/flexmark/flexmark-util-misc/0.62.2/flexmark-util-misc-0.62.2.jarMD5: 8de961e7bb34352278ff1180c50798bcSHA1: 18133dd81887c512e2f56feb3c14a8a1210f30eaSHA256: 06cec0698633f875e668b401dbab208e0f56a5d55f956a993209efae6be45da6
Evidence Type Source Name Value Confidence Vendor file name flexmark-util-misc High Vendor jar package name flexmark Highest Vendor jar package name flexmark Low Vendor jar package name misc Highest Vendor jar package name util Highest Vendor jar package name util Low Vendor jar package name vladsch Highest Vendor jar package name vladsch Low Vendor pom artifactid flexmark-util-misc Low Vendor pom groupid com.vladsch.flexmark Highest Vendor pom name flexmark-java misc utilities High Vendor pom parent-artifactid flexmark-java Low Product file name flexmark-util-misc High Product jar package name flexmark Highest Product jar package name flexmark Low Product jar package name misc Highest Product jar package name misc Low Product jar package name util Highest Product jar package name util Low Product jar package name vladsch Highest Product pom artifactid flexmark-util-misc Highest Product pom groupid com.vladsch.flexmark Highest Product pom name flexmark-java misc utilities High Product pom parent-artifactid flexmark-java Medium Version file version 0.62.2 High Version pom version 0.62.2 Highest
Description:
flexmark-java options utility classes File Path: /home/runner/.m2/repository/com/vladsch/flexmark/flexmark-util-options/0.62.2/flexmark-util-options-0.62.2.jarMD5: 93214b5b2c67cf9f520771d385a6cc18SHA1: d871763fff2226c271cc3333e98729ce6211065cSHA256: a26573c1fedb494d2ff06d28db852d316f4d6fc3b43ed2247afbacd743d9ae50
Evidence Type Source Name Value Confidence Vendor file name flexmark-util-options High Vendor jar package name flexmark Highest Vendor jar package name flexmark Low Vendor jar package name options Highest Vendor jar package name util Highest Vendor jar package name util Low Vendor jar package name vladsch Highest Vendor jar package name vladsch Low Vendor pom artifactid flexmark-util-options Low Vendor pom groupid com.vladsch.flexmark Highest Vendor pom name flexmark-java options utilities High Vendor pom parent-artifactid flexmark-java Low Product file name flexmark-util-options High Product jar package name flexmark Highest Product jar package name flexmark Low Product jar package name options Highest Product jar package name options Low Product jar package name util Highest Product jar package name util Low Product jar package name vladsch Highest Product pom artifactid flexmark-util-options Highest Product pom groupid com.vladsch.flexmark Highest Product pom name flexmark-java options utilities High Product pom parent-artifactid flexmark-java Medium Version file version 0.62.2 High Version pom version 0.62.2 Highest
Description:
flexmark-java sequence utility classes File Path: /home/runner/.m2/repository/com/vladsch/flexmark/flexmark-util-sequence/0.62.2/flexmark-util-sequence-0.62.2.jarMD5: 02505ef1b6e3bedf541e47fadf9fa6bbSHA1: 87af2803a63b5b07cc42d9c1d98f8ecd4f83fbccSHA256: 6684a0048ad088452419a2871a6516e7fd3013700cb34a71cca4f9f31a0320c4
Evidence Type Source Name Value Confidence Vendor file name flexmark-util-sequence High Vendor jar package name flexmark Highest Vendor jar package name flexmark Low Vendor jar package name sequence Highest Vendor jar package name util Highest Vendor jar package name util Low Vendor jar package name vladsch Highest Vendor jar package name vladsch Low Vendor pom artifactid flexmark-util-sequence Low Vendor pom groupid com.vladsch.flexmark Highest Vendor pom name flexmark-java sequence utilities High Vendor pom parent-artifactid flexmark-java Low Product file name flexmark-util-sequence High Product jar package name flexmark Highest Product jar package name flexmark Low Product jar package name sequence Highest Product jar package name sequence Low Product jar package name util Highest Product jar package name util Low Product jar package name vladsch Highest Product pom artifactid flexmark-util-sequence Highest Product pom groupid com.vladsch.flexmark Highest Product pom name flexmark-java sequence utilities High Product pom parent-artifactid flexmark-java Medium Version file version 0.62.2 High Version pom version 0.62.2 Highest
Description:
flexmark-java visitor utility classes File Path: /home/runner/.m2/repository/com/vladsch/flexmark/flexmark-util-visitor/0.62.2/flexmark-util-visitor-0.62.2.jarMD5: 59f6c046f27487f25c5c29e356c2d071SHA1: ca49bd94860a5ccedd82bde96ece831f16c66ff1SHA256: 7197bfcfdeca859c2da2d775f322f98b9fd722cb992760a9678ba4c706eac982
Evidence Type Source Name Value Confidence Vendor file name flexmark-util-visitor High Vendor jar package name flexmark Highest Vendor jar package name flexmark Low Vendor jar package name util Highest Vendor jar package name util Low Vendor jar package name visitor Highest Vendor jar package name vladsch Highest Vendor jar package name vladsch Low Vendor pom artifactid flexmark-util-visitor Low Vendor pom groupid com.vladsch.flexmark Highest Vendor pom name flexmark-java visitor utilities High Vendor pom parent-artifactid flexmark-java Low Product file name flexmark-util-visitor High Product jar package name flexmark Highest Product jar package name flexmark Low Product jar package name util Highest Product jar package name util Low Product jar package name visitor Highest Product jar package name visitor Low Product jar package name vladsch Highest Product pom artifactid flexmark-util-visitor Highest Product pom groupid com.vladsch.flexmark Highest Product pom name flexmark-java visitor utilities High Product pom parent-artifactid flexmark-java Medium Version file version 0.62.2 High Version pom version 0.62.2 Highest
Description:
Babashka file system utilities. License:
Eclipse Public License 1.0: http://opensource.org/licenses/eclipse-1.0.php File Path: /home/runner/.m2/repository/babashka/fs/0.2.16/fs-0.2.16.jar
MD5: 2b41c3d289cd716aabe42c21c12076ce
SHA1: 4e7ad43c9d5ab8907ef0064105e788e0e84f282a
SHA256: 1e557281a33badeb4fb5f5c645d2d47c7948bb20fe0a21daf8d9de9f2d241ffe
Evidence Type Source Name Value Confidence Vendor file name fs High Vendor Manifest leiningen-project-artifactid fs Low Vendor Manifest leiningen-project-groupid babashka Low Vendor pom artifactid fs Low Vendor pom groupid babashka Highest Vendor pom name fs High Vendor pom url babashka/fs Highest Product file name fs High Product Manifest leiningen-project-artifactid fs Low Product Manifest leiningen-project-groupid babashka Low Product pom artifactid fs Highest Product pom groupid babashka Highest Product pom name fs High Product pom url babashka/fs High Version file version 0.2.16 High Version Manifest leiningen-project-version 0.2.16 Medium Version pom version 0.2.16 Highest
Description:
The Google Closure Library is a collection of JavaScript code
designed for use with the Google Closure JavaScript Compiler.
This non-official distribution was prepared by the ClojureScript
team at http://clojure.org/
License:
The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.html File Path: /home/runner/.m2/repository/org/clojure/google-closure-library/0.0-20151016-61277aea/google-closure-library-0.0-20151016-61277aea.jar
MD5: 665739ff5843fc49cbe0a258261d7346
SHA1: b0693cbca3c96f464e6949c1a21cd8508d46b413
SHA256: 297d71399b198267419616845f8a7760fea8eab4245f8fdbfe1795b6c9eb556c
Evidence Type Source Name Value Confidence Vendor file name google-closure-library High Vendor pom artifactid google-closure-library Low Vendor pom developer email amattie@gmail.com Low Vendor pom developer email bjorn.tipling@gmail.com Low Vendor pom developer email guido.tapia@gmail.com Low Vendor pom developer email hello@mohamedmansour.com Low Vendor pom developer email help@samegoal.com Low Vendor pom developer email ibmirkin@gmail.com Low Vendor pom developer email ivan.kozik@gmail.com Low Vendor pom developer email rich@rd.gen.nz Low Vendor pom developer name Andrew Mattie Medium Vendor pom developer name Bjorn Tipling Medium Vendor pom developer name Google, Inc. Medium Vendor pom developer name Guido Tapia Medium Vendor pom developer name Ilia Mirkin Medium Vendor pom developer name Ivan Kozik Medium Vendor pom developer name Mohamed Mansour Medium Vendor pom developer name Rich Dougherty Medium Vendor pom developer name SameGoal LLC Medium Vendor pom groupid org.clojure Highest Vendor pom name Google Closure Library High Vendor pom organization name Google High Vendor pom organization url http://www.google.com Medium Vendor pom url http://code.google.com/p/closure-library/ Highest Product file name google-closure-library High Product pom artifactid google-closure-library Highest Product pom developer email amattie@gmail.com Low Product pom developer email bjorn.tipling@gmail.com Low Product pom developer email guido.tapia@gmail.com Low Product pom developer email hello@mohamedmansour.com Low Product pom developer email help@samegoal.com Low Product pom developer email ibmirkin@gmail.com Low Product pom developer email ivan.kozik@gmail.com Low Product pom developer email rich@rd.gen.nz Low Product pom developer name Andrew Mattie Low Product pom developer name Bjorn Tipling Low Product pom developer name Google, Inc. Low Product pom developer name Guido Tapia Low Product pom developer name Ilia Mirkin Low Product pom developer name Ivan Kozik Low Product pom developer name Mohamed Mansour Low Product pom developer name Rich Dougherty Low Product pom developer name SameGoal LLC Low Product pom groupid org.clojure Highest Product pom name Google Closure Library High Product pom organization name Google Low Product pom organization url http://www.google.com Low Product pom url http://code.google.com/p/closure-library/ Medium Version pom version 0.0-20151016-61277aea Highest
Related Dependencies google-closure-library-third-party-0.0-20151016-61277aea.jarFile Path: /home/runner/.m2/repository/org/clojure/google-closure-library-third-party/0.0-20151016-61277aea/google-closure-library-third-party-0.0-20151016-61277aea.jar MD5: 12cb94a76dc2eab0518a07ee18091513 SHA1: aeb6a88cb9aeaa3641ed46aab036fb73035b2253 SHA256: 1bb6735993e236ff75c7e7b4af3e418b5c5e23c0d3d0f0d893b74639defe63d5 pkg:maven/org.clojure/google-closure-library-third-party@0.0-20151016-61277aea CVE-2020-8910 suppress
A URL parsing issue in goog.uri of the Google Closure Library versions up to and including v20200224 allows an attacker to send malicious URLs to be parsed by the library and return the wrong authority. Mitigation: update your library to version v20200315. NVD-CWE-noinfo
CVSSv2:
Base Score: MEDIUM (4.3) Vector: /AV:N/AC:M/Au:N/C:P/I:N/A:N CVSSv3:
Base Score: MEDIUM (6.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N References:
Vulnerable Software & Versions:
Description:
diff-match-patch compiled with Java 1.5 File Path: /home/runner/.m2/repository/org/clojars/brenton/google-diff-match-patch/0.1/google-diff-match-patch-0.1.jarMD5: 270c29892f3dcb4c2c6af0520c643043SHA1: 4ee93c837a03baba9351a7d7aefef06f59bb29dfSHA256: e8103c0c3d1362b4fa2787cd091d4d3442dd2a64d648b31e03460665c71da642
Evidence Type Source Name Value Confidence Vendor file name google-diff-match-patch High Vendor jar package name fraser Low Vendor jar package name name Low Vendor jar package name neil Low Vendor pom artifactid google-diff-match-patch Low Vendor pom groupid org.clojars.brenton Highest Vendor pom name google-diff-match-patch High Product file name google-diff-match-patch High Product jar package name fraser Low Product jar package name neil Low Product jar package name plaintext Low Product pom artifactid google-diff-match-patch Highest Product pom groupid org.clojars.brenton Highest Product pom name google-diff-match-patch High Version file version 0.1 High Version pom version 0.1 Highest
Description:
Gson JSON library License:
Apache-2.0: https://www.apache.org/licenses/LICENSE-2.0.txt File Path: /home/runner/.m2/repository/com/google/code/gson/gson/2.8.9/gson-2.8.9.jar
MD5: e67627f67e03301092dc7de0a2d7cef8
SHA1: 8a432c1d6825781e21a02db2e2c33c5fde2833b9
SHA256: d3999291855de495c94c743761b8ab5176cfeabe281a5ab0d8e8d45326fd703e
Evidence Type Source Name Value Confidence Vendor file name gson High Vendor jar package name google Highest Vendor jar package name gson Highest Vendor Manifest build-jdk-spec 11 Low Vendor Manifest bundle-contactaddress https://github.com/google/gson Low Vendor Manifest bundle-docurl https://github.com/google/gson/gson Low Vendor Manifest bundle-requiredexecutionenvironment JavaSE-1.6, JavaSE-1.7, JavaSE-1.8 Low Vendor Manifest bundle-symbolicname com.google.gson Medium Vendor pom artifactid gson Low Vendor pom groupid com.google.code.gson Highest Vendor pom name Gson High Vendor pom parent-artifactid gson-parent Low Product file name gson High Product jar package name google Highest Product jar package name gson Highest Product Manifest build-jdk-spec 11 Low Product Manifest bundle-contactaddress https://github.com/google/gson Low Product Manifest bundle-docurl https://github.com/google/gson/gson Low Product Manifest Bundle-Name Gson Medium Product Manifest bundle-requiredexecutionenvironment JavaSE-1.6, JavaSE-1.7, JavaSE-1.8 Low Product Manifest bundle-symbolicname com.google.gson Medium Product pom artifactid gson Highest Product pom groupid com.google.code.gson Highest Product pom name Gson High Product pom parent-artifactid gson-parent Medium Version file version 2.8.9 High Version Manifest Bundle-Version 2.8.9 High Version pom version 2.8.9 Highest
Description:
Guava is a suite of core and expanded libraries that include
utility classes, Google's collections, I/O classes, and
much more.
License:
http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /home/runner/.m2/repository/com/google/guava/guava/31.1-android/guava-31.1-android.jar
MD5: 22585f87f08f0d5b2e737eb71c8a5d9f
SHA1: 9222c47cc3ae890f07f7c961bbb3cb69050fe4aa
SHA256: 32ac2ed709d96d278b5d2e3e5cea178fa4939939c525fb647532f013308db309
Evidence Type Source Name Value Confidence Vendor file name guava High Vendor jar package name common Highest Vendor jar package name google Highest Vendor Manifest automatic-module-name com.google.common Medium Vendor Manifest bundle-docurl https://github.com/google/guava/ Low Vendor Manifest bundle-symbolicname com.google.guava Medium Vendor pom artifactid guava Low Vendor pom groupid com.google.guava Highest Vendor pom name Guava: Google Core Libraries for Java High Vendor pom parent-artifactid guava-parent Low Vendor pom url google/guava Highest Product file name guava High Product jar package name common Highest Product jar package name google Highest Product Manifest automatic-module-name com.google.common Medium Product Manifest bundle-docurl https://github.com/google/guava/ Low Product Manifest Bundle-Name Guava: Google Core Libraries for Java Medium Product Manifest bundle-symbolicname com.google.guava Medium Product pom artifactid guava Highest Product pom groupid com.google.guava Highest Product pom name Guava: Google Core Libraries for Java High Product pom parent-artifactid guava-parent Medium Product pom url google/guava High Version pom version 31.1-android Highest
CVE-2023-2976 suppress
Use of Java's default temporary directory for file creation in `FileBackedOutputStream` in Google Guava versions 1.0 to 31.1 on Unix systems and Android Ice Cream Sandwich allows other users and apps on the machine with access to the default Java temporary directory to be able to access the files created by the class.
Even though the security vulnerability is fixed in version 32.0.0, we recommend using version 32.0.1 as version 32.0.0 breaks some functionality under Windows.
CWE-552 Files or Directories Accessible to External Parties
CVSSv3:
Base Score: HIGH (7.1) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N References:
Vulnerable Software & Versions:
CVE-2020-8908 suppress
A temp directory creation vulnerability exists in all versions of Guava, allowing an attacker with access to the machine to potentially access data in a temporary directory created by the Guava API com.google.common.io.Files.createTempDir(). By default, on unix-like systems, the created directory is world-readable (readable by an attacker with access to the system). The method in question has been marked @Deprecated in versions 30.0 and later and should not be used. For Android developers, we recommend choosing a temporary directory API provided by Android, such as context.getCacheDir(). For other Java developers, we recommend migrating to the Java 7 API java.nio.file.Files.createTempDirectory() which explicitly configures permissions of 700, or configuring the Java runtime's java.io.tmpdir system property to point to a location whose permissions are appropriately configured.
CWE-732 Incorrect Permission Assignment for Critical Resource
CVSSv2:
Base Score: LOW (2.1) Vector: /AV:L/AC:L/Au:N/C:P/I:N/A:N CVSSv3:
Base Score: LOW (3.3) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N References:
Vulnerable Software & Versions: (show all )
Description:
Guice is a lightweight dependency injection framework for Java 6 and above License:
http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /home/runner/.m2/repository/com/google/inject/guice/4.2.2/guice-4.2.2-no_aop.jar
MD5: 57d2b333c34d0f834189d54b6e59d1a6
SHA1: fa13659f9128f4c011c8e1d06f137083b4876377
SHA256: 0f4f5fb28609a4d2b38b7f7128be7cf9b541f25283d71b4e56066d99683aafff
Evidence Type Source Name Value Confidence Vendor central artifactid guice Highest Vendor central groupid com.google.inject Highest Vendor file name guice High Vendor jar package name google Highest Vendor jar package name google Low Vendor jar package name guice Highest Vendor jar package name inject Highest Vendor jar package name inject Low Vendor jar package name internal Low Vendor Manifest automatic-module-name com.google.guice Medium Vendor Manifest bundle-copyright Copyright (C) 2006 Google Inc. Low Vendor Manifest bundle-docurl https://github.com/google/guice Low Vendor Manifest bundle-requiredexecutionenvironment JavaSE-1.6 Low Vendor Manifest bundle-symbolicname com.google.inject Medium Vendor Manifest eclipse-extensibleapi true Low Vendor pom artifactid guice Low Vendor pom groupid com.google.inject Highest Vendor pom name Google Guice - Core Library High Vendor pom parent-artifactid guice-parent Low Product central artifactid guice Highest Product file name guice High Product jar package name dependency Highest Product jar package name google Highest Product jar package name guice Highest Product jar package name inject Highest Product jar package name inject Low Product jar package name internal Low Product Manifest automatic-module-name com.google.guice Medium Product Manifest bundle-copyright Copyright (C) 2006 Google Inc. Low Product Manifest bundle-docurl https://github.com/google/guice Low Product Manifest Bundle-Name guice Medium Product Manifest bundle-requiredexecutionenvironment JavaSE-1.6 Low Product Manifest bundle-symbolicname com.google.inject Medium Product Manifest eclipse-extensibleapi true Low Product pom artifactid guice Highest Product pom groupid com.google.inject Highest Product pom name Google Guice - Core Library High Product pom parent-artifactid guice-parent Medium Version central version 4.2.2 Highest Version file version 4.2.2 High Version Manifest Bundle-Version 4.2.2 High Version pom version 4.2.2 Highest
Description:
An HTTP client for Clojure, wrapping JDK 11's HttpClient. License:
The MIT License: http://opensource.org/licenses/mit-license.php File Path: /home/runner/.m2/repository/hato/hato/0.9.0/hato-0.9.0.jar
MD5: 3439dcca378712fa26e9927acf1f7bc8
SHA1: d47dec2b0e8fb631d95e89864df4abc1fdcd7bc3
SHA256: 5e798c88abc14aaf3f6664dfdc2677b2d5ad366d000df8714adbba0dfcd00c9b
Evidence Type Source Name Value Confidence Vendor file name hato High Vendor Manifest leiningen-project-artifactid hato Low Vendor Manifest leiningen-project-groupid hato Low Vendor pom artifactid hato Low Vendor pom groupid hato Highest Vendor pom name hato High Vendor pom url gnarroway/hato Highest Product file name hato High Product Manifest leiningen-project-artifactid hato Low Product Manifest leiningen-project-groupid hato Low Product pom artifactid hato Highest Product pom groupid hato Highest Product pom name hato High Product pom url gnarroway/hato High Version file version 0.9.0 High Version Manifest leiningen-project-version 0.9.0 Medium Version pom version 0.9.0 Highest
Description:
A fast library for rendering HTML in Clojure File Path: /home/runner/.m2/repository/hiccup/hiccup/1.0.5/hiccup-1.0.5.jarMD5: 7a36ddae03cfc7bf80ee5b881c3521d5SHA1: 75940a400111bbb8f80e43325e23100b6e2227bcSHA256: 0fd4a7e47461dbdae720b684b197164ebb693bb6358c8e1467ffa787076c07fc
Evidence Type Source Name Value Confidence Vendor file name hiccup High Vendor pom artifactid hiccup Low Vendor pom groupid hiccup Highest Vendor pom name hiccup High Vendor pom url http://github.com/weavejester/hiccup Highest Product file name hiccup High Product pom artifactid hiccup Highest Product pom groupid hiccup Highest Product pom name hiccup High Product pom url http://github.com/weavejester/hiccup Medium Version file version 1.0.5 High Version pom version 1.0.5 Highest
Description:
HTTP client License:
The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /home/runner/.m2/repository/com/cognitect/http-client/1.0.125/http-client-1.0.125.jar
MD5: ad0b6ac605588b77a989013a20b7c151
SHA1: 0b42f6544f6de4f411a3b5a1ac5cf10313d4775d
SHA256: b0f6b6b6867d9d1f2f8fe9318dd6d1aaaa5fd1353470a0c161d542181a0dfd7a
Evidence Type Source Name Value Confidence Vendor file name http-client High Vendor pom artifactid http-client Low Vendor pom developer email chris@cognitect.com Low Vendor pom developer email stu@cognitect.com Low Vendor pom developer email tim@cognitect.com Low Vendor pom developer name Chris Redinger Medium Vendor pom developer name Stuart Halloway Medium Vendor pom developer name Tim Ewald Medium Vendor pom groupid com.cognitect Highest Vendor pom name http-client High Vendor pom url http://cognitect.com Highest Product file name http-client High Product pom artifactid http-client Highest Product pom developer email chris@cognitect.com Low Product pom developer email stu@cognitect.com Low Product pom developer email tim@cognitect.com Low Product pom developer name Chris Redinger Low Product pom developer name Stuart Halloway Low Product pom developer name Tim Ewald Low Product pom groupid com.cognitect Highest Product pom name http-client High Product pom url http://cognitect.com Medium Version file version 1.0.125 High Version pom version 1.0.125 Highest
Description:
Apache HttpComponents Client
File Path: /home/runner/.m2/repository/org/apache/httpcomponents/httpclient/4.5.14/httpclient-4.5.14.jarMD5: 2cb357c4b763f47e58af6cad47df6ba3SHA1: 1194890e6f56ec29177673f2f12d0b8e627dec98SHA256: c8bc7e1c51a6d4ce72f40d2ebbabf1c4b68bfe76e732104b04381b493478e9d6
Evidence Type Source Name Value Confidence Vendor file name httpclient High Vendor jar package name apache Highest Vendor jar package name client Highest Vendor jar package name httpclient Highest Vendor Manifest automatic-module-name org.apache.httpcomponents.httpclient Medium Vendor Manifest implementation-url http://hc.apache.org/httpcomponents-client-ga Low Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor Manifest Implementation-Vendor-Id org.apache.httpcomponents Medium Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor pom artifactid httpclient Low Vendor pom groupid org.apache.httpcomponents Highest Vendor pom name Apache HttpClient High Vendor pom parent-artifactid httpcomponents-client Low Vendor pom url http://hc.apache.org/httpcomponents-client-ga Highest Product file name httpclient High Product jar package name apache Highest Product jar package name client Highest Product jar package name http Highest Product jar package name httpclient Highest Product Manifest automatic-module-name org.apache.httpcomponents.httpclient Medium Product Manifest Implementation-Title Apache HttpClient High Product Manifest implementation-url http://hc.apache.org/httpcomponents-client-ga Low Product Manifest specification-title Apache HttpClient Medium Product pom artifactid httpclient Highest Product pom groupid org.apache.httpcomponents Highest Product pom name Apache HttpClient High Product pom parent-artifactid httpcomponents-client Medium Product pom url http://hc.apache.org/httpcomponents-client-ga Medium Version file version 4.5.14 High Version Manifest Implementation-Version 4.5.14 High Version pom version 4.5.14 Highest
Description:
Apache HttpComponents Core (blocking I/O)
File Path: /home/runner/.m2/repository/org/apache/httpcomponents/httpcore/4.4.16/httpcore-4.4.16.jarMD5: 28d2cd9bf8789fd2ec774fb88436ebd1SHA1: 51cf043c87253c9f58b539c9f7e44c8894223850SHA256: 6c9b3dd142a09dc468e23ad39aad6f75a0f2b85125104469f026e52a474e464f
Evidence Type Source Name Value Confidence Vendor file name httpcore High Vendor jar package name apache Highest Vendor Manifest automatic-module-name org.apache.httpcomponents.httpcore Medium Vendor Manifest implementation-build ${scmBranch}@r${buildNumber}; 2022-11-26 09:44:32+0000 Low Vendor Manifest implementation-url http://hc.apache.org/httpcomponents-core-ga Low Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor Manifest Implementation-Vendor-Id org.apache Medium Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor Manifest url http://hc.apache.org/httpcomponents-core-ga Low Vendor pom artifactid httpcore Low Vendor pom groupid org.apache.httpcomponents Highest Vendor pom name Apache HttpCore High Vendor pom parent-artifactid httpcomponents-core Low Vendor pom url http://hc.apache.org/httpcomponents-core-ga Highest Product file name httpcore High Product jar package name apache Highest Product jar package name http Highest Product Manifest automatic-module-name org.apache.httpcomponents.httpcore Medium Product Manifest implementation-build ${scmBranch}@r${buildNumber}; 2022-11-26 09:44:32+0000 Low Product Manifest Implementation-Title HttpComponents Apache HttpCore High Product Manifest implementation-url http://hc.apache.org/httpcomponents-core-ga Low Product Manifest specification-title HttpComponents Apache HttpCore Medium Product Manifest url http://hc.apache.org/httpcomponents-core-ga Low Product pom artifactid httpcore Highest Product pom groupid org.apache.httpcomponents Highest Product pom name Apache HttpCore High Product pom parent-artifactid httpcomponents-core Medium Product pom url http://hc.apache.org/httpcomponents-core-ga Medium Version file version 4.4.16 High Version Manifest Implementation-Version 4.4.16 High Version pom version 4.4.16 Highest
Description:
Instaparse: No grammar left behind License:
Eclipse Public License: http://www.eclipse.org/legal/epl-v10.html File Path: /home/runner/.m2/repository/instaparse/instaparse/1.4.12/instaparse-1.4.12.jar
MD5: ef15595aeb81ea2592a624a4c8fb30a9
SHA1: fdb360826edec1cc2c13c6c8a5397f115bdcf952
SHA256: 139f78bff278f1b2d9804d785911d23451e5bcb042580ecadec4400ceb55decd
Evidence Type Source Name Value Confidence Vendor file name instaparse High Vendor Manifest leiningen-project-artifactid instaparse Low Vendor Manifest leiningen-project-groupid instaparse Low Vendor pom artifactid instaparse Low Vendor pom groupid instaparse Highest Vendor pom name instaparse High Vendor pom url Engelberg/instaparse Highest Product file name instaparse High Product Manifest leiningen-project-artifactid instaparse Low Product Manifest leiningen-project-groupid instaparse Low Product pom artifactid instaparse Highest Product pom groupid instaparse Highest Product pom name instaparse High Product pom url Engelberg/instaparse High Version file version 1.4.12 High Version Manifest leiningen-project-version 1.4.12 Medium Version pom version 1.4.12 Highest
Description:
A Java implementation of the Amazon Ion data notation.
License:
The Apache License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /home/runner/.m2/repository/software/amazon/ion/ion-java/1.0.2/ion-java-1.0.2.jar
MD5: 3f07f5df418af9ea2ebe80c3d6eccac4
SHA1: ee9dacea7726e495f8352b81c12c23834ffbc564
SHA256: 0d127b205a1fce0abc2a3757a041748651bc66c15cf4c059bac5833b27d471a5
Evidence Type Source Name Value Confidence Vendor file name ion-java High Vendor jar package name amazon Highest Vendor jar package name ion Highest Vendor jar package name software Highest Vendor Manifest bundle-symbolicname software.amazon.ion.java Medium Vendor Manifest ion-java-build-time 2017-02-07T23:59:25Z Low Vendor pom artifactid ion-java Low Vendor pom developer email ion-team@amazon.com Low Vendor pom developer name Amazon Ion Team Medium Vendor pom developer org Amazon Labs Medium Vendor pom developer org URL https://github.com/amznlabs Medium Vendor pom groupid software.amazon.ion Highest Vendor pom name : High Vendor pom url amznlabs/ion-java/ Highest Product file name ion-java High Product jar package name amazon Highest Product jar package name ion Highest Product jar package name software Highest Product Manifest Bundle-Name software.amazon.ion:ion-java Medium Product Manifest bundle-symbolicname software.amazon.ion.java Medium Product Manifest ion-java-build-time 2017-02-07T23:59:25Z Low Product pom artifactid ion-java Highest Product pom developer email ion-team@amazon.com Low Product pom developer name Amazon Ion Team Low Product pom developer org Amazon Labs Low Product pom developer org URL https://github.com/amznlabs Low Product pom groupid software.amazon.ion Highest Product pom name : High Product pom url amznlabs/ion-java/ High Version file version 1.0.2 High Version Manifest Bundle-Version 1.0.2 High Version Manifest ion-java-project-version 1.0.2 Medium Version pom version 1.0.2 Highest
Description:
A set of annotations that provide additional information to the J2ObjC
translator to modify the result of translation.
License:
The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /home/runner/.m2/repository/com/google/j2objc/j2objc-annotations/1.3/j2objc-annotations-1.3.jar
MD5: 5fa4ec4ec0c5aa70af8a7d4922df1931
SHA1: ba035118bc8bac37d7eff77700720999acd9986d
SHA256: 21af30c92267bd6122c0e0b4d20cccb6641a37eaf956c6540ec471d584e64a7b
Evidence Type Source Name Value Confidence Vendor file name j2objc-annotations High Vendor jar package name annotations Highest Vendor jar package name annotations Low Vendor jar package name google Highest Vendor jar package name google Low Vendor jar package name j2objc Highest Vendor jar package name j2objc Low Vendor pom artifactid j2objc-annotations Low Vendor pom groupid com.google.j2objc Highest Vendor pom name J2ObjC Annotations High Vendor pom url google/j2objc/ Highest Product file name j2objc-annotations High Product jar package name annotations Highest Product jar package name annotations Low Product jar package name google Highest Product jar package name j2objc Highest Product jar package name j2objc Low Product pom artifactid j2objc-annotations Highest Product pom groupid com.google.j2objc Highest Product pom name J2ObjC Annotations High Product pom url google/j2objc/ High Version file version 1.3 High Version pom version 1.3 Highest
Description:
Core annotations used for value types, used by Jackson data binding package.
License:
The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /home/runner/.m2/repository/com/fasterxml/jackson/core/jackson-annotations/2.12.4/jackson-annotations-2.12.4.jar
MD5: 16c7a1094270a27013fd58df7f6800f7
SHA1: 752cf9a2562ac2c012e48057e3a4c17dad66c66e
SHA256: f6aa3706a875689b66cdac3334f65dfdb795ccfad4117bf072893b196ed1ec8e
Evidence Type Source Name Value Confidence Vendor file name jackson-annotations High Vendor jar package name fasterxml Highest Vendor jar package name jackson Highest Vendor Manifest build-jdk-spec 1.8 Low Vendor Manifest bundle-docurl http://github.com/FasterXML/jackson Low Vendor Manifest bundle-symbolicname com.fasterxml.jackson.core.jackson-annotations Medium Vendor Manifest implementation-build-date 2021-07-06 19:42:23+0000 Low Vendor Manifest Implementation-Vendor FasterXML High Vendor Manifest Implementation-Vendor-Id com.fasterxml.jackson.core Medium Vendor Manifest specification-vendor FasterXML Low Vendor pom artifactid jackson-annotations Low Vendor pom groupid com.fasterxml.jackson.core Highest Vendor pom name Jackson-annotations High Vendor pom parent-artifactid jackson-parent Low Vendor pom parent-groupid com.fasterxml.jackson Medium Vendor pom url http://github.com/FasterXML/jackson Highest Product file name jackson-annotations High Product hint analyzer product java8 Highest Product hint analyzer product modules Highest Product jar package name fasterxml Highest Product jar package name jackson Highest Product Manifest build-jdk-spec 1.8 Low Product Manifest bundle-docurl http://github.com/FasterXML/jackson Low Product Manifest Bundle-Name Jackson-annotations Medium Product Manifest bundle-symbolicname com.fasterxml.jackson.core.jackson-annotations Medium Product Manifest implementation-build-date 2021-07-06 19:42:23+0000 Low Product Manifest Implementation-Title Jackson-annotations High Product Manifest specification-title Jackson-annotations Medium Product pom artifactid jackson-annotations Highest Product pom groupid com.fasterxml.jackson.core Highest Product pom name Jackson-annotations High Product pom parent-artifactid jackson-parent Medium Product pom parent-groupid com.fasterxml.jackson Medium Product pom url http://github.com/FasterXML/jackson Medium Version file version 2.12.4 High Version Manifest Bundle-Version 2.12.4 High Version Manifest Implementation-Version 2.12.4 High Version pom parent-version 2.12.4 Low Version pom version 2.12.4 Highest
Description:
Core Jackson processing abstractions (aka Streaming API), implementation for JSON License:
The Apache Software License, Version 2.0: https://www.apache.org/licenses/LICENSE-2.0.txt File Path: /home/runner/.m2/repository/com/fasterxml/jackson/core/jackson-core/2.14.2/jackson-core-2.14.2.jar
MD5: 6ee422ee4c481b2d5aacb2b5e36a7dc0
SHA1: f804090e6399ce0cf78242db086017512dd71fcc
SHA256: b5d37a77c88277b97e3593c8740925216c06df8e4172bbde058528df04ad3e7a
Evidence Type Source Name Value Confidence Vendor file name jackson-core High Vendor jar package name base Highest Vendor jar package name core Highest Vendor jar package name fasterxml Highest Vendor jar package name jackson Highest Vendor jar package name json Highest Vendor Manifest build-jdk-spec 1.8 Low Vendor Manifest bundle-docurl https://github.com/FasterXML/jackson-core Low Vendor Manifest bundle-symbolicname com.fasterxml.jackson.core.jackson-core Medium Vendor Manifest Implementation-Vendor FasterXML High Vendor Manifest Implementation-Vendor-Id com.fasterxml.jackson.core Medium Vendor Manifest multi-release true Low Vendor Manifest specification-vendor FasterXML Low Vendor pom artifactid jackson-core Low Vendor pom groupid com.fasterxml.jackson.core Highest Vendor pom name Jackson-core High Vendor pom parent-artifactid jackson-base Low Vendor pom parent-groupid com.fasterxml.jackson Medium Vendor pom url FasterXML/jackson-core Highest Product file name jackson-core High Product hint analyzer product java8 Highest Product hint analyzer product modules Highest Product jar package name base Highest Product jar package name core Highest Product jar package name fasterxml Highest Product jar package name jackson Highest Product jar package name json Highest Product Manifest build-jdk-spec 1.8 Low Product Manifest bundle-docurl https://github.com/FasterXML/jackson-core Low Product Manifest Bundle-Name Jackson-core Medium Product Manifest bundle-symbolicname com.fasterxml.jackson.core.jackson-core Medium Product Manifest Implementation-Title Jackson-core High Product Manifest multi-release true Low Product Manifest specification-title Jackson-core Medium Product pom artifactid jackson-core Highest Product pom groupid com.fasterxml.jackson.core Highest Product pom name Jackson-core High Product pom parent-artifactid jackson-base Medium Product pom parent-groupid com.fasterxml.jackson Medium Product pom url FasterXML/jackson-core High Version file version 2.14.2 High Version Manifest Bundle-Version 2.14.2 High Version Manifest Implementation-Version 2.14.2 High Version pom version 2.14.2 Highest
Description:
Jackson is a high-performance JSON processor (parser, generator)
License:
The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /home/runner/.m2/repository/org/codehaus/jackson/jackson-core-asl/1.8.9/jackson-core-asl-1.8.9.jar
MD5: 49e01e00c8a0a36b1ba56a649d7d6de9
SHA1: 99be07ca979279674ae5b8a886669fb8da491d9d
SHA256: 27fb6881970c66d0ef71da2f81b0f4a76a08d62cb71a2d7118ce2d2fc6ce322f
Evidence Type Source Name Value Confidence Vendor file name jackson-core-asl High Vendor jar package name codehaus Highest Vendor jar package name jackson Highest Vendor Manifest bundle-requiredexecutionenvironment J2SE-1.5, JavaSE-1.6 Low Vendor Manifest bundle-symbolicname jackson-core-asl Medium Vendor Manifest Implementation-Vendor http://fasterxml.com High Vendor Manifest specification-vendor http://www.ietf.org/rfc/rfc4627.txt Low Vendor pom artifactid jackson-core-asl Low Vendor pom groupid org.codehaus.jackson Highest Vendor pom name Jackson High Vendor pom organization name FasterXML High Vendor pom organization url http://fasterxml.com Medium Vendor pom url http://jackson.codehaus.org Highest Product file name jackson-core-asl High Product jar package name codehaus Highest Product jar package name jackson Highest Product Manifest Bundle-Name Jackson JSON processor Medium Product Manifest bundle-requiredexecutionenvironment J2SE-1.5, JavaSE-1.6 Low Product Manifest bundle-symbolicname jackson-core-asl Medium Product Manifest Implementation-Title Jackson JSON processor High Product Manifest specification-title JSON - JavaScript Object Notation Medium Product pom artifactid jackson-core-asl Highest Product pom groupid org.codehaus.jackson Highest Product pom name Jackson High Product pom organization name FasterXML Low Product pom organization url http://fasterxml.com Low Product pom url http://jackson.codehaus.org Medium Version file version 1.8.9 High Version Manifest Bundle-Version 1.8.9 High Version Manifest Implementation-Version 1.8.9 High Version pom version 1.8.9 Highest
Description:
General data-binding functionality for Jackson: works on core streaming API License:
The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /home/runner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.12.4/jackson-databind-2.12.4.jar
MD5: 7bf7ed4119602e8a7b23356dc0fba920
SHA1: 069206e02e6a696034f06a59d3ddbfbba5a4cd81
SHA256: e99a7b4b89074bc689aabcd9eb1f2c1318b68cc5c34979daf3e34edc558c7a01
Evidence Type Source Name Value Confidence Vendor file name jackson-databind High Vendor jar package name databind Highest Vendor jar package name fasterxml Highest Vendor jar package name jackson Highest Vendor Manifest build-jdk-spec 1.8 Low Vendor Manifest bundle-docurl http://github.com/FasterXML/jackson Low Vendor Manifest bundle-symbolicname com.fasterxml.jackson.core.jackson-databind Medium Vendor Manifest implementation-build-date 2021-07-06 20:01:53+0000 Low Vendor Manifest Implementation-Vendor FasterXML High Vendor Manifest Implementation-Vendor-Id com.fasterxml.jackson.core Medium Vendor Manifest specification-vendor FasterXML Low Vendor pom artifactid jackson-databind Low Vendor pom groupid com.fasterxml.jackson.core Highest Vendor pom name jackson-databind High Vendor pom parent-artifactid jackson-base Low Vendor pom parent-groupid com.fasterxml.jackson Medium Vendor pom url http://github.com/FasterXML/jackson Highest Product file name jackson-databind High Product hint analyzer product java8 Highest Product hint analyzer product modules Highest Product jar package name databind Highest Product jar package name fasterxml Highest Product jar package name jackson Highest Product Manifest build-jdk-spec 1.8 Low Product Manifest bundle-docurl http://github.com/FasterXML/jackson Low Product Manifest Bundle-Name jackson-databind Medium Product Manifest bundle-symbolicname com.fasterxml.jackson.core.jackson-databind Medium Product Manifest implementation-build-date 2021-07-06 20:01:53+0000 Low Product Manifest Implementation-Title jackson-databind High Product Manifest specification-title jackson-databind Medium Product pom artifactid jackson-databind Highest Product pom groupid com.fasterxml.jackson.core Highest Product pom name jackson-databind High Product pom parent-artifactid jackson-base Medium Product pom parent-groupid com.fasterxml.jackson Medium Product pom url http://github.com/FasterXML/jackson Medium Version file version 2.12.4 High Version Manifest Bundle-Version 2.12.4 High Version Manifest Implementation-Version 2.12.4 High Version pom version 2.12.4 Highest
CVE-2020-36518 suppress
jackson-databind before 2.13.0 allows a Java StackOverflow exception and denial of service via a large depth of nested objects. CWE-787 Out-of-bounds Write
CVSSv2:
Base Score: MEDIUM (5.0) Vector: /AV:N/AC:L/Au:N/C:N/I:N/A:P CVSSv3:
Base Score: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H References:
Vulnerable Software & Versions: (show all )
CVE-2021-46877 suppress
jackson-databind 2.10.x through 2.12.x before 2.12.6 and 2.13.x before 2.13.1 allows attackers to cause a denial of service (2 GB transient heap usage per read) in uncommon situations involving JsonNode JDK serialization. CWE-770 Allocation of Resources Without Limits or Throttling
CVSSv3:
Base Score: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H References:
Vulnerable Software & Versions: (show all )
CVE-2022-42003 suppress
In FasterXML jackson-databind before versions 2.13.4.1 and 2.12.17.1, resource exhaustion can occur because of a lack of a check in primitive value deserializers to avoid deep wrapper array nesting, when the UNWRAP_SINGLE_VALUE_ARRAYS feature is enabled. CWE-502 Deserialization of Untrusted Data
CVSSv3:
Base Score: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H References:
Vulnerable Software & Versions: (show all )
CVE-2022-42004 suppress
In FasterXML jackson-databind before 2.13.4, resource exhaustion can occur because of a lack of a check in BeanDeserializer._deserializeFromArray to prevent use of deeply nested arrays. An application is vulnerable only with certain customized choices for deserialization. CWE-502 Deserialization of Untrusted Data
CVSSv3:
Base Score: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H References:
Vulnerable Software & Versions: (show all )
CVE-2023-35116 suppress
jackson-databind through 2.15.2 allows attackers to cause a denial of service or other unspecified impact via a crafted object that uses cyclic dependencies. NOTE: the vendor's perspective is that this is not a valid vulnerability report, because the steps of constructing a cyclic data structure and trying to serialize it cannot be achieved by an external attacker. CWE-770 Allocation of Resources Without Limits or Throttling
CVSSv3:
Base Score: MEDIUM (4.7) Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H References:
Vulnerable Software & Versions:
Description:
Support for reading and writing Concise Binary Object Representation
([CBOR](https://www.rfc-editor.org/info/rfc7049)
encoded data using Jackson abstractions (streaming API, data binding, tree model)
License:
http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /home/runner/.m2/repository/com/fasterxml/jackson/dataformat/jackson-dataformat-cbor/2.13.3/jackson-dataformat-cbor-2.13.3.jar
MD5: f9c18502476873575f2fb0c5f6b69182
SHA1: bf43eed9de0031521107dfea41d1e5d6bf1b9639
SHA256: 8a6a687759739421b1f3c3f9678e7bc1cb37df5832e365996e2f412d7ca7e860
Evidence Type Source Name Value Confidence Vendor file name jackson-dataformat-cbor High Vendor jar package name cbor Highest Vendor jar package name dataformat Highest Vendor jar package name fasterxml Highest Vendor jar package name jackson Highest Vendor Manifest build-jdk-spec 1.8 Low Vendor Manifest bundle-docurl http://github.com/FasterXML/jackson-dataformats-binary Low Vendor Manifest bundle-symbolicname com.fasterxml.jackson.dataformat.jackson-dataformat-cbor Medium Vendor Manifest implementation-build-date 2022-05-14 17:27:16+0000 Low Vendor Manifest Implementation-Vendor FasterXML High Vendor Manifest Implementation-Vendor-Id com.fasterxml.jackson.dataformat Medium Vendor Manifest multi-release true Low Vendor Manifest specification-vendor FasterXML Low Vendor pom artifactid jackson-dataformat-cbor Low Vendor pom groupid com.fasterxml.jackson.dataformat Highest Vendor pom name Jackson dataformat: CBOR High Vendor pom parent-artifactid jackson-dataformats-binary Low Vendor pom url http://github.com/FasterXML/jackson-dataformats-binary Highest Product file name jackson-dataformat-cbor High Product jar package name cbor Highest Product jar package name dataformat Highest Product jar package name fasterxml Highest Product jar package name jackson Highest Product Manifest build-jdk-spec 1.8 Low Product Manifest bundle-docurl http://github.com/FasterXML/jackson-dataformats-binary Low Product Manifest Bundle-Name Jackson dataformat: CBOR Medium Product Manifest bundle-symbolicname com.fasterxml.jackson.dataformat.jackson-dataformat-cbor Medium Product Manifest implementation-build-date 2022-05-14 17:27:16+0000 Low Product Manifest Implementation-Title Jackson dataformat: CBOR High Product Manifest multi-release true Low Product Manifest specification-title Jackson dataformat: CBOR Medium Product pom artifactid jackson-dataformat-cbor Highest Product pom groupid com.fasterxml.jackson.dataformat Highest Product pom name Jackson dataformat: CBOR High Product pom parent-artifactid jackson-dataformats-binary Medium Product pom url http://github.com/FasterXML/jackson-dataformats-binary Medium Version file version 2.13.3 High Version Manifest Bundle-Version 2.13.3 High Version Manifest Implementation-Version 2.13.3 High Version pom version 2.13.3 Highest
Related Dependencies jackson-dataformat-smile-2.13.3.jar Description:
Data Mapper package is a high-performance data binding package
built on Jackson JSON processor
License:
The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /home/runner/.m2/repository/org/codehaus/jackson/jackson-mapper-asl/1.8.9/jackson-mapper-asl-1.8.9.jar
MD5: dc63049af5571d39a667add4caabdef7
SHA1: e430ed24d67dfc126ee16bc23156a044950c3168
SHA256: 297803b785a2bbac1b33b0f7a163434810c69759f32577b9ac9b629cd9a479e0
Evidence Type Source Name Value Confidence Vendor file name jackson-mapper-asl High Vendor jar package name codehaus Highest Vendor jar package name jackson Highest Vendor Manifest bundle-requiredexecutionenvironment J2SE-1.5, JavaSE-1.6 Low Vendor Manifest bundle-symbolicname jackson-mapper-asl Medium Vendor Manifest Implementation-Vendor http://fasterxml.com High Vendor pom artifactid jackson-mapper-asl Low Vendor pom groupid org.codehaus.jackson Highest Vendor pom name Data Mapper for Jackson High Vendor pom organization name FasterXML High Vendor pom organization url http://fasterxml.com Medium Vendor pom url http://jackson.codehaus.org Highest Product file name jackson-mapper-asl High Product jar package name codehaus Highest Product jar package name jackson Highest Product Manifest Bundle-Name Data mapper for Jackson JSON processor Medium Product Manifest bundle-requiredexecutionenvironment J2SE-1.5, JavaSE-1.6 Low Product Manifest bundle-symbolicname jackson-mapper-asl Medium Product Manifest Implementation-Title Data mapper for Jackson JSON processor High Product pom artifactid jackson-mapper-asl Highest Product pom groupid org.codehaus.jackson Highest Product pom name Data Mapper for Jackson High Product pom organization name FasterXML Low Product pom organization url http://fasterxml.com Low Product pom url http://jackson.codehaus.org Medium Version file version 1.8.9 High Version Manifest Bundle-Version 1.8.9 High Version Manifest Implementation-Version 1.8.9 High Version pom version 1.8.9 Highest
CVE-2017-7525 (OSSINDEX)suppress
A deserialization flaw was discovered in the jackson-databind, versions before 2.6.7.1, 2.7.9.1 and 2.8.9, which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper.
Sonatype's research suggests that this CVE's details differ from those defined at NVD. See https://ossindex.sonatype.org/vulnerability/CVE-2017-7525 for details CWE-184 Incomplete List of Disallowed Inputs
CVSSv3:
Base Score: CRITICAL (9.8) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H References:
Vulnerable Software & Versions (OSSINDEX):
cpe:2.3:a:org.codehaus.jackson:jackson-mapper-asl:1.8.9:*:*:*:*:*:*:* CVE-2019-10172 (OSSINDEX)suppress
A flaw was found in org.codehaus.jackson:jackson-mapper-asl:1.9.x libraries. XML external entity vulnerabilities similar CVE-2016-3720 also affects codehaus jackson-mapper-asl libraries but in different classes.
Sonatype's research suggests that this CVE's details differ from those defined at NVD. See https://ossindex.sonatype.org/vulnerability/CVE-2019-10172 for details CWE-611 Improper Restriction of XML External Entity Reference
CVSSv3:
Base Score: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N References:
Vulnerable Software & Versions (OSSINDEX):
cpe:2.3:a:org.codehaus.jackson:jackson-mapper-asl:1.8.9:*:*:*:*:*:*:* Description:
Jansi is a java library for generating and interpreting ANSI escape sequences. License:
Apache License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /home/runner/.m2/repository/org/fusesource/jansi/jansi/2.4.1/jansi-2.4.1.jar
MD5: 10c1033cc584325f020e2f9d231c0764
SHA1: d5774f204d990c9f5da2809b88f928515577beb4
SHA256: 2e5e775a9dc58ffa6bbd6aa6f099d62f8b62dcdeb4c3c3bbbe5cf2301bc2dcc1
Evidence Type Source Name Value Confidence Vendor file name jansi High Vendor jar package name fusesource Highest Vendor jar package name jansi Highest Vendor Manifest automatic-module-name org.fusesource.jansi Medium Vendor Manifest build-jdk-spec 11 Low Vendor Manifest bundle-docurl http://fusesource.com/ Low Vendor Manifest bundle-symbolicname org.fusesource.jansi Medium Vendor Manifest Implementation-Vendor FuseSource, Corp. High Vendor Manifest multi-release true Low Vendor pom artifactid jansi Low Vendor pom developer email gnodet@gmail.com Low Vendor pom developer email hiram@hiramchirino.com Low Vendor pom developer id chirino Medium Vendor pom developer id gnodet Medium Vendor pom developer name Guillaume Nodet Medium Vendor pom developer name Hiram Chirino Medium Vendor pom groupid org.fusesource.jansi Highest Vendor pom name Jansi High Vendor pom parent-artifactid fusesource-pom Low Vendor pom parent-groupid org.fusesource Medium Vendor pom url http://fusesource.github.io/jansi Highest Product file name jansi High Product jar package name fusesource Highest Product jar package name jansi Highest Product Manifest automatic-module-name org.fusesource.jansi Medium Product Manifest build-jdk-spec 11 Low Product Manifest bundle-docurl http://fusesource.com/ Low Product Manifest Bundle-Name Jansi Medium Product Manifest bundle-symbolicname org.fusesource.jansi Medium Product Manifest Implementation-Title Jansi High Product Manifest multi-release true Low Product Manifest specification-title Jansi Medium Product pom artifactid jansi Highest Product pom developer email gnodet@gmail.com Low Product pom developer email hiram@hiramchirino.com Low Product pom developer id chirino Low Product pom developer id gnodet Low Product pom developer name Guillaume Nodet Low Product pom developer name Hiram Chirino Low Product pom groupid org.fusesource.jansi Highest Product pom name Jansi High Product pom parent-artifactid fusesource-pom Medium Product pom parent-groupid org.fusesource Medium Product pom url http://fusesource.github.io/jansi Medium Version file version 2.4.1 High Version Manifest Bundle-Version 2.4.1 High Version Manifest Implementation-Version 2.4.1 High Version pom parent-version 2.4.1 Low Version pom version 2.4.1 Highest
Description:
Clojure Wrapper around Jansi. License:
MIT: https://choosealicense.com/licenses/mit File Path: /home/runner/.m2/repository/jansi-clj/jansi-clj/1.0.3/jansi-clj-1.0.3.jar
MD5: 816a76445cc28ee6de02418428cfda28
SHA1: 987b5981748f75d9ab1b9ba5f38c4d4614448303
SHA256: 2bff5fe8348b3ef6eed84b8fc162efc4f4d3887a42340508501a1f8fa805f3c6
Evidence Type Source Name Value Confidence Vendor file name jansi-clj High Vendor Manifest leiningen-project-artifactid jansi-clj Low Vendor Manifest leiningen-project-groupid jansi-clj Low Vendor pom artifactid jansi-clj Low Vendor pom groupid jansi-clj Highest Vendor pom name jansi-clj High Vendor pom url xsc/jansi-clj Highest Product file name jansi-clj High Product Manifest leiningen-project-artifactid jansi-clj Low Product Manifest leiningen-project-groupid jansi-clj Low Product pom artifactid jansi-clj Highest Product pom groupid jansi-clj Highest Product pom name jansi-clj High Product pom url xsc/jansi-clj High Version file version 1.0.3 High Version Manifest leiningen-project-version 1.0.3 Medium Version pom version 1.0.3 Highest
Description:
Java library which implements the Java object model for SPDX and provides useful helper functions. License:
The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /home/runner/.m2/repository/org/spdx/java-spdx-library/1.1.10/java-spdx-library-1.1.10.jar
MD5: 9bf5e91b0e94b6bdf21291d8d73ab2b7
SHA1: 0dc9e7af93007c88b98388209d231be2f838cb45
SHA256: ef116816a4d221933d34d9f113fd47f6780bca2b0c826545081d742f4e7178fb
Evidence Type Source Name Value Confidence Vendor file name java-spdx-library High Vendor jar package name library Highest Vendor jar package name model Highest Vendor jar package name spdx Highest Vendor Manifest automatic-module-name org.spdx.library Medium Vendor Manifest build-jdk-spec 17 Low Vendor pom artifactid java-spdx-library Low Vendor pom developer email gary@sourceauditor.com Low Vendor pom developer id goneall Medium Vendor pom developer name Gary O'Neall Medium Vendor pom developer org SPDX Medium Vendor pom developer org URL http://spdx.org Medium Vendor pom groupid org.spdx Highest Vendor pom name java-spdx-library High Vendor pom organization name SPDX High Vendor pom organization url http://spdx.org Medium Vendor pom url spdx/Spdx-Java-Library Highest Product file name java-spdx-library High Product jar package name library Highest Product jar package name model Highest Product jar package name spdx Highest Product Manifest automatic-module-name org.spdx.library Medium Product Manifest build-jdk-spec 17 Low Product pom artifactid java-spdx-library Highest Product pom developer email gary@sourceauditor.com Low Product pom developer id goneall Low Product pom developer name Gary O'Neall Low Product pom developer org SPDX Low Product pom developer org URL http://spdx.org Low Product pom groupid org.spdx Highest Product pom name java-spdx-library High Product pom organization name SPDX Low Product pom organization url http://spdx.org Low Product pom url spdx/Spdx-Java-Library High Version file version 1.1.10 High Version pom version 1.1.10 Highest
File Path: /home/runner/.m2/repository/org/clojure/java.classpath/1.0.0/java.classpath-1.0.0.jarMD5: 4c04bfbab2e7cfbb75698021ce7e6b00SHA1: 015d06d1b304ac23104333bc8492a11bcc2e87e4SHA256: c14e0e10304a5e5cfd2cc742fbdefac1f5293eec6070c2ffe8903fb5c7fe7d6f
Evidence Type Source Name Value Confidence Vendor file name java.classpath High Vendor pom artifactid java.classpath Low Vendor pom developer name Stuart Sierra Medium Vendor pom groupid org.clojure Highest Vendor pom name java.classpath High Vendor pom parent-artifactid pom.contrib Low Product file name java.classpath High Product pom artifactid java.classpath Highest Product pom developer name Stuart Sierra Low Product pom groupid org.clojure Highest Product pom name java.classpath High Product pom parent-artifactid pom.contrib Medium Version file version 1.0.0 High Version pom parent-version 1.0.0 Low Version pom version 1.0.0 Highest
Description:
The core parser functionality. This may be all you need. License:
GNU Lesser General Public License: http://www.gnu.org/licenses/lgpl-3.0.html
Apache License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /home/runner/.m2/repository/com/github/javaparser/javaparser-core/3.25.3/javaparser-core-3.25.3.jar
MD5: e396065348d52b3ec6ecf674ed274009
SHA1: 55a960eea36e9ae20e48c500c3dd356b33331f1f
SHA256: 7324bc18820dad7e9056f2035af3b5405d6e24a8a469a985d9aac44f15522c27
Evidence Type Source Name Value Confidence Vendor file name javaparser-core High Vendor jar package name github Highest Vendor jar package name javaparser Highest Vendor Manifest automatic-module-name com.github.javaparser.core Medium Vendor Manifest build-jdk-spec 1.8 Low Vendor Manifest bundle-developers matozoid;email="hexagonaal@gmail.com";name="Danny van Bruggen","jgesser@gmail.com";email="jgesser@gmail.com";name="Júlio Vilmar Gesser",sebastiankirsch;email="sebastian.kirsch@immobilienscout24.de";name="Sebastian Kirsch",before;name="André Rouél",SmiddyPence;email="smiddypence@gmail.com";name="Nicholas Smith",ftomassetti;email="federico@tomassetti.me";name="Federico Tomassetti",ptitjes;email="ptitjes@free.fr";name="Didier Villevalois",MysterAitch;name="Roger Howell",MysterAitch;name="Roger Howell",jlerbsc;name="Jean Pierre Lerbscher",maartenc;name="Maarten Coene" Low Vendor Manifest bundle-docurl https://github.com/javaparser/javaparser-core Low Vendor Manifest bundle-symbolicname com.github.javaparser.javaparser-core Medium Vendor pom artifactid javaparser-core Low Vendor pom groupid com.github.javaparser Highest Vendor pom parent-artifactid javaparser-parent Low Product file name javaparser-core High Product jar package name github Highest Product jar package name javaparser Highest Product Manifest automatic-module-name com.github.javaparser.core Medium Product Manifest build-jdk-spec 1.8 Low Product Manifest bundle-developers matozoid;email="hexagonaal@gmail.com";name="Danny van Bruggen","jgesser@gmail.com";email="jgesser@gmail.com";name="Júlio Vilmar Gesser",sebastiankirsch;email="sebastian.kirsch@immobilienscout24.de";name="Sebastian Kirsch",before;name="André Rouél",SmiddyPence;email="smiddypence@gmail.com";name="Nicholas Smith",ftomassetti;email="federico@tomassetti.me";name="Federico Tomassetti",ptitjes;email="ptitjes@free.fr";name="Didier Villevalois",MysterAitch;name="Roger Howell",MysterAitch;name="Roger Howell",jlerbsc;name="Jean Pierre Lerbscher",maartenc;name="Maarten Coene" Low Product Manifest bundle-docurl https://github.com/javaparser/javaparser-core Low Product Manifest Bundle-Name javaparser-core Medium Product Manifest bundle-symbolicname com.github.javaparser.javaparser-core Medium Product pom artifactid javaparser-core Highest Product pom groupid com.github.javaparser Highest Product pom parent-artifactid javaparser-parent Medium Version file version 3.25.3 High Version Manifest Bundle-Version 3.25.3 High Version pom version 3.25.3 Highest
Description:
Javassist (JAVA programming ASSISTant) makes Java bytecode manipulation
simple. It is a class library for editing bytecodes in Java.
License:
MPL 1.1: http://www.mozilla.org/MPL/MPL-1.1.html
LGPL 2.1: http://www.gnu.org/licenses/lgpl-2.1.html
Apache License 2.0: http://www.apache.org/licenses/ File Path: /home/runner/.m2/repository/org/javassist/javassist/3.18.1-GA/javassist-3.18.1-GA.jar
MD5: 5bb83868c87334320562af7eded65cc2
SHA1: d9a09f7732226af26bf99f19e2cffe0ae219db5b
SHA256: 3fb71231afd098bb0f93f5eb97aa8291c8d0556379125e596f92ec8f944c6162
Evidence Type Source Name Value Confidence Vendor file name javassist High Vendor jar package name bytecode Highest Vendor jar package name javassist Highest Vendor Manifest bundle-symbolicname javassist Medium Vendor Manifest specification-vendor Shigeru Chiba, www.javassist.org Low Vendor pom artifactid javassist Low Vendor pom developer email adinn@redhat.com Low Vendor pom developer email chiba@javassist.org Low Vendor pom developer email kabir.khan@jboss.com Low Vendor pom developer email smarlow@redhat.com Low Vendor pom developer id adinn Medium Vendor pom developer id chiba Medium Vendor pom developer id kabir.khan@jboss.com Medium Vendor pom developer id smarlow Medium Vendor pom developer name Andrew Dinn Medium Vendor pom developer name Kabir Khan Medium Vendor pom developer name Scott Marlow Medium Vendor pom developer name Shigeru Chiba Medium Vendor pom developer org JBoss Medium Vendor pom developer org The Javassist Project Medium Vendor pom developer org URL http://www.javassist.org/ Medium Vendor pom developer org URL http://www.jboss.org/ Medium Vendor pom groupid org.javassist Highest Vendor pom name Javassist High Vendor pom url http://www.javassist.org/ Highest Product file name javassist High Product jar package name bytecode Highest Product jar package name javassist Highest Product Manifest Bundle-Name Javassist Medium Product Manifest bundle-symbolicname javassist Medium Product Manifest specification-title Javassist Medium Product pom artifactid javassist Highest Product pom developer email adinn@redhat.com Low Product pom developer email chiba@javassist.org Low Product pom developer email kabir.khan@jboss.com Low Product pom developer email smarlow@redhat.com Low Product pom developer id adinn Low Product pom developer id chiba Low Product pom developer id kabir.khan@jboss.com Low Product pom developer id smarlow Low Product pom developer name Andrew Dinn Low Product pom developer name Kabir Khan Low Product pom developer name Scott Marlow Low Product pom developer name Shigeru Chiba Low Product pom developer org JBoss Low Product pom developer org The Javassist Project Low Product pom developer org URL http://www.javassist.org/ Low Product pom developer org URL http://www.jboss.org/ Low Product pom groupid org.javassist Highest Product pom name Javassist High Product pom url http://www.javassist.org/ Medium Version pom version 3.18.1-GA Highest
Description:
JavaBeans Activation Framework API jar License:
https://github.com/javaee/activation/blob/master/LICENSE.txt File Path: /home/runner/.m2/repository/javax/activation/javax.activation-api/1.2.0/javax.activation-api-1.2.0.jar
MD5: 5e50e56bcf4a3ef3bc758f69f7643c3b
SHA1: 85262acf3ca9816f9537ca47d5adeabaead7cb16
SHA256: 43fdef0b5b6ceb31b0424b208b930c74ab58fac2ceeb7b3f6fd3aeb8b5ca4393
Evidence Type Source Name Value Confidence Vendor file name javax.activation-api High Vendor jar package name activation Highest Vendor jar package name javax Highest Vendor Manifest automatic-module-name java.activation Medium Vendor Manifest bundle-docurl http://www.oracle.com Low Vendor Manifest bundle-symbolicname javax.activation-api Medium Vendor Manifest extension-name javax.activation Medium Vendor Manifest Implementation-Vendor Oracle High Vendor Manifest Implementation-Vendor-Id com.sun Medium Vendor Manifest originally-created-by 1.8.0_141 (Oracle Corporation) Low Vendor Manifest specification-vendor Oracle Low Vendor Manifest (hint) Implementation-Vendor sun High Vendor Manifest (hint) specification-vendor sun Low Vendor pom artifactid javax.activation-api Low Vendor pom groupid javax.activation Highest Vendor pom name JavaBeans Activation Framework API jar High Vendor pom parent-artifactid all Low Vendor pom parent-groupid com.sun.activation Medium Product file name javax.activation-api High Product jar package name activation Highest Product jar package name javax Highest Product Manifest automatic-module-name java.activation Medium Product Manifest bundle-docurl http://www.oracle.com Low Product Manifest Bundle-Name JavaBeans Activation Framework API jar Medium Product Manifest bundle-symbolicname javax.activation-api Medium Product Manifest extension-name javax.activation Medium Product Manifest Implementation-Title javax.activation.javax.activation-api High Product Manifest originally-created-by 1.8.0_141 (Oracle Corporation) Low Product Manifest specification-title javax.activation.javax.activation-api Medium Product pom artifactid javax.activation-api Highest Product pom groupid javax.activation Highest Product pom name JavaBeans Activation Framework API jar High Product pom parent-artifactid all Medium Product pom parent-groupid com.sun.activation Medium Version file version 1.2.0 High Version Manifest Bundle-Version 1.2.0 High Version Manifest Implementation-Version 1.2.0 High Version pom version 1.2.0 Highest
Description:
Common Annotations for the JavaTM Platform API License:
CDDL + GPLv2 with classpath exception: https://glassfish.dev.java.net/nonav/public/CDDL+GPL.html File Path: /home/runner/.m2/repository/javax/annotation/javax.annotation-api/1.2/javax.annotation-api-1.2.jar
MD5: 75fe320d2b3763bd6883ae1ede35e987
SHA1: 479c1e06db31c432330183f5cae684163f186146
SHA256: 5909b396ca3a2be10d0eea32c74ef78d816e1b4ead21de1d78de1f890d033e04
Evidence Type Source Name Value Confidence Vendor file name javax.annotation-api High Vendor jar package name annotation Highest Vendor jar package name javax Highest Vendor Manifest bundle-docurl https://glassfish.java.net Low Vendor Manifest bundle-symbolicname javax.annotation-api Medium Vendor Manifest extension-name javax.annotation Medium Vendor Manifest Implementation-Vendor GlassFish Community High Vendor Manifest Implementation-Vendor-Id org.glassfish Medium Vendor Manifest specification-vendor Oracle Corporation Low Vendor pom artifactid javax.annotation-api Low Vendor pom developer id mode Medium Vendor pom developer name Rajiv Mordani Medium Vendor pom developer org Oracle, Inc. Medium Vendor pom groupid javax.annotation Highest Vendor pom name API High Vendor pom name ${extension.name} API High Vendor pom organization name GlassFish Community High Vendor pom organization url https://glassfish.java.net Medium Vendor pom parent-artifactid jvnet-parent Low Vendor pom parent-groupid net.java Medium Vendor pom url http://jcp.org/en/jsr/detail?id=250 Highest Product file name javax.annotation-api High Product jar package name annotation Highest Product jar package name javax Highest Product Manifest bundle-docurl https://glassfish.java.net Low Product Manifest Bundle-Name javax.annotation API Medium Product Manifest bundle-symbolicname javax.annotation-api Medium Product Manifest extension-name javax.annotation Medium Product pom artifactid javax.annotation-api Highest Product pom developer id mode Low Product pom developer name Rajiv Mordani Low Product pom developer org Oracle, Inc. Low Product pom groupid javax.annotation Highest Product pom name API High Product pom name ${extension.name} API High Product pom organization name GlassFish Community Low Product pom organization url https://glassfish.java.net Low Product pom parent-artifactid jvnet-parent Medium Product pom parent-groupid net.java Medium Product pom url http://jcp.org/en/jsr/detail?id=250 Medium Version file version 1.2 High Version Manifest Bundle-Version 1.2 High Version Manifest Implementation-Version 1.2 High Version pom parent-version 1.2 Low Version pom version 1.2 Highest
Description:
The javax.inject API License:
The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /home/runner/.m2/repository/javax/inject/javax.inject/1/javax.inject-1.jar
MD5: 289075e48b909e9e74e6c915b3631d2e
SHA1: 6975da39a7040257bd51d21a231b76c915872d38
SHA256: 91c77044a50c481636c32d916fd89c9118a72195390452c81065080f957de7ff
Evidence Type Source Name Value Confidence Vendor file name javax.inject-1 High Vendor jar package name inject Highest Vendor jar package name inject Low Vendor jar package name javax Highest Vendor jar package name javax Low Vendor pom artifactid javax.inject Low Vendor pom groupid javax.inject Highest Vendor pom name javax.inject High Vendor pom url http://code.google.com/p/atinject/ Highest Product file name javax.inject-1 High Product jar package name inject Highest Product jar package name inject Low Product jar package name javax Highest Product pom artifactid javax.inject Highest Product pom groupid javax.inject Highest Product pom name javax.inject High Product pom url http://code.google.com/p/atinject/ Medium Version file version 1 Medium Version pom version 1 Highest
Description:
JAXB (JSR 222) API License:
https://oss.oracle.com/licenses/CDDL+GPL-1.1, https://oss.oracle.com/licenses/CDDL+GPL-1.1 File Path: /home/runner/.m2/repository/javax/xml/bind/jaxb-api/2.4.0-b180830.0359/jaxb-api-2.4.0-b180830.0359.jar
MD5: a9b97f6723902f40287c02980aa66eef
SHA1: b54184b7dcab2031add3f525550c7f1b7e12209d
SHA256: 56b9e9702753763007435162ea788055efcfefc86ab920f032c0411dc547b836
Evidence Type Source Name Value Confidence Vendor file name jaxb-api High Vendor jar package name bind Highest Vendor jar package name javax Highest Vendor jar package name jaxb Highest Vendor jar package name xml Highest Vendor Manifest bundle-docurl http://www.oracle.com/ Low Vendor Manifest bundle-symbolicname jaxb-api Medium Vendor Manifest extension-name javax.xml.bind Medium Vendor Manifest implementation-build-id UNKNOWN-fafb768f18a0ba019b4173e71ed13cff9cc0e1cf, 2018-08-30T04:00:09-0700 Low Vendor Manifest Implementation-Vendor Oracle Corporation High Vendor Manifest Implementation-Vendor-Id org.glassfish Medium Vendor Manifest multi-release true Low Vendor Manifest specification-vendor Oracle Corporation Low Vendor pom artifactid jaxb-api Low Vendor pom groupid javax.xml.bind Highest Vendor pom parent-artifactid jaxb-api-parent Low Product file name jaxb-api High Product jar package name bind Highest Product jar package name javax Highest Product jar package name jaxb Highest Product jar package name xml Highest Product Manifest bundle-docurl http://www.oracle.com/ Low Product Manifest Bundle-Name jaxb-api Medium Product Manifest bundle-symbolicname jaxb-api Medium Product Manifest extension-name javax.xml.bind Medium Product Manifest implementation-build-id UNKNOWN-fafb768f18a0ba019b4173e71ed13cff9cc0e1cf, 2018-08-30T04:00:09-0700 Low Product Manifest multi-release true Low Product Manifest specification-title jaxb-api Medium Product pom artifactid jaxb-api Highest Product pom groupid javax.xml.bind Highest Product pom parent-artifactid jaxb-api-parent Medium Version pom version 2.4.0-b180830.0359 Highest
Description:
JCL 1.2 implemented over SLF4J License:
Apache License, Version 2.0: https://www.apache.org/licenses/LICENSE-2.0.txt File Path: /home/runner/.m2/repository/org/slf4j/jcl-over-slf4j/1.7.36/jcl-over-slf4j-1.7.36.jar
MD5: 8065610cde33ed9fd5d34367912c1938
SHA1: d877e195a05aca4a2f1ad2ff14bfec1393af4b5e
SHA256: ab57ca8fd223772c17365d121f59e94ecbf0ae59d08c03a3cb5b81071c019195
Evidence Type Source Name Value Confidence Vendor file name jcl-over-slf4j High Vendor jar package name apache Highest Vendor jar package name commons Highest Vendor jar package name logging Highest Vendor Manifest automatic-module-name org.apache.commons.logging Medium Vendor Manifest build-jdk-spec 1.8 Low Vendor Manifest bundle-requiredexecutionenvironment J2SE-1.5 Low Vendor Manifest bundle-symbolicname jcl.over.slf4j Medium Vendor pom artifactid jcl-over-slf4j Low Vendor pom groupid org.slf4j Highest Vendor pom name JCL 1.2 implemented over SLF4J High Vendor pom parent-artifactid slf4j-parent Low Vendor pom url http://www.slf4j.org Highest Product file name jcl-over-slf4j High Product jar package name apache Highest Product jar package name commons Highest Product jar package name logging Highest Product Manifest automatic-module-name org.apache.commons.logging Medium Product Manifest build-jdk-spec 1.8 Low Product Manifest Bundle-Name jcl-over-slf4j Medium Product Manifest bundle-requiredexecutionenvironment J2SE-1.5 Low Product Manifest bundle-symbolicname jcl.over.slf4j Medium Product Manifest Implementation-Title jcl-over-slf4j High Product pom artifactid jcl-over-slf4j Highest Product pom groupid org.slf4j Highest Product pom name JCL 1.2 implemented over SLF4J High Product pom parent-artifactid slf4j-parent Medium Product pom url http://www.slf4j.org Medium Version file version 1.7.36 High Version Manifest Bundle-Version 1.7.36 High Version Manifest Implementation-Version 1.7.36 High Version pom version 1.7.36 Highest
Description:
Jetty module for Jetty :: IO Utility License:
http://www.apache.org/licenses/LICENSE-2.0, https://www.eclipse.org/org/documents/epl-v10.php File Path: /home/runner/.m2/repository/org/eclipse/jetty/jetty-io/9.4.53.v20231009/jetty-io-9.4.53.v20231009.jar
MD5: 0840c548d9f6bd79e75a63450e362a23
SHA1: 70cf7649b27c964ad29bfddf58f3bfe0d30346cf
SHA256: 779a91750a60957c613ce5013404269717c504c2b21f3a73145e81c3dc41c67f
Evidence Type Source Name Value Confidence Vendor file name jetty-io High Vendor jar package name eclipse Highest Vendor jar package name io Highest Vendor jar package name jetty Highest Vendor Manifest automatic-module-name org.eclipse.jetty.io Medium Vendor Manifest build-jdk-spec 11 Low Vendor Manifest bundle-copyright Copyright (c) 2008-2022 Mort Bay Consulting Pty Ltd and others. Low Vendor Manifest bundle-docurl https://eclipse.org/jetty Low Vendor Manifest bundle-requiredexecutionenvironment JavaSE-1.8 Low Vendor Manifest bundle-symbolicname org.eclipse.jetty.io Medium Vendor Manifest Implementation-Vendor Eclipse Jetty Project High Vendor Manifest url https://eclipse.org/jetty Low Vendor pom artifactid jetty-io Low Vendor pom groupid org.eclipse.jetty Highest Vendor pom name Jetty :: IO Utility High Vendor pom parent-artifactid jetty-project Low Product file name jetty-io High Product jar package name eclipse Highest Product jar package name io Highest Product jar package name jetty Highest Product Manifest automatic-module-name org.eclipse.jetty.io Medium Product Manifest build-jdk-spec 11 Low Product Manifest bundle-copyright Copyright (c) 2008-2022 Mort Bay Consulting Pty Ltd and others. Low Product Manifest bundle-docurl https://eclipse.org/jetty Low Product Manifest Bundle-Name Jetty :: IO Utility Medium Product Manifest bundle-requiredexecutionenvironment JavaSE-1.8 Low Product Manifest bundle-symbolicname org.eclipse.jetty.io Medium Product Manifest url https://eclipse.org/jetty Low Product pom artifactid jetty-io Highest Product pom groupid org.eclipse.jetty Highest Product pom name Jetty :: IO Utility High Product pom parent-artifactid jetty-project Medium Version file version 9.4.53.v20231009 High Version Manifest Bundle-Version 9.4.53.v20231009 High Version Manifest Implementation-Version 9.4.53.v20231009 High Version pom version 9.4.53.v20231009 Highest
Related Dependencies jetty-client-9.4.53.v20231009.jarFile Path: /home/runner/.m2/repository/org/eclipse/jetty/jetty-client/9.4.53.v20231009/jetty-client-9.4.53.v20231009.jar MD5: 394e49e0a6313d7eb70aae75043a950c SHA1: 143440d3a77f9cf17abaad222451b3ea3b4ccc98 SHA256: 9f5b83f64307bbb5d42dd4273e88d642214b275490363bac954369f029643c66 pkg:maven/org.eclipse.jetty/jetty-client@9.4.53.v20231009 jetty-http-9.4.53.v20231009.jarFile Path: /home/runner/.m2/repository/org/eclipse/jetty/jetty-http/9.4.53.v20231009/jetty-http-9.4.53.v20231009.jar MD5: 493a4b77298bb573a0dce8d7a059c96d SHA1: 87faf21eb322753f0527bcb88c43e67044786369 SHA256: c0a0cbd25998a13ce68481d6002757e6489ea0253463db761fec0cb30d15d612 pkg:maven/org.eclipse.jetty/jetty-http@9.4.53.v20231009 jetty-util-9.4.53.v20231009.jarFile Path: /home/runner/.m2/repository/org/eclipse/jetty/jetty-util/9.4.53.v20231009/jetty-util-9.4.53.v20231009.jar MD5: 0493bdf4eda445b096c463196cc22164 SHA1: f72bb4f687b4454052c6f06528ba9910714df947 SHA256: 7e5370022ecd1f682653641169a33e62e26730dd1e786433bed506cb0dcb1abc pkg:maven/org.eclipse.jetty/jetty-util@9.4.53.v20231009 Description:
Implementation of the JMES Path JSON Query langauge for Java. License:
Apache License, Version 2.0: https://aws.amazon.com/apache2.0 File Path: /home/runner/.m2/repository/com/amazonaws/jmespath-java/1.12.49/jmespath-java-1.12.49.jar
MD5: 674a2448967dfdd7ea939b9b76eea101
SHA1: f640045e40fc8ce7e48c571d4356888d0e5c134a
SHA256: 1b3410863ce40e673c6642ab7700b06f2a28f72c21513a42fa27851ab130be03
Evidence Type Source Name Value Confidence Vendor file name jmespath-java High Vendor jar package name amazonaws Highest Vendor jar package name amazonaws Low Vendor jar package name jmespath Highest Vendor jar package name jmespath Low Vendor pom artifactid jmespath-java Low Vendor pom developer id amazonwebservices Medium Vendor pom developer org Amazon Web Services Medium Vendor pom developer org URL https://aws.amazon.com Medium Vendor pom groupid com.amazonaws Highest Vendor pom name JMES Path Query library High Vendor pom parent-artifactid aws-java-sdk-pom Low Vendor pom url https://aws.amazon.com/sdkforjava Highest Product file name jmespath-java High Product jar package name amazonaws Highest Product jar package name jmespath Highest Product jar package name jmespath Low Product pom artifactid jmespath-java Highest Product pom developer id amazonwebservices Low Product pom developer org Amazon Web Services Low Product pom developer org URL https://aws.amazon.com Low Product pom groupid com.amazonaws Highest Product pom name JMES Path Query library High Product pom parent-artifactid aws-java-sdk-pom Medium Product pom url https://aws.amazon.com/sdkforjava Medium Version file version 1.12.49 High Version pom version 1.12.49 Highest
CVE-2022-31159 suppress
The AWS SDK for Java enables Java developers to work with Amazon Web Services. A partial-path traversal issue exists within the `downloadDirectory` method in the AWS S3 TransferManager component of the AWS SDK for Java v1 prior to version 1.12.261. Applications using the SDK control the `destinationDirectory` argument, but S3 object keys are determined by the application that uploaded the objects. The `downloadDirectory` method allows the caller to pass a filesystem object in the object key but contained an issue in the validation logic for the key name. A knowledgeable actor could bypass the validation logic by including a UNIX double-dot in the bucket key. Under certain conditions, this could permit them to retrieve a directory from their S3 bucket that is one level up in the filesystem from their working directory. This issue’s scope is limited to directories whose name prefix matches the destinationDirectory. E.g. for destination directory`/tmp/foo`, the actor can cause a download to `/tmp/foo-bar`, but not `/tmp/bar`. If `com.amazonaws.services.s3.transfer.TransferManager::downloadDirectory` is used to download an untrusted buckets contents, the contents of that bucket can be written outside of the intended destination directory. Version 1.12.261 contains a patch for this issue. As a workaround, when calling `com.amazonaws.services.s3.transfer.TransferManager::downloadDirectory`, pass a `KeyFilter` that forbids `S3ObjectSummary` objects that `getKey` method return a string containing the substring `..` . CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVSSv3:
Base Score: MEDIUM (6.5) Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N References:
Vulnerable Software & Versions:
Description:
Java Native Access License:
LGPL, version 2.1: http://www.gnu.org/licenses/licenses.html
ASL, version 2: http://www.apache.org/licenses/ File Path: /home/runner/.m2/repository/net/java/dev/jna/jna/4.1.0/jna-4.1.0.jar
MD5: b0e08c9936dc52aa40439c71fcad6297
SHA1: 1c12d070e602efd8021891cdd7fd18bc129372d4
SHA256: 1aa37e9ea6baa0ee152d89509f758f0847eac66ec179b955cafe0919e540a92e
Evidence Type Source Name Value Confidence Vendor file name jna High Vendor jar package name jna Highest Vendor jar package name native Highest Vendor jar package name sun Highest Vendor jar (hint) package name oracle Highest Vendor Manifest bundle-activationpolicy lazy Low Vendor Manifest bundle-category jni Low Vendor Manifest bundle-nativecode com/sun/jna/win32-x86/jnidispatch.dll; processor=x86;osname=win32, com/sun/jna/win32-x86-64/jnidispatch.dll; processor=x86-64;osname=win32, com/sun/jna/w32ce-arm/jnidispatch.dll; processor=arm;osname=wince, com/sun/jna/sunos-x86/libjnidispatch.so; processor=x86;osname=sunos, com/sun/jna/sunos-x86-64/libjnidispatch.so; processor=x86-64;osname=sunos, com/sun/jna/sunos-sparc/libjnidispatch.so; processor=sparc;osname=sunos, com/sun/jna/sunos-sparcv9/libjnidispatch.so; processor=sparcv9;osname=sunos, com/sun/jna/aix-ppc/libjnidispatch.a; processor=ppc;osname=aix, com/sun/jna/aix-ppc64/libjnidispatch.a; processor=ppc64;osname=aix, com/sun/jna/linux-ppc/libjnidispatch.so; processor=ppc;osname=linux, com/sun/jna/linux-ppc64/libjnidispatch.so; processor=ppc64;osname=linux, com/sun/jna/linux-x86/libjnidispatch.so; processor=x86;osname=linux, com/sun/jna/linux-x86-64/libjnidispatch.so; processor=x86-64;osname=linux, com/sun/jna/linux-arm/libjnidispatch.so; processor=arm;osname=linux, com/sun/jna/linux-ia64/libjnidispatch.so; processor=ia64;osname=linux, com/sun/jna/freebsd-x86/libjnidispatch.so; processor=x86;osname=freebsd, com/sun/jna/freebsd-x86-64/libjnidispatch.so; processor=x86-64;osname=freebsd, com/sun/jna/openbsd-x86/libjnidispatch.so; processor=x86;osname=openbsd, com/sun/jna/openbsd-x86-64/libjnidispatch.so; processor=x86-64;osname=openbsd, com/sun/jna/darwin/libjnidispatch.jnilib; osname=macosx;processor=x86;processor=x86-64;processor=ppc Low Vendor Manifest bundle-requiredexecutionenvironment J2SE-1.4 Low Vendor Manifest bundle-symbolicname com.sun.jna Medium Vendor Manifest Implementation-Vendor JNA Development Team High Vendor Manifest specification-vendor JNA Development Team Low Vendor pom artifactid jna Low Vendor pom developer id twall Medium Vendor pom developer name Timothy Wall Medium Vendor pom groupid net.java.dev.jna Highest Vendor pom name Java Native Access High Vendor pom url twall/jna Highest Product file name jna High Product jar package name jna Highest Product jar package name library Highest Product jar package name native Highest Product jar package name sun Highest Product jar package name win32 Highest Product Manifest bundle-activationpolicy lazy Low Product Manifest bundle-category jni Low Product Manifest Bundle-Name jna Medium Product Manifest bundle-nativecode com/sun/jna/win32-x86/jnidispatch.dll; processor=x86;osname=win32, com/sun/jna/win32-x86-64/jnidispatch.dll; processor=x86-64;osname=win32, com/sun/jna/w32ce-arm/jnidispatch.dll; processor=arm;osname=wince, com/sun/jna/sunos-x86/libjnidispatch.so; processor=x86;osname=sunos, com/sun/jna/sunos-x86-64/libjnidispatch.so; processor=x86-64;osname=sunos, com/sun/jna/sunos-sparc/libjnidispatch.so; processor=sparc;osname=sunos, com/sun/jna/sunos-sparcv9/libjnidispatch.so; processor=sparcv9;osname=sunos, com/sun/jna/aix-ppc/libjnidispatch.a; processor=ppc;osname=aix, com/sun/jna/aix-ppc64/libjnidispatch.a; processor=ppc64;osname=aix, com/sun/jna/linux-ppc/libjnidispatch.so; processor=ppc;osname=linux, com/sun/jna/linux-ppc64/libjnidispatch.so; processor=ppc64;osname=linux, com/sun/jna/linux-x86/libjnidispatch.so; processor=x86;osname=linux, com/sun/jna/linux-x86-64/libjnidispatch.so; processor=x86-64;osname=linux, com/sun/jna/linux-arm/libjnidispatch.so; processor=arm;osname=linux, com/sun/jna/linux-ia64/libjnidispatch.so; processor=ia64;osname=linux, com/sun/jna/freebsd-x86/libjnidispatch.so; processor=x86;osname=freebsd, com/sun/jna/freebsd-x86-64/libjnidispatch.so; processor=x86-64;osname=freebsd, com/sun/jna/openbsd-x86/libjnidispatch.so; processor=x86;osname=openbsd, com/sun/jna/openbsd-x86-64/libjnidispatch.so; processor=x86-64;osname=openbsd, com/sun/jna/darwin/libjnidispatch.jnilib; osname=macosx;processor=x86;processor=x86-64;processor=ppc Low Product Manifest bundle-requiredexecutionenvironment J2SE-1.4 Low Product Manifest bundle-symbolicname com.sun.jna Medium Product Manifest Implementation-Title com.sun.jna High Product Manifest specification-title Java Native Access (JNA) Medium Product pom artifactid jna Highest Product pom developer id twall Low Product pom developer name Timothy Wall Low Product pom groupid net.java.dev.jna Highest Product pom name Java Native Access High Product pom url twall/jna High Version file version 4.1.0 High Version Manifest Bundle-Version 4.1.0 High Version pom version 4.1.0 Highest
Description:
Java Native Access Platform License:
LGPL, version 2.1: http://www.gnu.org/licenses/licenses.html
ASL, version 2: http://www.apache.org/licenses/ File Path: /home/runner/.m2/repository/net/java/dev/jna/jna-platform/4.1.0/jna-platform-4.1.0.jar
MD5: 533e404eda70bbf8e40de134ffeec95b
SHA1: 23457ad1cf75c2c16763330de5565a0e67b4bc0a
SHA256: f91ba7c0f26c34f04bf57d2ae30d4b19f906e7bb1de90eb3e1f4fdbf45d0c541
Evidence Type Source Name Value Confidence Vendor file name jna-platform High Vendor jar package name jna Highest Vendor jar package name platform Highest Vendor jar package name sun Highest Vendor jar (hint) package name oracle Highest Vendor Manifest bundle-category jni Low Vendor Manifest bundle-requiredexecutionenvironment J2SE-1.4 Low Vendor Manifest bundle-symbolicname com.sun.jna.platform Medium Vendor Manifest Implementation-Vendor JNA Development Team High Vendor Manifest require-bundle com.sun.jna;bundle-version="4.1.0" Low Vendor Manifest specification-vendor JNA Development Team Low Vendor pom artifactid jna-platform Low Vendor pom developer id twall Medium Vendor pom developer name Timothy Wall Medium Vendor pom groupid net.java.dev.jna Highest Vendor pom name Java Native Access Platform High Vendor pom url twall/jna Highest Product file name jna-platform High Product jar package name jna Highest Product jar package name platform Highest Product jar package name sun Highest Product Manifest bundle-category jni Low Product Manifest Bundle-Name jna-platform Medium Product Manifest bundle-requiredexecutionenvironment J2SE-1.4 Low Product Manifest bundle-symbolicname com.sun.jna.platform Medium Product Manifest Implementation-Title com.sun.jna.platform High Product Manifest require-bundle com.sun.jna;bundle-version="4.1.0" Low Product Manifest specification-title Java Native Access (JNA) Medium Product pom artifactid jna-platform Highest Product pom developer id twall Low Product pom developer name Timothy Wall Low Product pom groupid net.java.dev.jna Highest Product pom name Java Native Access Platform High Product pom url twall/jna High Version file version 4.1.0 High Version Manifest Bundle-Version 4.1.0 High Version pom version 4.1.0 Highest
Description:
Date and time library to replace JDK date handling License:
Apache 2: http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /home/runner/.m2/repository/joda-time/joda-time/2.8.1/joda-time-2.8.1.jar
MD5: c23002a0fac3455e92551e7f24500fa4
SHA1: f5bfc718c95a7b1d3c371bb02a188a4df18361a9
SHA256: b4670b95f75957c974284c5f3ada966040be2578f643c5c6083d262162061fa2
Evidence Type Source Name Value Confidence Vendor file name joda-time High Vendor jar package name joda Highest Vendor jar package name time Highest Vendor Manifest bundle-docurl http://www.joda.org/joda-time/ Low Vendor Manifest bundle-symbolicname joda-time Medium Vendor Manifest extension-name joda-time Medium Vendor Manifest implementation-url http://www.joda.org/joda-time/ Low Vendor Manifest Implementation-Vendor Joda.org High Vendor Manifest Implementation-Vendor-Id org.joda Medium Vendor Manifest specification-vendor Joda.org Low Vendor pom artifactid joda-time Low Vendor pom developer id broneill Medium Vendor pom developer id jodastephen Medium Vendor pom developer name Brian S O'Neill Medium Vendor pom developer name Stephen Colebourne Medium Vendor pom groupid joda-time Highest Vendor pom name Joda-Time High Vendor pom organization name Joda.org High Vendor pom organization url http://www.joda.org Medium Vendor pom url http://www.joda.org/joda-time/ Highest Product file name joda-time High Product jar package name joda Highest Product jar package name time Highest Product Manifest bundle-docurl http://www.joda.org/joda-time/ Low Product Manifest Bundle-Name Joda-Time Medium Product Manifest bundle-symbolicname joda-time Medium Product Manifest extension-name joda-time Medium Product Manifest Implementation-Title org.joda.time High Product Manifest implementation-url http://www.joda.org/joda-time/ Low Product Manifest specification-title Joda-Time Medium Product pom artifactid joda-time Highest Product pom developer id broneill Low Product pom developer id jodastephen Low Product pom developer name Brian S O'Neill Low Product pom developer name Stephen Colebourne Low Product pom groupid joda-time Highest Product pom name Joda-Time High Product pom organization name Joda.org Low Product pom organization url http://www.joda.org Low Product pom url http://www.joda.org/joda-time/ Medium Version file version 2.8.1 High Version Manifest Bundle-Version 2.8.1 High Version Manifest Implementation-Version 2.8.1 High Version pom version 2.8.1 Highest
Description:
JSch is a pure Java implementation of SSH2 License:
Revised BSD: http://www.jcraft.com/jsch/LICENSE.txt File Path: /home/runner/.m2/repository/com/jcraft/jsch/0.1.55/jsch-0.1.55.jar
MD5: c395ada0fc012d66f11bd30246f6c84d
SHA1: bbd40e5aa7aa3cfad5db34965456cee738a42a50
SHA256: d492b15a6d2ea3f1cc39c422c953c40c12289073dbe8360d98c0f6f9ec74fc44
Evidence Type Source Name Value Confidence Vendor file name jsch High Vendor jar package name jcraft Highest Vendor jar package name jcraft Low Vendor jar package name jsch Highest Vendor jar package name jsch Low Vendor pom artifactid jsch Low Vendor pom developer email ymnk at jcraft D0t com Low Vendor pom developer id ymnk Medium Vendor pom developer name Atsuhiko Yamanaka Medium Vendor pom developer org JCraft,Inc. Medium Vendor pom developer org URL http://www.jcraft.com/ Medium Vendor pom groupid com.jcraft Highest Vendor pom name JSch High Vendor pom organization name JCraft,Inc. High Vendor pom organization url http://www.jcraft.com/ Medium Vendor pom url http://www.jcraft.com/jsch/ Highest Product file name jsch High Product jar package name jcraft Highest Product jar package name jsch Highest Product jar package name jsch Low Product pom artifactid jsch Highest Product pom developer email ymnk at jcraft D0t com Low Product pom developer id ymnk Low Product pom developer name Atsuhiko Yamanaka Low Product pom developer org JCraft,Inc. Low Product pom developer org URL http://www.jcraft.com/ Low Product pom groupid com.jcraft Highest Product pom name JSch High Product pom organization name JCraft,Inc. Low Product pom organization url http://www.jcraft.com/ Low Product pom url http://www.jcraft.com/jsch/ Medium Version file version 0.1.55 High Version pom version 0.1.55 Highest
Description:
a proxy to ssh-agent and Pageant in Java License:
http://www.jcraft.com/jsch-agent-proxy/LICENSE.txt File Path: /home/runner/.m2/repository/com/jcraft/jsch.agentproxy.connector-factory/0.0.9/jsch.agentproxy.connector-factory-0.0.9.jar
MD5: bb646b6b9bf00a92d1f055fb881e3934
SHA1: ef48f016e1d4a06404fa769e7d316f6e07ad09d1
SHA256: 30fffe206fc598b464b255ae0300b1088fb9b47501e0266831c0167d36639884
Evidence Type Source Name Value Confidence Vendor file name jsch.agentproxy.connector-factory High Vendor jar package name agentproxy Highest Vendor jar package name connector Highest Vendor jar package name jcraft Highest Vendor jar package name jsch Highest Vendor Manifest bundle-docurl http://www.jcraft.com/ Low Vendor Manifest bundle-symbolicname com.jcraft.jsch.agentproxy.connector-factory Medium Vendor pom artifactid jsch.agentproxy.connector-factory Low Vendor pom groupid com.jcraft Highest Vendor pom name a connector factory High Vendor pom parent-artifactid jsch.agentproxy Low Product file name jsch.agentproxy.connector-factory High Product jar package name agentproxy Highest Product jar package name connector Highest Product jar package name jcraft Highest Product jar package name jsch Highest Product Manifest bundle-docurl http://www.jcraft.com/ Low Product Manifest Bundle-Name a connector factory Medium Product Manifest bundle-symbolicname com.jcraft.jsch.agentproxy.connector-factory Medium Product pom artifactid jsch.agentproxy.connector-factory Highest Product pom groupid com.jcraft Highest Product pom name a connector factory High Product pom parent-artifactid jsch.agentproxy Medium Version file version 0.0.9 High Version Manifest Bundle-Version 0.0.9 High Version pom version 0.0.9 Highest
Description:
a proxy to ssh-agent and Pageant in Java License:
http://www.jcraft.com/jsch-agent-proxy/LICENSE.txt File Path: /home/runner/.m2/repository/com/jcraft/jsch.agentproxy.core/0.0.9/jsch.agentproxy.core-0.0.9.jar
MD5: 37881dc6a7e29e8f418d21193abb3298
SHA1: 1af3741c3a83a71e29b8aa7637979791e50e538b
SHA256: 0ccda6cd8ec515bee1fef22d7737b52ac52d1c64c075d4d988136b60125a1eff
Evidence Type Source Name Value Confidence Vendor file name jsch.agentproxy.core High Vendor jar package name agentproxy Highest Vendor jar package name jcraft Highest Vendor jar package name jsch Highest Vendor Manifest bundle-docurl http://www.jcraft.com/ Low Vendor Manifest bundle-symbolicname com.jcraft.jsch.agentproxy.core Medium Vendor pom artifactid jsch.agentproxy.core Low Vendor pom groupid com.jcraft Highest Vendor pom name jsch-agent-proxy core library High Vendor pom parent-artifactid jsch.agentproxy Low Product file name jsch.agentproxy.core High Product jar package name agentproxy Highest Product jar package name jcraft Highest Product jar package name jsch Highest Product Manifest bundle-docurl http://www.jcraft.com/ Low Product Manifest Bundle-Name jsch-agent-proxy core library Medium Product Manifest bundle-symbolicname com.jcraft.jsch.agentproxy.core Medium Product pom artifactid jsch.agentproxy.core Highest Product pom groupid com.jcraft Highest Product pom name jsch-agent-proxy core library High Product pom parent-artifactid jsch.agentproxy Medium Version file version 0.0.9 High Version Manifest Bundle-Version 0.0.9 High Version pom version 0.0.9 Highest
File Path: /home/runner/.m2/repository/com/jcraft/jsch.agentproxy.jsch/0.0.9/jsch.agentproxy.jsch-0.0.9.jarMD5: ebe662626324228073d8e9e9b07df2caSHA1: 26f5c718216f1668f674816e580aa7c92f2660adSHA256: 08d78397a3da46ad70604d35f4efae34ed81894b4e2ae98ad7662a2c9fc0cbe1
Evidence Type Source Name Value Confidence Vendor file name jsch.agentproxy.jsch High Vendor jar package name agentproxy Highest Vendor jar package name agentproxy Low Vendor jar package name jcraft Highest Vendor jar package name jcraft Low Vendor jar package name jsch Highest Vendor jar package name jsch Low Vendor pom artifactid jsch.agentproxy.jsch Low Vendor pom groupid com.jcraft Highest Vendor pom name a library to use jsch-agent-proxy with JSch High Vendor pom parent-artifactid jsch.agentproxy Low Product file name jsch.agentproxy.jsch High Product jar package name agentproxy Highest Product jar package name agentproxy Low Product jar package name jcraft Highest Product jar package name jsch Highest Product jar package name jsch Low Product pom artifactid jsch.agentproxy.jsch Highest Product pom groupid com.jcraft Highest Product pom name a library to use jsch-agent-proxy with JSch High Product pom parent-artifactid jsch.agentproxy Medium Version file version 0.0.9 High Version pom version 0.0.9 Highest
Description:
a proxy to ssh-agent and Pageant in Java License:
http://www.jcraft.com/jsch-agent-proxy/LICENSE.txt File Path: /home/runner/.m2/repository/com/jcraft/jsch.agentproxy.pageant/0.0.9/jsch.agentproxy.pageant-0.0.9.jar
MD5: c10b5d389d46e881d2f02001a929f623
SHA1: 7651361429af009ff18a6ea5c4e5d38ecff7f959
SHA256: 737ad86ce82b56152f4f463fc00fb5b4b1dab9dab095e356bcc488c49cfc32a8
Evidence Type Source Name Value Confidence Vendor file name jsch.agentproxy.pageant High Vendor jar package name agentproxy Highest Vendor jar package name connector Highest Vendor jar package name jcraft Highest Vendor jar package name jsch Highest Vendor Manifest bundle-docurl http://www.jcraft.com/ Low Vendor Manifest bundle-symbolicname com.jcraft.jsch.agentproxy.pageant Medium Vendor pom artifactid jsch.agentproxy.pageant Low Vendor pom groupid com.jcraft Highest Vendor pom name a connector for Pageant using JNA High Vendor pom parent-artifactid jsch.agentproxy Low Product file name jsch.agentproxy.pageant High Product jar package name agentproxy Highest Product jar package name connector Highest Product jar package name jcraft Highest Product jar package name jsch Highest Product Manifest bundle-docurl http://www.jcraft.com/ Low Product Manifest Bundle-Name a connector for Pageant using JNA Medium Product Manifest bundle-symbolicname com.jcraft.jsch.agentproxy.pageant Medium Product pom artifactid jsch.agentproxy.pageant Highest Product pom groupid com.jcraft Highest Product pom name a connector for Pageant using JNA High Product pom parent-artifactid jsch.agentproxy Medium Version file version 0.0.9 High Version Manifest Bundle-Version 0.0.9 High Version pom version 0.0.9 Highest
Description:
a proxy to ssh-agent and Pageant in Java License:
http://www.jcraft.com/jsch-agent-proxy/LICENSE.txt File Path: /home/runner/.m2/repository/com/jcraft/jsch.agentproxy.sshagent/0.0.9/jsch.agentproxy.sshagent-0.0.9.jar
MD5: 5b3a97dc9ffa5b36b6b3ced0581456a3
SHA1: 2ecca436463287682d16c3fa628bd7cca426cf6f
SHA256: 10a27a381f10b5efc33acd4f4200dda9fc9e70d304c8aad52e713064ee6f4655
Evidence Type Source Name Value Confidence Vendor file name jsch.agentproxy.sshagent High Vendor jar package name agentproxy Highest Vendor jar package name connector Highest Vendor jar package name jcraft Highest Vendor jar package name jsch Highest Vendor Manifest bundle-docurl http://www.jcraft.com/ Low Vendor Manifest bundle-symbolicname com.jcraft.jsch.agentproxy.sshagent Medium Vendor pom artifactid jsch.agentproxy.sshagent Low Vendor pom groupid com.jcraft Highest Vendor pom name a connector for ssh-agent High Vendor pom parent-artifactid jsch.agentproxy Low Product file name jsch.agentproxy.sshagent High Product jar package name agentproxy Highest Product jar package name connector Highest Product jar package name jcraft Highest Product jar package name jsch Highest Product Manifest bundle-docurl http://www.jcraft.com/ Low Product Manifest Bundle-Name a connector for ssh-agent Medium Product Manifest bundle-symbolicname com.jcraft.jsch.agentproxy.sshagent Medium Product pom artifactid jsch.agentproxy.sshagent Highest Product pom groupid com.jcraft Highest Product pom name a connector for ssh-agent High Product pom parent-artifactid jsch.agentproxy Medium Version file version 0.0.9 High Version Manifest Bundle-Version 0.0.9 High Version pom version 0.0.9 Highest
Description:
a proxy to ssh-agent and Pageant in Java License:
http://www.jcraft.com/jsch-agent-proxy/LICENSE.txt File Path: /home/runner/.m2/repository/com/jcraft/jsch.agentproxy.usocket-jna/0.0.9/jsch.agentproxy.usocket-jna-0.0.9.jar
MD5: 18ff1492b3c94fb7ddab0792efe13b6e
SHA1: 100522438a57b4c0d15db112fc8a08d17f48080a
SHA256: a5a0f8d3c1c5fb2df2abc4cb68d79b38e71fb37fc2a84d898d2f775150f43a5f
Evidence Type Source Name Value Confidence Vendor file name jsch.agentproxy.usocket-jna High Vendor jar package name agentproxy Highest Vendor jar package name jcraft Highest Vendor jar package name jsch Highest Vendor jar package name usocket Highest Vendor Manifest bundle-docurl http://www.jcraft.com/ Low Vendor Manifest bundle-symbolicname com.jcraft.jsch.agentproxy.usocket-jna Medium Vendor pom artifactid jsch.agentproxy.usocket-jna Low Vendor pom groupid com.jcraft Highest Vendor pom name an implementation of USocketFactory using JNA High Vendor pom parent-artifactid jsch.agentproxy Low Product file name jsch.agentproxy.usocket-jna High Product jar package name agentproxy Highest Product jar package name jcraft Highest Product jar package name jsch Highest Product jar package name usocket Highest Product Manifest bundle-docurl http://www.jcraft.com/ Low Product Manifest Bundle-Name an implementation of USocketFactory using JNA Medium Product Manifest bundle-symbolicname com.jcraft.jsch.agentproxy.usocket-jna Medium Product pom artifactid jsch.agentproxy.usocket-jna Highest Product pom groupid com.jcraft Highest Product pom name an implementation of USocketFactory using JNA High Product pom parent-artifactid jsch.agentproxy Medium Version file version 0.0.9 High Version Manifest Bundle-Version 0.0.9 High Version pom version 0.0.9 Highest
Description:
a proxy to ssh-agent and Pageant in Java License:
http://www.jcraft.com/jsch-agent-proxy/LICENSE.txt File Path: /home/runner/.m2/repository/com/jcraft/jsch.agentproxy.usocket-nc/0.0.9/jsch.agentproxy.usocket-nc-0.0.9.jar
MD5: 76afbdff6f1d6293bfe6993305ba1659
SHA1: 926fd2eb5586c779b8d7827036ea8e06fe7744ba
SHA256: eab73aaf832a88c39c7e86559cacc6e7938948ce6f8e8c0e44811ef062ac9e63
Evidence Type Source Name Value Confidence Vendor file name jsch.agentproxy.usocket-nc High Vendor jar package name agentproxy Highest Vendor jar package name jcraft Highest Vendor jar package name jsch Highest Vendor jar package name usocket Highest Vendor Manifest bundle-docurl http://www.jcraft.com/ Low Vendor Manifest bundle-symbolicname com.jcraft.jsch.agentproxy.usocket-nc Medium Vendor pom artifactid jsch.agentproxy.usocket-nc Low Vendor pom groupid com.jcraft Highest Vendor pom name an implementation of USocketFactory using netcat High Vendor pom parent-artifactid jsch.agentproxy Low Product file name jsch.agentproxy.usocket-nc High Product jar package name agentproxy Highest Product jar package name jcraft Highest Product jar package name jsch Highest Product jar package name usocket Highest Product Manifest bundle-docurl http://www.jcraft.com/ Low Product Manifest Bundle-Name an implementation of USocketFactory using netcat Medium Product Manifest bundle-symbolicname com.jcraft.jsch.agentproxy.usocket-nc Medium Product pom artifactid jsch.agentproxy.usocket-nc Highest Product pom groupid com.jcraft Highest Product pom name an implementation of USocketFactory using netcat High Product pom parent-artifactid jsch.agentproxy Medium Version file version 0.0.9 High Version Manifest Bundle-Version 0.0.9 High Version pom version 0.0.9 Highest
CVE-2008-5730 suppress
Multiple CRLF injection vulnerabilities in AIST NetCat 3.12 and earlier allow remote attackers to have an unknown impact via unspecified vectors involving (1) a %0a sequence in a cookie and (2) the add.php file. CWE-20 Improper Input Validation
CVSSv2:
Base Score: HIGH (7.5) Vector: /AV:N/AC:L/Au:N/C:P/I:P/A:P References:
Vulnerable Software & Versions: (show all )
CVE-2008-5727 suppress
SQL injection vulnerability in modules/auth/password_recovery.php in AIST NetCat 3.12 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the query string. CWE-89 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVSSv2:
Base Score: MEDIUM (6.8) Vector: /AV:N/AC:M/Au:N/C:P/I:P/A:P References:
Vulnerable Software & Versions: (show all )
CVE-2008-5728 suppress
Multiple directory traversal vulnerabilities in AIST NetCat 3.12 and earlier, when magic_quotes_gpc is disabled and register_globals is enabled, allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in (1) the system parameter in modules/netshop/post.php; and the INCLUDE_FOLDER parameter in (2) auth.inc.php, (3) banner.inc.php, (4) blog.inc.php, and (5) forum.inc.php in modules/. CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVSSv2:
Base Score: MEDIUM (5.1) Vector: /AV:N/AC:H/Au:N/C:P/I:P/A:P References:
Vulnerable Software & Versions: (show all )
CVE-2015-2214 suppress
NetCat 5.01 and earlier allows remote attackers to obtain the installation path via the redirect_url parameter to netshop/post.php. CWE-200 Exposure of Sensitive Information to an Unauthorized Actor
CVSSv2:
Base Score: MEDIUM (5.0) Vector: /AV:N/AC:L/Au:N/C:P/I:N/A:N References:
Vulnerable Software & Versions:
CVE-2008-5729 suppress
Multiple cross-site scripting (XSS) vulnerabilities in AIST NetCat 3.12 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) form and (2) control parameters to FCKeditor/neditor.php, and the (3) path parameter to admin/siteinfo/iframe.inc.php. CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVSSv2:
Base Score: MEDIUM (4.3) Vector: /AV:N/AC:M/Au:N/C:N/I:P/A:N References:
Vulnerable Software & Versions: (show all )
CVE-2008-5742 suppress
Multiple open redirect vulnerabilities in AIST NetCat 3.12 and earlier allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via (1) the redirect parameter in a logoff action to modules/auth/index.php or (2) the url parameter to modules/linkmanager/redirect.php. NOTE: this was reported within an "HTTP Response Splitting" section in the original disclosure. CWE-59 Improper Link Resolution Before File Access ('Link Following')
CVSSv2:
Base Score: MEDIUM (4.0) Vector: /AV:N/AC:H/Au:N/C:N/I:P/A:P References:
Vulnerable Software & Versions: (show all )
Description:
A simple Java toolkit for JSON License:
The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /home/runner/.m2/repository/com/googlecode/json-simple/json-simple/1.1.1/json-simple-1.1.1.jar
MD5: 5cc2c478d73e8454b4c369cee66c5bc7
SHA1: c9ad4a0850ab676c5c64461a05ca524cdfff59f1
SHA256: 4e69696892b88b41c55d49ab2fdcc21eead92bf54acc588c0050596c3b75199c
Evidence Type Source Name Value Confidence Vendor file name json-simple High Vendor jar package name json Highest Vendor jar package name simple Highest Vendor Manifest bundle-symbolicname com.googlecode.json-simple Medium Vendor pom artifactid json-simple Low Vendor pom developer id Yidong Medium Vendor pom developer name Yidong Fang Medium Vendor pom groupid com.googlecode.json-simple Highest Vendor pom name JSON.simple High Vendor pom url http://code.google.com/p/json-simple/ Highest Product file name json-simple High Product jar package name json Highest Product jar package name simple Highest Product Manifest Bundle-Name JSON.simple Medium Product Manifest bundle-symbolicname com.googlecode.json-simple Medium Product pom artifactid json-simple Highest Product pom developer id Yidong Low Product pom developer name Yidong Fang Low Product pom groupid com.googlecode.json-simple Highest Product pom name JSON.simple High Product pom url http://code.google.com/p/json-simple/ Medium Version file version 1.1.1 High Version Manifest Bundle-Version 1.1.1 High Version pom version 1.1.1 Highest
Description:
jsoup is a Java library for working with real-world HTML. It provides a very convenient API for fetching URLs and extracting and manipulating data, using the best of HTML5 DOM methods and CSS selectors. jsoup implements the WHATWG HTML5 specification, and parses HTML to the same DOM as modern browsers do. License:
The MIT License: https://jsoup.org/license File Path: /home/runner/.m2/repository/org/jsoup/jsoup/1.15.3/jsoup-1.15.3.jar
MD5: 4f16c3b17b8c1b0173b1ed9f99f2c27c
SHA1: f6e1d8a8819f854b681c8eaa57fd59a42329e10c
SHA256: e20a5e78b1372f2a4e620832db4442d5077e5cbde280b24c666a3770844999bc
Evidence Type Source Name Value Confidence Vendor file name jsoup High Vendor jar package name jsoup Highest Vendor jar package name parser Highest Vendor Manifest automatic-module-name org.jsoup Medium Vendor Manifest build-jdk-spec 18 Low Vendor Manifest bundle-docurl https://jsoup.org/ Low Vendor Manifest bundle-symbolicname org.jsoup Medium Vendor Manifest Implementation-Vendor Jonathan Hedley High Vendor pom artifactid jsoup Low Vendor pom developer email jonathan@hedley.net Low Vendor pom developer id jhy Medium Vendor pom developer name Jonathan Hedley Medium Vendor pom groupid org.jsoup Highest Vendor pom name jsoup Java HTML Parser High Vendor pom organization name Jonathan Hedley High Vendor pom organization url https://jhy.io/ Medium Vendor pom url https://jsoup.org/ Highest Product file name jsoup High Product jar package name jsoup Highest Product jar package name parser Highest Product Manifest automatic-module-name org.jsoup Medium Product Manifest build-jdk-spec 18 Low Product Manifest bundle-docurl https://jsoup.org/ Low Product Manifest Bundle-Name jsoup Java HTML Parser Medium Product Manifest bundle-symbolicname org.jsoup Medium Product Manifest Implementation-Title jsoup Java HTML Parser High Product pom artifactid jsoup Highest Product pom developer email jonathan@hedley.net Low Product pom developer id jhy Low Product pom developer name Jonathan Hedley Low Product pom groupid org.jsoup Highest Product pom name jsoup Java HTML Parser High Product pom organization name Jonathan Hedley Low Product pom organization url https://jhy.io/ Low Product pom url https://jsoup.org/ Medium Version file version 1.15.3 High Version Manifest Bundle-Version 1.15.3 High Version Manifest Implementation-Version 1.15.3 High Version pom version 1.15.3 Highest
Description:
JSR305 Annotations for Findbugs License:
The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /home/runner/.m2/repository/com/google/code/findbugs/jsr305/3.0.2/jsr305-3.0.2.jar
MD5: dd83accb899363c32b07d7a1b2e4ce40
SHA1: 25ea2e8b0c338a877313bd4672d3fe056ea78f0d
SHA256: 766ad2a0783f2687962c8ad74ceecc38a28b9f72a2d085ee438b7813e928d0c7
Evidence Type Source Name Value Confidence Vendor file name jsr305 High Vendor Manifest bundle-symbolicname org.jsr-305 Medium Vendor pom artifactid jsr305 Low Vendor pom groupid com.google.code.findbugs Highest Vendor pom name FindBugs-jsr305 High Vendor pom url http://findbugs.sourceforge.net/ Highest Product file name jsr305 High Product Manifest Bundle-Name FindBugs-jsr305 Medium Product Manifest bundle-symbolicname org.jsr-305 Medium Product pom artifactid jsr305 Highest Product pom groupid com.google.code.findbugs Highest Product pom name FindBugs-jsr305 High Product pom url http://findbugs.sourceforge.net/ Medium Version file version 3.0.2 High Version Manifest Bundle-Version 3.0.2 High Version pom version 3.0.2 Highest
Description:
JUnit is a regression testing framework written by Erich Gamma and Kent Beck. It is used by the developer who implements unit tests in Java.
License:
Common Public License Version 1.0: http://www.opensource.org/licenses/cpl1.0.txt File Path: /home/runner/.m2/repository/junit/junit/3.8.1/junit-3.8.1.jar
MD5: 1f40fb782a4f2cf78f161d32670f7a3a
SHA1: 99129f16442844f6a4a11ae22fbbee40b14d774f
SHA256: b58e459509e190bed737f3592bc1950485322846cf10e78ded1d065153012d70
Evidence Type Source Name Value Confidence Vendor file name junit High Vendor jar package name framework Highest Vendor jar package name junit Highest Vendor jar package name junit Low Vendor pom artifactid junit Low Vendor pom groupid junit Highest Vendor pom name JUnit High Vendor pom organization name JUnit High Vendor pom organization url http://www.junit.org Medium Vendor pom url http://junit.org Highest Product file name junit High Product jar package name framework Highest Product jar package name junit Highest Product pom artifactid junit Highest Product pom groupid junit Highest Product pom name JUnit High Product pom organization name JUnit Low Product pom organization url http://www.junit.org Low Product pom url http://junit.org Medium Version file version 3.8.1 High Version pom version 3.8.1 Highest
Description:
A Clojure library for software license detection. License:
Apache License 2.0: http://www.apache.org/licenses/LICENSE-2.0.html File Path: /home/runner/.m2/repository/com/github/pmonks/lice-comb/2.0.247/lice-comb-2.0.247.jar
MD5: 59357ae3190dc8cc66b924851be848a4
SHA1: 51e185139e0ad084cbd3c2a2a04cc70aa9c640b6
SHA256: 7a619cca697f0c365e33c2172770826c0e01941fc82f937feed1fad6ec8edea6
Evidence Type Source Name Value Confidence Vendor file name lice-comb High Vendor Manifest build-jdk-spec 21 Low Vendor pom artifactid lice-comb Low Vendor pom developer email pmonks+lice-comb@gmail.com Low Vendor pom developer id pmonks Medium Vendor pom developer name Peter Monks Medium Vendor pom groupid com.github.pmonks Highest Vendor pom name lice-comb High Vendor pom url pmonks/lice-comb Highest Product file name lice-comb High Product Manifest build-jdk-spec 21 Low Product pom artifactid lice-comb Highest Product pom developer email pmonks+lice-comb@gmail.com Low Product pom developer id pmonks Low Product pom developer name Peter Monks Low Product pom groupid com.github.pmonks Highest Product pom name lice-comb High Product pom url pmonks/lice-comb High Version file version 2.0.247 High Version pom version 2.0.247 Highest
Description:
An empty artifact that Guava depends on to signal that it is providing
ListenableFuture -- but is also available in a second "version" that
contains com.google.common.util.concurrent.ListenableFuture class, without
any other Guava classes. The idea is:
- If users want only ListenableFuture, they depend on listenablefuture-1.0.
- If users want all of Guava, they depend on guava, which, as of Guava
27.0, depends on
listenablefuture-9999.0-empty-to-avoid-conflict-with-guava. The 9999.0-...
version number is enough for some build systems (notably, Gradle) to select
that empty artifact over the "real" listenablefuture-1.0 -- avoiding a
conflict with the copy of ListenableFuture in guava itself. If users are
using an older version of Guava or a build system other than Gradle, they
may see class conflicts. If so, they can solve them by manually excluding
the listenablefuture artifact or manually forcing their build systems to
use 9999.0-....
File Path: /home/runner/.m2/repository/com/google/guava/listenablefuture/9999.0-empty-to-avoid-conflict-with-guava/listenablefuture-9999.0-empty-to-avoid-conflict-with-guava.jarMD5: d094c22570d65e132c19cea5d352e381SHA1: b421526c5f297295adef1c886e5246c39d4ac629SHA256: b372a037d4230aa57fbeffdef30fd6123f9c0c2db85d0aced00c91b974f33f99
Evidence Type Source Name Value Confidence Vendor file name listenablefuture High Vendor pom artifactid listenablefuture Low Vendor pom groupid com.google.guava Highest Vendor pom name Guava ListenableFuture only High Vendor pom parent-artifactid guava-parent Low Product file name listenablefuture High Product pom artifactid listenablefuture Highest Product pom groupid com.google.guava Highest Product pom name Guava ListenableFuture only High Product pom parent-artifactid guava-parent Medium Version pom parent-version 9999.0-empty-to-avoid-conflict-with-guava Low Version pom version 9999.0-empty-to-avoid-conflict-with-guava Highest
Description:
The Apache Log4j Implementation License:
Apache-2.0: https://www.apache.org/licenses/LICENSE-2.0.txt File Path: /home/runner/.m2/repository/org/apache/logging/log4j/log4j-core/2.22.0/log4j-core-2.22.0.jar
MD5: ef7091a2e9542aa950cb5b01ed4eaff0
SHA1: bf2fd48bc237e99fd4f1c2e82db3b10ffb8c1f47
SHA256: aacb1b935c0070f644060c1fbc9b555f344cbfe8d0ef1234b464eb58bd7b8ad2
Evidence Type Source Name Value Confidence Vendor file name log4j-core High Vendor jar package name apache Highest Vendor jar package name core Highest Vendor jar package name log4j Highest Vendor jar package name logging Highest Vendor jar package name org Highest Vendor Manifest bundle-activationpolicy lazy Low Vendor Manifest bundle-symbolicname org.apache.logging.log4j.core Medium Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor Manifest multi-release true Low Vendor Manifest provide-capability osgi.service;objectClass:List="javax.annotation.processing.Processor";effective:=active,osgi.service;objectClass:List="org.apache.logging.log4j.core.util.ContextDataProvider";effective:=active,osgi.service;objectClass:List="org.apache.logging.log4j.message.ThreadDumpMessage$ThreadInfoFactory";effective:=active,osgi.service;objectClass:List="org.apache.logging.log4j.spi.Provider";effective:=active,osgi.serviceloader;osgi.serviceloader="javax.annotation.processing.Processor";register:="org.apache.logging.log4j.core.config.plugins.processor.PluginProcessor",osgi.serviceloader;osgi.serviceloader="org.apache.logging.log4j.core.util.ContextDataProvider";register:="org.apache.logging.log4j.core.impl.ThreadContextDataProvider",osgi.serviceloader;osgi.serviceloader="org.apache.logging.log4j.message.ThreadDumpMessage$ThreadInfoFactory";register:="org.apache.logging.log4j.core.message.ExtendedThreadInfoFactory",osgi.serviceloader;osgi.serviceloader="org.apache.logging.log4j.spi.Provider";register:="org.apache.logging.log4j.core.impl.Log4jProvider" Low Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor pom artifactid log4j-core Low Vendor pom groupid org.apache.logging.log4j Highest Vendor pom name Apache Log4j Core High Vendor pom parent-artifactid log4j Low Product file name log4j-core High Product jar package name apache Highest Product jar package name core Highest Product jar package name log4j Highest Product jar package name logging Highest Product jar package name org Highest Product Manifest bundle-activationpolicy lazy Low Product Manifest Bundle-Name Apache Log4j Core Medium Product Manifest bundle-symbolicname org.apache.logging.log4j.core Medium Product Manifest Implementation-Title Apache Log4j Core High Product Manifest multi-release true Low Product Manifest provide-capability osgi.service;objectClass:List="javax.annotation.processing.Processor";effective:=active,osgi.service;objectClass:List="org.apache.logging.log4j.core.util.ContextDataProvider";effective:=active,osgi.service;objectClass:List="org.apache.logging.log4j.message.ThreadDumpMessage$ThreadInfoFactory";effective:=active,osgi.service;objectClass:List="org.apache.logging.log4j.spi.Provider";effective:=active,osgi.serviceloader;osgi.serviceloader="javax.annotation.processing.Processor";register:="org.apache.logging.log4j.core.config.plugins.processor.PluginProcessor",osgi.serviceloader;osgi.serviceloader="org.apache.logging.log4j.core.util.ContextDataProvider";register:="org.apache.logging.log4j.core.impl.ThreadContextDataProvider",osgi.serviceloader;osgi.serviceloader="org.apache.logging.log4j.message.ThreadDumpMessage$ThreadInfoFactory";register:="org.apache.logging.log4j.core.message.ExtendedThreadInfoFactory",osgi.serviceloader;osgi.serviceloader="org.apache.logging.log4j.spi.Provider";register:="org.apache.logging.log4j.core.impl.Log4jProvider" Low Product Manifest specification-title Apache Log4j Core Medium Product pom artifactid log4j-core Highest Product pom groupid org.apache.logging.log4j Highest Product pom name Apache Log4j Core High Product pom parent-artifactid log4j Medium Version file version 2.22.0 High Version Manifest Bundle-Version 2.22.0 High Version Manifest Implementation-Version 2.22.0 High Version pom version 2.22.0 Highest
Related Dependencies log4j-1.2-api-2.22.0.jarFile Path: /home/runner/.m2/repository/org/apache/logging/log4j/log4j-1.2-api/2.22.0/log4j-1.2-api-2.22.0.jar MD5: d65c998bded05afe31c22ba91b90cab2 SHA1: 03ac87d9d729674fa876981d2e1b5a53b162a6dc SHA256: 43cc0c0a88d84eb87520cd6f0696e685603b9cf72bdae8ca04983642d25bb5ac pkg:maven/org.apache.logging.log4j/log4j-1.2-api@2.22.0 log4j-api-2.22.0.jarFile Path: /home/runner/.m2/repository/org/apache/logging/log4j/log4j-api/2.22.0/log4j-api-2.22.0.jar MD5: 5d753db833495ddaedd74f3d45091bab SHA1: 2c7d82708efd430e722562be1993defd9fb2426b SHA256: 1342c86c2a0848fc2f3d16b8544849f29fa31bf7af79f6066c2677ba29e47cf3 pkg:maven/org.apache.logging.log4j/log4j-api@2.22.0 log4j-jcl-2.22.0.jarFile Path: /home/runner/.m2/repository/org/apache/logging/log4j/log4j-jcl/2.22.0/log4j-jcl-2.22.0.jar MD5: 6349ae245f8f3231d27e3f941e992482 SHA1: ccc3adaa6345d14f03bd53e9830391cc6926a5a7 SHA256: cf7325224b4623562aa04b735778101b66e76674cc90c4f78c86cbda669dc55b pkg:maven/org.apache.logging.log4j/log4j-jcl@2.22.0 log4j-jul-2.22.0.jarFile Path: /home/runner/.m2/repository/org/apache/logging/log4j/log4j-jul/2.22.0/log4j-jul-2.22.0.jar MD5: 91defb4b4a9b060aac200885804eeda6 SHA1: 7259094067d2c02dce280f3c34febf62f79e04a9 SHA256: b732769b2e4cc9dd04b227467e27a58706005b511d4f122f6c580f083f493efe pkg:maven/org.apache.logging.log4j/log4j-jul@2.22.0 log4j-slf4j2-impl-2.22.0.jarFile Path: /home/runner/.m2/repository/org/apache/logging/log4j/log4j-slf4j2-impl/2.22.0/log4j-slf4j2-impl-2.22.0.jar MD5: d39790607a42d0c39bfadd3ca63263f3 SHA1: fa2daa770ef694720b6e24e0c3811e18b2da3e15 SHA256: 9abaaab68cdd710e572b283558157dc4d6b4ef549534018379ba5e3a772e6777 pkg:maven/org.apache.logging.log4j/log4j-slf4j2-impl@2.22.0 Description:
logback-classic module License:
Eclipse Public License - v 1.0: http://www.eclipse.org/legal/epl-v10.html
GNU Lesser General Public License: http://www.gnu.org/licenses/old-licenses/lgpl-2.1.html File Path: /home/runner/.m2/repository/ch/qos/logback/logback-classic/1.0.12/logback-classic-1.0.12.jar
MD5: 8164d029ace97d81bf4f63e16926aba6
SHA1: 030748760198d5071e139fa3d48cd1e57031fed6
SHA256: bb5437dc692a5c5af75b2fed36a4431e834b234399372c6c1f2dad9d9b072551
Evidence Type Source Name Value Confidence Vendor file name logback-classic High Vendor jar package name ch Highest Vendor jar package name classic Highest Vendor jar package name logback Highest Vendor jar package name qos Highest Vendor Manifest bundle-docurl http://www.qos.ch Low Vendor Manifest bundle-requiredexecutionenvironment J2SE-1.5 Low Vendor Manifest bundle-symbolicname ch.qos.logback.classic Medium Vendor Manifest originally-created-by 1.6.0_23 (Sun Microsystems Inc.) Low Vendor pom artifactid logback-classic Low Vendor pom groupid ch.qos.logback Highest Vendor pom name Logback Classic Module High Vendor pom parent-artifactid logback-parent Low Vendor pom url http://logback.qos.ch Highest Product file name logback-classic High Product jar package name ch Highest Product jar package name classic Highest Product jar package name logback Highest Product jar package name qos Highest Product Manifest bundle-docurl http://www.qos.ch Low Product Manifest Bundle-Name Logback Classic Module Medium Product Manifest bundle-requiredexecutionenvironment J2SE-1.5 Low Product Manifest bundle-symbolicname ch.qos.logback.classic Medium Product Manifest originally-created-by 1.6.0_23 (Sun Microsystems Inc.) Low Product pom artifactid logback-classic Highest Product pom groupid ch.qos.logback Highest Product pom name Logback Classic Module High Product pom parent-artifactid logback-parent Medium Product pom url http://logback.qos.ch Medium Version file version 1.0.12 High Version Manifest Bundle-Version 1.0.12 High Version pom version 1.0.12 Highest
CVE-2017-5929 suppress
QOS.ch Logback before 1.2.0 has a serialization vulnerability affecting the SocketServer and ServerSocketReceiver components. CWE-502 Deserialization of Untrusted Data
CVSSv2:
Base Score: HIGH (7.5) Vector: /AV:N/AC:L/Au:N/C:P/I:P/A:P CVSSv3:
Base Score: CRITICAL (9.8) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H References:
Vulnerable Software & Versions: (show all )
CVE-2023-6378 (OSSINDEX)suppress
A serialization vulnerability in logback receiver component part of
logback version 1.4.11 allows an attacker to mount a Denial-Of-Service
attack by sending poisoned data.
Sonatype's research suggests that this CVE's details differ from those defined at NVD. See https://ossindex.sonatype.org/vulnerability/CVE-2023-6378 for details CWE-502 Deserialization of Untrusted Data
CVSSv3:
Base Score: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H References:
Vulnerable Software & Versions (OSSINDEX):
cpe:2.3:a:ch.qos.logback:logback-classic:1.0.12:*:*:*:*:*:*:* CVE-2021-42550 suppress
In logback version 1.2.7 and prior versions, an attacker with the required privileges to edit configurations files could craft a malicious configuration allowing to execute arbitrary code loaded from LDAP servers. CWE-502 Deserialization of Untrusted Data
CVSSv2:
Base Score: HIGH (8.5) Vector: /AV:N/AC:M/Au:S/C:C/I:C/A:C CVSSv3:
Base Score: MEDIUM (6.6) Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H References:
Vulnerable Software & Versions: (show all )
Description:
logback-core module License:
Eclipse Public License - v 1.0: http://www.eclipse.org/legal/epl-v10.html
GNU Lesser General Public License: http://www.gnu.org/licenses/old-licenses/lgpl-2.1.html File Path: /home/runner/.m2/repository/ch/qos/logback/logback-core/1.0.12/logback-core-1.0.12.jar
MD5: 2e66adc4631175dce6dc51a744cd631f
SHA1: 590fd33f7c2cfcc1223da4c58c5cb18600de104e
SHA256: 2665527ca6b49076e1799d2e9c3679af617dc06c17cf6d7789685e95d57d704b
Evidence Type Source Name Value Confidence Vendor file name logback-core High Vendor jar package name ch Highest Vendor jar package name core Highest Vendor jar package name logback Highest Vendor jar package name qos Highest Vendor Manifest bundle-docurl http://www.qos.ch Low Vendor Manifest bundle-requiredexecutionenvironment J2SE-1.5 Low Vendor Manifest bundle-symbolicname ch.qos.logback.core Medium Vendor Manifest originally-created-by 1.6.0_23 (Sun Microsystems Inc.) Low Vendor pom artifactid logback-core Low Vendor pom groupid ch.qos.logback Highest Vendor pom name Logback Core Module High Vendor pom parent-artifactid logback-parent Low Vendor pom url http://logback.qos.ch Highest Product file name logback-core High Product jar package name ch Highest Product jar package name core Highest Product jar package name logback Highest Product jar package name qos Highest Product Manifest bundle-docurl http://www.qos.ch Low Product Manifest Bundle-Name Logback Core Module Medium Product Manifest bundle-requiredexecutionenvironment J2SE-1.5 Low Product Manifest bundle-symbolicname ch.qos.logback.core Medium Product Manifest originally-created-by 1.6.0_23 (Sun Microsystems Inc.) Low Product pom artifactid logback-core Highest Product pom groupid ch.qos.logback Highest Product pom name Logback Core Module High Product pom parent-artifactid logback-parent Medium Product pom url http://logback.qos.ch Medium Version file version 1.0.12 High Version Manifest Bundle-Version 1.0.12 High Version pom version 1.0.12 Highest
CVE-2017-5929 suppress
QOS.ch Logback before 1.2.0 has a serialization vulnerability affecting the SocketServer and ServerSocketReceiver components. CWE-502 Deserialization of Untrusted Data
CVSSv2:
Base Score: HIGH (7.5) Vector: /AV:N/AC:L/Au:N/C:P/I:P/A:P CVSSv3:
Base Score: CRITICAL (9.8) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H References:
Vulnerable Software & Versions: (show all )
CVE-2021-42550 suppress
In logback version 1.2.7 and prior versions, an attacker with the required privileges to edit configurations files could craft a malicious configuration allowing to execute arbitrary code loaded from LDAP servers. CWE-502 Deserialization of Untrusted Data
CVSSv2:
Base Score: HIGH (8.5) Vector: /AV:N/AC:M/Au:S/C:C/I:C/A:C CVSSv3:
Base Score: MEDIUM (6.6) Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H References:
Vulnerable Software & Versions: (show all )
File Path: /home/runner/.m2/repository/org/apache/maven/maven-artifact/3.8.7/maven-artifact-3.8.7.jarMD5: 4c2a8316eda726b35c9ae90b7c271dd4SHA1: 4b820734b856682f99f6ad2de4f1f7dd4b82335fSHA256: 23eb1c5c26f3d1b4694647b071beabfd96083191b006394707753af2ced8db01
Evidence Type Source Name Value Confidence Vendor file name maven-artifact High Vendor jar package name apache Highest Vendor jar package name artifact Highest Vendor jar package name maven Highest Vendor Manifest build-jdk-spec 1.8 Low Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor pom artifactid maven-artifact Low Vendor pom groupid org.apache.maven Highest Vendor pom name Maven Artifact High Vendor pom parent-artifactid maven Low Product file name maven-artifact High Product jar package name apache Highest Product jar package name artifact Highest Product jar package name maven Highest Product Manifest build-jdk-spec 1.8 Low Product Manifest Implementation-Title Maven Artifact High Product Manifest specification-title Maven Artifact Medium Product pom artifactid maven-artifact Highest Product pom groupid org.apache.maven Highest Product pom name Maven Artifact High Product pom parent-artifactid maven Medium Version file version 3.8.7 High Version Manifest Implementation-Version 3.8.7 High Version pom version 3.8.7 Highest
Description:
Support for descriptor builders (model, setting, toolchains) File Path: /home/runner/.m2/repository/org/apache/maven/maven-builder-support/3.9.4/maven-builder-support-3.9.4.jarMD5: daa20793bc753f5a2918602f213491abSHA1: 671110e56110d5c89eda904f198719a2b5fa4a21SHA256: 86946fb06cb205515539b93b005c3bb928ba3d0d140af68079cc4cc815125096
Evidence Type Source Name Value Confidence Vendor file name maven-builder-support High Vendor jar package name apache Highest Vendor jar package name maven Highest Vendor Manifest build-jdk-spec 17 Low Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor pom artifactid maven-builder-support Low Vendor pom groupid org.apache.maven Highest Vendor pom name Maven Builder Support High Vendor pom parent-artifactid maven Low Product file name maven-builder-support High Product jar package name apache Highest Product jar package name maven Highest Product Manifest build-jdk-spec 17 Low Product Manifest Implementation-Title Maven Builder Support High Product Manifest specification-title Maven Builder Support Medium Product pom artifactid maven-builder-support Highest Product pom groupid org.apache.maven Highest Product pom name Maven Builder Support High Product pom parent-artifactid maven Medium Version file version 3.9.4 High Version Manifest Implementation-Version 3.9.4 High Version pom version 3.9.4 Highest
Description:
Maven Core classes. File Path: /home/runner/.m2/repository/org/apache/maven/maven-core/3.8.6/maven-core-3.8.6.jarMD5: 92b05ed72c78a0ddca876d73e9a6b87cSHA1: f945f1f19452214d360d453d9357275313f1cfd9SHA256: 439550da8d5451f84cbc6806df7cdccc30c4bbf59456659af95aac907bf658e1
Evidence Type Source Name Value Confidence Vendor file name maven-core High Vendor jar package name apache Highest Vendor jar package name maven Highest Vendor Manifest build-jdk-spec 1.8 Low Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor pom artifactid maven-core Low Vendor pom groupid org.apache.maven Highest Vendor pom name Maven Core High Vendor pom parent-artifactid maven Low Product file name maven-core High Product jar package name apache Highest Product jar package name maven Highest Product Manifest build-jdk-spec 1.8 Low Product Manifest Implementation-Title Maven Core High Product Manifest specification-title Maven Core Medium Product pom artifactid maven-core Highest Product pom groupid org.apache.maven Highest Product pom name Maven Core High Product pom parent-artifactid maven Medium Version file version 3.8.6 High Version Manifest Implementation-Version 3.8.6 High Version pom version 3.8.6 Highest
Description:
Model for Maven POM (Project Object Model) File Path: /home/runner/.m2/repository/org/apache/maven/maven-model/3.8.7/maven-model-3.8.7.jarMD5: 91c8c6b449ca34033832f268df64873bSHA1: a6a1f77aa36d158c8ec7917112192083b9467cd4SHA256: 6fcadaee2a885c43b158f2e3833d0a3ecb68efc62e25ea5b11f77cc0716a7b2d
Evidence Type Source Name Value Confidence Vendor file name maven-model High Vendor jar package name apache Highest Vendor jar package name maven Highest Vendor jar package name model Highest Vendor Manifest build-jdk-spec 1.8 Low Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor pom artifactid maven-model Low Vendor pom groupid org.apache.maven Highest Vendor pom name Maven Model High Vendor pom parent-artifactid maven Low Product file name maven-model High Product jar package name apache Highest Product jar package name maven Highest Product jar package name model Highest Product Manifest build-jdk-spec 1.8 Low Product Manifest Implementation-Title Maven Model High Product Manifest specification-title Maven Model Medium Product pom artifactid maven-model Highest Product pom groupid org.apache.maven Highest Product pom name Maven Model High Product pom parent-artifactid maven Medium Version file version 3.8.7 High Version Manifest Implementation-Version 3.8.7 High Version pom version 3.8.7 Highest
Description:
The effective model builder, with inheritance, profile activation, interpolation, ... File Path: /home/runner/.m2/repository/org/apache/maven/maven-model-builder/3.8.7/maven-model-builder-3.8.7.jarMD5: c22abd419db50518190fe557a06c152dSHA1: d2fd892b20bd945b441607a7d49adfd1fc133e31SHA256: f1c47b4a29d3267532c6a1e499f0ccd5307b321a97e985af4573138ea5cdeb69
Evidence Type Source Name Value Confidence Vendor file name maven-model-builder High Vendor jar package name apache Highest Vendor jar package name inheritance Highest Vendor jar package name interpolation Highest Vendor jar package name maven Highest Vendor jar package name model Highest Vendor jar package name profile Highest Vendor Manifest build-jdk-spec 1.8 Low Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor pom artifactid maven-model-builder Low Vendor pom groupid org.apache.maven Highest Vendor pom name Maven Model Builder High Vendor pom parent-artifactid maven Low Product file name maven-model-builder High Product jar package name apache Highest Product jar package name inheritance Highest Product jar package name interpolation Highest Product jar package name maven Highest Product jar package name model Highest Product jar package name profile Highest Product Manifest build-jdk-spec 1.8 Low Product Manifest Implementation-Title Maven Model Builder High Product Manifest specification-title Maven Model Builder Medium Product pom artifactid maven-model-builder Highest Product pom groupid org.apache.maven Highest Product pom name Maven Model Builder High Product pom parent-artifactid maven Medium Version file version 3.8.7 High Version Manifest Implementation-Version 3.8.7 High Version pom version 3.8.7 Highest
Description:
The API for plugins - Mojos - development. File Path: /home/runner/.m2/repository/org/apache/maven/maven-plugin-api/3.8.6/maven-plugin-api-3.8.6.jarMD5: c8187986d35b9d8a347e3989402879f3SHA1: 4138e2e9b39f364902ac263888feb7b2407a298eSHA256: 2c317f6041219f16f34bd47ea7618e57552d4f1f707378701b9efed4adecf70a
Evidence Type Source Name Value Confidence Vendor file name maven-plugin-api High Vendor jar package name apache Highest Vendor jar package name maven Highest Vendor jar package name plugin Highest Vendor Manifest build-jdk-spec 1.8 Low Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor pom artifactid maven-plugin-api Low Vendor pom groupid org.apache.maven Highest Vendor pom name Maven Plugin API High Vendor pom parent-artifactid maven Low Product file name maven-plugin-api High Product jar package name apache Highest Product jar package name maven Highest Product jar package name plugin Highest Product Manifest build-jdk-spec 1.8 Low Product Manifest Implementation-Title Maven Plugin API High Product Manifest specification-title Maven Plugin API Medium Product pom artifactid maven-plugin-api Highest Product pom groupid org.apache.maven Highest Product pom name Maven Plugin API High Product pom parent-artifactid maven Medium Version file version 3.8.6 High Version Manifest Implementation-Version 3.8.6 High Version pom version 3.8.6 Highest
Description:
Per-directory local and remote repository metadata. File Path: /home/runner/.m2/repository/org/apache/maven/maven-repository-metadata/3.8.7/maven-repository-metadata-3.8.7.jarMD5: 9300bb51021bcc2558fee4deb19c3ec5SHA1: 42f7cc6120c8a755ed8c3c3bb5dcd5366d2e11eeSHA256: ae07c180da5ae7784915cf3980e90de361ea4d1bc5337b969694f50339efd9e1
Evidence Type Source Name Value Confidence Vendor file name maven-repository-metadata High Vendor jar package name apache Highest Vendor jar package name maven Highest Vendor jar package name repository Highest Vendor Manifest build-jdk-spec 1.8 Low Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor pom artifactid maven-repository-metadata Low Vendor pom groupid org.apache.maven Highest Vendor pom name Maven Repository Metadata Model High Vendor pom parent-artifactid maven Low Product file name maven-repository-metadata High Product jar package name apache Highest Product jar package name maven Highest Product jar package name repository Highest Product Manifest build-jdk-spec 1.8 Low Product Manifest Implementation-Title Maven Repository Metadata Model High Product Manifest specification-title Maven Repository Metadata Model Medium Product pom artifactid maven-repository-metadata Highest Product pom groupid org.apache.maven Highest Product pom name Maven Repository Metadata Model High Product pom parent-artifactid maven Medium Version file version 3.8.7 High Version Manifest Implementation-Version 3.8.7 High Version pom version 3.8.7 Highest
Description:
The application programming interface for the repository system.
License:
"Apache License, Version 2.0";link="https://www.apache.org/licenses/LICENSE-2.0.txt" File Path: /home/runner/.m2/repository/org/apache/maven/resolver/maven-resolver-api/1.9.4/maven-resolver-api-1.9.4.jar
MD5: 780ee20cf4abadbbf9560c83db0e8c5e
SHA1: e5d1d93ef97ccb74cd16e81ecf58e4c244439a40
SHA256: 7c51c97722da5abd1623d16f0224229c364a55ecac832833a54c23fe4b3569cd
Evidence Type Source Name Value Confidence Vendor file name maven-resolver-api High Vendor jar package name artifact Highest Vendor jar package name repository Highest Vendor Manifest automatic-module-name org.apache.maven.resolver Medium Vendor Manifest build-jdk-spec 17 Low Vendor Manifest bundle-developers khmarbaise;email="khmarbaise@apache.org";name="Karl Heinz Marbaise";roles="PMC Chair";timezone="+1",aheritier;email="aheritier@apache.org";name="Arnaud Héritier";roles="PMC Member";timezone="+1",andham;email="andham@apache.org";name="Anders Hammar";roles="PMC Member";timezone="+1",baerrach;email="baerrach@apache.org";name="Barrie Treloar";roles="PMC Member";timezone="Australia/Adelaide",bimargulies;email="bimargulies@apache.org";name="Benson Margulies";roles="PMC Member";timezone="America/New_York",brianf;email="brianf@apache.org";name="Brian Fox";organization=Sonatype;roles="PMC Member";timezone=-5,cstamas;email="cstamas@apache.org";name="Tamas Cservenak";roles="PMC Member";timezone="+1",dennisl;email="dennisl@apache.org";name="Dennis Lundberg";organization=ASF;roles="PMC Member";timezone="+1",dkulp;email="dkulp@apache.org";name="Daniel Kulp";organization=ASF;roles="PMC Member";timezone=-5,evenisse;email="evenisse@apache.org";name="Emmanuel Venisse";organization=ASF;roles="PMC Member";timezone="+1",gboue;email="gboue@apache.org";name="Guillaume Boué";roles="PMC Member";timezone="Europe/Paris",hboutemy;email="hboutemy@apache.org";name="Hervé Boutemy";organization=ASF;roles="PMC Member";timezone="Europe/Paris",ifedorenko;email="igor@ifedorenko.com";name="Igor Fedorenko";organization=Sonatype;roles="PMC Member";timezone=-5,jvanzyl;email="jason@maven.org";name="Jason van Zyl";roles="PMC Member";timezone=-5,krosenvold;email="krosenvold@apache.org";name="Kristian Rosenvold";roles="PMC Member";timezone="+1",mkleint;name="Milos Kleint";roles="PMC Member",olamy;email="olamy@apache.org";name="Olivier Lamy";roles="PMC Member";timezone="Australia/Brisbane",michaelo;email="michaelo@apache.org";name="Michael Osipov";roles="PMC Member";timezone="Europe/Berlin",rfscholte;email="rfscholte@apache.org";name="Robert Scholte";roles="PMC Member";timezone="Europe/Amsterdam",rgoers;email="rgoers@apache.org";name="Ralph Goers";organization=Intuit;roles="PMC Member";timezone=-8,sjaranowski;email="sjaranowski@apache.org";name="Slawomir Jaranowski";roles="PMC Member";timezone="Europe/Warsaw",stephenc;email="stephenc@apache.org";name="Stephen Connolly";roles="PMC Member";timezone=0,struberg;email="struberg@apache.org";name="Mark Struberg";roles="PMC Member",tibordigana;email="tibordigana@apache.org";name="Tibor Digaňa";roles="PMC Member";timezone="Europe/Bratislava",vsiveton;email="vsiveton@apache.org";name="Vincent Siveton";organization=ASF;roles="PMC Member";timezone=-5,wfay;email="wfay@apache.org";name="Wayne Fay";organization=ASF;roles="PMC Member";timezone=-6,adangel;email="adangel@apache.org";name="Andreas Dangel";roles=Committer;timezone="Europe/Berlin",bdemers;email="bdemers@apache.org";name="Brian Demers";organization=Sonatype;roles=Committer;timezone=-5,bellingard;name="Fabrice Bellingard";roles=Committer,bentmann;email="bentmann@apache.org";name="Benjamin Bentmann";organization=Sonatype;roles=Committer;timezone="+1",chrisgwarp;email="chrisgwarp@apache.org";name="Chris Graham";roles=Committer;timezone="Australia/Melbourne",dantran;email="dantran@apache.org";name="Dan Tran";roles=Committer;timezone=-8,dbradicich;email="dbradicich@apache.org";name="Damian Bradicich";organization=Sonatype;roles=Committer;timezone=-5,brett;email="brett@apache.org";name="Brett Porter";organization=ASF;roles=Committer;timezone="+10",dfabulich;email="dfabulich@apache.org";name="Daniel Fabulich";roles=Committer;timezone=-8,eolivelli;email="eolivelli@apache.org";name="Enrico Olivelli";organization=Diennea;roles=Committer;timezone="Europe/Rome",fgiust;email="fgiust@apache.org";name="Fabrizio Giustina";organization=openmind;roles=Committer;timezone="+1",gnodet;email="gnodet@apache.org";name="Guillaume Nodet";organization="Red Hat";roles=Committer;timezone="Europe/Paris",godin;email="godin@apache.org";name="Evgeny Mandrikov";organization=SonarSource;roles=Committer;timezone="+3",handyande;email="handyande@apache.org";name="Andrew Williams";roles=Committer;timezone=0,imod;email="imod@apache.org";name="Dominik Bartholdi";roles=Committer;timezone="Europe/Zurich",jjensen;name="Jeff Jensen";roles=Committer,ltheussl;email="ltheussl@apache.org";name="Lukas Theussl";roles=Committer;timezone="+1",markh;email="markh@apache.org";name="Mark Hobson";roles=Committer;timezone=0,martinkanters;email="martinkanters@apache.org";name="Martin Kanters";organization=JPoint;roles=Committer;timezone="Europe/Amsterdam",mthmulders;email="mthmulders@apache.org";name="Maarten Mulders";organization="Info Support";roles=Committer;timezone="Europe/Amsterdam",mauro;name="Mauro Talevi";roles=Committer,mfriedenhagen;email="mfriedenhagen@apache.org";name="Mirko Friedenhagen";roles=Committer;timezone="+1",mmoser;email="mmoser@apache.org";name="Manfred Moser";roles=Committer;timezone=-8,nicolas;name="Nicolas de Loof";roles=Committer,oching;name="Maria Odea B. Ching";roles=Committer,pgier;email="pgier@apache.org";name="Paul Gier";organization="Red Hat";roles=Committer;timezone=-6,ptahchiev;email="ptahchiev@apache.org";name="Petar Tahchiev";roles=Committer;timezone="+2",rafale;email="rafale@apache.org";name="Raphaël Piéroni";organization=Dexem;roles=Committer;timezone="+1",schulte;email="schulte@apache.org";name="Christian Schulte";roles=Committer;timezone="Europe/Berlin",snicoll;email="snicoll@apache.org";name="Stephane Nicoll";roles=Committer;timezone="+1",simonetripodi;email="simonetripodi@apache.org";name="Simone Tripodi";roles=Committer;timezone="+1",sor;email="sor@apache.org";name="Christian Stein";roles=Committer;timezone="Europe/Berlin",tchemit;email="tchemit@apache.org";name="Tony Chemit";organization=CodeLutin;roles=Committer;timezone="Europe/Paris",vmassol;email="vmassol@apache.org";name="Vincent Massol";organization=ASF;roles=Committer;timezone="+1",slachiewicz;email="slachiewicz@apache.org";name="Sylwester Lachiewicz";roles=Committer;timezone="Europe/Warsaw",elharo;email="elharo@apache.org";name="Elliotte Rusty Harold";roles=Committer;timezone="America/New_York",agudian;email="agudian@apache.org";name="Andreas Gudian";roles=Emeritus;timezone="Europe/Berlin",aramirez;name="Allan Q. Ramirez";roles=Emeritus,bayard;name="Henri Yandell";roles=Emeritus,carlos;email="carlos@apache.org";name="Carlos Sanchez";organization=ASF;roles=Emeritus;timezone="+1",chrisjs;name="Chris Stevenson";roles=Emeritus,dblevins;name="David Blevins";roles=Emeritus,dlr;name="Daniel Rall";roles=Emeritus,epunzalan;email="epunzalan@apache.org";name="Edwin Punzalan";roles=Emeritus;timezone=-8,felipeal;name="Felipe Leme";roles=Emeritus,jdcasey;email="jdcasey@apache.org";name="John Casey";organization=ASF;roles=Emeritus;timezone=-6,jmcconnell;email="jmcconnell@apache.org";name="Jesse McConnell";organization=ASF;roles=Emeritus;timezone=-6,joakime;email="joakime@apache.org";name="Joakim Erdfelt";organization=ASF;roles=Emeritus;timezone=-5,jruiz;email="jruiz@apache.org";name="Johnny Ruiz III";roles=Emeritus,jstrachan;name="James Strachan";roles=Emeritus,jtolentino;email="jtolentino@apache.org";name="Ernesto Tolentino Jr.";organization=ASF;roles=Emeritus;timezone="+8",kenney;email="kenney@apache.org";name="Kenney Westerhof";organization=Neonics;roles=Emeritus;timezone="+1",mperham;email="mperham@gmail.com";name="Mike Perham";organization=IBM;roles=Emeritus;timezone=-6,ogusakov;name="Oleg Gusakov";roles=Emeritus,pschneider;email="pschneider@gmail.com";name="Patrick Schneider";roles=Emeritus;timezone=-6,rinku;name="Rahul Thakur";roles=Emeritus,shinobu;name="Shinobu Kuwai";roles=Emeritus,smorgrav;name="Torbjorn Eikli Smorgrav";roles=Emeritus,trygvis;email="trygvis@apache.org";name="Trygve Laugstol";organization=ASF;roles=Emeritus;timezone="+1",wsmoak;email="wsmoak@apache.org";name="Wendy Smoak";roles=Emeritus;timezone=-7 Low Vendor Manifest bundle-docurl https://maven.apache.org/resolver/maven-resolver-api/ Low Vendor Manifest bundle-symbolicname org.apache.maven.resolver.api Medium Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor pom artifactid maven-resolver-api Low Vendor pom groupid org.apache.maven.resolver Highest Vendor pom name Maven Artifact Resolver API High Vendor pom parent-artifactid maven-resolver Low Product file name maven-resolver-api High Product jar package name artifact Highest Product jar package name repository Highest Product Manifest automatic-module-name org.apache.maven.resolver Medium Product Manifest build-jdk-spec 17 Low Product Manifest bundle-developers khmarbaise;email="khmarbaise@apache.org";name="Karl Heinz Marbaise";roles="PMC Chair";timezone="+1",aheritier;email="aheritier@apache.org";name="Arnaud Héritier";roles="PMC Member";timezone="+1",andham;email="andham@apache.org";name="Anders Hammar";roles="PMC Member";timezone="+1",baerrach;email="baerrach@apache.org";name="Barrie Treloar";roles="PMC Member";timezone="Australia/Adelaide",bimargulies;email="bimargulies@apache.org";name="Benson Margulies";roles="PMC Member";timezone="America/New_York",brianf;email="brianf@apache.org";name="Brian Fox";organization=Sonatype;roles="PMC Member";timezone=-5,cstamas;email="cstamas@apache.org";name="Tamas Cservenak";roles="PMC Member";timezone="+1",dennisl;email="dennisl@apache.org";name="Dennis Lundberg";organization=ASF;roles="PMC Member";timezone="+1",dkulp;email="dkulp@apache.org";name="Daniel Kulp";organization=ASF;roles="PMC Member";timezone=-5,evenisse;email="evenisse@apache.org";name="Emmanuel Venisse";organization=ASF;roles="PMC Member";timezone="+1",gboue;email="gboue@apache.org";name="Guillaume Boué";roles="PMC Member";timezone="Europe/Paris",hboutemy;email="hboutemy@apache.org";name="Hervé Boutemy";organization=ASF;roles="PMC Member";timezone="Europe/Paris",ifedorenko;email="igor@ifedorenko.com";name="Igor Fedorenko";organization=Sonatype;roles="PMC Member";timezone=-5,jvanzyl;email="jason@maven.org";name="Jason van Zyl";roles="PMC Member";timezone=-5,krosenvold;email="krosenvold@apache.org";name="Kristian Rosenvold";roles="PMC Member";timezone="+1",mkleint;name="Milos Kleint";roles="PMC Member",olamy;email="olamy@apache.org";name="Olivier Lamy";roles="PMC Member";timezone="Australia/Brisbane",michaelo;email="michaelo@apache.org";name="Michael Osipov";roles="PMC Member";timezone="Europe/Berlin",rfscholte;email="rfscholte@apache.org";name="Robert Scholte";roles="PMC Member";timezone="Europe/Amsterdam",rgoers;email="rgoers@apache.org";name="Ralph Goers";organization=Intuit;roles="PMC Member";timezone=-8,sjaranowski;email="sjaranowski@apache.org";name="Slawomir Jaranowski";roles="PMC Member";timezone="Europe/Warsaw",stephenc;email="stephenc@apache.org";name="Stephen Connolly";roles="PMC Member";timezone=0,struberg;email="struberg@apache.org";name="Mark Struberg";roles="PMC Member",tibordigana;email="tibordigana@apache.org";name="Tibor Digaňa";roles="PMC Member";timezone="Europe/Bratislava",vsiveton;email="vsiveton@apache.org";name="Vincent Siveton";organization=ASF;roles="PMC Member";timezone=-5,wfay;email="wfay@apache.org";name="Wayne Fay";organization=ASF;roles="PMC Member";timezone=-6,adangel;email="adangel@apache.org";name="Andreas Dangel";roles=Committer;timezone="Europe/Berlin",bdemers;email="bdemers@apache.org";name="Brian Demers";organization=Sonatype;roles=Committer;timezone=-5,bellingard;name="Fabrice Bellingard";roles=Committer,bentmann;email="bentmann@apache.org";name="Benjamin Bentmann";organization=Sonatype;roles=Committer;timezone="+1",chrisgwarp;email="chrisgwarp@apache.org";name="Chris Graham";roles=Committer;timezone="Australia/Melbourne",dantran;email="dantran@apache.org";name="Dan Tran";roles=Committer;timezone=-8,dbradicich;email="dbradicich@apache.org";name="Damian Bradicich";organization=Sonatype;roles=Committer;timezone=-5,brett;email="brett@apache.org";name="Brett Porter";organization=ASF;roles=Committer;timezone="+10",dfabulich;email="dfabulich@apache.org";name="Daniel Fabulich";roles=Committer;timezone=-8,eolivelli;email="eolivelli@apache.org";name="Enrico Olivelli";organization=Diennea;roles=Committer;timezone="Europe/Rome",fgiust;email="fgiust@apache.org";name="Fabrizio Giustina";organization=openmind;roles=Committer;timezone="+1",gnodet;email="gnodet@apache.org";name="Guillaume Nodet";organization="Red Hat";roles=Committer;timezone="Europe/Paris",godin;email="godin@apache.org";name="Evgeny Mandrikov";organization=SonarSource;roles=Committer;timezone="+3",handyande;email="handyande@apache.org";name="Andrew Williams";roles=Committer;timezone=0,imod;email="imod@apache.org";name="Dominik Bartholdi";roles=Committer;timezone="Europe/Zurich",jjensen;name="Jeff Jensen";roles=Committer,ltheussl;email="ltheussl@apache.org";name="Lukas Theussl";roles=Committer;timezone="+1",markh;email="markh@apache.org";name="Mark Hobson";roles=Committer;timezone=0,martinkanters;email="martinkanters@apache.org";name="Martin Kanters";organization=JPoint;roles=Committer;timezone="Europe/Amsterdam",mthmulders;email="mthmulders@apache.org";name="Maarten Mulders";organization="Info Support";roles=Committer;timezone="Europe/Amsterdam",mauro;name="Mauro Talevi";roles=Committer,mfriedenhagen;email="mfriedenhagen@apache.org";name="Mirko Friedenhagen";roles=Committer;timezone="+1",mmoser;email="mmoser@apache.org";name="Manfred Moser";roles=Committer;timezone=-8,nicolas;name="Nicolas de Loof";roles=Committer,oching;name="Maria Odea B. Ching";roles=Committer,pgier;email="pgier@apache.org";name="Paul Gier";organization="Red Hat";roles=Committer;timezone=-6,ptahchiev;email="ptahchiev@apache.org";name="Petar Tahchiev";roles=Committer;timezone="+2",rafale;email="rafale@apache.org";name="Raphaël Piéroni";organization=Dexem;roles=Committer;timezone="+1",schulte;email="schulte@apache.org";name="Christian Schulte";roles=Committer;timezone="Europe/Berlin",snicoll;email="snicoll@apache.org";name="Stephane Nicoll";roles=Committer;timezone="+1",simonetripodi;email="simonetripodi@apache.org";name="Simone Tripodi";roles=Committer;timezone="+1",sor;email="sor@apache.org";name="Christian Stein";roles=Committer;timezone="Europe/Berlin",tchemit;email="tchemit@apache.org";name="Tony Chemit";organization=CodeLutin;roles=Committer;timezone="Europe/Paris",vmassol;email="vmassol@apache.org";name="Vincent Massol";organization=ASF;roles=Committer;timezone="+1",slachiewicz;email="slachiewicz@apache.org";name="Sylwester Lachiewicz";roles=Committer;timezone="Europe/Warsaw",elharo;email="elharo@apache.org";name="Elliotte Rusty Harold";roles=Committer;timezone="America/New_York",agudian;email="agudian@apache.org";name="Andreas Gudian";roles=Emeritus;timezone="Europe/Berlin",aramirez;name="Allan Q. Ramirez";roles=Emeritus,bayard;name="Henri Yandell";roles=Emeritus,carlos;email="carlos@apache.org";name="Carlos Sanchez";organization=ASF;roles=Emeritus;timezone="+1",chrisjs;name="Chris Stevenson";roles=Emeritus,dblevins;name="David Blevins";roles=Emeritus,dlr;name="Daniel Rall";roles=Emeritus,epunzalan;email="epunzalan@apache.org";name="Edwin Punzalan";roles=Emeritus;timezone=-8,felipeal;name="Felipe Leme";roles=Emeritus,jdcasey;email="jdcasey@apache.org";name="John Casey";organization=ASF;roles=Emeritus;timezone=-6,jmcconnell;email="jmcconnell@apache.org";name="Jesse McConnell";organization=ASF;roles=Emeritus;timezone=-6,joakime;email="joakime@apache.org";name="Joakim Erdfelt";organization=ASF;roles=Emeritus;timezone=-5,jruiz;email="jruiz@apache.org";name="Johnny Ruiz III";roles=Emeritus,jstrachan;name="James Strachan";roles=Emeritus,jtolentino;email="jtolentino@apache.org";name="Ernesto Tolentino Jr.";organization=ASF;roles=Emeritus;timezone="+8",kenney;email="kenney@apache.org";name="Kenney Westerhof";organization=Neonics;roles=Emeritus;timezone="+1",mperham;email="mperham@gmail.com";name="Mike Perham";organization=IBM;roles=Emeritus;timezone=-6,ogusakov;name="Oleg Gusakov";roles=Emeritus,pschneider;email="pschneider@gmail.com";name="Patrick Schneider";roles=Emeritus;timezone=-6,rinku;name="Rahul Thakur";roles=Emeritus,shinobu;name="Shinobu Kuwai";roles=Emeritus,smorgrav;name="Torbjorn Eikli Smorgrav";roles=Emeritus,trygvis;email="trygvis@apache.org";name="Trygve Laugstol";organization=ASF;roles=Emeritus;timezone="+1",wsmoak;email="wsmoak@apache.org";name="Wendy Smoak";roles=Emeritus;timezone=-7 Low Product Manifest bundle-docurl https://maven.apache.org/resolver/maven-resolver-api/ Low Product Manifest Bundle-Name Maven Artifact Resolver API Medium Product Manifest bundle-symbolicname org.apache.maven.resolver.api Medium Product Manifest Implementation-Title Maven Artifact Resolver API High Product Manifest specification-title Maven Artifact Resolver API Medium Product pom artifactid maven-resolver-api Highest Product pom groupid org.apache.maven.resolver Highest Product pom name Maven Artifact Resolver API High Product pom parent-artifactid maven-resolver Medium Version file version 1.9.4 High Version Manifest Bundle-Version 1.9.4 High Version Manifest Implementation-Version 1.9.4 High Version pom version 1.9.4 Highest
Description:
A repository connector implementation for repositories using URI-based layouts.
License:
"Apache License, Version 2.0";link="https://www.apache.org/licenses/LICENSE-2.0.txt" File Path: /home/runner/.m2/repository/org/apache/maven/resolver/maven-resolver-connector-basic/1.9.4/maven-resolver-connector-basic-1.9.4.jar
MD5: 5532ae8054b9907301a92420a55c164f
SHA1: 5419984c5d00822e55b08b32c7a3d3ba251b28c8
SHA256: ed5b313edb8366fb92624e3a33d4082b3e7a52277861f6e081afdd8ee9eca9b9
Evidence Type Source Name Value Confidence Vendor file name maven-resolver-connector-basic High Vendor jar package name basic Highest Vendor jar package name connector Highest Vendor Manifest automatic-module-name org.apache.maven.resolver.connector.basic Medium Vendor Manifest build-jdk-spec 17 Low Vendor Manifest bundle-developers khmarbaise;email="khmarbaise@apache.org";name="Karl Heinz Marbaise";roles="PMC Chair";timezone="+1",aheritier;email="aheritier@apache.org";name="Arnaud Héritier";roles="PMC Member";timezone="+1",andham;email="andham@apache.org";name="Anders Hammar";roles="PMC Member";timezone="+1",baerrach;email="baerrach@apache.org";name="Barrie Treloar";roles="PMC Member";timezone="Australia/Adelaide",bimargulies;email="bimargulies@apache.org";name="Benson Margulies";roles="PMC Member";timezone="America/New_York",brianf;email="brianf@apache.org";name="Brian Fox";organization=Sonatype;roles="PMC Member";timezone=-5,cstamas;email="cstamas@apache.org";name="Tamas Cservenak";roles="PMC Member";timezone="+1",dennisl;email="dennisl@apache.org";name="Dennis Lundberg";organization=ASF;roles="PMC Member";timezone="+1",dkulp;email="dkulp@apache.org";name="Daniel Kulp";organization=ASF;roles="PMC Member";timezone=-5,evenisse;email="evenisse@apache.org";name="Emmanuel Venisse";organization=ASF;roles="PMC Member";timezone="+1",gboue;email="gboue@apache.org";name="Guillaume Boué";roles="PMC Member";timezone="Europe/Paris",hboutemy;email="hboutemy@apache.org";name="Hervé Boutemy";organization=ASF;roles="PMC Member";timezone="Europe/Paris",ifedorenko;email="igor@ifedorenko.com";name="Igor Fedorenko";organization=Sonatype;roles="PMC Member";timezone=-5,jvanzyl;email="jason@maven.org";name="Jason van Zyl";roles="PMC Member";timezone=-5,krosenvold;email="krosenvold@apache.org";name="Kristian Rosenvold";roles="PMC Member";timezone="+1",mkleint;name="Milos Kleint";roles="PMC Member",olamy;email="olamy@apache.org";name="Olivier Lamy";roles="PMC Member";timezone="Australia/Brisbane",michaelo;email="michaelo@apache.org";name="Michael Osipov";roles="PMC Member";timezone="Europe/Berlin",rfscholte;email="rfscholte@apache.org";name="Robert Scholte";roles="PMC Member";timezone="Europe/Amsterdam",rgoers;email="rgoers@apache.org";name="Ralph Goers";organization=Intuit;roles="PMC Member";timezone=-8,sjaranowski;email="sjaranowski@apache.org";name="Slawomir Jaranowski";roles="PMC Member";timezone="Europe/Warsaw",stephenc;email="stephenc@apache.org";name="Stephen Connolly";roles="PMC Member";timezone=0,struberg;email="struberg@apache.org";name="Mark Struberg";roles="PMC Member",tibordigana;email="tibordigana@apache.org";name="Tibor Digaňa";roles="PMC Member";timezone="Europe/Bratislava",vsiveton;email="vsiveton@apache.org";name="Vincent Siveton";organization=ASF;roles="PMC Member";timezone=-5,wfay;email="wfay@apache.org";name="Wayne Fay";organization=ASF;roles="PMC Member";timezone=-6,adangel;email="adangel@apache.org";name="Andreas Dangel";roles=Committer;timezone="Europe/Berlin",bdemers;email="bdemers@apache.org";name="Brian Demers";organization=Sonatype;roles=Committer;timezone=-5,bellingard;name="Fabrice Bellingard";roles=Committer,bentmann;email="bentmann@apache.org";name="Benjamin Bentmann";organization=Sonatype;roles=Committer;timezone="+1",chrisgwarp;email="chrisgwarp@apache.org";name="Chris Graham";roles=Committer;timezone="Australia/Melbourne",dantran;email="dantran@apache.org";name="Dan Tran";roles=Committer;timezone=-8,dbradicich;email="dbradicich@apache.org";name="Damian Bradicich";organization=Sonatype;roles=Committer;timezone=-5,brett;email="brett@apache.org";name="Brett Porter";organization=ASF;roles=Committer;timezone="+10",dfabulich;email="dfabulich@apache.org";name="Daniel Fabulich";roles=Committer;timezone=-8,eolivelli;email="eolivelli@apache.org";name="Enrico Olivelli";organization=Diennea;roles=Committer;timezone="Europe/Rome",fgiust;email="fgiust@apache.org";name="Fabrizio Giustina";organization=openmind;roles=Committer;timezone="+1",gnodet;email="gnodet@apache.org";name="Guillaume Nodet";organization="Red Hat";roles=Committer;timezone="Europe/Paris",godin;email="godin@apache.org";name="Evgeny Mandrikov";organization=SonarSource;roles=Committer;timezone="+3",handyande;email="handyande@apache.org";name="Andrew Williams";roles=Committer;timezone=0,imod;email="imod@apache.org";name="Dominik Bartholdi";roles=Committer;timezone="Europe/Zurich",jjensen;name="Jeff Jensen";roles=Committer,ltheussl;email="ltheussl@apache.org";name="Lukas Theussl";roles=Committer;timezone="+1",markh;email="markh@apache.org";name="Mark Hobson";roles=Committer;timezone=0,martinkanters;email="martinkanters@apache.org";name="Martin Kanters";organization=JPoint;roles=Committer;timezone="Europe/Amsterdam",mthmulders;email="mthmulders@apache.org";name="Maarten Mulders";organization="Info Support";roles=Committer;timezone="Europe/Amsterdam",mauro;name="Mauro Talevi";roles=Committer,mfriedenhagen;email="mfriedenhagen@apache.org";name="Mirko Friedenhagen";roles=Committer;timezone="+1",mmoser;email="mmoser@apache.org";name="Manfred Moser";roles=Committer;timezone=-8,nicolas;name="Nicolas de Loof";roles=Committer,oching;name="Maria Odea B. Ching";roles=Committer,pgier;email="pgier@apache.org";name="Paul Gier";organization="Red Hat";roles=Committer;timezone=-6,ptahchiev;email="ptahchiev@apache.org";name="Petar Tahchiev";roles=Committer;timezone="+2",rafale;email="rafale@apache.org";name="Raphaël Piéroni";organization=Dexem;roles=Committer;timezone="+1",schulte;email="schulte@apache.org";name="Christian Schulte";roles=Committer;timezone="Europe/Berlin",snicoll;email="snicoll@apache.org";name="Stephane Nicoll";roles=Committer;timezone="+1",simonetripodi;email="simonetripodi@apache.org";name="Simone Tripodi";roles=Committer;timezone="+1",sor;email="sor@apache.org";name="Christian Stein";roles=Committer;timezone="Europe/Berlin",tchemit;email="tchemit@apache.org";name="Tony Chemit";organization=CodeLutin;roles=Committer;timezone="Europe/Paris",vmassol;email="vmassol@apache.org";name="Vincent Massol";organization=ASF;roles=Committer;timezone="+1",slachiewicz;email="slachiewicz@apache.org";name="Sylwester Lachiewicz";roles=Committer;timezone="Europe/Warsaw",elharo;email="elharo@apache.org";name="Elliotte Rusty Harold";roles=Committer;timezone="America/New_York",agudian;email="agudian@apache.org";name="Andreas Gudian";roles=Emeritus;timezone="Europe/Berlin",aramirez;name="Allan Q. Ramirez";roles=Emeritus,bayard;name="Henri Yandell";roles=Emeritus,carlos;email="carlos@apache.org";name="Carlos Sanchez";organization=ASF;roles=Emeritus;timezone="+1",chrisjs;name="Chris Stevenson";roles=Emeritus,dblevins;name="David Blevins";roles=Emeritus,dlr;name="Daniel Rall";roles=Emeritus,epunzalan;email="epunzalan@apache.org";name="Edwin Punzalan";roles=Emeritus;timezone=-8,felipeal;name="Felipe Leme";roles=Emeritus,jdcasey;email="jdcasey@apache.org";name="John Casey";organization=ASF;roles=Emeritus;timezone=-6,jmcconnell;email="jmcconnell@apache.org";name="Jesse McConnell";organization=ASF;roles=Emeritus;timezone=-6,joakime;email="joakime@apache.org";name="Joakim Erdfelt";organization=ASF;roles=Emeritus;timezone=-5,jruiz;email="jruiz@apache.org";name="Johnny Ruiz III";roles=Emeritus,jstrachan;name="James Strachan";roles=Emeritus,jtolentino;email="jtolentino@apache.org";name="Ernesto Tolentino Jr.";organization=ASF;roles=Emeritus;timezone="+8",kenney;email="kenney@apache.org";name="Kenney Westerhof";organization=Neonics;roles=Emeritus;timezone="+1",mperham;email="mperham@gmail.com";name="Mike Perham";organization=IBM;roles=Emeritus;timezone=-6,ogusakov;name="Oleg Gusakov";roles=Emeritus,pschneider;email="pschneider@gmail.com";name="Patrick Schneider";roles=Emeritus;timezone=-6,rinku;name="Rahul Thakur";roles=Emeritus,shinobu;name="Shinobu Kuwai";roles=Emeritus,smorgrav;name="Torbjorn Eikli Smorgrav";roles=Emeritus,trygvis;email="trygvis@apache.org";name="Trygve Laugstol";organization=ASF;roles=Emeritus;timezone="+1",wsmoak;email="wsmoak@apache.org";name="Wendy Smoak";roles=Emeritus;timezone=-7 Low Vendor Manifest bundle-docurl https://maven.apache.org/resolver/maven-resolver-connector-basic/ Low Vendor Manifest bundle-symbolicname org.apache.maven.resolver.connector.basic Medium Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor pom artifactid maven-resolver-connector-basic Low Vendor pom groupid org.apache.maven.resolver Highest Vendor pom name Maven Artifact Resolver Connector Basic High Vendor pom parent-artifactid maven-resolver Low Product file name maven-resolver-connector-basic High Product jar package name basic Highest Product jar package name connector Highest Product Manifest automatic-module-name org.apache.maven.resolver.connector.basic Medium Product Manifest build-jdk-spec 17 Low Product Manifest bundle-developers khmarbaise;email="khmarbaise@apache.org";name="Karl Heinz Marbaise";roles="PMC Chair";timezone="+1",aheritier;email="aheritier@apache.org";name="Arnaud Héritier";roles="PMC Member";timezone="+1",andham;email="andham@apache.org";name="Anders Hammar";roles="PMC Member";timezone="+1",baerrach;email="baerrach@apache.org";name="Barrie Treloar";roles="PMC Member";timezone="Australia/Adelaide",bimargulies;email="bimargulies@apache.org";name="Benson Margulies";roles="PMC Member";timezone="America/New_York",brianf;email="brianf@apache.org";name="Brian Fox";organization=Sonatype;roles="PMC Member";timezone=-5,cstamas;email="cstamas@apache.org";name="Tamas Cservenak";roles="PMC Member";timezone="+1",dennisl;email="dennisl@apache.org";name="Dennis Lundberg";organization=ASF;roles="PMC Member";timezone="+1",dkulp;email="dkulp@apache.org";name="Daniel Kulp";organization=ASF;roles="PMC Member";timezone=-5,evenisse;email="evenisse@apache.org";name="Emmanuel Venisse";organization=ASF;roles="PMC Member";timezone="+1",gboue;email="gboue@apache.org";name="Guillaume Boué";roles="PMC Member";timezone="Europe/Paris",hboutemy;email="hboutemy@apache.org";name="Hervé Boutemy";organization=ASF;roles="PMC Member";timezone="Europe/Paris",ifedorenko;email="igor@ifedorenko.com";name="Igor Fedorenko";organization=Sonatype;roles="PMC Member";timezone=-5,jvanzyl;email="jason@maven.org";name="Jason van Zyl";roles="PMC Member";timezone=-5,krosenvold;email="krosenvold@apache.org";name="Kristian Rosenvold";roles="PMC Member";timezone="+1",mkleint;name="Milos Kleint";roles="PMC Member",olamy;email="olamy@apache.org";name="Olivier Lamy";roles="PMC Member";timezone="Australia/Brisbane",michaelo;email="michaelo@apache.org";name="Michael Osipov";roles="PMC Member";timezone="Europe/Berlin",rfscholte;email="rfscholte@apache.org";name="Robert Scholte";roles="PMC Member";timezone="Europe/Amsterdam",rgoers;email="rgoers@apache.org";name="Ralph Goers";organization=Intuit;roles="PMC Member";timezone=-8,sjaranowski;email="sjaranowski@apache.org";name="Slawomir Jaranowski";roles="PMC Member";timezone="Europe/Warsaw",stephenc;email="stephenc@apache.org";name="Stephen Connolly";roles="PMC Member";timezone=0,struberg;email="struberg@apache.org";name="Mark Struberg";roles="PMC Member",tibordigana;email="tibordigana@apache.org";name="Tibor Digaňa";roles="PMC Member";timezone="Europe/Bratislava",vsiveton;email="vsiveton@apache.org";name="Vincent Siveton";organization=ASF;roles="PMC Member";timezone=-5,wfay;email="wfay@apache.org";name="Wayne Fay";organization=ASF;roles="PMC Member";timezone=-6,adangel;email="adangel@apache.org";name="Andreas Dangel";roles=Committer;timezone="Europe/Berlin",bdemers;email="bdemers@apache.org";name="Brian Demers";organization=Sonatype;roles=Committer;timezone=-5,bellingard;name="Fabrice Bellingard";roles=Committer,bentmann;email="bentmann@apache.org";name="Benjamin Bentmann";organization=Sonatype;roles=Committer;timezone="+1",chrisgwarp;email="chrisgwarp@apache.org";name="Chris Graham";roles=Committer;timezone="Australia/Melbourne",dantran;email="dantran@apache.org";name="Dan Tran";roles=Committer;timezone=-8,dbradicich;email="dbradicich@apache.org";name="Damian Bradicich";organization=Sonatype;roles=Committer;timezone=-5,brett;email="brett@apache.org";name="Brett Porter";organization=ASF;roles=Committer;timezone="+10",dfabulich;email="dfabulich@apache.org";name="Daniel Fabulich";roles=Committer;timezone=-8,eolivelli;email="eolivelli@apache.org";name="Enrico Olivelli";organization=Diennea;roles=Committer;timezone="Europe/Rome",fgiust;email="fgiust@apache.org";name="Fabrizio Giustina";organization=openmind;roles=Committer;timezone="+1",gnodet;email="gnodet@apache.org";name="Guillaume Nodet";organization="Red Hat";roles=Committer;timezone="Europe/Paris",godin;email="godin@apache.org";name="Evgeny Mandrikov";organization=SonarSource;roles=Committer;timezone="+3",handyande;email="handyande@apache.org";name="Andrew Williams";roles=Committer;timezone=0,imod;email="imod@apache.org";name="Dominik Bartholdi";roles=Committer;timezone="Europe/Zurich",jjensen;name="Jeff Jensen";roles=Committer,ltheussl;email="ltheussl@apache.org";name="Lukas Theussl";roles=Committer;timezone="+1",markh;email="markh@apache.org";name="Mark Hobson";roles=Committer;timezone=0,martinkanters;email="martinkanters@apache.org";name="Martin Kanters";organization=JPoint;roles=Committer;timezone="Europe/Amsterdam",mthmulders;email="mthmulders@apache.org";name="Maarten Mulders";organization="Info Support";roles=Committer;timezone="Europe/Amsterdam",mauro;name="Mauro Talevi";roles=Committer,mfriedenhagen;email="mfriedenhagen@apache.org";name="Mirko Friedenhagen";roles=Committer;timezone="+1",mmoser;email="mmoser@apache.org";name="Manfred Moser";roles=Committer;timezone=-8,nicolas;name="Nicolas de Loof";roles=Committer,oching;name="Maria Odea B. Ching";roles=Committer,pgier;email="pgier@apache.org";name="Paul Gier";organization="Red Hat";roles=Committer;timezone=-6,ptahchiev;email="ptahchiev@apache.org";name="Petar Tahchiev";roles=Committer;timezone="+2",rafale;email="rafale@apache.org";name="Raphaël Piéroni";organization=Dexem;roles=Committer;timezone="+1",schulte;email="schulte@apache.org";name="Christian Schulte";roles=Committer;timezone="Europe/Berlin",snicoll;email="snicoll@apache.org";name="Stephane Nicoll";roles=Committer;timezone="+1",simonetripodi;email="simonetripodi@apache.org";name="Simone Tripodi";roles=Committer;timezone="+1",sor;email="sor@apache.org";name="Christian Stein";roles=Committer;timezone="Europe/Berlin",tchemit;email="tchemit@apache.org";name="Tony Chemit";organization=CodeLutin;roles=Committer;timezone="Europe/Paris",vmassol;email="vmassol@apache.org";name="Vincent Massol";organization=ASF;roles=Committer;timezone="+1",slachiewicz;email="slachiewicz@apache.org";name="Sylwester Lachiewicz";roles=Committer;timezone="Europe/Warsaw",elharo;email="elharo@apache.org";name="Elliotte Rusty Harold";roles=Committer;timezone="America/New_York",agudian;email="agudian@apache.org";name="Andreas Gudian";roles=Emeritus;timezone="Europe/Berlin",aramirez;name="Allan Q. Ramirez";roles=Emeritus,bayard;name="Henri Yandell";roles=Emeritus,carlos;email="carlos@apache.org";name="Carlos Sanchez";organization=ASF;roles=Emeritus;timezone="+1",chrisjs;name="Chris Stevenson";roles=Emeritus,dblevins;name="David Blevins";roles=Emeritus,dlr;name="Daniel Rall";roles=Emeritus,epunzalan;email="epunzalan@apache.org";name="Edwin Punzalan";roles=Emeritus;timezone=-8,felipeal;name="Felipe Leme";roles=Emeritus,jdcasey;email="jdcasey@apache.org";name="John Casey";organization=ASF;roles=Emeritus;timezone=-6,jmcconnell;email="jmcconnell@apache.org";name="Jesse McConnell";organization=ASF;roles=Emeritus;timezone=-6,joakime;email="joakime@apache.org";name="Joakim Erdfelt";organization=ASF;roles=Emeritus;timezone=-5,jruiz;email="jruiz@apache.org";name="Johnny Ruiz III";roles=Emeritus,jstrachan;name="James Strachan";roles=Emeritus,jtolentino;email="jtolentino@apache.org";name="Ernesto Tolentino Jr.";organization=ASF;roles=Emeritus;timezone="+8",kenney;email="kenney@apache.org";name="Kenney Westerhof";organization=Neonics;roles=Emeritus;timezone="+1",mperham;email="mperham@gmail.com";name="Mike Perham";organization=IBM;roles=Emeritus;timezone=-6,ogusakov;name="Oleg Gusakov";roles=Emeritus,pschneider;email="pschneider@gmail.com";name="Patrick Schneider";roles=Emeritus;timezone=-6,rinku;name="Rahul Thakur";roles=Emeritus,shinobu;name="Shinobu Kuwai";roles=Emeritus,smorgrav;name="Torbjorn Eikli Smorgrav";roles=Emeritus,trygvis;email="trygvis@apache.org";name="Trygve Laugstol";organization=ASF;roles=Emeritus;timezone="+1",wsmoak;email="wsmoak@apache.org";name="Wendy Smoak";roles=Emeritus;timezone=-7 Low Product Manifest bundle-docurl https://maven.apache.org/resolver/maven-resolver-connector-basic/ Low Product Manifest Bundle-Name Maven Artifact Resolver Connector Basic Medium Product Manifest bundle-symbolicname org.apache.maven.resolver.connector.basic Medium Product Manifest Implementation-Title Maven Artifact Resolver Connector Basic High Product Manifest specification-title Maven Artifact Resolver Connector Basic Medium Product pom artifactid maven-resolver-connector-basic Highest Product pom groupid org.apache.maven.resolver Highest Product pom name Maven Artifact Resolver Connector Basic High Product pom parent-artifactid maven-resolver Medium Version file version 1.9.4 High Version Manifest Bundle-Version 1.9.4 High Version Manifest Implementation-Version 1.9.4 High Version pom version 1.9.4 Highest
Description:
An implementation of the repository system.
License:
"Apache License, Version 2.0";link="https://www.apache.org/licenses/LICENSE-2.0.txt" File Path: /home/runner/.m2/repository/org/apache/maven/resolver/maven-resolver-impl/1.9.4/maven-resolver-impl-1.9.4.jar
MD5: 79f4aeef6fbc572537982a458fde94d8
SHA1: 4b935e5b8e2928ccd4fda8d9ebb357158534571f
SHA256: eae8ca453c0a9476e58b4622e0034388be80254a172997fe747d8baf285c0017
Evidence Type Source Name Value Confidence Vendor file name maven-resolver-impl High Vendor jar package name impl Highest Vendor Manifest automatic-module-name org.apache.maven.resolver.impl Medium Vendor Manifest build-jdk-spec 17 Low Vendor Manifest bundle-developers khmarbaise;email="khmarbaise@apache.org";name="Karl Heinz Marbaise";roles="PMC Chair";timezone="+1",aheritier;email="aheritier@apache.org";name="Arnaud Héritier";roles="PMC Member";timezone="+1",andham;email="andham@apache.org";name="Anders Hammar";roles="PMC Member";timezone="+1",baerrach;email="baerrach@apache.org";name="Barrie Treloar";roles="PMC Member";timezone="Australia/Adelaide",bimargulies;email="bimargulies@apache.org";name="Benson Margulies";roles="PMC Member";timezone="America/New_York",brianf;email="brianf@apache.org";name="Brian Fox";organization=Sonatype;roles="PMC Member";timezone=-5,cstamas;email="cstamas@apache.org";name="Tamas Cservenak";roles="PMC Member";timezone="+1",dennisl;email="dennisl@apache.org";name="Dennis Lundberg";organization=ASF;roles="PMC Member";timezone="+1",dkulp;email="dkulp@apache.org";name="Daniel Kulp";organization=ASF;roles="PMC Member";timezone=-5,evenisse;email="evenisse@apache.org";name="Emmanuel Venisse";organization=ASF;roles="PMC Member";timezone="+1",gboue;email="gboue@apache.org";name="Guillaume Boué";roles="PMC Member";timezone="Europe/Paris",hboutemy;email="hboutemy@apache.org";name="Hervé Boutemy";organization=ASF;roles="PMC Member";timezone="Europe/Paris",ifedorenko;email="igor@ifedorenko.com";name="Igor Fedorenko";organization=Sonatype;roles="PMC Member";timezone=-5,jvanzyl;email="jason@maven.org";name="Jason van Zyl";roles="PMC Member";timezone=-5,krosenvold;email="krosenvold@apache.org";name="Kristian Rosenvold";roles="PMC Member";timezone="+1",mkleint;name="Milos Kleint";roles="PMC Member",olamy;email="olamy@apache.org";name="Olivier Lamy";roles="PMC Member";timezone="Australia/Brisbane",michaelo;email="michaelo@apache.org";name="Michael Osipov";roles="PMC Member";timezone="Europe/Berlin",rfscholte;email="rfscholte@apache.org";name="Robert Scholte";roles="PMC Member";timezone="Europe/Amsterdam",rgoers;email="rgoers@apache.org";name="Ralph Goers";organization=Intuit;roles="PMC Member";timezone=-8,sjaranowski;email="sjaranowski@apache.org";name="Slawomir Jaranowski";roles="PMC Member";timezone="Europe/Warsaw",stephenc;email="stephenc@apache.org";name="Stephen Connolly";roles="PMC Member";timezone=0,struberg;email="struberg@apache.org";name="Mark Struberg";roles="PMC Member",tibordigana;email="tibordigana@apache.org";name="Tibor Digaňa";roles="PMC Member";timezone="Europe/Bratislava",vsiveton;email="vsiveton@apache.org";name="Vincent Siveton";organization=ASF;roles="PMC Member";timezone=-5,wfay;email="wfay@apache.org";name="Wayne Fay";organization=ASF;roles="PMC Member";timezone=-6,adangel;email="adangel@apache.org";name="Andreas Dangel";roles=Committer;timezone="Europe/Berlin",bdemers;email="bdemers@apache.org";name="Brian Demers";organization=Sonatype;roles=Committer;timezone=-5,bellingard;name="Fabrice Bellingard";roles=Committer,bentmann;email="bentmann@apache.org";name="Benjamin Bentmann";organization=Sonatype;roles=Committer;timezone="+1",chrisgwarp;email="chrisgwarp@apache.org";name="Chris Graham";roles=Committer;timezone="Australia/Melbourne",dantran;email="dantran@apache.org";name="Dan Tran";roles=Committer;timezone=-8,dbradicich;email="dbradicich@apache.org";name="Damian Bradicich";organization=Sonatype;roles=Committer;timezone=-5,brett;email="brett@apache.org";name="Brett Porter";organization=ASF;roles=Committer;timezone="+10",dfabulich;email="dfabulich@apache.org";name="Daniel Fabulich";roles=Committer;timezone=-8,eolivelli;email="eolivelli@apache.org";name="Enrico Olivelli";organization=Diennea;roles=Committer;timezone="Europe/Rome",fgiust;email="fgiust@apache.org";name="Fabrizio Giustina";organization=openmind;roles=Committer;timezone="+1",gnodet;email="gnodet@apache.org";name="Guillaume Nodet";organization="Red Hat";roles=Committer;timezone="Europe/Paris",godin;email="godin@apache.org";name="Evgeny Mandrikov";organization=SonarSource;roles=Committer;timezone="+3",handyande;email="handyande@apache.org";name="Andrew Williams";roles=Committer;timezone=0,imod;email="imod@apache.org";name="Dominik Bartholdi";roles=Committer;timezone="Europe/Zurich",jjensen;name="Jeff Jensen";roles=Committer,ltheussl;email="ltheussl@apache.org";name="Lukas Theussl";roles=Committer;timezone="+1",markh;email="markh@apache.org";name="Mark Hobson";roles=Committer;timezone=0,martinkanters;email="martinkanters@apache.org";name="Martin Kanters";organization=JPoint;roles=Committer;timezone="Europe/Amsterdam",mthmulders;email="mthmulders@apache.org";name="Maarten Mulders";organization="Info Support";roles=Committer;timezone="Europe/Amsterdam",mauro;name="Mauro Talevi";roles=Committer,mfriedenhagen;email="mfriedenhagen@apache.org";name="Mirko Friedenhagen";roles=Committer;timezone="+1",mmoser;email="mmoser@apache.org";name="Manfred Moser";roles=Committer;timezone=-8,nicolas;name="Nicolas de Loof";roles=Committer,oching;name="Maria Odea B. Ching";roles=Committer,pgier;email="pgier@apache.org";name="Paul Gier";organization="Red Hat";roles=Committer;timezone=-6,ptahchiev;email="ptahchiev@apache.org";name="Petar Tahchiev";roles=Committer;timezone="+2",rafale;email="rafale@apache.org";name="Raphaël Piéroni";organization=Dexem;roles=Committer;timezone="+1",schulte;email="schulte@apache.org";name="Christian Schulte";roles=Committer;timezone="Europe/Berlin",snicoll;email="snicoll@apache.org";name="Stephane Nicoll";roles=Committer;timezone="+1",simonetripodi;email="simonetripodi@apache.org";name="Simone Tripodi";roles=Committer;timezone="+1",sor;email="sor@apache.org";name="Christian Stein";roles=Committer;timezone="Europe/Berlin",tchemit;email="tchemit@apache.org";name="Tony Chemit";organization=CodeLutin;roles=Committer;timezone="Europe/Paris",vmassol;email="vmassol@apache.org";name="Vincent Massol";organization=ASF;roles=Committer;timezone="+1",slachiewicz;email="slachiewicz@apache.org";name="Sylwester Lachiewicz";roles=Committer;timezone="Europe/Warsaw",elharo;email="elharo@apache.org";name="Elliotte Rusty Harold";roles=Committer;timezone="America/New_York",agudian;email="agudian@apache.org";name="Andreas Gudian";roles=Emeritus;timezone="Europe/Berlin",aramirez;name="Allan Q. Ramirez";roles=Emeritus,bayard;name="Henri Yandell";roles=Emeritus,carlos;email="carlos@apache.org";name="Carlos Sanchez";organization=ASF;roles=Emeritus;timezone="+1",chrisjs;name="Chris Stevenson";roles=Emeritus,dblevins;name="David Blevins";roles=Emeritus,dlr;name="Daniel Rall";roles=Emeritus,epunzalan;email="epunzalan@apache.org";name="Edwin Punzalan";roles=Emeritus;timezone=-8,felipeal;name="Felipe Leme";roles=Emeritus,jdcasey;email="jdcasey@apache.org";name="John Casey";organization=ASF;roles=Emeritus;timezone=-6,jmcconnell;email="jmcconnell@apache.org";name="Jesse McConnell";organization=ASF;roles=Emeritus;timezone=-6,joakime;email="joakime@apache.org";name="Joakim Erdfelt";organization=ASF;roles=Emeritus;timezone=-5,jruiz;email="jruiz@apache.org";name="Johnny Ruiz III";roles=Emeritus,jstrachan;name="James Strachan";roles=Emeritus,jtolentino;email="jtolentino@apache.org";name="Ernesto Tolentino Jr.";organization=ASF;roles=Emeritus;timezone="+8",kenney;email="kenney@apache.org";name="Kenney Westerhof";organization=Neonics;roles=Emeritus;timezone="+1",mperham;email="mperham@gmail.com";name="Mike Perham";organization=IBM;roles=Emeritus;timezone=-6,ogusakov;name="Oleg Gusakov";roles=Emeritus,pschneider;email="pschneider@gmail.com";name="Patrick Schneider";roles=Emeritus;timezone=-6,rinku;name="Rahul Thakur";roles=Emeritus,shinobu;name="Shinobu Kuwai";roles=Emeritus,smorgrav;name="Torbjorn Eikli Smorgrav";roles=Emeritus,trygvis;email="trygvis@apache.org";name="Trygve Laugstol";organization=ASF;roles=Emeritus;timezone="+1",wsmoak;email="wsmoak@apache.org";name="Wendy Smoak";roles=Emeritus;timezone=-7 Low Vendor Manifest bundle-docurl https://maven.apache.org/resolver/maven-resolver-impl/ Low Vendor Manifest bundle-symbolicname org.apache.maven.resolver.impl Medium Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor pom artifactid maven-resolver-impl Low Vendor pom groupid org.apache.maven.resolver Highest Vendor pom name Maven Artifact Resolver Implementation High Vendor pom parent-artifactid maven-resolver Low Product file name maven-resolver-impl High Product jar package name impl Highest Product Manifest automatic-module-name org.apache.maven.resolver.impl Medium Product Manifest build-jdk-spec 17 Low Product Manifest bundle-developers khmarbaise;email="khmarbaise@apache.org";name="Karl Heinz Marbaise";roles="PMC Chair";timezone="+1",aheritier;email="aheritier@apache.org";name="Arnaud Héritier";roles="PMC Member";timezone="+1",andham;email="andham@apache.org";name="Anders Hammar";roles="PMC Member";timezone="+1",baerrach;email="baerrach@apache.org";name="Barrie Treloar";roles="PMC Member";timezone="Australia/Adelaide",bimargulies;email="bimargulies@apache.org";name="Benson Margulies";roles="PMC Member";timezone="America/New_York",brianf;email="brianf@apache.org";name="Brian Fox";organization=Sonatype;roles="PMC Member";timezone=-5,cstamas;email="cstamas@apache.org";name="Tamas Cservenak";roles="PMC Member";timezone="+1",dennisl;email="dennisl@apache.org";name="Dennis Lundberg";organization=ASF;roles="PMC Member";timezone="+1",dkulp;email="dkulp@apache.org";name="Daniel Kulp";organization=ASF;roles="PMC Member";timezone=-5,evenisse;email="evenisse@apache.org";name="Emmanuel Venisse";organization=ASF;roles="PMC Member";timezone="+1",gboue;email="gboue@apache.org";name="Guillaume Boué";roles="PMC Member";timezone="Europe/Paris",hboutemy;email="hboutemy@apache.org";name="Hervé Boutemy";organization=ASF;roles="PMC Member";timezone="Europe/Paris",ifedorenko;email="igor@ifedorenko.com";name="Igor Fedorenko";organization=Sonatype;roles="PMC Member";timezone=-5,jvanzyl;email="jason@maven.org";name="Jason van Zyl";roles="PMC Member";timezone=-5,krosenvold;email="krosenvold@apache.org";name="Kristian Rosenvold";roles="PMC Member";timezone="+1",mkleint;name="Milos Kleint";roles="PMC Member",olamy;email="olamy@apache.org";name="Olivier Lamy";roles="PMC Member";timezone="Australia/Brisbane",michaelo;email="michaelo@apache.org";name="Michael Osipov";roles="PMC Member";timezone="Europe/Berlin",rfscholte;email="rfscholte@apache.org";name="Robert Scholte";roles="PMC Member";timezone="Europe/Amsterdam",rgoers;email="rgoers@apache.org";name="Ralph Goers";organization=Intuit;roles="PMC Member";timezone=-8,sjaranowski;email="sjaranowski@apache.org";name="Slawomir Jaranowski";roles="PMC Member";timezone="Europe/Warsaw",stephenc;email="stephenc@apache.org";name="Stephen Connolly";roles="PMC Member";timezone=0,struberg;email="struberg@apache.org";name="Mark Struberg";roles="PMC Member",tibordigana;email="tibordigana@apache.org";name="Tibor Digaňa";roles="PMC Member";timezone="Europe/Bratislava",vsiveton;email="vsiveton@apache.org";name="Vincent Siveton";organization=ASF;roles="PMC Member";timezone=-5,wfay;email="wfay@apache.org";name="Wayne Fay";organization=ASF;roles="PMC Member";timezone=-6,adangel;email="adangel@apache.org";name="Andreas Dangel";roles=Committer;timezone="Europe/Berlin",bdemers;email="bdemers@apache.org";name="Brian Demers";organization=Sonatype;roles=Committer;timezone=-5,bellingard;name="Fabrice Bellingard";roles=Committer,bentmann;email="bentmann@apache.org";name="Benjamin Bentmann";organization=Sonatype;roles=Committer;timezone="+1",chrisgwarp;email="chrisgwarp@apache.org";name="Chris Graham";roles=Committer;timezone="Australia/Melbourne",dantran;email="dantran@apache.org";name="Dan Tran";roles=Committer;timezone=-8,dbradicich;email="dbradicich@apache.org";name="Damian Bradicich";organization=Sonatype;roles=Committer;timezone=-5,brett;email="brett@apache.org";name="Brett Porter";organization=ASF;roles=Committer;timezone="+10",dfabulich;email="dfabulich@apache.org";name="Daniel Fabulich";roles=Committer;timezone=-8,eolivelli;email="eolivelli@apache.org";name="Enrico Olivelli";organization=Diennea;roles=Committer;timezone="Europe/Rome",fgiust;email="fgiust@apache.org";name="Fabrizio Giustina";organization=openmind;roles=Committer;timezone="+1",gnodet;email="gnodet@apache.org";name="Guillaume Nodet";organization="Red Hat";roles=Committer;timezone="Europe/Paris",godin;email="godin@apache.org";name="Evgeny Mandrikov";organization=SonarSource;roles=Committer;timezone="+3",handyande;email="handyande@apache.org";name="Andrew Williams";roles=Committer;timezone=0,imod;email="imod@apache.org";name="Dominik Bartholdi";roles=Committer;timezone="Europe/Zurich",jjensen;name="Jeff Jensen";roles=Committer,ltheussl;email="ltheussl@apache.org";name="Lukas Theussl";roles=Committer;timezone="+1",markh;email="markh@apache.org";name="Mark Hobson";roles=Committer;timezone=0,martinkanters;email="martinkanters@apache.org";name="Martin Kanters";organization=JPoint;roles=Committer;timezone="Europe/Amsterdam",mthmulders;email="mthmulders@apache.org";name="Maarten Mulders";organization="Info Support";roles=Committer;timezone="Europe/Amsterdam",mauro;name="Mauro Talevi";roles=Committer,mfriedenhagen;email="mfriedenhagen@apache.org";name="Mirko Friedenhagen";roles=Committer;timezone="+1",mmoser;email="mmoser@apache.org";name="Manfred Moser";roles=Committer;timezone=-8,nicolas;name="Nicolas de Loof";roles=Committer,oching;name="Maria Odea B. Ching";roles=Committer,pgier;email="pgier@apache.org";name="Paul Gier";organization="Red Hat";roles=Committer;timezone=-6,ptahchiev;email="ptahchiev@apache.org";name="Petar Tahchiev";roles=Committer;timezone="+2",rafale;email="rafale@apache.org";name="Raphaël Piéroni";organization=Dexem;roles=Committer;timezone="+1",schulte;email="schulte@apache.org";name="Christian Schulte";roles=Committer;timezone="Europe/Berlin",snicoll;email="snicoll@apache.org";name="Stephane Nicoll";roles=Committer;timezone="+1",simonetripodi;email="simonetripodi@apache.org";name="Simone Tripodi";roles=Committer;timezone="+1",sor;email="sor@apache.org";name="Christian Stein";roles=Committer;timezone="Europe/Berlin",tchemit;email="tchemit@apache.org";name="Tony Chemit";organization=CodeLutin;roles=Committer;timezone="Europe/Paris",vmassol;email="vmassol@apache.org";name="Vincent Massol";organization=ASF;roles=Committer;timezone="+1",slachiewicz;email="slachiewicz@apache.org";name="Sylwester Lachiewicz";roles=Committer;timezone="Europe/Warsaw",elharo;email="elharo@apache.org";name="Elliotte Rusty Harold";roles=Committer;timezone="America/New_York",agudian;email="agudian@apache.org";name="Andreas Gudian";roles=Emeritus;timezone="Europe/Berlin",aramirez;name="Allan Q. Ramirez";roles=Emeritus,bayard;name="Henri Yandell";roles=Emeritus,carlos;email="carlos@apache.org";name="Carlos Sanchez";organization=ASF;roles=Emeritus;timezone="+1",chrisjs;name="Chris Stevenson";roles=Emeritus,dblevins;name="David Blevins";roles=Emeritus,dlr;name="Daniel Rall";roles=Emeritus,epunzalan;email="epunzalan@apache.org";name="Edwin Punzalan";roles=Emeritus;timezone=-8,felipeal;name="Felipe Leme";roles=Emeritus,jdcasey;email="jdcasey@apache.org";name="John Casey";organization=ASF;roles=Emeritus;timezone=-6,jmcconnell;email="jmcconnell@apache.org";name="Jesse McConnell";organization=ASF;roles=Emeritus;timezone=-6,joakime;email="joakime@apache.org";name="Joakim Erdfelt";organization=ASF;roles=Emeritus;timezone=-5,jruiz;email="jruiz@apache.org";name="Johnny Ruiz III";roles=Emeritus,jstrachan;name="James Strachan";roles=Emeritus,jtolentino;email="jtolentino@apache.org";name="Ernesto Tolentino Jr.";organization=ASF;roles=Emeritus;timezone="+8",kenney;email="kenney@apache.org";name="Kenney Westerhof";organization=Neonics;roles=Emeritus;timezone="+1",mperham;email="mperham@gmail.com";name="Mike Perham";organization=IBM;roles=Emeritus;timezone=-6,ogusakov;name="Oleg Gusakov";roles=Emeritus,pschneider;email="pschneider@gmail.com";name="Patrick Schneider";roles=Emeritus;timezone=-6,rinku;name="Rahul Thakur";roles=Emeritus,shinobu;name="Shinobu Kuwai";roles=Emeritus,smorgrav;name="Torbjorn Eikli Smorgrav";roles=Emeritus,trygvis;email="trygvis@apache.org";name="Trygve Laugstol";organization=ASF;roles=Emeritus;timezone="+1",wsmoak;email="wsmoak@apache.org";name="Wendy Smoak";roles=Emeritus;timezone=-7 Low Product Manifest bundle-docurl https://maven.apache.org/resolver/maven-resolver-impl/ Low Product Manifest Bundle-Name Maven Artifact Resolver Implementation Medium Product Manifest bundle-symbolicname org.apache.maven.resolver.impl Medium Product Manifest Implementation-Title Maven Artifact Resolver Implementation High Product Manifest specification-title Maven Artifact Resolver Implementation Medium Product pom artifactid maven-resolver-impl Highest Product pom groupid org.apache.maven.resolver Highest Product pom name Maven Artifact Resolver Implementation High Product pom parent-artifactid maven-resolver Medium Version file version 1.9.4 High Version Manifest Bundle-Version 1.9.4 High Version Manifest Implementation-Version 1.9.4 High Version pom version 1.9.4 Highest
Description:
A synchronization utility implementation using Named locks.
License:
"Apache License, Version 2.0";link="https://www.apache.org/licenses/LICENSE-2.0.txt" File Path: /home/runner/.m2/repository/org/apache/maven/resolver/maven-resolver-named-locks/1.9.4/maven-resolver-named-locks-1.9.4.jar
MD5: bbed1bcd8f62d7e018c4c1e5a35d4ed5
SHA1: 2ab6d851f225024e8379913450c0c57d30f7bdd5
SHA256: 5573f97e84d57f6cd41eba4caccd1ff1b62b649f73a80910a3f992a00fb95b1f
Evidence Type Source Name Value Confidence Vendor file name maven-resolver-named-locks High Vendor jar package name named Highest Vendor Manifest automatic-module-name org.apache.maven.resolver.named Medium Vendor Manifest build-jdk-spec 17 Low Vendor Manifest bundle-developers khmarbaise;email="khmarbaise@apache.org";name="Karl Heinz Marbaise";roles="PMC Chair";timezone="+1",aheritier;email="aheritier@apache.org";name="Arnaud Héritier";roles="PMC Member";timezone="+1",andham;email="andham@apache.org";name="Anders Hammar";roles="PMC Member";timezone="+1",baerrach;email="baerrach@apache.org";name="Barrie Treloar";roles="PMC Member";timezone="Australia/Adelaide",bimargulies;email="bimargulies@apache.org";name="Benson Margulies";roles="PMC Member";timezone="America/New_York",brianf;email="brianf@apache.org";name="Brian Fox";organization=Sonatype;roles="PMC Member";timezone=-5,cstamas;email="cstamas@apache.org";name="Tamas Cservenak";roles="PMC Member";timezone="+1",dennisl;email="dennisl@apache.org";name="Dennis Lundberg";organization=ASF;roles="PMC Member";timezone="+1",dkulp;email="dkulp@apache.org";name="Daniel Kulp";organization=ASF;roles="PMC Member";timezone=-5,evenisse;email="evenisse@apache.org";name="Emmanuel Venisse";organization=ASF;roles="PMC Member";timezone="+1",gboue;email="gboue@apache.org";name="Guillaume Boué";roles="PMC Member";timezone="Europe/Paris",hboutemy;email="hboutemy@apache.org";name="Hervé Boutemy";organization=ASF;roles="PMC Member";timezone="Europe/Paris",ifedorenko;email="igor@ifedorenko.com";name="Igor Fedorenko";organization=Sonatype;roles="PMC Member";timezone=-5,jvanzyl;email="jason@maven.org";name="Jason van Zyl";roles="PMC Member";timezone=-5,krosenvold;email="krosenvold@apache.org";name="Kristian Rosenvold";roles="PMC Member";timezone="+1",mkleint;name="Milos Kleint";roles="PMC Member",olamy;email="olamy@apache.org";name="Olivier Lamy";roles="PMC Member";timezone="Australia/Brisbane",michaelo;email="michaelo@apache.org";name="Michael Osipov";roles="PMC Member";timezone="Europe/Berlin",rfscholte;email="rfscholte@apache.org";name="Robert Scholte";roles="PMC Member";timezone="Europe/Amsterdam",rgoers;email="rgoers@apache.org";name="Ralph Goers";organization=Intuit;roles="PMC Member";timezone=-8,sjaranowski;email="sjaranowski@apache.org";name="Slawomir Jaranowski";roles="PMC Member";timezone="Europe/Warsaw",stephenc;email="stephenc@apache.org";name="Stephen Connolly";roles="PMC Member";timezone=0,struberg;email="struberg@apache.org";name="Mark Struberg";roles="PMC Member",tibordigana;email="tibordigana@apache.org";name="Tibor Digaňa";roles="PMC Member";timezone="Europe/Bratislava",vsiveton;email="vsiveton@apache.org";name="Vincent Siveton";organization=ASF;roles="PMC Member";timezone=-5,wfay;email="wfay@apache.org";name="Wayne Fay";organization=ASF;roles="PMC Member";timezone=-6,adangel;email="adangel@apache.org";name="Andreas Dangel";roles=Committer;timezone="Europe/Berlin",bdemers;email="bdemers@apache.org";name="Brian Demers";organization=Sonatype;roles=Committer;timezone=-5,bellingard;name="Fabrice Bellingard";roles=Committer,bentmann;email="bentmann@apache.org";name="Benjamin Bentmann";organization=Sonatype;roles=Committer;timezone="+1",chrisgwarp;email="chrisgwarp@apache.org";name="Chris Graham";roles=Committer;timezone="Australia/Melbourne",dantran;email="dantran@apache.org";name="Dan Tran";roles=Committer;timezone=-8,dbradicich;email="dbradicich@apache.org";name="Damian Bradicich";organization=Sonatype;roles=Committer;timezone=-5,brett;email="brett@apache.org";name="Brett Porter";organization=ASF;roles=Committer;timezone="+10",dfabulich;email="dfabulich@apache.org";name="Daniel Fabulich";roles=Committer;timezone=-8,eolivelli;email="eolivelli@apache.org";name="Enrico Olivelli";organization=Diennea;roles=Committer;timezone="Europe/Rome",fgiust;email="fgiust@apache.org";name="Fabrizio Giustina";organization=openmind;roles=Committer;timezone="+1",gnodet;email="gnodet@apache.org";name="Guillaume Nodet";organization="Red Hat";roles=Committer;timezone="Europe/Paris",godin;email="godin@apache.org";name="Evgeny Mandrikov";organization=SonarSource;roles=Committer;timezone="+3",handyande;email="handyande@apache.org";name="Andrew Williams";roles=Committer;timezone=0,imod;email="imod@apache.org";name="Dominik Bartholdi";roles=Committer;timezone="Europe/Zurich",jjensen;name="Jeff Jensen";roles=Committer,ltheussl;email="ltheussl@apache.org";name="Lukas Theussl";roles=Committer;timezone="+1",markh;email="markh@apache.org";name="Mark Hobson";roles=Committer;timezone=0,martinkanters;email="martinkanters@apache.org";name="Martin Kanters";organization=JPoint;roles=Committer;timezone="Europe/Amsterdam",mthmulders;email="mthmulders@apache.org";name="Maarten Mulders";organization="Info Support";roles=Committer;timezone="Europe/Amsterdam",mauro;name="Mauro Talevi";roles=Committer,mfriedenhagen;email="mfriedenhagen@apache.org";name="Mirko Friedenhagen";roles=Committer;timezone="+1",mmoser;email="mmoser@apache.org";name="Manfred Moser";roles=Committer;timezone=-8,nicolas;name="Nicolas de Loof";roles=Committer,oching;name="Maria Odea B. Ching";roles=Committer,pgier;email="pgier@apache.org";name="Paul Gier";organization="Red Hat";roles=Committer;timezone=-6,ptahchiev;email="ptahchiev@apache.org";name="Petar Tahchiev";roles=Committer;timezone="+2",rafale;email="rafale@apache.org";name="Raphaël Piéroni";organization=Dexem;roles=Committer;timezone="+1",schulte;email="schulte@apache.org";name="Christian Schulte";roles=Committer;timezone="Europe/Berlin",snicoll;email="snicoll@apache.org";name="Stephane Nicoll";roles=Committer;timezone="+1",simonetripodi;email="simonetripodi@apache.org";name="Simone Tripodi";roles=Committer;timezone="+1",sor;email="sor@apache.org";name="Christian Stein";roles=Committer;timezone="Europe/Berlin",tchemit;email="tchemit@apache.org";name="Tony Chemit";organization=CodeLutin;roles=Committer;timezone="Europe/Paris",vmassol;email="vmassol@apache.org";name="Vincent Massol";organization=ASF;roles=Committer;timezone="+1",slachiewicz;email="slachiewicz@apache.org";name="Sylwester Lachiewicz";roles=Committer;timezone="Europe/Warsaw",elharo;email="elharo@apache.org";name="Elliotte Rusty Harold";roles=Committer;timezone="America/New_York",agudian;email="agudian@apache.org";name="Andreas Gudian";roles=Emeritus;timezone="Europe/Berlin",aramirez;name="Allan Q. Ramirez";roles=Emeritus,bayard;name="Henri Yandell";roles=Emeritus,carlos;email="carlos@apache.org";name="Carlos Sanchez";organization=ASF;roles=Emeritus;timezone="+1",chrisjs;name="Chris Stevenson";roles=Emeritus,dblevins;name="David Blevins";roles=Emeritus,dlr;name="Daniel Rall";roles=Emeritus,epunzalan;email="epunzalan@apache.org";name="Edwin Punzalan";roles=Emeritus;timezone=-8,felipeal;name="Felipe Leme";roles=Emeritus,jdcasey;email="jdcasey@apache.org";name="John Casey";organization=ASF;roles=Emeritus;timezone=-6,jmcconnell;email="jmcconnell@apache.org";name="Jesse McConnell";organization=ASF;roles=Emeritus;timezone=-6,joakime;email="joakime@apache.org";name="Joakim Erdfelt";organization=ASF;roles=Emeritus;timezone=-5,jruiz;email="jruiz@apache.org";name="Johnny Ruiz III";roles=Emeritus,jstrachan;name="James Strachan";roles=Emeritus,jtolentino;email="jtolentino@apache.org";name="Ernesto Tolentino Jr.";organization=ASF;roles=Emeritus;timezone="+8",kenney;email="kenney@apache.org";name="Kenney Westerhof";organization=Neonics;roles=Emeritus;timezone="+1",mperham;email="mperham@gmail.com";name="Mike Perham";organization=IBM;roles=Emeritus;timezone=-6,ogusakov;name="Oleg Gusakov";roles=Emeritus,pschneider;email="pschneider@gmail.com";name="Patrick Schneider";roles=Emeritus;timezone=-6,rinku;name="Rahul Thakur";roles=Emeritus,shinobu;name="Shinobu Kuwai";roles=Emeritus,smorgrav;name="Torbjorn Eikli Smorgrav";roles=Emeritus,trygvis;email="trygvis@apache.org";name="Trygve Laugstol";organization=ASF;roles=Emeritus;timezone="+1",wsmoak;email="wsmoak@apache.org";name="Wendy Smoak";roles=Emeritus;timezone=-7 Low Vendor Manifest bundle-docurl https://maven.apache.org/resolver/maven-resolver-named-locks/ Low Vendor Manifest bundle-symbolicname org.apache.maven.resolver.named Medium Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor pom artifactid maven-resolver-named-locks Low Vendor pom groupid org.apache.maven.resolver Highest Vendor pom name Maven Artifact Resolver Named Locks High Vendor pom parent-artifactid maven-resolver Low Product file name maven-resolver-named-locks High Product jar package name named Highest Product jar package name support Highest Product Manifest automatic-module-name org.apache.maven.resolver.named Medium Product Manifest build-jdk-spec 17 Low Product Manifest bundle-developers khmarbaise;email="khmarbaise@apache.org";name="Karl Heinz Marbaise";roles="PMC Chair";timezone="+1",aheritier;email="aheritier@apache.org";name="Arnaud Héritier";roles="PMC Member";timezone="+1",andham;email="andham@apache.org";name="Anders Hammar";roles="PMC Member";timezone="+1",baerrach;email="baerrach@apache.org";name="Barrie Treloar";roles="PMC Member";timezone="Australia/Adelaide",bimargulies;email="bimargulies@apache.org";name="Benson Margulies";roles="PMC Member";timezone="America/New_York",brianf;email="brianf@apache.org";name="Brian Fox";organization=Sonatype;roles="PMC Member";timezone=-5,cstamas;email="cstamas@apache.org";name="Tamas Cservenak";roles="PMC Member";timezone="+1",dennisl;email="dennisl@apache.org";name="Dennis Lundberg";organization=ASF;roles="PMC Member";timezone="+1",dkulp;email="dkulp@apache.org";name="Daniel Kulp";organization=ASF;roles="PMC Member";timezone=-5,evenisse;email="evenisse@apache.org";name="Emmanuel Venisse";organization=ASF;roles="PMC Member";timezone="+1",gboue;email="gboue@apache.org";name="Guillaume Boué";roles="PMC Member";timezone="Europe/Paris",hboutemy;email="hboutemy@apache.org";name="Hervé Boutemy";organization=ASF;roles="PMC Member";timezone="Europe/Paris",ifedorenko;email="igor@ifedorenko.com";name="Igor Fedorenko";organization=Sonatype;roles="PMC Member";timezone=-5,jvanzyl;email="jason@maven.org";name="Jason van Zyl";roles="PMC Member";timezone=-5,krosenvold;email="krosenvold@apache.org";name="Kristian Rosenvold";roles="PMC Member";timezone="+1",mkleint;name="Milos Kleint";roles="PMC Member",olamy;email="olamy@apache.org";name="Olivier Lamy";roles="PMC Member";timezone="Australia/Brisbane",michaelo;email="michaelo@apache.org";name="Michael Osipov";roles="PMC Member";timezone="Europe/Berlin",rfscholte;email="rfscholte@apache.org";name="Robert Scholte";roles="PMC Member";timezone="Europe/Amsterdam",rgoers;email="rgoers@apache.org";name="Ralph Goers";organization=Intuit;roles="PMC Member";timezone=-8,sjaranowski;email="sjaranowski@apache.org";name="Slawomir Jaranowski";roles="PMC Member";timezone="Europe/Warsaw",stephenc;email="stephenc@apache.org";name="Stephen Connolly";roles="PMC Member";timezone=0,struberg;email="struberg@apache.org";name="Mark Struberg";roles="PMC Member",tibordigana;email="tibordigana@apache.org";name="Tibor Digaňa";roles="PMC Member";timezone="Europe/Bratislava",vsiveton;email="vsiveton@apache.org";name="Vincent Siveton";organization=ASF;roles="PMC Member";timezone=-5,wfay;email="wfay@apache.org";name="Wayne Fay";organization=ASF;roles="PMC Member";timezone=-6,adangel;email="adangel@apache.org";name="Andreas Dangel";roles=Committer;timezone="Europe/Berlin",bdemers;email="bdemers@apache.org";name="Brian Demers";organization=Sonatype;roles=Committer;timezone=-5,bellingard;name="Fabrice Bellingard";roles=Committer,bentmann;email="bentmann@apache.org";name="Benjamin Bentmann";organization=Sonatype;roles=Committer;timezone="+1",chrisgwarp;email="chrisgwarp@apache.org";name="Chris Graham";roles=Committer;timezone="Australia/Melbourne",dantran;email="dantran@apache.org";name="Dan Tran";roles=Committer;timezone=-8,dbradicich;email="dbradicich@apache.org";name="Damian Bradicich";organization=Sonatype;roles=Committer;timezone=-5,brett;email="brett@apache.org";name="Brett Porter";organization=ASF;roles=Committer;timezone="+10",dfabulich;email="dfabulich@apache.org";name="Daniel Fabulich";roles=Committer;timezone=-8,eolivelli;email="eolivelli@apache.org";name="Enrico Olivelli";organization=Diennea;roles=Committer;timezone="Europe/Rome",fgiust;email="fgiust@apache.org";name="Fabrizio Giustina";organization=openmind;roles=Committer;timezone="+1",gnodet;email="gnodet@apache.org";name="Guillaume Nodet";organization="Red Hat";roles=Committer;timezone="Europe/Paris",godin;email="godin@apache.org";name="Evgeny Mandrikov";organization=SonarSource;roles=Committer;timezone="+3",handyande;email="handyande@apache.org";name="Andrew Williams";roles=Committer;timezone=0,imod;email="imod@apache.org";name="Dominik Bartholdi";roles=Committer;timezone="Europe/Zurich",jjensen;name="Jeff Jensen";roles=Committer,ltheussl;email="ltheussl@apache.org";name="Lukas Theussl";roles=Committer;timezone="+1",markh;email="markh@apache.org";name="Mark Hobson";roles=Committer;timezone=0,martinkanters;email="martinkanters@apache.org";name="Martin Kanters";organization=JPoint;roles=Committer;timezone="Europe/Amsterdam",mthmulders;email="mthmulders@apache.org";name="Maarten Mulders";organization="Info Support";roles=Committer;timezone="Europe/Amsterdam",mauro;name="Mauro Talevi";roles=Committer,mfriedenhagen;email="mfriedenhagen@apache.org";name="Mirko Friedenhagen";roles=Committer;timezone="+1",mmoser;email="mmoser@apache.org";name="Manfred Moser";roles=Committer;timezone=-8,nicolas;name="Nicolas de Loof";roles=Committer,oching;name="Maria Odea B. Ching";roles=Committer,pgier;email="pgier@apache.org";name="Paul Gier";organization="Red Hat";roles=Committer;timezone=-6,ptahchiev;email="ptahchiev@apache.org";name="Petar Tahchiev";roles=Committer;timezone="+2",rafale;email="rafale@apache.org";name="Raphaël Piéroni";organization=Dexem;roles=Committer;timezone="+1",schulte;email="schulte@apache.org";name="Christian Schulte";roles=Committer;timezone="Europe/Berlin",snicoll;email="snicoll@apache.org";name="Stephane Nicoll";roles=Committer;timezone="+1",simonetripodi;email="simonetripodi@apache.org";name="Simone Tripodi";roles=Committer;timezone="+1",sor;email="sor@apache.org";name="Christian Stein";roles=Committer;timezone="Europe/Berlin",tchemit;email="tchemit@apache.org";name="Tony Chemit";organization=CodeLutin;roles=Committer;timezone="Europe/Paris",vmassol;email="vmassol@apache.org";name="Vincent Massol";organization=ASF;roles=Committer;timezone="+1",slachiewicz;email="slachiewicz@apache.org";name="Sylwester Lachiewicz";roles=Committer;timezone="Europe/Warsaw",elharo;email="elharo@apache.org";name="Elliotte Rusty Harold";roles=Committer;timezone="America/New_York",agudian;email="agudian@apache.org";name="Andreas Gudian";roles=Emeritus;timezone="Europe/Berlin",aramirez;name="Allan Q. Ramirez";roles=Emeritus,bayard;name="Henri Yandell";roles=Emeritus,carlos;email="carlos@apache.org";name="Carlos Sanchez";organization=ASF;roles=Emeritus;timezone="+1",chrisjs;name="Chris Stevenson";roles=Emeritus,dblevins;name="David Blevins";roles=Emeritus,dlr;name="Daniel Rall";roles=Emeritus,epunzalan;email="epunzalan@apache.org";name="Edwin Punzalan";roles=Emeritus;timezone=-8,felipeal;name="Felipe Leme";roles=Emeritus,jdcasey;email="jdcasey@apache.org";name="John Casey";organization=ASF;roles=Emeritus;timezone=-6,jmcconnell;email="jmcconnell@apache.org";name="Jesse McConnell";organization=ASF;roles=Emeritus;timezone=-6,joakime;email="joakime@apache.org";name="Joakim Erdfelt";organization=ASF;roles=Emeritus;timezone=-5,jruiz;email="jruiz@apache.org";name="Johnny Ruiz III";roles=Emeritus,jstrachan;name="James Strachan";roles=Emeritus,jtolentino;email="jtolentino@apache.org";name="Ernesto Tolentino Jr.";organization=ASF;roles=Emeritus;timezone="+8",kenney;email="kenney@apache.org";name="Kenney Westerhof";organization=Neonics;roles=Emeritus;timezone="+1",mperham;email="mperham@gmail.com";name="Mike Perham";organization=IBM;roles=Emeritus;timezone=-6,ogusakov;name="Oleg Gusakov";roles=Emeritus,pschneider;email="pschneider@gmail.com";name="Patrick Schneider";roles=Emeritus;timezone=-6,rinku;name="Rahul Thakur";roles=Emeritus,shinobu;name="Shinobu Kuwai";roles=Emeritus,smorgrav;name="Torbjorn Eikli Smorgrav";roles=Emeritus,trygvis;email="trygvis@apache.org";name="Trygve Laugstol";organization=ASF;roles=Emeritus;timezone="+1",wsmoak;email="wsmoak@apache.org";name="Wendy Smoak";roles=Emeritus;timezone=-7 Low Product Manifest bundle-docurl https://maven.apache.org/resolver/maven-resolver-named-locks/ Low Product Manifest Bundle-Name Maven Artifact Resolver Named Locks Medium Product Manifest bundle-symbolicname org.apache.maven.resolver.named Medium Product Manifest Implementation-Title Maven Artifact Resolver Named Locks High Product Manifest specification-title Maven Artifact Resolver Named Locks Medium Product pom artifactid maven-resolver-named-locks Highest Product pom groupid org.apache.maven.resolver Highest Product pom name Maven Artifact Resolver Named Locks High Product pom parent-artifactid maven-resolver Medium Version file version 1.9.4 High Version Manifest Bundle-Version 1.9.4 High Version Manifest Implementation-Version 1.9.4 High Version pom version 1.9.4 Highest
Description:
Extensions to Maven Resolver for utilizing Maven POM and repository metadata. File Path: /home/runner/.m2/repository/org/apache/maven/maven-resolver-provider/3.8.7/maven-resolver-provider-3.8.7.jarMD5: 8d4cd6c9ee7a714ea2e0dd9456c3318aSHA1: 6de6ce43ddd256a9edd02b5f74961181a961816aSHA256: 98a5f43a2988078558cc22f8641124c74572dd9e600bc7d7db7de9ae88cc11ba
Evidence Type Source Name Value Confidence Vendor file name maven-resolver-provider High Vendor jar package name apache Highest Vendor jar package name maven Highest Vendor jar package name repository Highest Vendor Manifest build-jdk-spec 1.8 Low Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor pom artifactid maven-resolver-provider Low Vendor pom groupid org.apache.maven Highest Vendor pom name Maven Artifact Resolver Provider High Vendor pom parent-artifactid maven Low Product file name maven-resolver-provider High Product jar package name apache Highest Product jar package name maven Highest Product jar package name repository Highest Product Manifest build-jdk-spec 1.8 Low Product Manifest Implementation-Title Maven Artifact Resolver Provider High Product Manifest specification-title Maven Artifact Resolver Provider Medium Product pom artifactid maven-resolver-provider Highest Product pom groupid org.apache.maven Highest Product pom name Maven Artifact Resolver Provider High Product pom parent-artifactid maven Medium Version file version 3.8.7 High Version Manifest Implementation-Version 3.8.7 High Version pom version 3.8.7 Highest
Description:
The service provider interface for repository system implementations and repository connectors.
License:
"Apache License, Version 2.0";link="https://www.apache.org/licenses/LICENSE-2.0.txt" File Path: /home/runner/.m2/repository/org/apache/maven/resolver/maven-resolver-spi/1.9.4/maven-resolver-spi-1.9.4.jar
MD5: 2b6c88f0c7f9eca6d99e1d03f0ed6d36
SHA1: 9a73fd22d92e9ee80785920fd36efa0585f7818b
SHA256: b8a6ec8ace311db57d098641cd56016d002bb8f8f44d1ff4cd2ca69d1d3497ac
Evidence Type Source Name Value Confidence Vendor file name maven-resolver-spi High Vendor jar package name spi Highest Vendor Manifest automatic-module-name org.apache.maven.resolver.spi Medium Vendor Manifest build-jdk-spec 17 Low Vendor Manifest bundle-developers khmarbaise;email="khmarbaise@apache.org";name="Karl Heinz Marbaise";roles="PMC Chair";timezone="+1",aheritier;email="aheritier@apache.org";name="Arnaud Héritier";roles="PMC Member";timezone="+1",andham;email="andham@apache.org";name="Anders Hammar";roles="PMC Member";timezone="+1",baerrach;email="baerrach@apache.org";name="Barrie Treloar";roles="PMC Member";timezone="Australia/Adelaide",bimargulies;email="bimargulies@apache.org";name="Benson Margulies";roles="PMC Member";timezone="America/New_York",brianf;email="brianf@apache.org";name="Brian Fox";organization=Sonatype;roles="PMC Member";timezone=-5,cstamas;email="cstamas@apache.org";name="Tamas Cservenak";roles="PMC Member";timezone="+1",dennisl;email="dennisl@apache.org";name="Dennis Lundberg";organization=ASF;roles="PMC Member";timezone="+1",dkulp;email="dkulp@apache.org";name="Daniel Kulp";organization=ASF;roles="PMC Member";timezone=-5,evenisse;email="evenisse@apache.org";name="Emmanuel Venisse";organization=ASF;roles="PMC Member";timezone="+1",gboue;email="gboue@apache.org";name="Guillaume Boué";roles="PMC Member";timezone="Europe/Paris",hboutemy;email="hboutemy@apache.org";name="Hervé Boutemy";organization=ASF;roles="PMC Member";timezone="Europe/Paris",ifedorenko;email="igor@ifedorenko.com";name="Igor Fedorenko";organization=Sonatype;roles="PMC Member";timezone=-5,jvanzyl;email="jason@maven.org";name="Jason van Zyl";roles="PMC Member";timezone=-5,krosenvold;email="krosenvold@apache.org";name="Kristian Rosenvold";roles="PMC Member";timezone="+1",mkleint;name="Milos Kleint";roles="PMC Member",olamy;email="olamy@apache.org";name="Olivier Lamy";roles="PMC Member";timezone="Australia/Brisbane",michaelo;email="michaelo@apache.org";name="Michael Osipov";roles="PMC Member";timezone="Europe/Berlin",rfscholte;email="rfscholte@apache.org";name="Robert Scholte";roles="PMC Member";timezone="Europe/Amsterdam",rgoers;email="rgoers@apache.org";name="Ralph Goers";organization=Intuit;roles="PMC Member";timezone=-8,sjaranowski;email="sjaranowski@apache.org";name="Slawomir Jaranowski";roles="PMC Member";timezone="Europe/Warsaw",stephenc;email="stephenc@apache.org";name="Stephen Connolly";roles="PMC Member";timezone=0,struberg;email="struberg@apache.org";name="Mark Struberg";roles="PMC Member",tibordigana;email="tibordigana@apache.org";name="Tibor Digaňa";roles="PMC Member";timezone="Europe/Bratislava",vsiveton;email="vsiveton@apache.org";name="Vincent Siveton";organization=ASF;roles="PMC Member";timezone=-5,wfay;email="wfay@apache.org";name="Wayne Fay";organization=ASF;roles="PMC Member";timezone=-6,adangel;email="adangel@apache.org";name="Andreas Dangel";roles=Committer;timezone="Europe/Berlin",bdemers;email="bdemers@apache.org";name="Brian Demers";organization=Sonatype;roles=Committer;timezone=-5,bellingard;name="Fabrice Bellingard";roles=Committer,bentmann;email="bentmann@apache.org";name="Benjamin Bentmann";organization=Sonatype;roles=Committer;timezone="+1",chrisgwarp;email="chrisgwarp@apache.org";name="Chris Graham";roles=Committer;timezone="Australia/Melbourne",dantran;email="dantran@apache.org";name="Dan Tran";roles=Committer;timezone=-8,dbradicich;email="dbradicich@apache.org";name="Damian Bradicich";organization=Sonatype;roles=Committer;timezone=-5,brett;email="brett@apache.org";name="Brett Porter";organization=ASF;roles=Committer;timezone="+10",dfabulich;email="dfabulich@apache.org";name="Daniel Fabulich";roles=Committer;timezone=-8,eolivelli;email="eolivelli@apache.org";name="Enrico Olivelli";organization=Diennea;roles=Committer;timezone="Europe/Rome",fgiust;email="fgiust@apache.org";name="Fabrizio Giustina";organization=openmind;roles=Committer;timezone="+1",gnodet;email="gnodet@apache.org";name="Guillaume Nodet";organization="Red Hat";roles=Committer;timezone="Europe/Paris",godin;email="godin@apache.org";name="Evgeny Mandrikov";organization=SonarSource;roles=Committer;timezone="+3",handyande;email="handyande@apache.org";name="Andrew Williams";roles=Committer;timezone=0,imod;email="imod@apache.org";name="Dominik Bartholdi";roles=Committer;timezone="Europe/Zurich",jjensen;name="Jeff Jensen";roles=Committer,ltheussl;email="ltheussl@apache.org";name="Lukas Theussl";roles=Committer;timezone="+1",markh;email="markh@apache.org";name="Mark Hobson";roles=Committer;timezone=0,martinkanters;email="martinkanters@apache.org";name="Martin Kanters";organization=JPoint;roles=Committer;timezone="Europe/Amsterdam",mthmulders;email="mthmulders@apache.org";name="Maarten Mulders";organization="Info Support";roles=Committer;timezone="Europe/Amsterdam",mauro;name="Mauro Talevi";roles=Committer,mfriedenhagen;email="mfriedenhagen@apache.org";name="Mirko Friedenhagen";roles=Committer;timezone="+1",mmoser;email="mmoser@apache.org";name="Manfred Moser";roles=Committer;timezone=-8,nicolas;name="Nicolas de Loof";roles=Committer,oching;name="Maria Odea B. Ching";roles=Committer,pgier;email="pgier@apache.org";name="Paul Gier";organization="Red Hat";roles=Committer;timezone=-6,ptahchiev;email="ptahchiev@apache.org";name="Petar Tahchiev";roles=Committer;timezone="+2",rafale;email="rafale@apache.org";name="Raphaël Piéroni";organization=Dexem;roles=Committer;timezone="+1",schulte;email="schulte@apache.org";name="Christian Schulte";roles=Committer;timezone="Europe/Berlin",snicoll;email="snicoll@apache.org";name="Stephane Nicoll";roles=Committer;timezone="+1",simonetripodi;email="simonetripodi@apache.org";name="Simone Tripodi";roles=Committer;timezone="+1",sor;email="sor@apache.org";name="Christian Stein";roles=Committer;timezone="Europe/Berlin",tchemit;email="tchemit@apache.org";name="Tony Chemit";organization=CodeLutin;roles=Committer;timezone="Europe/Paris",vmassol;email="vmassol@apache.org";name="Vincent Massol";organization=ASF;roles=Committer;timezone="+1",slachiewicz;email="slachiewicz@apache.org";name="Sylwester Lachiewicz";roles=Committer;timezone="Europe/Warsaw",elharo;email="elharo@apache.org";name="Elliotte Rusty Harold";roles=Committer;timezone="America/New_York",agudian;email="agudian@apache.org";name="Andreas Gudian";roles=Emeritus;timezone="Europe/Berlin",aramirez;name="Allan Q. Ramirez";roles=Emeritus,bayard;name="Henri Yandell";roles=Emeritus,carlos;email="carlos@apache.org";name="Carlos Sanchez";organization=ASF;roles=Emeritus;timezone="+1",chrisjs;name="Chris Stevenson";roles=Emeritus,dblevins;name="David Blevins";roles=Emeritus,dlr;name="Daniel Rall";roles=Emeritus,epunzalan;email="epunzalan@apache.org";name="Edwin Punzalan";roles=Emeritus;timezone=-8,felipeal;name="Felipe Leme";roles=Emeritus,jdcasey;email="jdcasey@apache.org";name="John Casey";organization=ASF;roles=Emeritus;timezone=-6,jmcconnell;email="jmcconnell@apache.org";name="Jesse McConnell";organization=ASF;roles=Emeritus;timezone=-6,joakime;email="joakime@apache.org";name="Joakim Erdfelt";organization=ASF;roles=Emeritus;timezone=-5,jruiz;email="jruiz@apache.org";name="Johnny Ruiz III";roles=Emeritus,jstrachan;name="James Strachan";roles=Emeritus,jtolentino;email="jtolentino@apache.org";name="Ernesto Tolentino Jr.";organization=ASF;roles=Emeritus;timezone="+8",kenney;email="kenney@apache.org";name="Kenney Westerhof";organization=Neonics;roles=Emeritus;timezone="+1",mperham;email="mperham@gmail.com";name="Mike Perham";organization=IBM;roles=Emeritus;timezone=-6,ogusakov;name="Oleg Gusakov";roles=Emeritus,pschneider;email="pschneider@gmail.com";name="Patrick Schneider";roles=Emeritus;timezone=-6,rinku;name="Rahul Thakur";roles=Emeritus,shinobu;name="Shinobu Kuwai";roles=Emeritus,smorgrav;name="Torbjorn Eikli Smorgrav";roles=Emeritus,trygvis;email="trygvis@apache.org";name="Trygve Laugstol";organization=ASF;roles=Emeritus;timezone="+1",wsmoak;email="wsmoak@apache.org";name="Wendy Smoak";roles=Emeritus;timezone=-7 Low Vendor Manifest bundle-docurl https://maven.apache.org/resolver/maven-resolver-spi/ Low Vendor Manifest bundle-symbolicname org.apache.maven.resolver.spi Medium Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor pom artifactid maven-resolver-spi Low Vendor pom groupid org.apache.maven.resolver Highest Vendor pom name Maven Artifact Resolver SPI High Vendor pom parent-artifactid maven-resolver Low Product file name maven-resolver-spi High Product jar package name spi Highest Product Manifest automatic-module-name org.apache.maven.resolver.spi Medium Product Manifest build-jdk-spec 17 Low Product Manifest bundle-developers khmarbaise;email="khmarbaise@apache.org";name="Karl Heinz Marbaise";roles="PMC Chair";timezone="+1",aheritier;email="aheritier@apache.org";name="Arnaud Héritier";roles="PMC Member";timezone="+1",andham;email="andham@apache.org";name="Anders Hammar";roles="PMC Member";timezone="+1",baerrach;email="baerrach@apache.org";name="Barrie Treloar";roles="PMC Member";timezone="Australia/Adelaide",bimargulies;email="bimargulies@apache.org";name="Benson Margulies";roles="PMC Member";timezone="America/New_York",brianf;email="brianf@apache.org";name="Brian Fox";organization=Sonatype;roles="PMC Member";timezone=-5,cstamas;email="cstamas@apache.org";name="Tamas Cservenak";roles="PMC Member";timezone="+1",dennisl;email="dennisl@apache.org";name="Dennis Lundberg";organization=ASF;roles="PMC Member";timezone="+1",dkulp;email="dkulp@apache.org";name="Daniel Kulp";organization=ASF;roles="PMC Member";timezone=-5,evenisse;email="evenisse@apache.org";name="Emmanuel Venisse";organization=ASF;roles="PMC Member";timezone="+1",gboue;email="gboue@apache.org";name="Guillaume Boué";roles="PMC Member";timezone="Europe/Paris",hboutemy;email="hboutemy@apache.org";name="Hervé Boutemy";organization=ASF;roles="PMC Member";timezone="Europe/Paris",ifedorenko;email="igor@ifedorenko.com";name="Igor Fedorenko";organization=Sonatype;roles="PMC Member";timezone=-5,jvanzyl;email="jason@maven.org";name="Jason van Zyl";roles="PMC Member";timezone=-5,krosenvold;email="krosenvold@apache.org";name="Kristian Rosenvold";roles="PMC Member";timezone="+1",mkleint;name="Milos Kleint";roles="PMC Member",olamy;email="olamy@apache.org";name="Olivier Lamy";roles="PMC Member";timezone="Australia/Brisbane",michaelo;email="michaelo@apache.org";name="Michael Osipov";roles="PMC Member";timezone="Europe/Berlin",rfscholte;email="rfscholte@apache.org";name="Robert Scholte";roles="PMC Member";timezone="Europe/Amsterdam",rgoers;email="rgoers@apache.org";name="Ralph Goers";organization=Intuit;roles="PMC Member";timezone=-8,sjaranowski;email="sjaranowski@apache.org";name="Slawomir Jaranowski";roles="PMC Member";timezone="Europe/Warsaw",stephenc;email="stephenc@apache.org";name="Stephen Connolly";roles="PMC Member";timezone=0,struberg;email="struberg@apache.org";name="Mark Struberg";roles="PMC Member",tibordigana;email="tibordigana@apache.org";name="Tibor Digaňa";roles="PMC Member";timezone="Europe/Bratislava",vsiveton;email="vsiveton@apache.org";name="Vincent Siveton";organization=ASF;roles="PMC Member";timezone=-5,wfay;email="wfay@apache.org";name="Wayne Fay";organization=ASF;roles="PMC Member";timezone=-6,adangel;email="adangel@apache.org";name="Andreas Dangel";roles=Committer;timezone="Europe/Berlin",bdemers;email="bdemers@apache.org";name="Brian Demers";organization=Sonatype;roles=Committer;timezone=-5,bellingard;name="Fabrice Bellingard";roles=Committer,bentmann;email="bentmann@apache.org";name="Benjamin Bentmann";organization=Sonatype;roles=Committer;timezone="+1",chrisgwarp;email="chrisgwarp@apache.org";name="Chris Graham";roles=Committer;timezone="Australia/Melbourne",dantran;email="dantran@apache.org";name="Dan Tran";roles=Committer;timezone=-8,dbradicich;email="dbradicich@apache.org";name="Damian Bradicich";organization=Sonatype;roles=Committer;timezone=-5,brett;email="brett@apache.org";name="Brett Porter";organization=ASF;roles=Committer;timezone="+10",dfabulich;email="dfabulich@apache.org";name="Daniel Fabulich";roles=Committer;timezone=-8,eolivelli;email="eolivelli@apache.org";name="Enrico Olivelli";organization=Diennea;roles=Committer;timezone="Europe/Rome",fgiust;email="fgiust@apache.org";name="Fabrizio Giustina";organization=openmind;roles=Committer;timezone="+1",gnodet;email="gnodet@apache.org";name="Guillaume Nodet";organization="Red Hat";roles=Committer;timezone="Europe/Paris",godin;email="godin@apache.org";name="Evgeny Mandrikov";organization=SonarSource;roles=Committer;timezone="+3",handyande;email="handyande@apache.org";name="Andrew Williams";roles=Committer;timezone=0,imod;email="imod@apache.org";name="Dominik Bartholdi";roles=Committer;timezone="Europe/Zurich",jjensen;name="Jeff Jensen";roles=Committer,ltheussl;email="ltheussl@apache.org";name="Lukas Theussl";roles=Committer;timezone="+1",markh;email="markh@apache.org";name="Mark Hobson";roles=Committer;timezone=0,martinkanters;email="martinkanters@apache.org";name="Martin Kanters";organization=JPoint;roles=Committer;timezone="Europe/Amsterdam",mthmulders;email="mthmulders@apache.org";name="Maarten Mulders";organization="Info Support";roles=Committer;timezone="Europe/Amsterdam",mauro;name="Mauro Talevi";roles=Committer,mfriedenhagen;email="mfriedenhagen@apache.org";name="Mirko Friedenhagen";roles=Committer;timezone="+1",mmoser;email="mmoser@apache.org";name="Manfred Moser";roles=Committer;timezone=-8,nicolas;name="Nicolas de Loof";roles=Committer,oching;name="Maria Odea B. Ching";roles=Committer,pgier;email="pgier@apache.org";name="Paul Gier";organization="Red Hat";roles=Committer;timezone=-6,ptahchiev;email="ptahchiev@apache.org";name="Petar Tahchiev";roles=Committer;timezone="+2",rafale;email="rafale@apache.org";name="Raphaël Piéroni";organization=Dexem;roles=Committer;timezone="+1",schulte;email="schulte@apache.org";name="Christian Schulte";roles=Committer;timezone="Europe/Berlin",snicoll;email="snicoll@apache.org";name="Stephane Nicoll";roles=Committer;timezone="+1",simonetripodi;email="simonetripodi@apache.org";name="Simone Tripodi";roles=Committer;timezone="+1",sor;email="sor@apache.org";name="Christian Stein";roles=Committer;timezone="Europe/Berlin",tchemit;email="tchemit@apache.org";name="Tony Chemit";organization=CodeLutin;roles=Committer;timezone="Europe/Paris",vmassol;email="vmassol@apache.org";name="Vincent Massol";organization=ASF;roles=Committer;timezone="+1",slachiewicz;email="slachiewicz@apache.org";name="Sylwester Lachiewicz";roles=Committer;timezone="Europe/Warsaw",elharo;email="elharo@apache.org";name="Elliotte Rusty Harold";roles=Committer;timezone="America/New_York",agudian;email="agudian@apache.org";name="Andreas Gudian";roles=Emeritus;timezone="Europe/Berlin",aramirez;name="Allan Q. Ramirez";roles=Emeritus,bayard;name="Henri Yandell";roles=Emeritus,carlos;email="carlos@apache.org";name="Carlos Sanchez";organization=ASF;roles=Emeritus;timezone="+1",chrisjs;name="Chris Stevenson";roles=Emeritus,dblevins;name="David Blevins";roles=Emeritus,dlr;name="Daniel Rall";roles=Emeritus,epunzalan;email="epunzalan@apache.org";name="Edwin Punzalan";roles=Emeritus;timezone=-8,felipeal;name="Felipe Leme";roles=Emeritus,jdcasey;email="jdcasey@apache.org";name="John Casey";organization=ASF;roles=Emeritus;timezone=-6,jmcconnell;email="jmcconnell@apache.org";name="Jesse McConnell";organization=ASF;roles=Emeritus;timezone=-6,joakime;email="joakime@apache.org";name="Joakim Erdfelt";organization=ASF;roles=Emeritus;timezone=-5,jruiz;email="jruiz@apache.org";name="Johnny Ruiz III";roles=Emeritus,jstrachan;name="James Strachan";roles=Emeritus,jtolentino;email="jtolentino@apache.org";name="Ernesto Tolentino Jr.";organization=ASF;roles=Emeritus;timezone="+8",kenney;email="kenney@apache.org";name="Kenney Westerhof";organization=Neonics;roles=Emeritus;timezone="+1",mperham;email="mperham@gmail.com";name="Mike Perham";organization=IBM;roles=Emeritus;timezone=-6,ogusakov;name="Oleg Gusakov";roles=Emeritus,pschneider;email="pschneider@gmail.com";name="Patrick Schneider";roles=Emeritus;timezone=-6,rinku;name="Rahul Thakur";roles=Emeritus,shinobu;name="Shinobu Kuwai";roles=Emeritus,smorgrav;name="Torbjorn Eikli Smorgrav";roles=Emeritus,trygvis;email="trygvis@apache.org";name="Trygve Laugstol";organization=ASF;roles=Emeritus;timezone="+1",wsmoak;email="wsmoak@apache.org";name="Wendy Smoak";roles=Emeritus;timezone=-7 Low Product Manifest bundle-docurl https://maven.apache.org/resolver/maven-resolver-spi/ Low Product Manifest Bundle-Name Maven Artifact Resolver SPI Medium Product Manifest bundle-symbolicname org.apache.maven.resolver.spi Medium Product Manifest Implementation-Title Maven Artifact Resolver SPI High Product Manifest specification-title Maven Artifact Resolver SPI Medium Product pom artifactid maven-resolver-spi Highest Product pom groupid org.apache.maven.resolver Highest Product pom name Maven Artifact Resolver SPI High Product pom parent-artifactid maven-resolver Medium Version file version 1.9.4 High Version Manifest Bundle-Version 1.9.4 High Version Manifest Implementation-Version 1.9.4 High Version pom version 1.9.4 Highest
Description:
A transport implementation for repositories using file:// URLs.
License:
"Apache License, Version 2.0";link="https://www.apache.org/licenses/LICENSE-2.0.txt" File Path: /home/runner/.m2/repository/org/apache/maven/resolver/maven-resolver-transport-file/1.9.4/maven-resolver-transport-file-1.9.4.jar
MD5: 99d97d13125a740def7ad2cdb01e2fa7
SHA1: 9a9cc0c49022a1b18c517fd9d30be01be8c67fb0
SHA256: 32fbafa87ebcc07179f18857d48626fc5972cd0ec40aaa31a5626eeffd960930
Evidence Type Source Name Value Confidence Vendor file name maven-resolver-transport-file High Vendor jar package name file Highest Vendor jar package name transport Highest Vendor Manifest automatic-module-name org.apache.maven.resolver.transport.file Medium Vendor Manifest build-jdk-spec 17 Low Vendor Manifest bundle-developers khmarbaise;email="khmarbaise@apache.org";name="Karl Heinz Marbaise";roles="PMC Chair";timezone="+1",aheritier;email="aheritier@apache.org";name="Arnaud Héritier";roles="PMC Member";timezone="+1",andham;email="andham@apache.org";name="Anders Hammar";roles="PMC Member";timezone="+1",baerrach;email="baerrach@apache.org";name="Barrie Treloar";roles="PMC Member";timezone="Australia/Adelaide",bimargulies;email="bimargulies@apache.org";name="Benson Margulies";roles="PMC Member";timezone="America/New_York",brianf;email="brianf@apache.org";name="Brian Fox";organization=Sonatype;roles="PMC Member";timezone=-5,cstamas;email="cstamas@apache.org";name="Tamas Cservenak";roles="PMC Member";timezone="+1",dennisl;email="dennisl@apache.org";name="Dennis Lundberg";organization=ASF;roles="PMC Member";timezone="+1",dkulp;email="dkulp@apache.org";name="Daniel Kulp";organization=ASF;roles="PMC Member";timezone=-5,evenisse;email="evenisse@apache.org";name="Emmanuel Venisse";organization=ASF;roles="PMC Member";timezone="+1",gboue;email="gboue@apache.org";name="Guillaume Boué";roles="PMC Member";timezone="Europe/Paris",hboutemy;email="hboutemy@apache.org";name="Hervé Boutemy";organization=ASF;roles="PMC Member";timezone="Europe/Paris",ifedorenko;email="igor@ifedorenko.com";name="Igor Fedorenko";organization=Sonatype;roles="PMC Member";timezone=-5,jvanzyl;email="jason@maven.org";name="Jason van Zyl";roles="PMC Member";timezone=-5,krosenvold;email="krosenvold@apache.org";name="Kristian Rosenvold";roles="PMC Member";timezone="+1",mkleint;name="Milos Kleint";roles="PMC Member",olamy;email="olamy@apache.org";name="Olivier Lamy";roles="PMC Member";timezone="Australia/Brisbane",michaelo;email="michaelo@apache.org";name="Michael Osipov";roles="PMC Member";timezone="Europe/Berlin",rfscholte;email="rfscholte@apache.org";name="Robert Scholte";roles="PMC Member";timezone="Europe/Amsterdam",rgoers;email="rgoers@apache.org";name="Ralph Goers";organization=Intuit;roles="PMC Member";timezone=-8,sjaranowski;email="sjaranowski@apache.org";name="Slawomir Jaranowski";roles="PMC Member";timezone="Europe/Warsaw",stephenc;email="stephenc@apache.org";name="Stephen Connolly";roles="PMC Member";timezone=0,struberg;email="struberg@apache.org";name="Mark Struberg";roles="PMC Member",tibordigana;email="tibordigana@apache.org";name="Tibor Digaňa";roles="PMC Member";timezone="Europe/Bratislava",vsiveton;email="vsiveton@apache.org";name="Vincent Siveton";organization=ASF;roles="PMC Member";timezone=-5,wfay;email="wfay@apache.org";name="Wayne Fay";organization=ASF;roles="PMC Member";timezone=-6,adangel;email="adangel@apache.org";name="Andreas Dangel";roles=Committer;timezone="Europe/Berlin",bdemers;email="bdemers@apache.org";name="Brian Demers";organization=Sonatype;roles=Committer;timezone=-5,bellingard;name="Fabrice Bellingard";roles=Committer,bentmann;email="bentmann@apache.org";name="Benjamin Bentmann";organization=Sonatype;roles=Committer;timezone="+1",chrisgwarp;email="chrisgwarp@apache.org";name="Chris Graham";roles=Committer;timezone="Australia/Melbourne",dantran;email="dantran@apache.org";name="Dan Tran";roles=Committer;timezone=-8,dbradicich;email="dbradicich@apache.org";name="Damian Bradicich";organization=Sonatype;roles=Committer;timezone=-5,brett;email="brett@apache.org";name="Brett Porter";organization=ASF;roles=Committer;timezone="+10",dfabulich;email="dfabulich@apache.org";name="Daniel Fabulich";roles=Committer;timezone=-8,eolivelli;email="eolivelli@apache.org";name="Enrico Olivelli";organization=Diennea;roles=Committer;timezone="Europe/Rome",fgiust;email="fgiust@apache.org";name="Fabrizio Giustina";organization=openmind;roles=Committer;timezone="+1",gnodet;email="gnodet@apache.org";name="Guillaume Nodet";organization="Red Hat";roles=Committer;timezone="Europe/Paris",godin;email="godin@apache.org";name="Evgeny Mandrikov";organization=SonarSource;roles=Committer;timezone="+3",handyande;email="handyande@apache.org";name="Andrew Williams";roles=Committer;timezone=0,imod;email="imod@apache.org";name="Dominik Bartholdi";roles=Committer;timezone="Europe/Zurich",jjensen;name="Jeff Jensen";roles=Committer,ltheussl;email="ltheussl@apache.org";name="Lukas Theussl";roles=Committer;timezone="+1",markh;email="markh@apache.org";name="Mark Hobson";roles=Committer;timezone=0,martinkanters;email="martinkanters@apache.org";name="Martin Kanters";organization=JPoint;roles=Committer;timezone="Europe/Amsterdam",mthmulders;email="mthmulders@apache.org";name="Maarten Mulders";organization="Info Support";roles=Committer;timezone="Europe/Amsterdam",mauro;name="Mauro Talevi";roles=Committer,mfriedenhagen;email="mfriedenhagen@apache.org";name="Mirko Friedenhagen";roles=Committer;timezone="+1",mmoser;email="mmoser@apache.org";name="Manfred Moser";roles=Committer;timezone=-8,nicolas;name="Nicolas de Loof";roles=Committer,oching;name="Maria Odea B. Ching";roles=Committer,pgier;email="pgier@apache.org";name="Paul Gier";organization="Red Hat";roles=Committer;timezone=-6,ptahchiev;email="ptahchiev@apache.org";name="Petar Tahchiev";roles=Committer;timezone="+2",rafale;email="rafale@apache.org";name="Raphaël Piéroni";organization=Dexem;roles=Committer;timezone="+1",schulte;email="schulte@apache.org";name="Christian Schulte";roles=Committer;timezone="Europe/Berlin",snicoll;email="snicoll@apache.org";name="Stephane Nicoll";roles=Committer;timezone="+1",simonetripodi;email="simonetripodi@apache.org";name="Simone Tripodi";roles=Committer;timezone="+1",sor;email="sor@apache.org";name="Christian Stein";roles=Committer;timezone="Europe/Berlin",tchemit;email="tchemit@apache.org";name="Tony Chemit";organization=CodeLutin;roles=Committer;timezone="Europe/Paris",vmassol;email="vmassol@apache.org";name="Vincent Massol";organization=ASF;roles=Committer;timezone="+1",slachiewicz;email="slachiewicz@apache.org";name="Sylwester Lachiewicz";roles=Committer;timezone="Europe/Warsaw",elharo;email="elharo@apache.org";name="Elliotte Rusty Harold";roles=Committer;timezone="America/New_York",agudian;email="agudian@apache.org";name="Andreas Gudian";roles=Emeritus;timezone="Europe/Berlin",aramirez;name="Allan Q. Ramirez";roles=Emeritus,bayard;name="Henri Yandell";roles=Emeritus,carlos;email="carlos@apache.org";name="Carlos Sanchez";organization=ASF;roles=Emeritus;timezone="+1",chrisjs;name="Chris Stevenson";roles=Emeritus,dblevins;name="David Blevins";roles=Emeritus,dlr;name="Daniel Rall";roles=Emeritus,epunzalan;email="epunzalan@apache.org";name="Edwin Punzalan";roles=Emeritus;timezone=-8,felipeal;name="Felipe Leme";roles=Emeritus,jdcasey;email="jdcasey@apache.org";name="John Casey";organization=ASF;roles=Emeritus;timezone=-6,jmcconnell;email="jmcconnell@apache.org";name="Jesse McConnell";organization=ASF;roles=Emeritus;timezone=-6,joakime;email="joakime@apache.org";name="Joakim Erdfelt";organization=ASF;roles=Emeritus;timezone=-5,jruiz;email="jruiz@apache.org";name="Johnny Ruiz III";roles=Emeritus,jstrachan;name="James Strachan";roles=Emeritus,jtolentino;email="jtolentino@apache.org";name="Ernesto Tolentino Jr.";organization=ASF;roles=Emeritus;timezone="+8",kenney;email="kenney@apache.org";name="Kenney Westerhof";organization=Neonics;roles=Emeritus;timezone="+1",mperham;email="mperham@gmail.com";name="Mike Perham";organization=IBM;roles=Emeritus;timezone=-6,ogusakov;name="Oleg Gusakov";roles=Emeritus,pschneider;email="pschneider@gmail.com";name="Patrick Schneider";roles=Emeritus;timezone=-6,rinku;name="Rahul Thakur";roles=Emeritus,shinobu;name="Shinobu Kuwai";roles=Emeritus,smorgrav;name="Torbjorn Eikli Smorgrav";roles=Emeritus,trygvis;email="trygvis@apache.org";name="Trygve Laugstol";organization=ASF;roles=Emeritus;timezone="+1",wsmoak;email="wsmoak@apache.org";name="Wendy Smoak";roles=Emeritus;timezone=-7 Low Vendor Manifest bundle-docurl https://maven.apache.org/resolver/maven-resolver-transport-file/ Low Vendor Manifest bundle-symbolicname org.apache.maven.resolver.transport.file Medium Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor pom artifactid maven-resolver-transport-file Low Vendor pom groupid org.apache.maven.resolver Highest Vendor pom name Maven Artifact Resolver Transport File High Vendor pom parent-artifactid maven-resolver Low Product file name maven-resolver-transport-file High Product jar package name file Highest Product jar package name transport Highest Product Manifest automatic-module-name org.apache.maven.resolver.transport.file Medium Product Manifest build-jdk-spec 17 Low Product Manifest bundle-developers khmarbaise;email="khmarbaise@apache.org";name="Karl Heinz Marbaise";roles="PMC Chair";timezone="+1",aheritier;email="aheritier@apache.org";name="Arnaud Héritier";roles="PMC Member";timezone="+1",andham;email="andham@apache.org";name="Anders Hammar";roles="PMC Member";timezone="+1",baerrach;email="baerrach@apache.org";name="Barrie Treloar";roles="PMC Member";timezone="Australia/Adelaide",bimargulies;email="bimargulies@apache.org";name="Benson Margulies";roles="PMC Member";timezone="America/New_York",brianf;email="brianf@apache.org";name="Brian Fox";organization=Sonatype;roles="PMC Member";timezone=-5,cstamas;email="cstamas@apache.org";name="Tamas Cservenak";roles="PMC Member";timezone="+1",dennisl;email="dennisl@apache.org";name="Dennis Lundberg";organization=ASF;roles="PMC Member";timezone="+1",dkulp;email="dkulp@apache.org";name="Daniel Kulp";organization=ASF;roles="PMC Member";timezone=-5,evenisse;email="evenisse@apache.org";name="Emmanuel Venisse";organization=ASF;roles="PMC Member";timezone="+1",gboue;email="gboue@apache.org";name="Guillaume Boué";roles="PMC Member";timezone="Europe/Paris",hboutemy;email="hboutemy@apache.org";name="Hervé Boutemy";organization=ASF;roles="PMC Member";timezone="Europe/Paris",ifedorenko;email="igor@ifedorenko.com";name="Igor Fedorenko";organization=Sonatype;roles="PMC Member";timezone=-5,jvanzyl;email="jason@maven.org";name="Jason van Zyl";roles="PMC Member";timezone=-5,krosenvold;email="krosenvold@apache.org";name="Kristian Rosenvold";roles="PMC Member";timezone="+1",mkleint;name="Milos Kleint";roles="PMC Member",olamy;email="olamy@apache.org";name="Olivier Lamy";roles="PMC Member";timezone="Australia/Brisbane",michaelo;email="michaelo@apache.org";name="Michael Osipov";roles="PMC Member";timezone="Europe/Berlin",rfscholte;email="rfscholte@apache.org";name="Robert Scholte";roles="PMC Member";timezone="Europe/Amsterdam",rgoers;email="rgoers@apache.org";name="Ralph Goers";organization=Intuit;roles="PMC Member";timezone=-8,sjaranowski;email="sjaranowski@apache.org";name="Slawomir Jaranowski";roles="PMC Member";timezone="Europe/Warsaw",stephenc;email="stephenc@apache.org";name="Stephen Connolly";roles="PMC Member";timezone=0,struberg;email="struberg@apache.org";name="Mark Struberg";roles="PMC Member",tibordigana;email="tibordigana@apache.org";name="Tibor Digaňa";roles="PMC Member";timezone="Europe/Bratislava",vsiveton;email="vsiveton@apache.org";name="Vincent Siveton";organization=ASF;roles="PMC Member";timezone=-5,wfay;email="wfay@apache.org";name="Wayne Fay";organization=ASF;roles="PMC Member";timezone=-6,adangel;email="adangel@apache.org";name="Andreas Dangel";roles=Committer;timezone="Europe/Berlin",bdemers;email="bdemers@apache.org";name="Brian Demers";organization=Sonatype;roles=Committer;timezone=-5,bellingard;name="Fabrice Bellingard";roles=Committer,bentmann;email="bentmann@apache.org";name="Benjamin Bentmann";organization=Sonatype;roles=Committer;timezone="+1",chrisgwarp;email="chrisgwarp@apache.org";name="Chris Graham";roles=Committer;timezone="Australia/Melbourne",dantran;email="dantran@apache.org";name="Dan Tran";roles=Committer;timezone=-8,dbradicich;email="dbradicich@apache.org";name="Damian Bradicich";organization=Sonatype;roles=Committer;timezone=-5,brett;email="brett@apache.org";name="Brett Porter";organization=ASF;roles=Committer;timezone="+10",dfabulich;email="dfabulich@apache.org";name="Daniel Fabulich";roles=Committer;timezone=-8,eolivelli;email="eolivelli@apache.org";name="Enrico Olivelli";organization=Diennea;roles=Committer;timezone="Europe/Rome",fgiust;email="fgiust@apache.org";name="Fabrizio Giustina";organization=openmind;roles=Committer;timezone="+1",gnodet;email="gnodet@apache.org";name="Guillaume Nodet";organization="Red Hat";roles=Committer;timezone="Europe/Paris",godin;email="godin@apache.org";name="Evgeny Mandrikov";organization=SonarSource;roles=Committer;timezone="+3",handyande;email="handyande@apache.org";name="Andrew Williams";roles=Committer;timezone=0,imod;email="imod@apache.org";name="Dominik Bartholdi";roles=Committer;timezone="Europe/Zurich",jjensen;name="Jeff Jensen";roles=Committer,ltheussl;email="ltheussl@apache.org";name="Lukas Theussl";roles=Committer;timezone="+1",markh;email="markh@apache.org";name="Mark Hobson";roles=Committer;timezone=0,martinkanters;email="martinkanters@apache.org";name="Martin Kanters";organization=JPoint;roles=Committer;timezone="Europe/Amsterdam",mthmulders;email="mthmulders@apache.org";name="Maarten Mulders";organization="Info Support";roles=Committer;timezone="Europe/Amsterdam",mauro;name="Mauro Talevi";roles=Committer,mfriedenhagen;email="mfriedenhagen@apache.org";name="Mirko Friedenhagen";roles=Committer;timezone="+1",mmoser;email="mmoser@apache.org";name="Manfred Moser";roles=Committer;timezone=-8,nicolas;name="Nicolas de Loof";roles=Committer,oching;name="Maria Odea B. Ching";roles=Committer,pgier;email="pgier@apache.org";name="Paul Gier";organization="Red Hat";roles=Committer;timezone=-6,ptahchiev;email="ptahchiev@apache.org";name="Petar Tahchiev";roles=Committer;timezone="+2",rafale;email="rafale@apache.org";name="Raphaël Piéroni";organization=Dexem;roles=Committer;timezone="+1",schulte;email="schulte@apache.org";name="Christian Schulte";roles=Committer;timezone="Europe/Berlin",snicoll;email="snicoll@apache.org";name="Stephane Nicoll";roles=Committer;timezone="+1",simonetripodi;email="simonetripodi@apache.org";name="Simone Tripodi";roles=Committer;timezone="+1",sor;email="sor@apache.org";name="Christian Stein";roles=Committer;timezone="Europe/Berlin",tchemit;email="tchemit@apache.org";name="Tony Chemit";organization=CodeLutin;roles=Committer;timezone="Europe/Paris",vmassol;email="vmassol@apache.org";name="Vincent Massol";organization=ASF;roles=Committer;timezone="+1",slachiewicz;email="slachiewicz@apache.org";name="Sylwester Lachiewicz";roles=Committer;timezone="Europe/Warsaw",elharo;email="elharo@apache.org";name="Elliotte Rusty Harold";roles=Committer;timezone="America/New_York",agudian;email="agudian@apache.org";name="Andreas Gudian";roles=Emeritus;timezone="Europe/Berlin",aramirez;name="Allan Q. Ramirez";roles=Emeritus,bayard;name="Henri Yandell";roles=Emeritus,carlos;email="carlos@apache.org";name="Carlos Sanchez";organization=ASF;roles=Emeritus;timezone="+1",chrisjs;name="Chris Stevenson";roles=Emeritus,dblevins;name="David Blevins";roles=Emeritus,dlr;name="Daniel Rall";roles=Emeritus,epunzalan;email="epunzalan@apache.org";name="Edwin Punzalan";roles=Emeritus;timezone=-8,felipeal;name="Felipe Leme";roles=Emeritus,jdcasey;email="jdcasey@apache.org";name="John Casey";organization=ASF;roles=Emeritus;timezone=-6,jmcconnell;email="jmcconnell@apache.org";name="Jesse McConnell";organization=ASF;roles=Emeritus;timezone=-6,joakime;email="joakime@apache.org";name="Joakim Erdfelt";organization=ASF;roles=Emeritus;timezone=-5,jruiz;email="jruiz@apache.org";name="Johnny Ruiz III";roles=Emeritus,jstrachan;name="James Strachan";roles=Emeritus,jtolentino;email="jtolentino@apache.org";name="Ernesto Tolentino Jr.";organization=ASF;roles=Emeritus;timezone="+8",kenney;email="kenney@apache.org";name="Kenney Westerhof";organization=Neonics;roles=Emeritus;timezone="+1",mperham;email="mperham@gmail.com";name="Mike Perham";organization=IBM;roles=Emeritus;timezone=-6,ogusakov;name="Oleg Gusakov";roles=Emeritus,pschneider;email="pschneider@gmail.com";name="Patrick Schneider";roles=Emeritus;timezone=-6,rinku;name="Rahul Thakur";roles=Emeritus,shinobu;name="Shinobu Kuwai";roles=Emeritus,smorgrav;name="Torbjorn Eikli Smorgrav";roles=Emeritus,trygvis;email="trygvis@apache.org";name="Trygve Laugstol";organization=ASF;roles=Emeritus;timezone="+1",wsmoak;email="wsmoak@apache.org";name="Wendy Smoak";roles=Emeritus;timezone=-7 Low Product Manifest bundle-docurl https://maven.apache.org/resolver/maven-resolver-transport-file/ Low Product Manifest Bundle-Name Maven Artifact Resolver Transport File Medium Product Manifest bundle-symbolicname org.apache.maven.resolver.transport.file Medium Product Manifest Implementation-Title Maven Artifact Resolver Transport File High Product Manifest specification-title Maven Artifact Resolver Transport File Medium Product pom artifactid maven-resolver-transport-file Highest Product pom groupid org.apache.maven.resolver Highest Product pom name Maven Artifact Resolver Transport File High Product pom parent-artifactid maven-resolver Medium Version file version 1.9.4 High Version Manifest Bundle-Version 1.9.4 High Version Manifest Implementation-Version 1.9.4 High Version pom version 1.9.4 Highest
Description:
A transport implementation for repositories using http:// and https:// URLs.
License:
"Apache License, Version 2.0";link="https://www.apache.org/licenses/LICENSE-2.0.txt" File Path: /home/runner/.m2/repository/org/apache/maven/resolver/maven-resolver-transport-http/1.9.4/maven-resolver-transport-http-1.9.4.jar
MD5: 0c801b2d0b72667f9f869fb7aa06c9bd
SHA1: d87174a0a29d34026b8fe37d7dc5fe3a8ae13aba
SHA256: 7c443bf0e96cbfde3436b504ef1d6f493d2a71731645e49993c51b735fe05d01
Evidence Type Source Name Value Confidence Vendor file name maven-resolver-transport-http High Vendor jar package name http Highest Vendor jar package name transport Highest Vendor Manifest automatic-module-name org.apache.maven.resolver.transport.http Medium Vendor Manifest build-jdk-spec 17 Low Vendor Manifest bundle-developers khmarbaise;email="khmarbaise@apache.org";name="Karl Heinz Marbaise";roles="PMC Chair";timezone="+1",aheritier;email="aheritier@apache.org";name="Arnaud Héritier";roles="PMC Member";timezone="+1",andham;email="andham@apache.org";name="Anders Hammar";roles="PMC Member";timezone="+1",baerrach;email="baerrach@apache.org";name="Barrie Treloar";roles="PMC Member";timezone="Australia/Adelaide",bimargulies;email="bimargulies@apache.org";name="Benson Margulies";roles="PMC Member";timezone="America/New_York",brianf;email="brianf@apache.org";name="Brian Fox";organization=Sonatype;roles="PMC Member";timezone=-5,cstamas;email="cstamas@apache.org";name="Tamas Cservenak";roles="PMC Member";timezone="+1",dennisl;email="dennisl@apache.org";name="Dennis Lundberg";organization=ASF;roles="PMC Member";timezone="+1",dkulp;email="dkulp@apache.org";name="Daniel Kulp";organization=ASF;roles="PMC Member";timezone=-5,evenisse;email="evenisse@apache.org";name="Emmanuel Venisse";organization=ASF;roles="PMC Member";timezone="+1",gboue;email="gboue@apache.org";name="Guillaume Boué";roles="PMC Member";timezone="Europe/Paris",hboutemy;email="hboutemy@apache.org";name="Hervé Boutemy";organization=ASF;roles="PMC Member";timezone="Europe/Paris",ifedorenko;email="igor@ifedorenko.com";name="Igor Fedorenko";organization=Sonatype;roles="PMC Member";timezone=-5,jvanzyl;email="jason@maven.org";name="Jason van Zyl";roles="PMC Member";timezone=-5,krosenvold;email="krosenvold@apache.org";name="Kristian Rosenvold";roles="PMC Member";timezone="+1",mkleint;name="Milos Kleint";roles="PMC Member",olamy;email="olamy@apache.org";name="Olivier Lamy";roles="PMC Member";timezone="Australia/Brisbane",michaelo;email="michaelo@apache.org";name="Michael Osipov";roles="PMC Member";timezone="Europe/Berlin",rfscholte;email="rfscholte@apache.org";name="Robert Scholte";roles="PMC Member";timezone="Europe/Amsterdam",rgoers;email="rgoers@apache.org";name="Ralph Goers";organization=Intuit;roles="PMC Member";timezone=-8,sjaranowski;email="sjaranowski@apache.org";name="Slawomir Jaranowski";roles="PMC Member";timezone="Europe/Warsaw",stephenc;email="stephenc@apache.org";name="Stephen Connolly";roles="PMC Member";timezone=0,struberg;email="struberg@apache.org";name="Mark Struberg";roles="PMC Member",tibordigana;email="tibordigana@apache.org";name="Tibor Digaňa";roles="PMC Member";timezone="Europe/Bratislava",vsiveton;email="vsiveton@apache.org";name="Vincent Siveton";organization=ASF;roles="PMC Member";timezone=-5,wfay;email="wfay@apache.org";name="Wayne Fay";organization=ASF;roles="PMC Member";timezone=-6,adangel;email="adangel@apache.org";name="Andreas Dangel";roles=Committer;timezone="Europe/Berlin",bdemers;email="bdemers@apache.org";name="Brian Demers";organization=Sonatype;roles=Committer;timezone=-5,bellingard;name="Fabrice Bellingard";roles=Committer,bentmann;email="bentmann@apache.org";name="Benjamin Bentmann";organization=Sonatype;roles=Committer;timezone="+1",chrisgwarp;email="chrisgwarp@apache.org";name="Chris Graham";roles=Committer;timezone="Australia/Melbourne",dantran;email="dantran@apache.org";name="Dan Tran";roles=Committer;timezone=-8,dbradicich;email="dbradicich@apache.org";name="Damian Bradicich";organization=Sonatype;roles=Committer;timezone=-5,brett;email="brett@apache.org";name="Brett Porter";organization=ASF;roles=Committer;timezone="+10",dfabulich;email="dfabulich@apache.org";name="Daniel Fabulich";roles=Committer;timezone=-8,eolivelli;email="eolivelli@apache.org";name="Enrico Olivelli";organization=Diennea;roles=Committer;timezone="Europe/Rome",fgiust;email="fgiust@apache.org";name="Fabrizio Giustina";organization=openmind;roles=Committer;timezone="+1",gnodet;email="gnodet@apache.org";name="Guillaume Nodet";organization="Red Hat";roles=Committer;timezone="Europe/Paris",godin;email="godin@apache.org";name="Evgeny Mandrikov";organization=SonarSource;roles=Committer;timezone="+3",handyande;email="handyande@apache.org";name="Andrew Williams";roles=Committer;timezone=0,imod;email="imod@apache.org";name="Dominik Bartholdi";roles=Committer;timezone="Europe/Zurich",jjensen;name="Jeff Jensen";roles=Committer,ltheussl;email="ltheussl@apache.org";name="Lukas Theussl";roles=Committer;timezone="+1",markh;email="markh@apache.org";name="Mark Hobson";roles=Committer;timezone=0,martinkanters;email="martinkanters@apache.org";name="Martin Kanters";organization=JPoint;roles=Committer;timezone="Europe/Amsterdam",mthmulders;email="mthmulders@apache.org";name="Maarten Mulders";organization="Info Support";roles=Committer;timezone="Europe/Amsterdam",mauro;name="Mauro Talevi";roles=Committer,mfriedenhagen;email="mfriedenhagen@apache.org";name="Mirko Friedenhagen";roles=Committer;timezone="+1",mmoser;email="mmoser@apache.org";name="Manfred Moser";roles=Committer;timezone=-8,nicolas;name="Nicolas de Loof";roles=Committer,oching;name="Maria Odea B. Ching";roles=Committer,pgier;email="pgier@apache.org";name="Paul Gier";organization="Red Hat";roles=Committer;timezone=-6,ptahchiev;email="ptahchiev@apache.org";name="Petar Tahchiev";roles=Committer;timezone="+2",rafale;email="rafale@apache.org";name="Raphaël Piéroni";organization=Dexem;roles=Committer;timezone="+1",schulte;email="schulte@apache.org";name="Christian Schulte";roles=Committer;timezone="Europe/Berlin",snicoll;email="snicoll@apache.org";name="Stephane Nicoll";roles=Committer;timezone="+1",simonetripodi;email="simonetripodi@apache.org";name="Simone Tripodi";roles=Committer;timezone="+1",sor;email="sor@apache.org";name="Christian Stein";roles=Committer;timezone="Europe/Berlin",tchemit;email="tchemit@apache.org";name="Tony Chemit";organization=CodeLutin;roles=Committer;timezone="Europe/Paris",vmassol;email="vmassol@apache.org";name="Vincent Massol";organization=ASF;roles=Committer;timezone="+1",slachiewicz;email="slachiewicz@apache.org";name="Sylwester Lachiewicz";roles=Committer;timezone="Europe/Warsaw",elharo;email="elharo@apache.org";name="Elliotte Rusty Harold";roles=Committer;timezone="America/New_York",agudian;email="agudian@apache.org";name="Andreas Gudian";roles=Emeritus;timezone="Europe/Berlin",aramirez;name="Allan Q. Ramirez";roles=Emeritus,bayard;name="Henri Yandell";roles=Emeritus,carlos;email="carlos@apache.org";name="Carlos Sanchez";organization=ASF;roles=Emeritus;timezone="+1",chrisjs;name="Chris Stevenson";roles=Emeritus,dblevins;name="David Blevins";roles=Emeritus,dlr;name="Daniel Rall";roles=Emeritus,epunzalan;email="epunzalan@apache.org";name="Edwin Punzalan";roles=Emeritus;timezone=-8,felipeal;name="Felipe Leme";roles=Emeritus,jdcasey;email="jdcasey@apache.org";name="John Casey";organization=ASF;roles=Emeritus;timezone=-6,jmcconnell;email="jmcconnell@apache.org";name="Jesse McConnell";organization=ASF;roles=Emeritus;timezone=-6,joakime;email="joakime@apache.org";name="Joakim Erdfelt";organization=ASF;roles=Emeritus;timezone=-5,jruiz;email="jruiz@apache.org";name="Johnny Ruiz III";roles=Emeritus,jstrachan;name="James Strachan";roles=Emeritus,jtolentino;email="jtolentino@apache.org";name="Ernesto Tolentino Jr.";organization=ASF;roles=Emeritus;timezone="+8",kenney;email="kenney@apache.org";name="Kenney Westerhof";organization=Neonics;roles=Emeritus;timezone="+1",mperham;email="mperham@gmail.com";name="Mike Perham";organization=IBM;roles=Emeritus;timezone=-6,ogusakov;name="Oleg Gusakov";roles=Emeritus,pschneider;email="pschneider@gmail.com";name="Patrick Schneider";roles=Emeritus;timezone=-6,rinku;name="Rahul Thakur";roles=Emeritus,shinobu;name="Shinobu Kuwai";roles=Emeritus,smorgrav;name="Torbjorn Eikli Smorgrav";roles=Emeritus,trygvis;email="trygvis@apache.org";name="Trygve Laugstol";organization=ASF;roles=Emeritus;timezone="+1",wsmoak;email="wsmoak@apache.org";name="Wendy Smoak";roles=Emeritus;timezone=-7 Low Vendor Manifest bundle-docurl https://maven.apache.org/resolver/maven-resolver-transport-http/ Low Vendor Manifest bundle-symbolicname org.apache.maven.resolver.transport.http Medium Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor pom artifactid maven-resolver-transport-http Low Vendor pom groupid org.apache.maven.resolver Highest Vendor pom name Maven Artifact Resolver Transport HTTP High Vendor pom parent-artifactid maven-resolver Low Product file name maven-resolver-transport-http High Product jar package name http Highest Product jar package name transport Highest Product Manifest automatic-module-name org.apache.maven.resolver.transport.http Medium Product Manifest build-jdk-spec 17 Low Product Manifest bundle-developers khmarbaise;email="khmarbaise@apache.org";name="Karl Heinz Marbaise";roles="PMC Chair";timezone="+1",aheritier;email="aheritier@apache.org";name="Arnaud Héritier";roles="PMC Member";timezone="+1",andham;email="andham@apache.org";name="Anders Hammar";roles="PMC Member";timezone="+1",baerrach;email="baerrach@apache.org";name="Barrie Treloar";roles="PMC Member";timezone="Australia/Adelaide",bimargulies;email="bimargulies@apache.org";name="Benson Margulies";roles="PMC Member";timezone="America/New_York",brianf;email="brianf@apache.org";name="Brian Fox";organization=Sonatype;roles="PMC Member";timezone=-5,cstamas;email="cstamas@apache.org";name="Tamas Cservenak";roles="PMC Member";timezone="+1",dennisl;email="dennisl@apache.org";name="Dennis Lundberg";organization=ASF;roles="PMC Member";timezone="+1",dkulp;email="dkulp@apache.org";name="Daniel Kulp";organization=ASF;roles="PMC Member";timezone=-5,evenisse;email="evenisse@apache.org";name="Emmanuel Venisse";organization=ASF;roles="PMC Member";timezone="+1",gboue;email="gboue@apache.org";name="Guillaume Boué";roles="PMC Member";timezone="Europe/Paris",hboutemy;email="hboutemy@apache.org";name="Hervé Boutemy";organization=ASF;roles="PMC Member";timezone="Europe/Paris",ifedorenko;email="igor@ifedorenko.com";name="Igor Fedorenko";organization=Sonatype;roles="PMC Member";timezone=-5,jvanzyl;email="jason@maven.org";name="Jason van Zyl";roles="PMC Member";timezone=-5,krosenvold;email="krosenvold@apache.org";name="Kristian Rosenvold";roles="PMC Member";timezone="+1",mkleint;name="Milos Kleint";roles="PMC Member",olamy;email="olamy@apache.org";name="Olivier Lamy";roles="PMC Member";timezone="Australia/Brisbane",michaelo;email="michaelo@apache.org";name="Michael Osipov";roles="PMC Member";timezone="Europe/Berlin",rfscholte;email="rfscholte@apache.org";name="Robert Scholte";roles="PMC Member";timezone="Europe/Amsterdam",rgoers;email="rgoers@apache.org";name="Ralph Goers";organization=Intuit;roles="PMC Member";timezone=-8,sjaranowski;email="sjaranowski@apache.org";name="Slawomir Jaranowski";roles="PMC Member";timezone="Europe/Warsaw",stephenc;email="stephenc@apache.org";name="Stephen Connolly";roles="PMC Member";timezone=0,struberg;email="struberg@apache.org";name="Mark Struberg";roles="PMC Member",tibordigana;email="tibordigana@apache.org";name="Tibor Digaňa";roles="PMC Member";timezone="Europe/Bratislava",vsiveton;email="vsiveton@apache.org";name="Vincent Siveton";organization=ASF;roles="PMC Member";timezone=-5,wfay;email="wfay@apache.org";name="Wayne Fay";organization=ASF;roles="PMC Member";timezone=-6,adangel;email="adangel@apache.org";name="Andreas Dangel";roles=Committer;timezone="Europe/Berlin",bdemers;email="bdemers@apache.org";name="Brian Demers";organization=Sonatype;roles=Committer;timezone=-5,bellingard;name="Fabrice Bellingard";roles=Committer,bentmann;email="bentmann@apache.org";name="Benjamin Bentmann";organization=Sonatype;roles=Committer;timezone="+1",chrisgwarp;email="chrisgwarp@apache.org";name="Chris Graham";roles=Committer;timezone="Australia/Melbourne",dantran;email="dantran@apache.org";name="Dan Tran";roles=Committer;timezone=-8,dbradicich;email="dbradicich@apache.org";name="Damian Bradicich";organization=Sonatype;roles=Committer;timezone=-5,brett;email="brett@apache.org";name="Brett Porter";organization=ASF;roles=Committer;timezone="+10",dfabulich;email="dfabulich@apache.org";name="Daniel Fabulich";roles=Committer;timezone=-8,eolivelli;email="eolivelli@apache.org";name="Enrico Olivelli";organization=Diennea;roles=Committer;timezone="Europe/Rome",fgiust;email="fgiust@apache.org";name="Fabrizio Giustina";organization=openmind;roles=Committer;timezone="+1",gnodet;email="gnodet@apache.org";name="Guillaume Nodet";organization="Red Hat";roles=Committer;timezone="Europe/Paris",godin;email="godin@apache.org";name="Evgeny Mandrikov";organization=SonarSource;roles=Committer;timezone="+3",handyande;email="handyande@apache.org";name="Andrew Williams";roles=Committer;timezone=0,imod;email="imod@apache.org";name="Dominik Bartholdi";roles=Committer;timezone="Europe/Zurich",jjensen;name="Jeff Jensen";roles=Committer,ltheussl;email="ltheussl@apache.org";name="Lukas Theussl";roles=Committer;timezone="+1",markh;email="markh@apache.org";name="Mark Hobson";roles=Committer;timezone=0,martinkanters;email="martinkanters@apache.org";name="Martin Kanters";organization=JPoint;roles=Committer;timezone="Europe/Amsterdam",mthmulders;email="mthmulders@apache.org";name="Maarten Mulders";organization="Info Support";roles=Committer;timezone="Europe/Amsterdam",mauro;name="Mauro Talevi";roles=Committer,mfriedenhagen;email="mfriedenhagen@apache.org";name="Mirko Friedenhagen";roles=Committer;timezone="+1",mmoser;email="mmoser@apache.org";name="Manfred Moser";roles=Committer;timezone=-8,nicolas;name="Nicolas de Loof";roles=Committer,oching;name="Maria Odea B. Ching";roles=Committer,pgier;email="pgier@apache.org";name="Paul Gier";organization="Red Hat";roles=Committer;timezone=-6,ptahchiev;email="ptahchiev@apache.org";name="Petar Tahchiev";roles=Committer;timezone="+2",rafale;email="rafale@apache.org";name="Raphaël Piéroni";organization=Dexem;roles=Committer;timezone="+1",schulte;email="schulte@apache.org";name="Christian Schulte";roles=Committer;timezone="Europe/Berlin",snicoll;email="snicoll@apache.org";name="Stephane Nicoll";roles=Committer;timezone="+1",simonetripodi;email="simonetripodi@apache.org";name="Simone Tripodi";roles=Committer;timezone="+1",sor;email="sor@apache.org";name="Christian Stein";roles=Committer;timezone="Europe/Berlin",tchemit;email="tchemit@apache.org";name="Tony Chemit";organization=CodeLutin;roles=Committer;timezone="Europe/Paris",vmassol;email="vmassol@apache.org";name="Vincent Massol";organization=ASF;roles=Committer;timezone="+1",slachiewicz;email="slachiewicz@apache.org";name="Sylwester Lachiewicz";roles=Committer;timezone="Europe/Warsaw",elharo;email="elharo@apache.org";name="Elliotte Rusty Harold";roles=Committer;timezone="America/New_York",agudian;email="agudian@apache.org";name="Andreas Gudian";roles=Emeritus;timezone="Europe/Berlin",aramirez;name="Allan Q. Ramirez";roles=Emeritus,bayard;name="Henri Yandell";roles=Emeritus,carlos;email="carlos@apache.org";name="Carlos Sanchez";organization=ASF;roles=Emeritus;timezone="+1",chrisjs;name="Chris Stevenson";roles=Emeritus,dblevins;name="David Blevins";roles=Emeritus,dlr;name="Daniel Rall";roles=Emeritus,epunzalan;email="epunzalan@apache.org";name="Edwin Punzalan";roles=Emeritus;timezone=-8,felipeal;name="Felipe Leme";roles=Emeritus,jdcasey;email="jdcasey@apache.org";name="John Casey";organization=ASF;roles=Emeritus;timezone=-6,jmcconnell;email="jmcconnell@apache.org";name="Jesse McConnell";organization=ASF;roles=Emeritus;timezone=-6,joakime;email="joakime@apache.org";name="Joakim Erdfelt";organization=ASF;roles=Emeritus;timezone=-5,jruiz;email="jruiz@apache.org";name="Johnny Ruiz III";roles=Emeritus,jstrachan;name="James Strachan";roles=Emeritus,jtolentino;email="jtolentino@apache.org";name="Ernesto Tolentino Jr.";organization=ASF;roles=Emeritus;timezone="+8",kenney;email="kenney@apache.org";name="Kenney Westerhof";organization=Neonics;roles=Emeritus;timezone="+1",mperham;email="mperham@gmail.com";name="Mike Perham";organization=IBM;roles=Emeritus;timezone=-6,ogusakov;name="Oleg Gusakov";roles=Emeritus,pschneider;email="pschneider@gmail.com";name="Patrick Schneider";roles=Emeritus;timezone=-6,rinku;name="Rahul Thakur";roles=Emeritus,shinobu;name="Shinobu Kuwai";roles=Emeritus,smorgrav;name="Torbjorn Eikli Smorgrav";roles=Emeritus,trygvis;email="trygvis@apache.org";name="Trygve Laugstol";organization=ASF;roles=Emeritus;timezone="+1",wsmoak;email="wsmoak@apache.org";name="Wendy Smoak";roles=Emeritus;timezone=-7 Low Product Manifest bundle-docurl https://maven.apache.org/resolver/maven-resolver-transport-http/ Low Product Manifest Bundle-Name Maven Artifact Resolver Transport HTTP Medium Product Manifest bundle-symbolicname org.apache.maven.resolver.transport.http Medium Product Manifest Implementation-Title Maven Artifact Resolver Transport HTTP High Product Manifest specification-title Maven Artifact Resolver Transport HTTP Medium Product pom artifactid maven-resolver-transport-http Highest Product pom groupid org.apache.maven.resolver Highest Product pom name Maven Artifact Resolver Transport HTTP High Product pom parent-artifactid maven-resolver Medium Version file version 1.9.4 High Version Manifest Bundle-Version 1.9.4 High Version Manifest Implementation-Version 1.9.4 High Version pom version 1.9.4 Highest
Description:
A transport implementation based on Maven Wagon.
License:
"Apache License, Version 2.0";link="https://www.apache.org/licenses/LICENSE-2.0.txt" File Path: /home/runner/.m2/repository/org/apache/maven/resolver/maven-resolver-transport-wagon/1.9.4/maven-resolver-transport-wagon-1.9.4.jar
MD5: 2371db3f36cf41d13f1880d1ea7cf76b
SHA1: a436e002c3acfd10e8d76fe9debf50dec96a8e93
SHA256: da887d5e7f704223d58db9140095296c0106652499fcde948181f8dfd423e0a4
Evidence Type Source Name Value Confidence Vendor file name maven-resolver-transport-wagon High Vendor jar package name transport Highest Vendor jar package name wagon Highest Vendor Manifest automatic-module-name org.apache.maven.resolver.transport.wagon Medium Vendor Manifest build-jdk-spec 17 Low Vendor Manifest bundle-developers khmarbaise;email="khmarbaise@apache.org";name="Karl Heinz Marbaise";roles="PMC Chair";timezone="+1",aheritier;email="aheritier@apache.org";name="Arnaud Héritier";roles="PMC Member";timezone="+1",andham;email="andham@apache.org";name="Anders Hammar";roles="PMC Member";timezone="+1",baerrach;email="baerrach@apache.org";name="Barrie Treloar";roles="PMC Member";timezone="Australia/Adelaide",bimargulies;email="bimargulies@apache.org";name="Benson Margulies";roles="PMC Member";timezone="America/New_York",brianf;email="brianf@apache.org";name="Brian Fox";organization=Sonatype;roles="PMC Member";timezone=-5,cstamas;email="cstamas@apache.org";name="Tamas Cservenak";roles="PMC Member";timezone="+1",dennisl;email="dennisl@apache.org";name="Dennis Lundberg";organization=ASF;roles="PMC Member";timezone="+1",dkulp;email="dkulp@apache.org";name="Daniel Kulp";organization=ASF;roles="PMC Member";timezone=-5,evenisse;email="evenisse@apache.org";name="Emmanuel Venisse";organization=ASF;roles="PMC Member";timezone="+1",gboue;email="gboue@apache.org";name="Guillaume Boué";roles="PMC Member";timezone="Europe/Paris",hboutemy;email="hboutemy@apache.org";name="Hervé Boutemy";organization=ASF;roles="PMC Member";timezone="Europe/Paris",ifedorenko;email="igor@ifedorenko.com";name="Igor Fedorenko";organization=Sonatype;roles="PMC Member";timezone=-5,jvanzyl;email="jason@maven.org";name="Jason van Zyl";roles="PMC Member";timezone=-5,krosenvold;email="krosenvold@apache.org";name="Kristian Rosenvold";roles="PMC Member";timezone="+1",mkleint;name="Milos Kleint";roles="PMC Member",olamy;email="olamy@apache.org";name="Olivier Lamy";roles="PMC Member";timezone="Australia/Brisbane",michaelo;email="michaelo@apache.org";name="Michael Osipov";roles="PMC Member";timezone="Europe/Berlin",rfscholte;email="rfscholte@apache.org";name="Robert Scholte";roles="PMC Member";timezone="Europe/Amsterdam",rgoers;email="rgoers@apache.org";name="Ralph Goers";organization=Intuit;roles="PMC Member";timezone=-8,sjaranowski;email="sjaranowski@apache.org";name="Slawomir Jaranowski";roles="PMC Member";timezone="Europe/Warsaw",stephenc;email="stephenc@apache.org";name="Stephen Connolly";roles="PMC Member";timezone=0,struberg;email="struberg@apache.org";name="Mark Struberg";roles="PMC Member",tibordigana;email="tibordigana@apache.org";name="Tibor Digaňa";roles="PMC Member";timezone="Europe/Bratislava",vsiveton;email="vsiveton@apache.org";name="Vincent Siveton";organization=ASF;roles="PMC Member";timezone=-5,wfay;email="wfay@apache.org";name="Wayne Fay";organization=ASF;roles="PMC Member";timezone=-6,adangel;email="adangel@apache.org";name="Andreas Dangel";roles=Committer;timezone="Europe/Berlin",bdemers;email="bdemers@apache.org";name="Brian Demers";organization=Sonatype;roles=Committer;timezone=-5,bellingard;name="Fabrice Bellingard";roles=Committer,bentmann;email="bentmann@apache.org";name="Benjamin Bentmann";organization=Sonatype;roles=Committer;timezone="+1",chrisgwarp;email="chrisgwarp@apache.org";name="Chris Graham";roles=Committer;timezone="Australia/Melbourne",dantran;email="dantran@apache.org";name="Dan Tran";roles=Committer;timezone=-8,dbradicich;email="dbradicich@apache.org";name="Damian Bradicich";organization=Sonatype;roles=Committer;timezone=-5,brett;email="brett@apache.org";name="Brett Porter";organization=ASF;roles=Committer;timezone="+10",dfabulich;email="dfabulich@apache.org";name="Daniel Fabulich";roles=Committer;timezone=-8,eolivelli;email="eolivelli@apache.org";name="Enrico Olivelli";organization=Diennea;roles=Committer;timezone="Europe/Rome",fgiust;email="fgiust@apache.org";name="Fabrizio Giustina";organization=openmind;roles=Committer;timezone="+1",gnodet;email="gnodet@apache.org";name="Guillaume Nodet";organization="Red Hat";roles=Committer;timezone="Europe/Paris",godin;email="godin@apache.org";name="Evgeny Mandrikov";organization=SonarSource;roles=Committer;timezone="+3",handyande;email="handyande@apache.org";name="Andrew Williams";roles=Committer;timezone=0,imod;email="imod@apache.org";name="Dominik Bartholdi";roles=Committer;timezone="Europe/Zurich",jjensen;name="Jeff Jensen";roles=Committer,ltheussl;email="ltheussl@apache.org";name="Lukas Theussl";roles=Committer;timezone="+1",markh;email="markh@apache.org";name="Mark Hobson";roles=Committer;timezone=0,martinkanters;email="martinkanters@apache.org";name="Martin Kanters";organization=JPoint;roles=Committer;timezone="Europe/Amsterdam",mthmulders;email="mthmulders@apache.org";name="Maarten Mulders";organization="Info Support";roles=Committer;timezone="Europe/Amsterdam",mauro;name="Mauro Talevi";roles=Committer,mfriedenhagen;email="mfriedenhagen@apache.org";name="Mirko Friedenhagen";roles=Committer;timezone="+1",mmoser;email="mmoser@apache.org";name="Manfred Moser";roles=Committer;timezone=-8,nicolas;name="Nicolas de Loof";roles=Committer,oching;name="Maria Odea B. Ching";roles=Committer,pgier;email="pgier@apache.org";name="Paul Gier";organization="Red Hat";roles=Committer;timezone=-6,ptahchiev;email="ptahchiev@apache.org";name="Petar Tahchiev";roles=Committer;timezone="+2",rafale;email="rafale@apache.org";name="Raphaël Piéroni";organization=Dexem;roles=Committer;timezone="+1",schulte;email="schulte@apache.org";name="Christian Schulte";roles=Committer;timezone="Europe/Berlin",snicoll;email="snicoll@apache.org";name="Stephane Nicoll";roles=Committer;timezone="+1",simonetripodi;email="simonetripodi@apache.org";name="Simone Tripodi";roles=Committer;timezone="+1",sor;email="sor@apache.org";name="Christian Stein";roles=Committer;timezone="Europe/Berlin",tchemit;email="tchemit@apache.org";name="Tony Chemit";organization=CodeLutin;roles=Committer;timezone="Europe/Paris",vmassol;email="vmassol@apache.org";name="Vincent Massol";organization=ASF;roles=Committer;timezone="+1",slachiewicz;email="slachiewicz@apache.org";name="Sylwester Lachiewicz";roles=Committer;timezone="Europe/Warsaw",elharo;email="elharo@apache.org";name="Elliotte Rusty Harold";roles=Committer;timezone="America/New_York",agudian;email="agudian@apache.org";name="Andreas Gudian";roles=Emeritus;timezone="Europe/Berlin",aramirez;name="Allan Q. Ramirez";roles=Emeritus,bayard;name="Henri Yandell";roles=Emeritus,carlos;email="carlos@apache.org";name="Carlos Sanchez";organization=ASF;roles=Emeritus;timezone="+1",chrisjs;name="Chris Stevenson";roles=Emeritus,dblevins;name="David Blevins";roles=Emeritus,dlr;name="Daniel Rall";roles=Emeritus,epunzalan;email="epunzalan@apache.org";name="Edwin Punzalan";roles=Emeritus;timezone=-8,felipeal;name="Felipe Leme";roles=Emeritus,jdcasey;email="jdcasey@apache.org";name="John Casey";organization=ASF;roles=Emeritus;timezone=-6,jmcconnell;email="jmcconnell@apache.org";name="Jesse McConnell";organization=ASF;roles=Emeritus;timezone=-6,joakime;email="joakime@apache.org";name="Joakim Erdfelt";organization=ASF;roles=Emeritus;timezone=-5,jruiz;email="jruiz@apache.org";name="Johnny Ruiz III";roles=Emeritus,jstrachan;name="James Strachan";roles=Emeritus,jtolentino;email="jtolentino@apache.org";name="Ernesto Tolentino Jr.";organization=ASF;roles=Emeritus;timezone="+8",kenney;email="kenney@apache.org";name="Kenney Westerhof";organization=Neonics;roles=Emeritus;timezone="+1",mperham;email="mperham@gmail.com";name="Mike Perham";organization=IBM;roles=Emeritus;timezone=-6,ogusakov;name="Oleg Gusakov";roles=Emeritus,pschneider;email="pschneider@gmail.com";name="Patrick Schneider";roles=Emeritus;timezone=-6,rinku;name="Rahul Thakur";roles=Emeritus,shinobu;name="Shinobu Kuwai";roles=Emeritus,smorgrav;name="Torbjorn Eikli Smorgrav";roles=Emeritus,trygvis;email="trygvis@apache.org";name="Trygve Laugstol";organization=ASF;roles=Emeritus;timezone="+1",wsmoak;email="wsmoak@apache.org";name="Wendy Smoak";roles=Emeritus;timezone=-7 Low Vendor Manifest bundle-docurl https://maven.apache.org/resolver/maven-resolver-transport-wagon/ Low Vendor Manifest bundle-symbolicname org.apache.maven.resolver.transport.wagon Medium Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor pom artifactid maven-resolver-transport-wagon Low Vendor pom groupid org.apache.maven.resolver Highest Vendor pom name Maven Artifact Resolver Transport Wagon High Vendor pom parent-artifactid maven-resolver Low Product file name maven-resolver-transport-wagon High Product jar package name transport Highest Product jar package name wagon Highest Product Manifest automatic-module-name org.apache.maven.resolver.transport.wagon Medium Product Manifest build-jdk-spec 17 Low Product Manifest bundle-developers khmarbaise;email="khmarbaise@apache.org";name="Karl Heinz Marbaise";roles="PMC Chair";timezone="+1",aheritier;email="aheritier@apache.org";name="Arnaud Héritier";roles="PMC Member";timezone="+1",andham;email="andham@apache.org";name="Anders Hammar";roles="PMC Member";timezone="+1",baerrach;email="baerrach@apache.org";name="Barrie Treloar";roles="PMC Member";timezone="Australia/Adelaide",bimargulies;email="bimargulies@apache.org";name="Benson Margulies";roles="PMC Member";timezone="America/New_York",brianf;email="brianf@apache.org";name="Brian Fox";organization=Sonatype;roles="PMC Member";timezone=-5,cstamas;email="cstamas@apache.org";name="Tamas Cservenak";roles="PMC Member";timezone="+1",dennisl;email="dennisl@apache.org";name="Dennis Lundberg";organization=ASF;roles="PMC Member";timezone="+1",dkulp;email="dkulp@apache.org";name="Daniel Kulp";organization=ASF;roles="PMC Member";timezone=-5,evenisse;email="evenisse@apache.org";name="Emmanuel Venisse";organization=ASF;roles="PMC Member";timezone="+1",gboue;email="gboue@apache.org";name="Guillaume Boué";roles="PMC Member";timezone="Europe/Paris",hboutemy;email="hboutemy@apache.org";name="Hervé Boutemy";organization=ASF;roles="PMC Member";timezone="Europe/Paris",ifedorenko;email="igor@ifedorenko.com";name="Igor Fedorenko";organization=Sonatype;roles="PMC Member";timezone=-5,jvanzyl;email="jason@maven.org";name="Jason van Zyl";roles="PMC Member";timezone=-5,krosenvold;email="krosenvold@apache.org";name="Kristian Rosenvold";roles="PMC Member";timezone="+1",mkleint;name="Milos Kleint";roles="PMC Member",olamy;email="olamy@apache.org";name="Olivier Lamy";roles="PMC Member";timezone="Australia/Brisbane",michaelo;email="michaelo@apache.org";name="Michael Osipov";roles="PMC Member";timezone="Europe/Berlin",rfscholte;email="rfscholte@apache.org";name="Robert Scholte";roles="PMC Member";timezone="Europe/Amsterdam",rgoers;email="rgoers@apache.org";name="Ralph Goers";organization=Intuit;roles="PMC Member";timezone=-8,sjaranowski;email="sjaranowski@apache.org";name="Slawomir Jaranowski";roles="PMC Member";timezone="Europe/Warsaw",stephenc;email="stephenc@apache.org";name="Stephen Connolly";roles="PMC Member";timezone=0,struberg;email="struberg@apache.org";name="Mark Struberg";roles="PMC Member",tibordigana;email="tibordigana@apache.org";name="Tibor Digaňa";roles="PMC Member";timezone="Europe/Bratislava",vsiveton;email="vsiveton@apache.org";name="Vincent Siveton";organization=ASF;roles="PMC Member";timezone=-5,wfay;email="wfay@apache.org";name="Wayne Fay";organization=ASF;roles="PMC Member";timezone=-6,adangel;email="adangel@apache.org";name="Andreas Dangel";roles=Committer;timezone="Europe/Berlin",bdemers;email="bdemers@apache.org";name="Brian Demers";organization=Sonatype;roles=Committer;timezone=-5,bellingard;name="Fabrice Bellingard";roles=Committer,bentmann;email="bentmann@apache.org";name="Benjamin Bentmann";organization=Sonatype;roles=Committer;timezone="+1",chrisgwarp;email="chrisgwarp@apache.org";name="Chris Graham";roles=Committer;timezone="Australia/Melbourne",dantran;email="dantran@apache.org";name="Dan Tran";roles=Committer;timezone=-8,dbradicich;email="dbradicich@apache.org";name="Damian Bradicich";organization=Sonatype;roles=Committer;timezone=-5,brett;email="brett@apache.org";name="Brett Porter";organization=ASF;roles=Committer;timezone="+10",dfabulich;email="dfabulich@apache.org";name="Daniel Fabulich";roles=Committer;timezone=-8,eolivelli;email="eolivelli@apache.org";name="Enrico Olivelli";organization=Diennea;roles=Committer;timezone="Europe/Rome",fgiust;email="fgiust@apache.org";name="Fabrizio Giustina";organization=openmind;roles=Committer;timezone="+1",gnodet;email="gnodet@apache.org";name="Guillaume Nodet";organization="Red Hat";roles=Committer;timezone="Europe/Paris",godin;email="godin@apache.org";name="Evgeny Mandrikov";organization=SonarSource;roles=Committer;timezone="+3",handyande;email="handyande@apache.org";name="Andrew Williams";roles=Committer;timezone=0,imod;email="imod@apache.org";name="Dominik Bartholdi";roles=Committer;timezone="Europe/Zurich",jjensen;name="Jeff Jensen";roles=Committer,ltheussl;email="ltheussl@apache.org";name="Lukas Theussl";roles=Committer;timezone="+1",markh;email="markh@apache.org";name="Mark Hobson";roles=Committer;timezone=0,martinkanters;email="martinkanters@apache.org";name="Martin Kanters";organization=JPoint;roles=Committer;timezone="Europe/Amsterdam",mthmulders;email="mthmulders@apache.org";name="Maarten Mulders";organization="Info Support";roles=Committer;timezone="Europe/Amsterdam",mauro;name="Mauro Talevi";roles=Committer,mfriedenhagen;email="mfriedenhagen@apache.org";name="Mirko Friedenhagen";roles=Committer;timezone="+1",mmoser;email="mmoser@apache.org";name="Manfred Moser";roles=Committer;timezone=-8,nicolas;name="Nicolas de Loof";roles=Committer,oching;name="Maria Odea B. Ching";roles=Committer,pgier;email="pgier@apache.org";name="Paul Gier";organization="Red Hat";roles=Committer;timezone=-6,ptahchiev;email="ptahchiev@apache.org";name="Petar Tahchiev";roles=Committer;timezone="+2",rafale;email="rafale@apache.org";name="Raphaël Piéroni";organization=Dexem;roles=Committer;timezone="+1",schulte;email="schulte@apache.org";name="Christian Schulte";roles=Committer;timezone="Europe/Berlin",snicoll;email="snicoll@apache.org";name="Stephane Nicoll";roles=Committer;timezone="+1",simonetripodi;email="simonetripodi@apache.org";name="Simone Tripodi";roles=Committer;timezone="+1",sor;email="sor@apache.org";name="Christian Stein";roles=Committer;timezone="Europe/Berlin",tchemit;email="tchemit@apache.org";name="Tony Chemit";organization=CodeLutin;roles=Committer;timezone="Europe/Paris",vmassol;email="vmassol@apache.org";name="Vincent Massol";organization=ASF;roles=Committer;timezone="+1",slachiewicz;email="slachiewicz@apache.org";name="Sylwester Lachiewicz";roles=Committer;timezone="Europe/Warsaw",elharo;email="elharo@apache.org";name="Elliotte Rusty Harold";roles=Committer;timezone="America/New_York",agudian;email="agudian@apache.org";name="Andreas Gudian";roles=Emeritus;timezone="Europe/Berlin",aramirez;name="Allan Q. Ramirez";roles=Emeritus,bayard;name="Henri Yandell";roles=Emeritus,carlos;email="carlos@apache.org";name="Carlos Sanchez";organization=ASF;roles=Emeritus;timezone="+1",chrisjs;name="Chris Stevenson";roles=Emeritus,dblevins;name="David Blevins";roles=Emeritus,dlr;name="Daniel Rall";roles=Emeritus,epunzalan;email="epunzalan@apache.org";name="Edwin Punzalan";roles=Emeritus;timezone=-8,felipeal;name="Felipe Leme";roles=Emeritus,jdcasey;email="jdcasey@apache.org";name="John Casey";organization=ASF;roles=Emeritus;timezone=-6,jmcconnell;email="jmcconnell@apache.org";name="Jesse McConnell";organization=ASF;roles=Emeritus;timezone=-6,joakime;email="joakime@apache.org";name="Joakim Erdfelt";organization=ASF;roles=Emeritus;timezone=-5,jruiz;email="jruiz@apache.org";name="Johnny Ruiz III";roles=Emeritus,jstrachan;name="James Strachan";roles=Emeritus,jtolentino;email="jtolentino@apache.org";name="Ernesto Tolentino Jr.";organization=ASF;roles=Emeritus;timezone="+8",kenney;email="kenney@apache.org";name="Kenney Westerhof";organization=Neonics;roles=Emeritus;timezone="+1",mperham;email="mperham@gmail.com";name="Mike Perham";organization=IBM;roles=Emeritus;timezone=-6,ogusakov;name="Oleg Gusakov";roles=Emeritus,pschneider;email="pschneider@gmail.com";name="Patrick Schneider";roles=Emeritus;timezone=-6,rinku;name="Rahul Thakur";roles=Emeritus,shinobu;name="Shinobu Kuwai";roles=Emeritus,smorgrav;name="Torbjorn Eikli Smorgrav";roles=Emeritus,trygvis;email="trygvis@apache.org";name="Trygve Laugstol";organization=ASF;roles=Emeritus;timezone="+1",wsmoak;email="wsmoak@apache.org";name="Wendy Smoak";roles=Emeritus;timezone=-7 Low Product Manifest bundle-docurl https://maven.apache.org/resolver/maven-resolver-transport-wagon/ Low Product Manifest Bundle-Name Maven Artifact Resolver Transport Wagon Medium Product Manifest bundle-symbolicname org.apache.maven.resolver.transport.wagon Medium Product Manifest Implementation-Title Maven Artifact Resolver Transport Wagon High Product Manifest specification-title Maven Artifact Resolver Transport Wagon Medium Product pom artifactid maven-resolver-transport-wagon Highest Product pom groupid org.apache.maven.resolver Highest Product pom name Maven Artifact Resolver Transport Wagon High Product pom parent-artifactid maven-resolver Medium Version file version 1.9.4 High Version Manifest Bundle-Version 1.9.4 High Version Manifest Implementation-Version 1.9.4 High Version pom version 1.9.4 Highest
Description:
A collection of utility classes to ease usage of the repository system.
License:
"Apache License, Version 2.0";link="https://www.apache.org/licenses/LICENSE-2.0.txt" File Path: /home/runner/.m2/repository/org/apache/maven/resolver/maven-resolver-util/1.9.4/maven-resolver-util-1.9.4.jar
MD5: 94afc68e23fd00db4416ba859b4e1a6f
SHA1: d8e8476fffba77d4fc193b60cff03e414c78a580
SHA256: aa2cf7d43e84e81a843f87b28541c93527f017ab8d424db86b68a5089cd2b8d8
Evidence Type Source Name Value Confidence Vendor file name maven-resolver-util High Vendor jar package name artifact Highest Vendor jar package name repository Highest Vendor jar package name util Highest Vendor Manifest automatic-module-name org.apache.maven.resolver.util Medium Vendor Manifest build-jdk-spec 17 Low Vendor Manifest bundle-developers khmarbaise;email="khmarbaise@apache.org";name="Karl Heinz Marbaise";roles="PMC Chair";timezone="+1",aheritier;email="aheritier@apache.org";name="Arnaud Héritier";roles="PMC Member";timezone="+1",andham;email="andham@apache.org";name="Anders Hammar";roles="PMC Member";timezone="+1",baerrach;email="baerrach@apache.org";name="Barrie Treloar";roles="PMC Member";timezone="Australia/Adelaide",bimargulies;email="bimargulies@apache.org";name="Benson Margulies";roles="PMC Member";timezone="America/New_York",brianf;email="brianf@apache.org";name="Brian Fox";organization=Sonatype;roles="PMC Member";timezone=-5,cstamas;email="cstamas@apache.org";name="Tamas Cservenak";roles="PMC Member";timezone="+1",dennisl;email="dennisl@apache.org";name="Dennis Lundberg";organization=ASF;roles="PMC Member";timezone="+1",dkulp;email="dkulp@apache.org";name="Daniel Kulp";organization=ASF;roles="PMC Member";timezone=-5,evenisse;email="evenisse@apache.org";name="Emmanuel Venisse";organization=ASF;roles="PMC Member";timezone="+1",gboue;email="gboue@apache.org";name="Guillaume Boué";roles="PMC Member";timezone="Europe/Paris",hboutemy;email="hboutemy@apache.org";name="Hervé Boutemy";organization=ASF;roles="PMC Member";timezone="Europe/Paris",ifedorenko;email="igor@ifedorenko.com";name="Igor Fedorenko";organization=Sonatype;roles="PMC Member";timezone=-5,jvanzyl;email="jason@maven.org";name="Jason van Zyl";roles="PMC Member";timezone=-5,krosenvold;email="krosenvold@apache.org";name="Kristian Rosenvold";roles="PMC Member";timezone="+1",mkleint;name="Milos Kleint";roles="PMC Member",olamy;email="olamy@apache.org";name="Olivier Lamy";roles="PMC Member";timezone="Australia/Brisbane",michaelo;email="michaelo@apache.org";name="Michael Osipov";roles="PMC Member";timezone="Europe/Berlin",rfscholte;email="rfscholte@apache.org";name="Robert Scholte";roles="PMC Member";timezone="Europe/Amsterdam",rgoers;email="rgoers@apache.org";name="Ralph Goers";organization=Intuit;roles="PMC Member";timezone=-8,sjaranowski;email="sjaranowski@apache.org";name="Slawomir Jaranowski";roles="PMC Member";timezone="Europe/Warsaw",stephenc;email="stephenc@apache.org";name="Stephen Connolly";roles="PMC Member";timezone=0,struberg;email="struberg@apache.org";name="Mark Struberg";roles="PMC Member",tibordigana;email="tibordigana@apache.org";name="Tibor Digaňa";roles="PMC Member";timezone="Europe/Bratislava",vsiveton;email="vsiveton@apache.org";name="Vincent Siveton";organization=ASF;roles="PMC Member";timezone=-5,wfay;email="wfay@apache.org";name="Wayne Fay";organization=ASF;roles="PMC Member";timezone=-6,adangel;email="adangel@apache.org";name="Andreas Dangel";roles=Committer;timezone="Europe/Berlin",bdemers;email="bdemers@apache.org";name="Brian Demers";organization=Sonatype;roles=Committer;timezone=-5,bellingard;name="Fabrice Bellingard";roles=Committer,bentmann;email="bentmann@apache.org";name="Benjamin Bentmann";organization=Sonatype;roles=Committer;timezone="+1",chrisgwarp;email="chrisgwarp@apache.org";name="Chris Graham";roles=Committer;timezone="Australia/Melbourne",dantran;email="dantran@apache.org";name="Dan Tran";roles=Committer;timezone=-8,dbradicich;email="dbradicich@apache.org";name="Damian Bradicich";organization=Sonatype;roles=Committer;timezone=-5,brett;email="brett@apache.org";name="Brett Porter";organization=ASF;roles=Committer;timezone="+10",dfabulich;email="dfabulich@apache.org";name="Daniel Fabulich";roles=Committer;timezone=-8,eolivelli;email="eolivelli@apache.org";name="Enrico Olivelli";organization=Diennea;roles=Committer;timezone="Europe/Rome",fgiust;email="fgiust@apache.org";name="Fabrizio Giustina";organization=openmind;roles=Committer;timezone="+1",gnodet;email="gnodet@apache.org";name="Guillaume Nodet";organization="Red Hat";roles=Committer;timezone="Europe/Paris",godin;email="godin@apache.org";name="Evgeny Mandrikov";organization=SonarSource;roles=Committer;timezone="+3",handyande;email="handyande@apache.org";name="Andrew Williams";roles=Committer;timezone=0,imod;email="imod@apache.org";name="Dominik Bartholdi";roles=Committer;timezone="Europe/Zurich",jjensen;name="Jeff Jensen";roles=Committer,ltheussl;email="ltheussl@apache.org";name="Lukas Theussl";roles=Committer;timezone="+1",markh;email="markh@apache.org";name="Mark Hobson";roles=Committer;timezone=0,martinkanters;email="martinkanters@apache.org";name="Martin Kanters";organization=JPoint;roles=Committer;timezone="Europe/Amsterdam",mthmulders;email="mthmulders@apache.org";name="Maarten Mulders";organization="Info Support";roles=Committer;timezone="Europe/Amsterdam",mauro;name="Mauro Talevi";roles=Committer,mfriedenhagen;email="mfriedenhagen@apache.org";name="Mirko Friedenhagen";roles=Committer;timezone="+1",mmoser;email="mmoser@apache.org";name="Manfred Moser";roles=Committer;timezone=-8,nicolas;name="Nicolas de Loof";roles=Committer,oching;name="Maria Odea B. Ching";roles=Committer,pgier;email="pgier@apache.org";name="Paul Gier";organization="Red Hat";roles=Committer;timezone=-6,ptahchiev;email="ptahchiev@apache.org";name="Petar Tahchiev";roles=Committer;timezone="+2",rafale;email="rafale@apache.org";name="Raphaël Piéroni";organization=Dexem;roles=Committer;timezone="+1",schulte;email="schulte@apache.org";name="Christian Schulte";roles=Committer;timezone="Europe/Berlin",snicoll;email="snicoll@apache.org";name="Stephane Nicoll";roles=Committer;timezone="+1",simonetripodi;email="simonetripodi@apache.org";name="Simone Tripodi";roles=Committer;timezone="+1",sor;email="sor@apache.org";name="Christian Stein";roles=Committer;timezone="Europe/Berlin",tchemit;email="tchemit@apache.org";name="Tony Chemit";organization=CodeLutin;roles=Committer;timezone="Europe/Paris",vmassol;email="vmassol@apache.org";name="Vincent Massol";organization=ASF;roles=Committer;timezone="+1",slachiewicz;email="slachiewicz@apache.org";name="Sylwester Lachiewicz";roles=Committer;timezone="Europe/Warsaw",elharo;email="elharo@apache.org";name="Elliotte Rusty Harold";roles=Committer;timezone="America/New_York",agudian;email="agudian@apache.org";name="Andreas Gudian";roles=Emeritus;timezone="Europe/Berlin",aramirez;name="Allan Q. Ramirez";roles=Emeritus,bayard;name="Henri Yandell";roles=Emeritus,carlos;email="carlos@apache.org";name="Carlos Sanchez";organization=ASF;roles=Emeritus;timezone="+1",chrisjs;name="Chris Stevenson";roles=Emeritus,dblevins;name="David Blevins";roles=Emeritus,dlr;name="Daniel Rall";roles=Emeritus,epunzalan;email="epunzalan@apache.org";name="Edwin Punzalan";roles=Emeritus;timezone=-8,felipeal;name="Felipe Leme";roles=Emeritus,jdcasey;email="jdcasey@apache.org";name="John Casey";organization=ASF;roles=Emeritus;timezone=-6,jmcconnell;email="jmcconnell@apache.org";name="Jesse McConnell";organization=ASF;roles=Emeritus;timezone=-6,joakime;email="joakime@apache.org";name="Joakim Erdfelt";organization=ASF;roles=Emeritus;timezone=-5,jruiz;email="jruiz@apache.org";name="Johnny Ruiz III";roles=Emeritus,jstrachan;name="James Strachan";roles=Emeritus,jtolentino;email="jtolentino@apache.org";name="Ernesto Tolentino Jr.";organization=ASF;roles=Emeritus;timezone="+8",kenney;email="kenney@apache.org";name="Kenney Westerhof";organization=Neonics;roles=Emeritus;timezone="+1",mperham;email="mperham@gmail.com";name="Mike Perham";organization=IBM;roles=Emeritus;timezone=-6,ogusakov;name="Oleg Gusakov";roles=Emeritus,pschneider;email="pschneider@gmail.com";name="Patrick Schneider";roles=Emeritus;timezone=-6,rinku;name="Rahul Thakur";roles=Emeritus,shinobu;name="Shinobu Kuwai";roles=Emeritus,smorgrav;name="Torbjorn Eikli Smorgrav";roles=Emeritus,trygvis;email="trygvis@apache.org";name="Trygve Laugstol";organization=ASF;roles=Emeritus;timezone="+1",wsmoak;email="wsmoak@apache.org";name="Wendy Smoak";roles=Emeritus;timezone=-7 Low Vendor Manifest bundle-docurl https://maven.apache.org/resolver/maven-resolver-util/ Low Vendor Manifest bundle-symbolicname org.apache.maven.resolver.util Medium Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor pom artifactid maven-resolver-util Low Vendor pom groupid org.apache.maven.resolver Highest Vendor pom name Maven Artifact Resolver Utilities High Vendor pom parent-artifactid maven-resolver Low Product file name maven-resolver-util High Product jar package name artifact Highest Product jar package name repository Highest Product jar package name util Highest Product Manifest automatic-module-name org.apache.maven.resolver.util Medium Product Manifest build-jdk-spec 17 Low Product Manifest bundle-developers khmarbaise;email="khmarbaise@apache.org";name="Karl Heinz Marbaise";roles="PMC Chair";timezone="+1",aheritier;email="aheritier@apache.org";name="Arnaud Héritier";roles="PMC Member";timezone="+1",andham;email="andham@apache.org";name="Anders Hammar";roles="PMC Member";timezone="+1",baerrach;email="baerrach@apache.org";name="Barrie Treloar";roles="PMC Member";timezone="Australia/Adelaide",bimargulies;email="bimargulies@apache.org";name="Benson Margulies";roles="PMC Member";timezone="America/New_York",brianf;email="brianf@apache.org";name="Brian Fox";organization=Sonatype;roles="PMC Member";timezone=-5,cstamas;email="cstamas@apache.org";name="Tamas Cservenak";roles="PMC Member";timezone="+1",dennisl;email="dennisl@apache.org";name="Dennis Lundberg";organization=ASF;roles="PMC Member";timezone="+1",dkulp;email="dkulp@apache.org";name="Daniel Kulp";organization=ASF;roles="PMC Member";timezone=-5,evenisse;email="evenisse@apache.org";name="Emmanuel Venisse";organization=ASF;roles="PMC Member";timezone="+1",gboue;email="gboue@apache.org";name="Guillaume Boué";roles="PMC Member";timezone="Europe/Paris",hboutemy;email="hboutemy@apache.org";name="Hervé Boutemy";organization=ASF;roles="PMC Member";timezone="Europe/Paris",ifedorenko;email="igor@ifedorenko.com";name="Igor Fedorenko";organization=Sonatype;roles="PMC Member";timezone=-5,jvanzyl;email="jason@maven.org";name="Jason van Zyl";roles="PMC Member";timezone=-5,krosenvold;email="krosenvold@apache.org";name="Kristian Rosenvold";roles="PMC Member";timezone="+1",mkleint;name="Milos Kleint";roles="PMC Member",olamy;email="olamy@apache.org";name="Olivier Lamy";roles="PMC Member";timezone="Australia/Brisbane",michaelo;email="michaelo@apache.org";name="Michael Osipov";roles="PMC Member";timezone="Europe/Berlin",rfscholte;email="rfscholte@apache.org";name="Robert Scholte";roles="PMC Member";timezone="Europe/Amsterdam",rgoers;email="rgoers@apache.org";name="Ralph Goers";organization=Intuit;roles="PMC Member";timezone=-8,sjaranowski;email="sjaranowski@apache.org";name="Slawomir Jaranowski";roles="PMC Member";timezone="Europe/Warsaw",stephenc;email="stephenc@apache.org";name="Stephen Connolly";roles="PMC Member";timezone=0,struberg;email="struberg@apache.org";name="Mark Struberg";roles="PMC Member",tibordigana;email="tibordigana@apache.org";name="Tibor Digaňa";roles="PMC Member";timezone="Europe/Bratislava",vsiveton;email="vsiveton@apache.org";name="Vincent Siveton";organization=ASF;roles="PMC Member";timezone=-5,wfay;email="wfay@apache.org";name="Wayne Fay";organization=ASF;roles="PMC Member";timezone=-6,adangel;email="adangel@apache.org";name="Andreas Dangel";roles=Committer;timezone="Europe/Berlin",bdemers;email="bdemers@apache.org";name="Brian Demers";organization=Sonatype;roles=Committer;timezone=-5,bellingard;name="Fabrice Bellingard";roles=Committer,bentmann;email="bentmann@apache.org";name="Benjamin Bentmann";organization=Sonatype;roles=Committer;timezone="+1",chrisgwarp;email="chrisgwarp@apache.org";name="Chris Graham";roles=Committer;timezone="Australia/Melbourne",dantran;email="dantran@apache.org";name="Dan Tran";roles=Committer;timezone=-8,dbradicich;email="dbradicich@apache.org";name="Damian Bradicich";organization=Sonatype;roles=Committer;timezone=-5,brett;email="brett@apache.org";name="Brett Porter";organization=ASF;roles=Committer;timezone="+10",dfabulich;email="dfabulich@apache.org";name="Daniel Fabulich";roles=Committer;timezone=-8,eolivelli;email="eolivelli@apache.org";name="Enrico Olivelli";organization=Diennea;roles=Committer;timezone="Europe/Rome",fgiust;email="fgiust@apache.org";name="Fabrizio Giustina";organization=openmind;roles=Committer;timezone="+1",gnodet;email="gnodet@apache.org";name="Guillaume Nodet";organization="Red Hat";roles=Committer;timezone="Europe/Paris",godin;email="godin@apache.org";name="Evgeny Mandrikov";organization=SonarSource;roles=Committer;timezone="+3",handyande;email="handyande@apache.org";name="Andrew Williams";roles=Committer;timezone=0,imod;email="imod@apache.org";name="Dominik Bartholdi";roles=Committer;timezone="Europe/Zurich",jjensen;name="Jeff Jensen";roles=Committer,ltheussl;email="ltheussl@apache.org";name="Lukas Theussl";roles=Committer;timezone="+1",markh;email="markh@apache.org";name="Mark Hobson";roles=Committer;timezone=0,martinkanters;email="martinkanters@apache.org";name="Martin Kanters";organization=JPoint;roles=Committer;timezone="Europe/Amsterdam",mthmulders;email="mthmulders@apache.org";name="Maarten Mulders";organization="Info Support";roles=Committer;timezone="Europe/Amsterdam",mauro;name="Mauro Talevi";roles=Committer,mfriedenhagen;email="mfriedenhagen@apache.org";name="Mirko Friedenhagen";roles=Committer;timezone="+1",mmoser;email="mmoser@apache.org";name="Manfred Moser";roles=Committer;timezone=-8,nicolas;name="Nicolas de Loof";roles=Committer,oching;name="Maria Odea B. Ching";roles=Committer,pgier;email="pgier@apache.org";name="Paul Gier";organization="Red Hat";roles=Committer;timezone=-6,ptahchiev;email="ptahchiev@apache.org";name="Petar Tahchiev";roles=Committer;timezone="+2",rafale;email="rafale@apache.org";name="Raphaël Piéroni";organization=Dexem;roles=Committer;timezone="+1",schulte;email="schulte@apache.org";name="Christian Schulte";roles=Committer;timezone="Europe/Berlin",snicoll;email="snicoll@apache.org";name="Stephane Nicoll";roles=Committer;timezone="+1",simonetripodi;email="simonetripodi@apache.org";name="Simone Tripodi";roles=Committer;timezone="+1",sor;email="sor@apache.org";name="Christian Stein";roles=Committer;timezone="Europe/Berlin",tchemit;email="tchemit@apache.org";name="Tony Chemit";organization=CodeLutin;roles=Committer;timezone="Europe/Paris",vmassol;email="vmassol@apache.org";name="Vincent Massol";organization=ASF;roles=Committer;timezone="+1",slachiewicz;email="slachiewicz@apache.org";name="Sylwester Lachiewicz";roles=Committer;timezone="Europe/Warsaw",elharo;email="elharo@apache.org";name="Elliotte Rusty Harold";roles=Committer;timezone="America/New_York",agudian;email="agudian@apache.org";name="Andreas Gudian";roles=Emeritus;timezone="Europe/Berlin",aramirez;name="Allan Q. Ramirez";roles=Emeritus,bayard;name="Henri Yandell";roles=Emeritus,carlos;email="carlos@apache.org";name="Carlos Sanchez";organization=ASF;roles=Emeritus;timezone="+1",chrisjs;name="Chris Stevenson";roles=Emeritus,dblevins;name="David Blevins";roles=Emeritus,dlr;name="Daniel Rall";roles=Emeritus,epunzalan;email="epunzalan@apache.org";name="Edwin Punzalan";roles=Emeritus;timezone=-8,felipeal;name="Felipe Leme";roles=Emeritus,jdcasey;email="jdcasey@apache.org";name="John Casey";organization=ASF;roles=Emeritus;timezone=-6,jmcconnell;email="jmcconnell@apache.org";name="Jesse McConnell";organization=ASF;roles=Emeritus;timezone=-6,joakime;email="joakime@apache.org";name="Joakim Erdfelt";organization=ASF;roles=Emeritus;timezone=-5,jruiz;email="jruiz@apache.org";name="Johnny Ruiz III";roles=Emeritus,jstrachan;name="James Strachan";roles=Emeritus,jtolentino;email="jtolentino@apache.org";name="Ernesto Tolentino Jr.";organization=ASF;roles=Emeritus;timezone="+8",kenney;email="kenney@apache.org";name="Kenney Westerhof";organization=Neonics;roles=Emeritus;timezone="+1",mperham;email="mperham@gmail.com";name="Mike Perham";organization=IBM;roles=Emeritus;timezone=-6,ogusakov;name="Oleg Gusakov";roles=Emeritus,pschneider;email="pschneider@gmail.com";name="Patrick Schneider";roles=Emeritus;timezone=-6,rinku;name="Rahul Thakur";roles=Emeritus,shinobu;name="Shinobu Kuwai";roles=Emeritus,smorgrav;name="Torbjorn Eikli Smorgrav";roles=Emeritus,trygvis;email="trygvis@apache.org";name="Trygve Laugstol";organization=ASF;roles=Emeritus;timezone="+1",wsmoak;email="wsmoak@apache.org";name="Wendy Smoak";roles=Emeritus;timezone=-7 Low Product Manifest bundle-docurl https://maven.apache.org/resolver/maven-resolver-util/ Low Product Manifest Bundle-Name Maven Artifact Resolver Utilities Medium Product Manifest bundle-symbolicname org.apache.maven.resolver.util Medium Product Manifest Implementation-Title Maven Artifact Resolver Utilities High Product Manifest specification-title Maven Artifact Resolver Utilities Medium Product pom artifactid maven-resolver-util Highest Product pom groupid org.apache.maven.resolver Highest Product pom name Maven Artifact Resolver Utilities High Product pom parent-artifactid maven-resolver Medium Version file version 1.9.4 High Version Manifest Bundle-Version 1.9.4 High Version Manifest Implementation-Version 1.9.4 High Version pom version 1.9.4 Highest
Description:
Maven Settings model. File Path: /home/runner/.m2/repository/org/apache/maven/maven-settings/3.9.4/maven-settings-3.9.4.jarMD5: cd895d92fc4833b56e80ab6760952cd8SHA1: f0553a72454ed3160cca729b75166077d8f3d499SHA256: 43cc79ca3ab2f7f0dfedaceacffcc89676410ce2e52f6f08712d7c2b3e580991
Evidence Type Source Name Value Confidence Vendor file name maven-settings High Vendor jar package name apache Highest Vendor jar package name maven Highest Vendor jar package name settings Highest Vendor Manifest build-jdk-spec 17 Low Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor pom artifactid maven-settings Low Vendor pom groupid org.apache.maven Highest Vendor pom name Maven Settings High Vendor pom parent-artifactid maven Low Product file name maven-settings High Product jar package name apache Highest Product jar package name maven Highest Product jar package name settings Highest Product Manifest build-jdk-spec 17 Low Product Manifest Implementation-Title Maven Settings High Product Manifest specification-title Maven Settings Medium Product pom artifactid maven-settings Highest Product pom groupid org.apache.maven Highest Product pom name Maven Settings High Product pom parent-artifactid maven Medium Version file version 3.9.4 High Version Manifest Implementation-Version 3.9.4 High Version pom version 3.9.4 Highest
Description:
The effective settings builder, with inheritance and password decryption. File Path: /home/runner/.m2/repository/org/apache/maven/maven-settings-builder/3.9.4/maven-settings-builder-3.9.4.jarMD5: cb57a867ee9703f9b18a378b9288abbaSHA1: b3f6479c00e9182b9b731caf69ac6f4f6f2a373fSHA256: 4aa957181b6c398d0b4f6756a1a99c93f37abb748f8d0767f04cdad1355fe297
Evidence Type Source Name Value Confidence Vendor file name maven-settings-builder High Vendor jar package name apache Highest Vendor jar package name maven Highest Vendor jar package name settings Highest Vendor Manifest build-jdk-spec 17 Low Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor pom artifactid maven-settings-builder Low Vendor pom groupid org.apache.maven Highest Vendor pom name Maven Settings Builder High Vendor pom parent-artifactid maven Low Product file name maven-settings-builder High Product jar package name apache Highest Product jar package name maven Highest Product jar package name settings Highest Product Manifest build-jdk-spec 17 Low Product Manifest Implementation-Title Maven Settings Builder High Product Manifest specification-title Maven Settings Builder Medium Product pom artifactid maven-settings-builder Highest Product pom groupid org.apache.maven Highest Product pom name Maven Settings Builder High Product pom parent-artifactid maven Medium Version file version 3.9.4 High Version Manifest Implementation-Version 3.9.4 High Version pom version 3.9.4 Highest
Description:
Shared utilities for use by Maven core and plugins File Path: /home/runner/.m2/repository/org/apache/maven/shared/maven-shared-utils/3.3.4/maven-shared-utils-3.3.4.jarMD5: 908f2a0107ff330ac9b856356a0acaefSHA1: f87a61adb1e12a00dcc6cc6005a51e693aa7c4acSHA256: 7925d9c5a0e2040d24b8fae3f612eb399cbffe5838b33ba368777dc7bddf6dda
Evidence Type Source Name Value Confidence Vendor file name maven-shared-utils High Vendor jar package name apache Highest Vendor jar package name maven Highest Vendor jar package name shared Highest Vendor jar package name utils Highest Vendor Manifest build-jdk-spec 1.8 Low Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor pom artifactid maven-shared-utils Low Vendor pom groupid org.apache.maven.shared Highest Vendor pom name Apache Maven Shared Utils High Vendor pom parent-artifactid maven-shared-components Low Product file name maven-shared-utils High Product jar package name apache Highest Product jar package name maven Highest Product jar package name shared Highest Product jar package name utils Highest Product Manifest build-jdk-spec 1.8 Low Product Manifest Implementation-Title Apache Maven Shared Utils High Product Manifest specification-title Apache Maven Shared Utils Medium Product pom artifactid maven-shared-utils Highest Product pom groupid org.apache.maven.shared Highest Product pom name Apache Maven Shared Utils High Product pom parent-artifactid maven-shared-components Medium Version file version 3.3.4 High Version Manifest Implementation-Version 3.3.4 High Version pom parent-version 3.3.4 Low Version pom version 3.3.4 Highest
Description:
A lightweight library of useful, mostly pure functions License:
Eclipse Public License: http://www.eclipse.org/legal/epl-v10.html File Path: /home/runner/.m2/repository/dev/weavejester/medley/1.7.0/medley-1.7.0.jar
MD5: 249ee290d7e2251e43d8e0ffe5eada0d
SHA1: 5f2d2bec8700ba4fceceb5445afc4024e05c87d0
SHA256: 4e620275b5f0f0811262bc0d245f7f2532acb5256848300866a5f5e6f621775a
Evidence Type Source Name Value Confidence Vendor file name medley High Vendor Manifest leiningen-project-artifactid medley Low Vendor pom artifactid medley Low Vendor pom groupid dev.weavejester Highest Vendor pom name medley High Vendor pom url weavejester/medley Highest Product file name medley High Product Manifest leiningen-project-artifactid medley Low Product pom artifactid medley Highest Product pom groupid dev.weavejester Highest Product pom name medley High Product pom url weavejester/medley High Version file version 1.7.0 High Version Manifest leiningen-project-version 1.7.0 Medium Version pom version 1.7.0 Highest
Description:
MessagePack for Java is a binary-based efficient object
serialization library in Java. License:
The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /home/runner/.m2/repository/org/msgpack/msgpack/0.6.12/msgpack-0.6.12.jar
MD5: 94563c26c3194d6288882479a762b69a
SHA1: 6a0c88fe022993c490011c3dce7127b29f9a9b3b
SHA256: e09ca65d8520488e80a5dc426848a8afccfd40f4a2eb3b9646042595d3bd9b5e
Evidence Type Source Name Value Confidence Vendor file name msgpack High Vendor jar package name messagepack Highest Vendor jar package name msgpack Highest Vendor Manifest bundle-symbolicname org.msgpack Medium Vendor pom artifactid msgpack Low Vendor pom developer email frsyuki@users.sourceforge.jp Low Vendor pom developer email muga.nishizawa@gmail.com Low Vendor pom developer id frsyuki Medium Vendor pom developer id muga Medium Vendor pom developer name Muga Nishizawa Medium Vendor pom developer name Sadayuki Furuhashi Medium Vendor pom groupid org.msgpack Highest Vendor pom name MessagePack for Java High Vendor pom url http://msgpack.org/ Highest Product file name msgpack High Product jar package name messagepack Highest Product jar package name msgpack Highest Product Manifest Bundle-Name MessagePack for Java Medium Product Manifest bundle-symbolicname org.msgpack Medium Product pom artifactid msgpack Highest Product pom developer email frsyuki@users.sourceforge.jp Low Product pom developer email muga.nishizawa@gmail.com Low Product pom developer id frsyuki Low Product pom developer id muga Low Product pom developer name Muga Nishizawa Low Product pom developer name Sadayuki Furuhashi Low Product pom groupid org.msgpack Highest Product pom name MessagePack for Java High Product pom url http://msgpack.org/ Medium Version file version 0.6.12 High Version Manifest Bundle-Version 0.6.12 High Version pom version 0.6.12 Highest
Description:
Pure-clojure implementation of ruby's ordered hash and set types - instead of sorting by key, these collections retain insertion order. License:
Eclipse Public License - v 1.0: http://www.eclipse.org/legal/epl-v10.html File Path: /home/runner/.m2/repository/org/flatland/ordered/1.15.11/ordered-1.15.11.jar
MD5: 7ba5495612fa845eb17a7ec8af599eeb
SHA1: e5c1ed6ccdb987d292736ea42e4bf2c6e34dd43c
SHA256: e294d4fe995340323ac1a49f684626ad60882cc00dec096fae28c29f40590be9
Evidence Type Source Name Value Confidence Vendor file name ordered High Vendor Manifest leiningen-project-artifactid ordered Low Vendor pom artifactid ordered Low Vendor pom groupid org.flatland Highest Vendor pom name ordered High Vendor pom url clj-commons/ordered Highest Product file name ordered High Product Manifest leiningen-project-artifactid ordered Low Product pom artifactid ordered Highest Product pom groupid org.flatland Highest Product pom name ordered High Product pom url clj-commons/ordered High Version file version 1.15.11 High Version Manifest leiningen-project-version 1.15.11 Medium Version pom version 1.15.11 Highest
License:
http://www.eclipse.org/legal/epl-v10.html File Path: /home/runner/.m2/repository/org/eclipse/sisu/org.eclipse.sisu.inject/0.3.5/org.eclipse.sisu.inject-0.3.5.jar
MD5: 1b296b0ddd911ed3750b3df93b395cd5
SHA1: d4265dd4f0f1d7a06d80df5a5f475d5ff9c17140
SHA256: c5994010bcdce1d2bd603a4d50c47191ddbd7875d1157b23aaa26d33c82fda13
Evidence Type Source Name Value Confidence Vendor file name org.eclipse.sisu.inject High Vendor jar package name eclipse Highest Vendor jar package name inject Highest Vendor jar package name sisu Highest Vendor Manifest bundle-copyright Copyright (c) 2010, 2015 Sonatype, Inc. and others Low Vendor Manifest bundle-docurl http://www.eclipse.org/sisu/ Low Vendor Manifest bundle-requiredexecutionenvironment JavaSE-1.6 Low Vendor Manifest bundle-symbolicname org.eclipse.sisu.inject;singleton:=true Medium Vendor pom artifactid eclipse.sisu.inject Low Vendor pom groupid org.eclipse.sisu Highest Vendor pom parent-artifactid sisu-inject Low Product file name org.eclipse.sisu.inject High Product jar package name eclipse Highest Product jar package name inject Highest Product jar package name sisu Highest Product jar package name sonatype Highest Product Manifest bundle-copyright Copyright (c) 2010, 2015 Sonatype, Inc. and others Low Product Manifest bundle-docurl http://www.eclipse.org/sisu/ Low Product Manifest Bundle-Name Sisu-Inject (Incubation) Medium Product Manifest bundle-requiredexecutionenvironment JavaSE-1.6 Low Product Manifest bundle-symbolicname org.eclipse.sisu.inject;singleton:=true Medium Product pom artifactid eclipse.sisu.inject Highest Product pom groupid org.eclipse.sisu Highest Product pom parent-artifactid sisu-inject Medium Version file version 0.3.5 High Version Manifest Bundle-Version 0.3.5 High Version pom version 0.3.5 Highest
License:
http://www.eclipse.org/legal/epl-v10.html File Path: /home/runner/.m2/repository/org/eclipse/sisu/org.eclipse.sisu.plexus/0.3.5/org.eclipse.sisu.plexus-0.3.5.jar
MD5: 30c4a9fa2137698ed66c8542f1be196a
SHA1: d71996bb2e536f966b3b70e647067fff3b73d32f
SHA256: 7e4c61096d70826f20f7a7d55c59a5528e7aa5ad247ee2dfe544e4dd25f6a784
Evidence Type Source Name Value Confidence Vendor file name org.eclipse.sisu.plexus High Vendor jar package name eclipse Highest Vendor jar package name plexus Highest Vendor jar package name sisu Highest Vendor Manifest bundle-copyright Copyright (c) 2010, 2015 Sonatype, Inc. and others Low Vendor Manifest bundle-docurl http://www.eclipse.org/sisu/ Low Vendor Manifest bundle-requiredexecutionenvironment JavaSE-1.6 Low Vendor Manifest bundle-symbolicname org.eclipse.sisu.plexus;singleton:=true Medium Vendor pom artifactid eclipse.sisu.plexus Low Vendor pom groupid org.eclipse.sisu Highest Vendor pom parent-artifactid sisu-plexus Low Product file name org.eclipse.sisu.plexus High Product jar package name eclipse Highest Product jar package name plexus Highest Product jar package name sisu Highest Product Manifest bundle-copyright Copyright (c) 2010, 2015 Sonatype, Inc. and others Low Product Manifest bundle-docurl http://www.eclipse.org/sisu/ Low Product Manifest Bundle-Name Sisu-Plexus (Incubation) Medium Product Manifest bundle-requiredexecutionenvironment JavaSE-1.6 Low Product Manifest bundle-symbolicname org.eclipse.sisu.plexus;singleton:=true Medium Product pom artifactid eclipse.sisu.plexus Highest Product pom groupid org.eclipse.sisu Highest Product pom parent-artifactid sisu-plexus Medium Version file version 0.3.5 High Version Manifest Bundle-Version 0.3.5 High Version pom version 0.3.5 Highest
File Path: /home/runner/.m2/repository/org/sonatype/plexus/plexus-cipher/1.4/plexus-cipher-1.4.jarMD5: 7b2d6fcf0d5800d5b1ce09d98d98dcafSHA1: 50ade46f23bb38cd984b4ec560c46223432aac38SHA256: 5a15fdba22669e0fdd06e10dcce6320879e1f7398fbc910cd0677b50672a78c4
Evidence Type Source Name Value Confidence Vendor file name plexus-cipher High Vendor jar package name cipher Highest Vendor jar package name components Low Vendor jar package name plexus Highest Vendor jar package name plexus Low Vendor jar package name sonatype Highest Vendor jar package name sonatype Low Vendor pom artifactid plexus-cipher Low Vendor pom groupid org.sonatype.plexus Highest Vendor pom name Plexus Cipher: encryption/decryption Component High Vendor pom parent-artifactid spice-parent Low Vendor pom parent-groupid org.sonatype.spice Medium Vendor pom url http://spice.sonatype.org/ Highest Vendor pom url http://spice.sonatype.org/${project.artifactId} Highest Product file name plexus-cipher High Product jar package name cipher Highest Product jar package name cipher Low Product jar package name components Low Product jar package name plexus Highest Product jar package name plexus Low Product jar package name sonatype Highest Product pom artifactid plexus-cipher Highest Product pom groupid org.sonatype.plexus Highest Product pom name Plexus Cipher: encryption/decryption Component High Product pom parent-artifactid spice-parent Medium Product pom parent-groupid org.sonatype.spice Medium Product pom url http://spice.sonatype.org/ Medium Product pom url http://spice.sonatype.org/${project.artifactId} Medium Version file version 1.4 High Version pom parent-version 1.4 Low Version pom version 1.4 Highest
File Path: /home/runner/.m2/repository/org/codehaus/plexus/plexus-cipher/2.0/plexus-cipher-2.0.jarMD5: 55d612839faf248cbe3e273969c002c2SHA1: 425ea8e534716b4bff1ea90f39bd76be951d651bSHA256: 9a7f1b5c5a9effd61eadfd8731452a2f76a8e79111fac391ef75ea801bea203a
Evidence Type Source Name Value Confidence Vendor file name plexus-cipher High Vendor jar package name cipher Highest Vendor jar package name plexus Highest Vendor Manifest build-jdk-spec 1.8 Low Vendor pom artifactid plexus-cipher Low Vendor pom groupid org.codehaus.plexus Highest Vendor pom name Plexus Cipher: encryption/decryption Component High Vendor pom parent-artifactid plexus Low Product file name plexus-cipher High Product jar package name cipher Highest Product jar package name plexus Highest Product Manifest build-jdk-spec 1.8 Low Product pom artifactid plexus-cipher Highest Product pom groupid org.codehaus.plexus Highest Product pom name Plexus Cipher: encryption/decryption Component High Product pom parent-artifactid plexus Medium Version file version 2.0 High Version pom parent-version 2.0 Low Version pom version 2.0 Highest
CVE-2022-4244 suppress
A flaw was found in codeplex-codehaus. A directory traversal attack (also known as path traversal) aims to access files and directories stored outside the intended folder. By manipulating files with "dot-dot-slash (../)" sequences and their variations or by using absolute file paths, it may be possible to access arbitrary files and directories stored on the file system, including application source code, configuration, and other critical system files. CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVSSv3:
Base Score: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N References:
Vulnerable Software & Versions: (show all )
CVE-2022-4245 suppress
A flaw was found in codehaus-plexus. The org.codehaus.plexus.util.xml.XmlWriterUtil#writeComment fails to sanitize comments for a --> sequence. This issue means that text contained in the command string could be interpreted as XML and allow for XML injection. CWE-611 Improper Restriction of XML External Entity Reference
CVSSv3:
Base Score: MEDIUM (4.3) Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N References:
Vulnerable Software & Versions: (show all )
Description:
A class loader framework License:
http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /home/runner/.m2/repository/org/codehaus/plexus/plexus-classworlds/2.6.0/plexus-classworlds-2.6.0.jar
MD5: 67e722b27e3a33b33c1b263b99dd7c43
SHA1: 8587e80fcb38e70b70fae8d5914b6376bfad6259
SHA256: 52f77c5ec49f787c9c417ebed5d6efd9922f44a202f217376e4f94c0d74f3549
Evidence Type Source Name Value Confidence Vendor file name plexus-classworlds High Vendor jar package name classworlds Highest Vendor jar package name codehaus Highest Vendor jar package name plexus Highest Vendor Manifest bundle-docurl http://codehaus-plexus.github.io/ Low Vendor Manifest bundle-symbolicname org.codehaus.plexus.classworlds Medium Vendor pom artifactid plexus-classworlds Low Vendor pom groupid org.codehaus.plexus Highest Vendor pom name Plexus Classworlds High Vendor pom parent-artifactid plexus Low Product file name plexus-classworlds High Product jar package name classworlds Highest Product jar package name codehaus Highest Product jar package name plexus Highest Product Manifest bundle-docurl http://codehaus-plexus.github.io/ Low Product Manifest Bundle-Name Plexus Classworlds Medium Product Manifest bundle-symbolicname org.codehaus.plexus.classworlds Medium Product pom artifactid plexus-classworlds Highest Product pom groupid org.codehaus.plexus Highest Product pom name Plexus Classworlds High Product pom parent-artifactid plexus Medium Version file version 2.6.0 High Version Manifest Bundle-Version 2.6.0 High Version pom parent-version 2.6.0 Low Version pom version 2.6.0 Highest
CVE-2022-4244 suppress
A flaw was found in codeplex-codehaus. A directory traversal attack (also known as path traversal) aims to access files and directories stored outside the intended folder. By manipulating files with "dot-dot-slash (../)" sequences and their variations or by using absolute file paths, it may be possible to access arbitrary files and directories stored on the file system, including application source code, configuration, and other critical system files. CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVSSv3:
Base Score: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N References:
Vulnerable Software & Versions: (show all )
CVE-2022-4245 suppress
A flaw was found in codehaus-plexus. The org.codehaus.plexus.util.xml.XmlWriterUtil#writeComment fails to sanitize comments for a --> sequence. This issue means that text contained in the command string could be interpreted as XML and allow for XML injection. CWE-611 Improper Restriction of XML External Entity Reference
CVSSv3:
Base Score: MEDIUM (4.3) Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N References:
Vulnerable Software & Versions: (show all )
Description:
Plexus Component "Java 5" Annotations, to describe plexus components properties in java sources with
standard annotations instead of javadoc annotations.
File Path: /home/runner/.m2/repository/org/codehaus/plexus/plexus-component-annotations/2.1.0/plexus-component-annotations-2.1.0.jarMD5: 141fd7a2ae613cb17d25ecd54b43eb3fSHA1: 2f2147a6cc6a119a1b51a96f31d45c557f6244b9SHA256: bde3617ce9b5bcf9584126046080043af6a4b3baea40a3b153f02e7bbc32acac
Evidence Type Source Name Value Confidence Vendor file name plexus-component-annotations High Vendor jar package name annotations Highest Vendor jar package name codehaus Highest Vendor jar package name codehaus Low Vendor jar package name component Highest Vendor jar package name component Low Vendor jar package name plexus Highest Vendor jar package name plexus Low Vendor pom artifactid plexus-component-annotations Low Vendor pom groupid org.codehaus.plexus Highest Vendor pom name Plexus :: Component Annotations High Vendor pom parent-artifactid plexus-containers Low Product file name plexus-component-annotations High Product jar package name annotations Highest Product jar package name annotations Low Product jar package name codehaus Highest Product jar package name component Highest Product jar package name component Low Product jar package name plexus Highest Product jar package name plexus Low Product pom artifactid plexus-component-annotations Highest Product pom groupid org.codehaus.plexus Highest Product pom name Plexus :: Component Annotations High Product pom parent-artifactid plexus-containers Medium Version file version 2.1.0 High Version pom version 2.1.0 Highest
CVE-2022-4244 suppress
A flaw was found in codeplex-codehaus. A directory traversal attack (also known as path traversal) aims to access files and directories stored outside the intended folder. By manipulating files with "dot-dot-slash (../)" sequences and their variations or by using absolute file paths, it may be possible to access arbitrary files and directories stored on the file system, including application source code, configuration, and other critical system files. CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVSSv3:
Base Score: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N References:
Vulnerable Software & Versions: (show all )
CVE-2022-4245 suppress
A flaw was found in codehaus-plexus. The org.codehaus.plexus.util.xml.XmlWriterUtil#writeComment fails to sanitize comments for a --> sequence. This issue means that text contained in the command string could be interpreted as XML and allow for XML injection. CWE-611 Improper Restriction of XML External Entity Reference
CVSSv3:
Base Score: MEDIUM (4.3) Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N References:
Vulnerable Software & Versions: (show all )
File Path: /home/runner/.m2/repository/org/codehaus/plexus/plexus-container-default/1.0-alpha-9-stable-1/plexus-container-default-1.0-alpha-9-stable-1.jarMD5: 99533a9d3e0fa3280cd0bd3426c5f99bSHA1: 94aea3010e250a334d9dab7f591114cd6c767458SHA256: 7c758612888782ccfe376823aee7cdcc7e0cdafb097f7ef50295a0b0c3a16edf
Evidence Type Source Name Value Confidence Vendor file name plexus-container-default High Vendor jar package name codehaus Highest Vendor jar package name codehaus Low Vendor jar package name component Low Vendor jar package name plexus Highest Vendor jar package name plexus Low Vendor pom artifactid plexus-container-default Low Vendor pom groupid org.codehaus.plexus Highest Vendor pom name Default Plexus Container High Vendor pom parent-artifactid plexus-containers Low Product file name plexus-container-default High Product jar package name codehaus Highest Product jar package name component Low Product jar package name plexus Highest Product jar package name plexus Low Product pom artifactid plexus-container-default Highest Product pom groupid org.codehaus.plexus Highest Product pom name Default Plexus Container High Product pom parent-artifactid plexus-containers Medium Version pom parent-version 1.0-alpha-9-stable-1 Low Version pom version 1.0-alpha-9-stable-1 Highest
CVE-2022-4244 suppress
A flaw was found in codeplex-codehaus. A directory traversal attack (also known as path traversal) aims to access files and directories stored outside the intended folder. By manipulating files with "dot-dot-slash (../)" sequences and their variations or by using absolute file paths, it may be possible to access arbitrary files and directories stored on the file system, including application source code, configuration, and other critical system files. CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVSSv3:
Base Score: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N References:
Vulnerable Software & Versions: (show all )
CVE-2022-4245 suppress
A flaw was found in codehaus-plexus. The org.codehaus.plexus.util.xml.XmlWriterUtil#writeComment fails to sanitize comments for a --> sequence. This issue means that text contained in the command string could be interpreted as XML and allow for XML injection. CWE-611 Improper Restriction of XML External Entity Reference
CVSSv3:
Base Score: MEDIUM (4.3) Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N References:
Vulnerable Software & Versions: (show all )
File Path: /home/runner/.m2/repository/org/codehaus/plexus/plexus-interactivity-api/1.1/plexus-interactivity-api-1.1.jarMD5: 24cdc0d6c4a3f37e246c8e4847960e12SHA1: 6a07583dbc56647ae18eb30207a40767d9628840SHA256: 26f701c674180dc5535ed8d7bb4a48e4ed6d4b6a97703420383cd31557c6cdeb
Evidence Type Source Name Value Confidence Vendor file name plexus-interactivity-api High Vendor jar package name codehaus Highest Vendor jar package name interactivity Highest Vendor jar package name plexus Highest Vendor Manifest build-jdk-spec 1.7 Low Vendor pom artifactid plexus-interactivity-api Low Vendor pom groupid org.codehaus.plexus Highest Vendor pom name Plexus Default Interactivity Handler High Vendor pom parent-artifactid plexus-interactivity Low Product file name plexus-interactivity-api High Product jar package name codehaus Highest Product jar package name interactivity Highest Product jar package name plexus Highest Product Manifest build-jdk-spec 1.7 Low Product pom artifactid plexus-interactivity-api Highest Product pom groupid org.codehaus.plexus Highest Product pom name Plexus Default Interactivity Handler High Product pom parent-artifactid plexus-interactivity Medium Version file version 1.1 High Version pom version 1.1 Highest
CVE-2022-4244 suppress
A flaw was found in codeplex-codehaus. A directory traversal attack (also known as path traversal) aims to access files and directories stored outside the intended folder. By manipulating files with "dot-dot-slash (../)" sequences and their variations or by using absolute file paths, it may be possible to access arbitrary files and directories stored on the file system, including application source code, configuration, and other critical system files. CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVSSv3:
Base Score: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N References:
Vulnerable Software & Versions: (show all )
CVE-2022-4245 suppress
A flaw was found in codehaus-plexus. The org.codehaus.plexus.util.xml.XmlWriterUtil#writeComment fails to sanitize comments for a --> sequence. This issue means that text contained in the command string could be interpreted as XML and allow for XML injection. CWE-611 Improper Restriction of XML External Entity Reference
CVSSv3:
Base Score: MEDIUM (4.3) Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N References:
Vulnerable Software & Versions: (show all )
Description:
The Plexus project provides a full software stack for creating and executing software projects. License:
http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /home/runner/.m2/repository/org/codehaus/plexus/plexus-interpolation/1.26/plexus-interpolation-1.26.jar
MD5: 1049ae9f5cd8cf618abf5bc5805e6b94
SHA1: 25b919c664b79795ccde0ede5cee0fd68b544197
SHA256: b3b5412ce17889103ea564bcdfcf9fb3dfa540344ffeac6b538a73c9d7182662
Evidence Type Source Name Value Confidence Vendor file name plexus-interpolation High Vendor jar package name codehaus Highest Vendor jar package name interpolation Highest Vendor jar package name plexus Highest Vendor Manifest bundle-docurl http://codehaus-plexus.github.io/ Low Vendor Manifest bundle-symbolicname org.codehaus.plexus.interpolation Medium Vendor pom artifactid plexus-interpolation Low Vendor pom groupid org.codehaus.plexus Highest Vendor pom name Plexus Interpolation API High Vendor pom parent-artifactid plexus Low Product file name plexus-interpolation High Product jar package name codehaus Highest Product jar package name interpolation Highest Product jar package name plexus Highest Product Manifest bundle-docurl http://codehaus-plexus.github.io/ Low Product Manifest Bundle-Name Plexus Interpolation API Medium Product Manifest bundle-symbolicname org.codehaus.plexus.interpolation Medium Product pom artifactid plexus-interpolation Highest Product pom groupid org.codehaus.plexus Highest Product pom name Plexus Interpolation API High Product pom parent-artifactid plexus Medium Version file version 1.26 High Version pom parent-version 1.26 Low Version pom version 1.26 Highest
CVE-2022-4244 suppress
A flaw was found in codeplex-codehaus. A directory traversal attack (also known as path traversal) aims to access files and directories stored outside the intended folder. By manipulating files with "dot-dot-slash (../)" sequences and their variations or by using absolute file paths, it may be possible to access arbitrary files and directories stored on the file system, including application source code, configuration, and other critical system files. CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVSSv3:
Base Score: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N References:
Vulnerable Software & Versions: (show all )
CVE-2022-4245 suppress
A flaw was found in codehaus-plexus. The org.codehaus.plexus.util.xml.XmlWriterUtil#writeComment fails to sanitize comments for a --> sequence. This issue means that text contained in the command string could be interpreted as XML and allow for XML injection. CWE-611 Improper Restriction of XML External Entity Reference
CVSSv3:
Base Score: MEDIUM (4.3) Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N References:
Vulnerable Software & Versions: (show all )
File Path: /home/runner/.m2/repository/org/sonatype/plexus/plexus-sec-dispatcher/1.4/plexus-sec-dispatcher-1.4.jarMD5: 0a46e5bc9bc2fbd3b68091066aff2737SHA1: 43fde524e9b94c883727a9fddb8669181b890ea7SHA256: da73e32b58132e64daf12269fd9d011c0b303f234840f179908725a632b6b57c
Evidence Type Source Name Value Confidence Vendor file name plexus-sec-dispatcher High Vendor jar package name components Low Vendor jar package name plexus Highest Vendor jar package name plexus Low Vendor jar package name sec Highest Vendor jar package name sonatype Highest Vendor jar package name sonatype Low Vendor pom artifactid plexus-sec-dispatcher Low Vendor pom groupid org.sonatype.plexus Highest Vendor pom name Plexus Security Dispatcher Component High Vendor pom parent-artifactid spice-parent Low Vendor pom parent-groupid org.sonatype.spice Medium Vendor pom url http://spice.sonatype.org/ Highest Vendor pom url http://spice.sonatype.org/${project.artifactId} Highest Product file name plexus-sec-dispatcher High Product jar package name components Low Product jar package name plexus Highest Product jar package name plexus Low Product jar package name sec Highest Product jar package name sec Low Product jar package name sonatype Highest Product pom artifactid plexus-sec-dispatcher Highest Product pom groupid org.sonatype.plexus Highest Product pom name Plexus Security Dispatcher Component High Product pom parent-artifactid spice-parent Medium Product pom parent-groupid org.sonatype.spice Medium Product pom url http://spice.sonatype.org/ Medium Product pom url http://spice.sonatype.org/${project.artifactId} Medium Version file version 1.4 High Version pom parent-version 1.4 Low Version pom version 1.4 Highest
File Path: /home/runner/.m2/repository/org/codehaus/plexus/plexus-sec-dispatcher/2.0/plexus-sec-dispatcher-2.0.jarMD5: e68635a721630177ac70173e441336b6SHA1: f89c5080614ffd0764e49861895dbedde1b47237SHA256: 873139960c4c780176dda580b003a2c4bf82188bdce5bb99234e224ef7acfceb
Evidence Type Source Name Value Confidence Vendor file name plexus-sec-dispatcher High Vendor jar package name plexus Highest Vendor jar package name sec Highest Vendor Manifest build-jdk-spec 1.8 Low Vendor pom artifactid plexus-sec-dispatcher Low Vendor pom groupid org.codehaus.plexus Highest Vendor pom name Plexus Security Dispatcher Component High Vendor pom parent-artifactid plexus Low Product file name plexus-sec-dispatcher High Product jar package name plexus Highest Product jar package name sec Highest Product Manifest build-jdk-spec 1.8 Low Product pom artifactid plexus-sec-dispatcher Highest Product pom groupid org.codehaus.plexus Highest Product pom name Plexus Security Dispatcher Component High Product pom parent-artifactid plexus Medium Version file version 2.0 High Version pom parent-version 2.0 Low Version pom version 2.0 Highest
CVE-2022-4244 suppress
A flaw was found in codeplex-codehaus. A directory traversal attack (also known as path traversal) aims to access files and directories stored outside the intended folder. By manipulating files with "dot-dot-slash (../)" sequences and their variations or by using absolute file paths, it may be possible to access arbitrary files and directories stored on the file system, including application source code, configuration, and other critical system files. CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVSSv3:
Base Score: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N References:
Vulnerable Software & Versions: (show all )
CVE-2022-4245 suppress
A flaw was found in codehaus-plexus. The org.codehaus.plexus.util.xml.XmlWriterUtil#writeComment fails to sanitize comments for a --> sequence. This issue means that text contained in the command string could be interpreted as XML and allow for XML injection. CWE-611 Improper Restriction of XML External Entity Reference
CVSSv3:
Base Score: MEDIUM (4.3) Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N References:
Vulnerable Software & Versions: (show all )
Description:
A collection of various utility classes to ease working with strings, files, command lines, XML and
more.
File Path: /home/runner/.m2/repository/org/codehaus/plexus/plexus-utils/3.5.1/plexus-utils-3.5.1.jarMD5: cdec471a77f52e687d0df4c43f392a71SHA1: c6bfb17c97ecc8863e88778ea301be742c62b06dSHA256: 86e0255d4c879c61b4833ed7f13124e8bb679df47debb127326e7db7dd49a07b
Evidence Type Source Name Value Confidence Vendor file name plexus-utils High Vendor jar package name codehaus Highest Vendor jar package name org Highest Vendor jar package name plexus Highest Vendor jar package name xml Highest Vendor Manifest build-jdk-spec 11 Low Vendor Manifest multi-release true Low Vendor pom artifactid plexus-utils Low Vendor pom groupid org.codehaus.plexus Highest Vendor pom name Plexus Common Utilities High Vendor pom parent-artifactid plexus Low Product file name plexus-utils High Product jar package name 11 Highest Product jar package name codehaus Highest Product jar package name org Highest Product jar package name plexus Highest Product jar package name xml Highest Product Manifest build-jdk-spec 11 Low Product Manifest multi-release true Low Product pom artifactid plexus-utils Highest Product pom groupid org.codehaus.plexus Highest Product pom name Plexus Common Utilities High Product pom parent-artifactid plexus Medium Version file version 3.5.1 High Version pom parent-version 3.5.1 Low Version pom version 3.5.1 Highest
Description:
A sane Clojure API for Maven Artifact Resolver + dynamic runtime modification of the classpath License:
Eclipse Public License: http://www.eclipse.org/legal/epl-v10.html File Path: /home/runner/.m2/repository/clj-commons/pomegranate/1.2.23/pomegranate-1.2.23.jar
MD5: 0ea797eec8196c0335d736b4ca5aefcd
SHA1: 8a49db1a2af34006cf243ae1e75aae38042b37a0
SHA256: d1afcc440a3a742bc10e4bb55510a4cb6b24eed31dc61617998ab83e4ee1683d
Evidence Type Source Name Value Confidence Vendor file name pomegranate High Vendor Manifest build-jdk-spec 11 Low Vendor pom artifactid pomegranate Low Vendor pom developer email cemerick@snowtide.com Low Vendor pom developer name Chas Emerick Medium Vendor pom groupid clj-commons Highest Vendor pom name pomegranate High Vendor pom url clj-commons/pomegranate Highest Product file name pomegranate High Product Manifest build-jdk-spec 11 Low Product pom artifactid pomegranate Highest Product pom developer email cemerick@snowtide.com Low Product pom developer name Chas Emerick Low Product pom groupid clj-commons Highest Product pom name pomegranate High Product pom url clj-commons/pomegranate High Version file version 1.2.23 High Version pom version 1.2.23 Highest
Description:
A micro-library for Clojure that provides first class support for named-capturing groups in regular expressions. License:
Apache-2.0: http://www.apache.org/licenses/LICENSE-2.0.html File Path: /home/runner/.m2/repository/com/github/pmonks/rencg/1.0.34/rencg-1.0.34.jar
MD5: 5d0dd6a9dd68c9307e0acf0a54e380e7
SHA1: 68cef55ad7c6cc3ac4149b3ac05ab15ccfd65755
SHA256: 542310b5862368809b238b3d15c9b04eb21d1b44c79750beee14de11bb48a5f6
Evidence Type Source Name Value Confidence Vendor file name rencg High Vendor Manifest build-jdk-spec 17 Low Vendor pom artifactid rencg Low Vendor pom developer email pmonks+rencg@gmail.com Low Vendor pom developer id pmonks Medium Vendor pom developer name Peter Monks Medium Vendor pom groupid com.github.pmonks Highest Vendor pom name rencg High Vendor pom url pmonks/rencg Highest Product file name rencg High Product Manifest build-jdk-spec 17 Low Product pom artifactid rencg Highest Product pom developer email pmonks+rencg@gmail.com Low Product pom developer id pmonks Low Product pom developer name Peter Monks Low Product pom groupid com.github.pmonks Highest Product pom name rencg High Product pom url pmonks/rencg High Version file version 1.0.34 High Version pom version 1.0.34 Highest
Description:
Rewrite Clojure code and edn License:
The MIT License: http://opensource.org/licenses/MIT File Path: /home/runner/.m2/repository/rewrite-clj/rewrite-clj/1.1.47/rewrite-clj-1.1.47.jar
MD5: fd05ec0ff35600634b0b0c3be68e28e8
SHA1: a3b7a24e72662f55126da4ee4711afedfcf40f10
SHA256: ffa43568c21d8ccec0d5da5a07464c533a173728bbc994132f7e42b3c588eb5e
Evidence Type Source Name Value Confidence Vendor file name rewrite-clj High Vendor Manifest build-jdk-spec 11 Low Vendor pom artifactid rewrite-clj Low Vendor pom groupid rewrite-clj Highest Vendor pom name rewrite-clj High Vendor pom url clj-commons/rewrite-clj Highest Product file name rewrite-clj High Product Manifest build-jdk-spec 11 Low Product pom artifactid rewrite-clj Highest Product pom groupid rewrite-clj Highest Product pom name rewrite-clj High Product pom url clj-commons/rewrite-clj High Version file version 1.1.47 High Version pom version 1.1.47 Highest
File Path: /home/runner/.m2/repository/com/github/liquidz/rewrite-indented/0.2.36/rewrite-indented-0.2.36.jarMD5: b88bffaa06cf810410846b3e9c725adcSHA1: 50bf369fedd688796b7b2330bbac4f5469dd344fSHA256: 1b753b6e92f566d04defcd7bc92d587525630fbc75ba46b476fb357d4f241e1e
Evidence Type Source Name Value Confidence Vendor file name rewrite-indented High Vendor Manifest build-jdk-spec 11 Low Vendor pom artifactid rewrite-indented Low Vendor pom groupid com.github.liquidz Highest Vendor pom name rewrite-indented High Product file name rewrite-indented High Product Manifest build-jdk-spec 11 Low Product pom artifactid rewrite-indented Highest Product pom groupid com.github.liquidz Highest Product pom name rewrite-indented High Version file version 0.2.36 High Version pom version 0.2.36 Highest
Description:
Rhino is an open-source implementation of JavaScript written entirely in Java. It is typically
embedded into Java applications to provide scripting to end users.
License:
Mozilla Public License, Version 2.0: http://www.mozilla.org/MPL/2.0/index.txt File Path: /home/runner/.m2/repository/org/mozilla/rhino/1.7R5/rhino-1.7R5.jar
MD5: 515233bd8a534c0468f6e397fc6b1925
SHA1: 95f0003cea7ebf26aef5ed64c77c05fcd1ff9648
SHA256: e00e09a71abc4677e17dd8d42b0755b59a9e9ab09b60fd8b1abb45e4c80409c0
Evidence Type Source Name Value Confidence Vendor file name rhino High Vendor jar package name javascript Highest Vendor jar package name mozilla Highest Vendor Manifest implementation-url http://www.mozilla.org/rhino Low Vendor Manifest Implementation-Vendor Mozilla Foundation High Vendor pom artifactid rhino Low Vendor pom groupid org.mozilla Highest Vendor pom name Mozilla Rhino High Vendor pom organization name The Mozilla Foundation High Vendor pom organization url http://www.mozilla.org Medium Vendor pom url https://developer.mozilla.org/en/Rhino Highest Product file name rhino High Product jar package name javascript Highest Product jar package name mozilla Highest Product Manifest Implementation-Title Mozilla Rhino 1.7R5 High Product Manifest implementation-url http://www.mozilla.org/rhino Low Product pom artifactid rhino Highest Product pom groupid org.mozilla Highest Product pom name Mozilla Rhino High Product pom organization name The Mozilla Foundation Low Product pom organization url http://www.mozilla.org Low Product pom url https://developer.mozilla.org/en/Rhino Medium Version Manifest Implementation-Version 1.7R5 High Version pom version 1.7R5 Highest
Description:
s3 resources for com.cognitect.aws/api License:
The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /home/runner/.m2/repository/com/cognitect/aws/s3/848.2.1413.0/s3-848.2.1413.0.jar
MD5: 8252ce8431f7eb0cf5f96212deb3075d
SHA1: 7e226e5d94e3db408da269f9ee9a14424c09237d
SHA256: 43227bda5ec8d3c76dcf166a0710c19aa1e2ab66ee5a1aae6590521c89edd35c
Evidence Type Source Name Value Confidence Vendor file name s3 High Vendor Manifest build-jdk-spec 11 Low Vendor pom artifactid s3 Low Vendor pom developer email labs@cognitect.com Low Vendor pom developer name Cognitect Medium Vendor pom developer org Cognitect Medium Vendor pom developer org URL http://cognitect.com Medium Vendor pom groupid com.cognitect.aws Highest Vendor pom name s3 High Vendor pom url http://github.com/cognitect-labs/aws-api Highest Product file name s3 High Product Manifest build-jdk-spec 11 Low Product pom artifactid s3 Highest Product pom developer email labs@cognitect.com Low Product pom developer name Cognitect Low Product pom developer org Cognitect Low Product pom developer org URL http://cognitect.com Low Product pom groupid com.cognitect.aws Highest Product pom name s3 High Product pom url http://github.com/cognitect-labs/aws-api Medium Version file version 848.2.1413.0 High Version pom version 848.2.1413.0 Highest
Description:
Deploy and consume artifacts in private S3 repositories. License:
The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /home/runner/.m2/repository/s3-wagon-private/s3-wagon-private/1.3.5/s3-wagon-private-1.3.5.jar
MD5: 039cc1f89507f25a069b06554007b681
SHA1: 09f74515fd208e70bed995eb9acd4f91285f6e96
SHA256: c17593c220292c03f78977a5b3bcf5826a2b94e6a21d346ecd3cc5ad92954008
Evidence Type Source Name Value Confidence Vendor file name s3-wagon-private High Vendor jar package name aws Low Vendor jar package name build Low Vendor jar package name springframework Low Vendor pom artifactid s3-wagon-private Low Vendor pom groupid s3-wagon-private Highest Vendor pom url s3-wagon-private/s3-wagon-private Highest Product file name s3-wagon-private High Product jar package name aws Low Product jar package name build Low Product jar package name maven Low Product pom artifactid s3-wagon-private Highest Product pom groupid s3-wagon-private Highest Product pom url s3-wagon-private/s3-wagon-private High Version file version 1.3.5 High Version pom version 1.3.5 Highest
Description:
Small Clojure Interpreter License:
Eclipse Public License 1.0: http://opensource.org/licenses/eclipse-1.0.php File Path: /home/runner/.m2/repository/org/babashka/sci/0.8.41/sci-0.8.41.jar
MD5: 7260bea247f92eacce2a234421aaf0ef
SHA1: e8d59dc588a1e1f0c62c21fb47c093eeed043f04
SHA256: dc709eedc2b9e33c3ca633ead7a0bd1a9a9d85f7cf4119e4c27601ed06121bd2
Evidence Type Source Name Value Confidence Vendor file name sci High Vendor jar package name sci Highest Vendor Manifest leiningen-project-artifactid sci Low Vendor pom artifactid sci Low Vendor pom groupid org.babashka Highest Vendor pom name sci High Vendor pom url babashka/SCI Highest Product file name sci High Product jar package name sci Highest Product Manifest leiningen-project-artifactid sci Low Product pom artifactid sci Highest Product pom groupid org.babashka Highest Product pom name sci High Product pom url babashka/SCI High Version file version 0.8.41 High Version Manifest leiningen-project-version 0.8.41 Medium Version pom version 0.8.41 Highest
File Path: /home/runner/.m2/repository/borkdude/sci.impl.reflector/0.0.1/sci.impl.reflector-0.0.1.jarMD5: f51e21c149a8a7352f3de0460f4dc528SHA1: 33dfc86102e0ea400498cbca47572459c1c43b00SHA256: 7cba6ea8d7d48f5644c90d16be17e309971dd8e9841ebb920f80fd8964edaf28
Evidence Type Source Name Value Confidence Vendor file name sci.impl.reflector High Vendor jar package name impl Highest Vendor jar package name reflector Highest Vendor jar package name sci Highest Vendor Manifest leiningen-project-groupid borkdude Low Vendor pom artifactid sci.impl.reflector Low Vendor pom groupid borkdude Highest Vendor pom name sci.impl.reflector High Product file name sci.impl.reflector High Product jar package name impl Highest Product jar package name reflector Highest Product jar package name sci Highest Product Manifest leiningen-project-groupid borkdude Low Product pom artifactid sci.impl.reflector Highest Product pom groupid borkdude Highest Product pom name sci.impl.reflector High Version file version 0.0.1 High Version Manifest leiningen-project-version 0.0.1 Medium Version pom version 0.0.1 Highest
File Path: /home/runner/.m2/repository/org/babashka/sci.impl.types/0.0.2/sci.impl.types-0.0.2.jarMD5: d79e8ce3fc1c58d414e1abd16a0cccb8SHA1: 45a05ece33609c3ad26a6ea4e05130560da82306SHA256: 86fc738de20e9330b7471958ae2286a7d9b7de3d7c69be38bb76b21c02c69c5f
Evidence Type Source Name Value Confidence Vendor file name sci.impl.types High Vendor jar package name impl Highest Vendor jar package name sci Highest Vendor jar package name types Highest Vendor Manifest build-jdk-spec 17 Low Vendor pom artifactid sci.impl.types Low Vendor pom groupid org.babashka Highest Vendor pom name sci.impl.types High Product file name sci.impl.types High Product jar package name impl Highest Product jar package name sci Highest Product jar package name types Highest Product Manifest build-jdk-spec 17 Low Product pom artifactid sci.impl.types Highest Product pom groupid org.babashka Highest Product pom name sci.impl.types High Version file version 0.0.2 High Version pom version 0.0.2 Highest
Description:
The slf4j API License:
http://www.opensource.org/licenses/mit-license.php File Path: /home/runner/.m2/repository/org/slf4j/slf4j-api/2.0.9/slf4j-api-2.0.9.jar
MD5: 45630e54b0f0ac2b3c80462515ad8fda
SHA1: 7cf2726fdcfbc8610f9a71fb3ed639871f315340
SHA256: 0818930dc8d7debb403204611691da58e49d42c50b6ffcfdce02dadb7c3c2b6c
Evidence Type Source Name Value Confidence Vendor file name slf4j-api High Vendor jar package name slf4j Highest Vendor Manifest build-jdk-spec 20 Low Vendor Manifest bundle-docurl http://www.slf4j.org Low Vendor Manifest bundle-symbolicname slf4j.api Medium Vendor Manifest multi-release true Low Vendor pom artifactid slf4j-api Low Vendor pom groupid org.slf4j Highest Vendor pom name SLF4J API Module High Vendor pom parent-artifactid slf4j-parent Low Vendor pom url http://www.slf4j.org Highest Product file name slf4j-api High Product jar package name slf4j Highest Product Manifest build-jdk-spec 20 Low Product Manifest bundle-docurl http://www.slf4j.org Low Product Manifest Bundle-Name SLF4J API Module Medium Product Manifest bundle-symbolicname slf4j.api Medium Product Manifest Implementation-Title slf4j-api High Product Manifest multi-release true Low Product pom artifactid slf4j-api Highest Product pom groupid org.slf4j Highest Product pom name SLF4J API Module High Product pom parent-artifactid slf4j-parent Medium Product pom url http://www.slf4j.org Medium Version file version 2.0.9 High Version Manifest Bundle-Version 2.0.9 High Version Manifest Implementation-Version 2.0.9 High Version pom version 2.0.9 Highest
Description:
YAML 1.1 parser and emitter for Java License:
Apache License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /home/runner/.m2/repository/org/yaml/snakeyaml/2.1/snakeyaml-2.1.jar
MD5: 33cc7f2b24873e9d8af5d78a0b09bdc1
SHA1: c79f47315517560b5bd6a62376ee385e48105437
SHA256: 69a4537045ddbcaed4c68eef074462eb12d324d7953f62c5ecd35df645e8aec9
Evidence Type Source Name Value Confidence Vendor file name snakeyaml High Vendor jar package name emitter Highest Vendor jar package name org Highest Vendor jar package name parser Highest Vendor jar package name snakeyaml Highest Vendor jar package name yaml Highest Vendor Manifest build-jdk-spec 11 Low Vendor Manifest bundle-symbolicname org.yaml.snakeyaml Medium Vendor Manifest multi-release true Low Vendor pom artifactid snakeyaml Low Vendor pom developer email alexander.maslov@gmail.com Low Vendor pom developer email public.somov@gmail.com Low Vendor pom developer id asomov Medium Vendor pom developer id maslovalex Medium Vendor pom developer name Alexander Maslov Medium Vendor pom developer name Andrey Somov Medium Vendor pom groupid org.yaml Highest Vendor pom name SnakeYAML High Vendor pom url https://bitbucket.org/snakeyaml/snakeyaml Highest Product file name snakeyaml High Product jar package name emitter Highest Product jar package name org Highest Product jar package name parser Highest Product jar package name snakeyaml Highest Product jar package name yaml Highest Product Manifest build-jdk-spec 11 Low Product Manifest Bundle-Name SnakeYAML Medium Product Manifest bundle-symbolicname org.yaml.snakeyaml Medium Product Manifest multi-release true Low Product pom artifactid snakeyaml Highest Product pom developer email alexander.maslov@gmail.com Low Product pom developer email public.somov@gmail.com Low Product pom developer id asomov Low Product pom developer id maslovalex Low Product pom developer name Alexander Maslov Low Product pom developer name Andrey Somov Low Product pom groupid org.yaml Highest Product pom name SnakeYAML High Product pom url https://bitbucket.org/snakeyaml/snakeyaml Medium Version file version 2.1 High Version pom version 2.1 Highest
Description:
Specification of data and functions License:
Eclipse Public License 1.0: http://opensource.org/licenses/eclipse-1.0.php File Path: /home/runner/.m2/repository/org/clojure/spec.alpha/0.3.218/spec.alpha-0.3.218.jar
MD5: ecdbb58e7a95163c1369ef9fa054013d
SHA1: a7dad492f8d6cf657d82dcd6b31bda0899f1ac0e
SHA256: 67ec898eb55c66a957a55279dd85d1376bb994bd87668b2b0de1eb3b97e8aae0
Evidence Type Source Name Value Confidence Vendor file name spec.alpha High Vendor jar package name alpha Highest Vendor jar package name clojure Highest Vendor jar package name clojure Low Vendor jar package name spec Highest Vendor jar package name spec Low Vendor pom artifactid spec.alpha Low Vendor pom developer id richhickey Medium Vendor pom developer name Rich Hickey Medium Vendor pom groupid org.clojure Highest Vendor pom name spec.alpha High Vendor pom parent-artifactid pom.contrib Low Product file name spec.alpha High Product jar package name alpha Highest Product jar package name clojure Highest Product jar package name spec Highest Product jar package name spec Low Product pom artifactid spec.alpha Highest Product pom developer id richhickey Low Product pom developer name Rich Hickey Low Product pom groupid org.clojure Highest Product pom name spec.alpha High Product pom parent-artifactid pom.contrib Medium Version file version 0.3.218 High Version pom parent-version 0.3.218 Low Version pom version 0.3.218 Highest
Description:
TagSoup is a SAX-compliant parser written in Java that, instead of parsing well-formed or valid XML, parses HTML as it is found in the wild: poor, nasty and brutish, though quite often far from short. TagSoup is designed for people who have to process this stuff using some semblance of a rational application design. By providing a SAX interface, it allows standard XML tools to be applied to even the worst HTML. TagSoup also includes a command-line processor that reads HTML files and can generate either clean HTML or well-formed XML that is a close approximation to XHTML. License:
Apache License 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /home/runner/.m2/repository/org/ccil/cowan/tagsoup/tagsoup/1.2.1/tagsoup-1.2.1.jar
MD5: ae73a52cdcbec10cd61d9ef22fab5936
SHA1: 5584627487e984c03456266d3f8802eb85a9ce97
SHA256: ac97f7b4b1d8e9337edfa0e34044f8d0efe7223f6ad8f3a85d54cc1018ea2e04
Evidence Type Source Name Value Confidence Vendor file name tagsoup High Vendor jar package name ccil Highest Vendor jar package name cowan Highest Vendor jar package name parser Highest Vendor jar package name tagsoup Highest Vendor pom artifactid tagsoup Low Vendor pom developer name John Cowan Medium Vendor pom groupid org.ccil.cowan.tagsoup Highest Vendor pom name TagSoup High Vendor pom url http://home.ccil.org/~cowan/XML/tagsoup/ Highest Product file name tagsoup High Product jar package name ccil Highest Product jar package name cowan Highest Product jar package name parser Highest Product jar package name tagsoup Highest Product pom artifactid tagsoup Highest Product pom developer name John Cowan Low Product pom groupid org.ccil.cowan.tagsoup Highest Product pom name TagSoup High Product pom url http://home.ccil.org/~cowan/XML/tagsoup/ Medium Version file version 1.2.1 High Version Manifest version 1.2.1 Medium Version pom version 1.2.1 Highest
Description:
Stream-to-stream JSON string encoding License:
Eclipse Public License: http://www.eclipse.org/legal/epl-v10.html File Path: /home/runner/.m2/repository/tigris/tigris/0.1.2/tigris-0.1.2.jar
MD5: 5f33b5d6ca167cc92fb782b7d876262c
SHA1: a122db758561d995a83cbb40f252b64d8b0f506e
SHA256: 49aa648edb6c14e57095a11b391eaee606578323fb79755f92331ac6300f97a0
Evidence Type Source Name Value Confidence Vendor file name tigris High Vendor jar package name tigris Highest Vendor jar package name tigris Low Vendor jar package name writequit Low Vendor pom artifactid tigris Low Vendor pom groupid tigris Highest Vendor pom name tigris High Vendor pom url dakrone/tigris Highest Product file name tigris High Product jar package name jsonstringescapinginputstream Low Product jar package name tigris Highest Product jar package name tigris Low Product pom artifactid tigris Highest Product pom groupid tigris Highest Product pom name tigris High Product pom url dakrone/tigris High Version file version 0.1.2 High Version pom version 0.1.2 Highest
Description:
Convenience fns for tools.build scripts License:
Apache License 2.0: http://www.apache.org/licenses/LICENSE-2.0.html File Path: /home/runner/.m2/repository/com/github/pmonks/tools-convenience/1.0.142/tools-convenience-1.0.142.jar
MD5: 6b62c5c5b46df7e44f367b69c5ba8ecf
SHA1: 80c16ce1b9ecb8de1b3654566a6a31a9b5ce36f9
SHA256: 5e426e4b48b6b1b3af8ce7aaa8aba3a93adeb521b00629647f08e29f89e8d5ff
Evidence Type Source Name Value Confidence Vendor file name tools-convenience High Vendor Manifest build-jdk-spec 17 Low Vendor pom artifactid tools-convenience Low Vendor pom developer email pmonks+tools-convenience@gmail.com Low Vendor pom developer id pmonks Medium Vendor pom developer name Peter Monks Medium Vendor pom groupid com.github.pmonks Highest Vendor pom name tools-convenience High Vendor pom url pmonks/tools-convenience Highest Product file name tools-convenience High Product Manifest build-jdk-spec 17 Low Product pom artifactid tools-convenience Highest Product pom developer email pmonks+tools-convenience@gmail.com Low Product pom developer id pmonks Low Product pom developer name Peter Monks Low Product pom groupid com.github.pmonks Highest Product pom name tools-convenience High Product pom url pmonks/tools-convenience High Version file version 1.0.142 High Version pom version 1.0.142 Highest
Description:
A Clojure tools.build task library related to dependency licenses. License:
Apache License 2.0: http://www.apache.org/licenses/LICENSE-2.0.html File Path: /home/runner/.m2/repository/com/github/pmonks/tools-licenses/2.0.188/tools-licenses-2.0.188.jar
MD5: 75f3fcb4632da435f654e70bafe65969
SHA1: 109badf026d5f0d65af66826a623a0bd182f5136
SHA256: 2c3bef41dd624669e1b07474ebf999b8ca65a82fda6653bf641f16c9dc4d82ae
Evidence Type Source Name Value Confidence Vendor file name tools-licenses High Vendor Manifest build-jdk-spec 21 Low Vendor pom artifactid tools-licenses Low Vendor pom developer email pmonks+tools-licenses@gmail.com Low Vendor pom developer id pmonks Medium Vendor pom developer name Peter Monks Medium Vendor pom groupid com.github.pmonks Highest Vendor pom name tools-licenses High Vendor pom url pmonks/tools-licenses Highest Product file name tools-licenses High Product Manifest build-jdk-spec 21 Low Product pom artifactid tools-licenses Highest Product pom developer email pmonks+tools-licenses@gmail.com Low Product pom developer id pmonks Low Product pom developer name Peter Monks Low Product pom groupid com.github.pmonks Highest Product pom name tools-licenses High Product pom url pmonks/tools-licenses High Version file version 2.0.188 High Version pom version 2.0.188 Highest
Description:
A Clojure tools.build task library related to the generation of comprehensive pom.xml files. License:
Apache License 2.0: http://www.apache.org/licenses/LICENSE-2.0.html File Path: /home/runner/.m2/repository/com/github/pmonks/tools-pom/1.0.127/tools-pom-1.0.127.jar
MD5: 7b01e7e282218cb45208a4981fab91a5
SHA1: 92f757caa8fc8810e6a4017d90a215d929bad74f
SHA256: 1b60b49d4016299aefa2b027cc0e6a0f42544bff616d34142e1a8605937b03f8
Evidence Type Source Name Value Confidence Vendor file name tools-pom High Vendor Manifest build-jdk-spec 17 Low Vendor pom artifactid tools-pom Low Vendor pom developer email pmonks+tools-pom@gmail.com Low Vendor pom developer id pmonks Medium Vendor pom developer name Peter Monks Medium Vendor pom groupid com.github.pmonks Highest Vendor pom name tools-pom High Vendor pom url pmonks/tools-pom Highest Product file name tools-pom High Product Manifest build-jdk-spec 17 Low Product pom artifactid tools-pom Highest Product pom developer email pmonks+tools-pom@gmail.com Low Product pom developer id pmonks Low Product pom developer name Peter Monks Low Product pom groupid com.github.pmonks Highest Product pom name tools-pom High Product pom url pmonks/tools-pom High Version file version 1.0.127 High Version pom version 1.0.127 Highest
Description:
An analyzer for Clojure code, written in Clojure and producing AST in EDN File Path: /home/runner/.m2/repository/org/clojure/tools.analyzer/1.1.1/tools.analyzer-1.1.1.jarMD5: 503187a6e4780e300faaf27d0a59eef4SHA1: 0a167e7bafea9a0caf789e8837f807f97bc8caa4SHA256: eba167fca1179fb156a8e38bdc2e9d49dff491e5150965b54839b952fceed060
Evidence Type Source Name Value Confidence Vendor file name tools.analyzer High Vendor pom artifactid tools.analyzer Low Vendor pom developer id bronsa Medium Vendor pom developer name Nicola Mometto Medium Vendor pom groupid org.clojure Highest Vendor pom name tools.analyzer High Vendor pom parent-artifactid pom.contrib Low Product file name tools.analyzer High Product pom artifactid tools.analyzer Highest Product pom developer id bronsa Low Product pom developer name Nicola Mometto Low Product pom groupid org.clojure Highest Product pom name tools.analyzer High Product pom parent-artifactid pom.contrib Medium Version file version 1.1.1 High Version pom parent-version 1.1.1 Low Version pom version 1.1.1 Highest
Description:
Additional jvm-specific passes for tools.analyzer File Path: /home/runner/.m2/repository/org/clojure/tools.analyzer.jvm/1.2.3/tools.analyzer.jvm-1.2.3.jarMD5: bbbea9f2e9799e4223eb314dbde358c7SHA1: 5ea70a6c4cb1c36b30b05a4fa7d00adbc30fa260SHA256: 86332ef629ede50e1ad910dfb835e4cf3427073cfab2907e52b9ab2fb2f61416
Evidence Type Source Name Value Confidence Vendor file name tools.analyzer.jvm High Vendor pom artifactid tools.analyzer.jvm Low Vendor pom developer id bronsa Medium Vendor pom developer name Nicola Mometto Medium Vendor pom groupid org.clojure Highest Vendor pom name tools.analyzer.jvm High Vendor pom parent-artifactid pom.contrib Low Product file name tools.analyzer.jvm High Product pom artifactid tools.analyzer.jvm Highest Product pom developer id bronsa Low Product pom developer name Nicola Mometto Low Product pom groupid org.clojure Highest Product pom name tools.analyzer.jvm High Product pom parent-artifactid pom.contrib Medium Version file version 1.2.3 High Version pom parent-version 1.2.3 Low Version pom version 1.2.3 Highest
File Path: /home/runner/.m2/repository/io/github/clojure/tools.build/0.9.6/tools.build-0.9.6.jarMD5: a2b756c95e9011c92669e8992c64fe99SHA1: 61acd8e18bdc07f2354e0db457e7ae768909ee70SHA256: 66d835464dc23b3880c98358c00bed09593b918c0657aa343348a23278a43fc7
Evidence Type Source Name Value Confidence Vendor file name tools.build High Vendor pom artifactid tools.build Low Vendor pom developer id puredanger Medium Vendor pom developer name Alex Miller Medium Vendor pom groupid io.github.clojure Highest Vendor pom name tools.build High Vendor pom parent-artifactid pom.contrib Low Vendor pom parent-groupid org.clojure Medium Product file name tools.build High Product pom artifactid tools.build Highest Product pom developer id puredanger Low Product pom developer name Alex Miller Low Product pom groupid io.github.clojure Highest Product pom name tools.build High Product pom parent-artifactid pom.contrib Medium Product pom parent-groupid org.clojure Medium Version file version 0.9.6 High Version pom parent-version 0.9.6 Low Version pom version 0.9.6 Highest
File Path: /home/runner/.m2/repository/org/clojure/tools.cli/1.0.219/tools.cli-1.0.219.jarMD5: 7180fc6693e18d9bdc6c79284576161eSHA1: 013fa3bcc0a19deb4f7ad79ea2c9c879012f7018SHA256: 946003ac2f2288e0c0c58861624df3ef98111c9e8877eb401ca528cc377f97a9
Evidence Type Source Name Value Confidence Vendor file name tools.cli High Vendor pom artifactid tools.cli Low Vendor pom developer name Gareth Jones Medium Vendor pom developer name Sean Corfield Medium Vendor pom developer name Sung Pae Medium Vendor pom groupid org.clojure Highest Vendor pom name tools.cli High Vendor pom parent-artifactid pom.contrib Low Product file name tools.cli High Product pom artifactid tools.cli Highest Product pom developer name Gareth Jones Low Product pom developer name Sean Corfield Low Product pom developer name Sung Pae Low Product pom groupid org.clojure Highest Product pom name tools.cli High Product pom parent-artifactid pom.contrib Medium Version file version 1.0.219 High Version pom parent-version 1.0.219 Low Version pom version 1.0.219 Highest
File Path: /home/runner/.m2/repository/org/clojure/tools.deps/0.18.1374/tools.deps-0.18.1374.jarMD5: a0f3ab00c9b2f7d7ae2a0671dd6ec150SHA1: 21edb4fbb654a5b86a5c631ba6fe2b84d1075390SHA256: fe4803e274743dc20d49fe0eb4925cd4d32260bef7a8709aade9ed27137548ae
Evidence Type Source Name Value Confidence Vendor file name tools.deps High Vendor jar package name clojure Highest Vendor jar package name clojure Low Vendor jar package name deps Highest Vendor jar package name deps Low Vendor jar package name tools Highest Vendor jar package name tools Low Vendor pom artifactid tools.deps Low Vendor pom developer id puredanger Medium Vendor pom developer name Alex Miller Medium Vendor pom groupid org.clojure Highest Vendor pom name tools.deps High Vendor pom parent-artifactid pom.contrib Low Product file name tools.deps High Product jar package name clojure Highest Product jar package name deps Highest Product jar package name deps Low Product jar package name tools Highest Product jar package name tools Low Product jar package name util Low Product pom artifactid tools.deps Highest Product pom developer id puredanger Low Product pom developer name Alex Miller Low Product pom groupid org.clojure Highest Product pom name tools.deps High Product pom parent-artifactid pom.contrib Medium Version file version 0.18.1374 High Version pom parent-version 0.18.1374 Low Version pom version 0.18.1374 Highest
File Path: /home/runner/.m2/repository/org/clojure/tools.gitlibs/2.5.197/tools.gitlibs-2.5.197.jarMD5: 4bf42bf7541a445e7083f5c7477b9e9eSHA1: d381e5ef0b6312e229a340dc1c5f90217920e8a1SHA256: 260fe1ba0669d9ed318a2ead26424c734e4d1ff11fab90f5fb33b89f99032886
Evidence Type Source Name Value Confidence Vendor file name tools.gitlibs High Vendor pom artifactid tools.gitlibs Low Vendor pom developer id puredanger Medium Vendor pom developer name Alex Miller Medium Vendor pom groupid org.clojure Highest Vendor pom name tools.gitlibs High Vendor pom parent-artifactid pom.contrib Low Product file name tools.gitlibs High Product pom artifactid tools.gitlibs Highest Product pom developer id puredanger Low Product pom developer name Alex Miller Low Product pom groupid org.clojure Highest Product pom name tools.gitlibs High Product pom parent-artifactid pom.contrib Medium Version file version 2.5.197 High Version pom parent-version 2.5.197 Low Version pom version 2.5.197 Highest
File Path: /home/runner/.m2/repository/org/clojure/tools.logging/1.2.4/tools.logging-1.2.4.jarMD5: 0c96fb5aa6fc3a19e3a8fd9456968780SHA1: 3a85764aa30c434a5b0375a2ee72924aa040fa66SHA256: 46fe0a3cd0234980be7fed8e437b1de107beaea4953194be8f71ba3b048f1929
Evidence Type Source Name Value Confidence Vendor file name tools.logging High Vendor pom artifactid tools.logging Low Vendor pom developer name Alex Taggart Medium Vendor pom groupid org.clojure Highest Vendor pom name tools.logging High Vendor pom parent-artifactid pom.contrib Low Product file name tools.logging High Product pom artifactid tools.logging Highest Product pom developer name Alex Taggart Low Product pom groupid org.clojure Highest Product pom name tools.logging High Product pom parent-artifactid pom.contrib Medium Version file version 1.2.4 High Version pom parent-version 1.2.4 Low Version pom version 1.2.4 Highest
File Path: /home/runner/.m2/repository/org/clojure/tools.namespace/1.4.4/tools.namespace-1.4.4.jarMD5: da2a1c4ddd1a8aef9a70355339ef3fbdSHA1: ba1078e3fe6ebc33119a7c09722afa9f708aef1fSHA256: 047868fd64d54cb0976b82a5452b80373dedd30a300bbb55ce339418abd86305
Evidence Type Source Name Value Confidence Vendor file name tools.namespace High Vendor pom artifactid tools.namespace Low Vendor pom developer name Stuart Sierra Medium Vendor pom groupid org.clojure Highest Vendor pom name tools.namespace High Vendor pom parent-artifactid pom.contrib Low Product file name tools.namespace High Product pom artifactid tools.namespace Highest Product pom developer name Stuart Sierra Low Product pom groupid org.clojure Highest Product pom name tools.namespace High Product pom parent-artifactid pom.contrib Medium Version file version 1.4.4 High Version pom parent-version 1.4.4 Low Version pom version 1.4.4 Highest
Description:
A Clojure reader in Clojure License:
Eclipse Public License 1.0: http://opensource.org/licenses/eclipse-1.0.php File Path: /home/runner/.m2/repository/org/clojure/tools.reader/1.3.6/tools.reader-1.3.6.jar
MD5: 352308dd69677e1354f81ce61647139d
SHA1: 927809dcb44fa726e4969d993e3e733636d95ebb
SHA256: 11d1b31f2c65c3355b292bb9b44b8fcafda54b44da63e34ab97b79a8ab3bb8e0
Evidence Type Source Name Value Confidence Vendor file name tools.reader High Vendor pom artifactid tools.reader Low Vendor pom developer id Bronsa Medium Vendor pom developer name Nicola Mometto Medium Vendor pom groupid org.clojure Highest Vendor pom name tools.reader High Vendor pom parent-artifactid pom.contrib Low Vendor pom url clojure/tools.reader Highest Product file name tools.reader High Product pom artifactid tools.reader Highest Product pom developer id Bronsa Low Product pom developer name Nicola Mometto Low Product pom groupid org.clojure Highest Product pom name tools.reader High Product pom parent-artifactid pom.contrib Medium Product pom url clojure/tools.reader High Version file version 1.3.6 High Version pom parent-version 1.3.6 Low Version pom version 1.3.6 Highest
Description:
Transit is a data format and a set of libraries for conveying
values between applications written in different languages. This library
provides support for marshalling Transit data to/from Clojure.
License:
The Apache Software License, Version 2.0: https://www.apache.org/licenses/LICENSE-2.0.txt File Path: /home/runner/.m2/repository/com/cognitect/transit-clj/1.0.333/transit-clj-1.0.333.jar
MD5: b77d16cf549c6e6ab582f3bc63a1df75
SHA1: 2f14ebfebb1d05c81a35f66893e9b9d8914d7d89
SHA256: 8e0352a002cf95ddeb52770b950c1eb5ea96b7351fce39e0fee93e21ca63befb
Evidence Type Source Name Value Confidence Vendor file name transit-clj High Vendor pom artifactid transit-clj Low Vendor pom developer email tim@cognitect.com Low Vendor pom developer name Tim Ewald Medium Vendor pom developer org Cognitect Medium Vendor pom developer org URL https://cognitect.com Medium Vendor pom groupid com.cognitect Highest Vendor pom name transit-clj High Vendor pom url cognitect/transit-clj Highest Product file name transit-clj High Product pom artifactid transit-clj Highest Product pom developer email tim@cognitect.com Low Product pom developer name Tim Ewald Low Product pom developer org Cognitect Low Product pom developer org URL https://cognitect.com Low Product pom groupid com.cognitect Highest Product pom name transit-clj High Product pom url cognitect/transit-clj High Version file version 1.0.333 High Version pom version 1.0.333 Highest
Description:
Transit is a data format and a set of libraries for conveying values between applications written in different languages. This library provides support for marshalling Transit data to/from Java. License:
The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /home/runner/.m2/repository/com/cognitect/transit-java/1.0.371/transit-java-1.0.371.jar
MD5: 5a6404639151a3ba0baed0c864cac588
SHA1: b50551adb06e9c00d74b80d74826571b2476a44a
SHA256: 9267acceaa6bc8e89d5cbf65f847838647876d721af208324e38cd0040b23696
Evidence Type Source Name Value Confidence Vendor file name transit-java High Vendor jar package name cognitect Highest Vendor jar package name cognitect Low Vendor jar package name impl Low Vendor jar package name transit Highest Vendor jar package name transit Low Vendor pom artifactid transit-java Low Vendor pom developer email tim@cognitect.com Low Vendor pom developer name Tim Ewald Medium Vendor pom developer org Cognitect Medium Vendor pom developer org URL http://cognitect.com Medium Vendor pom groupid com.cognitect Highest Vendor pom name transit-java High Vendor pom url http://github.com/cognitect/transit-java Highest Product file name transit-java High Product jar package name cognitect Highest Product jar package name impl Low Product jar package name transit Highest Product jar package name transit Low Product pom artifactid transit-java Highest Product pom developer email tim@cognitect.com Low Product pom developer name Tim Ewald Low Product pom developer org Cognitect Low Product pom developer org URL http://cognitect.com Low Product pom groupid com.cognitect Highest Product pom name transit-java High Product pom url http://github.com/cognitect/transit-java Medium Version file version 1.0.371 High Version pom version 1.0.371 Highest
Description:
Version Analysis and Comparison for Clojure License:
MIT: https://choosealicense.com/licenses/mit File Path: /home/runner/.m2/repository/version-clj/version-clj/2.0.2/version-clj-2.0.2.jar
MD5: f27a145ddfe8c25e535ac5d30fa4b3cb
SHA1: 0332168615c21d6cb9e0963fc03cea3e3c3e1ee2
SHA256: a38c5330ff316116275d8f6fac3db5ad52966e7abc03e761fad3b305fff25c26
Evidence Type Source Name Value Confidence Vendor file name version-clj High Vendor Manifest leiningen-project-artifactid version-clj Low Vendor Manifest leiningen-project-groupid version-clj Low Vendor pom artifactid version-clj Low Vendor pom groupid version-clj Highest Vendor pom name version-clj High Vendor pom url xsc/version-clj Highest Product file name version-clj High Product Manifest leiningen-project-artifactid version-clj Low Product Manifest leiningen-project-groupid version-clj Low Product pom artifactid version-clj Highest Product pom groupid version-clj Highest Product pom name version-clj High Product pom url xsc/version-clj High Version file version 2.0.2 High Version Manifest leiningen-project-version 2.0.2 Medium Version pom version 2.0.2 Highest
File Path: /home/runner/.m2/repository/org/apache/maven/wagon/wagon-ssh/3.5.3/wagon-ssh-3.5.3.jarMD5: 25b3c0f249b18ba906af3124406359fdSHA1: 85957ad00283d8e8df8468a623975d6710050d49SHA256: f9f587b405b672ffcb730d757ff9f27ed3a3689aeed69c4098f4f07f46819e74
Evidence Type Source Name Value Confidence Vendor file name wagon-ssh High Vendor jar package name apache Highest Vendor jar package name maven Highest Vendor jar package name providers Highest Vendor jar package name wagon Highest Vendor Manifest build-jdk-spec 1.8 Low Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor pom artifactid wagon-ssh Low Vendor pom groupid org.apache.maven.wagon Highest Vendor pom name Apache Maven Wagon :: Providers :: SSH Provider High Vendor pom parent-artifactid wagon-providers Low Product file name wagon-ssh High Product jar package name apache Highest Product jar package name maven Highest Product jar package name providers Highest Product jar package name wagon Highest Product Manifest build-jdk-spec 1.8 Low Product Manifest Implementation-Title Apache Maven Wagon :: Providers :: SSH Provider High Product Manifest specification-title Apache Maven Wagon :: Providers :: SSH Provider Medium Product pom artifactid wagon-ssh Highest Product pom groupid org.apache.maven.wagon Highest Product pom name Apache Maven Wagon :: Providers :: SSH Provider High Product pom parent-artifactid wagon-providers Medium Version file version 3.5.3 High Version Manifest Implementation-Version 3.5.3 High Version pom version 3.5.3 Highest
Related Dependencies wagon-http-3.5.3.jarFile Path: /home/runner/.m2/repository/org/apache/maven/wagon/wagon-http/3.5.3/wagon-http-3.5.3.jar MD5: 1b072be9b74336ec923d533c4370e1f4 SHA1: 673d54e78f83c4700c8250a48c61f4c70eef9bc3 SHA256: d2b6e48c9fcbe579e1858c622d14464011ff265fa6e28e794004a6882154a509 pkg:maven/org.apache.maven.wagon/wagon-http@3.5.3 wagon-http-shared-3.5.3.jarFile Path: /home/runner/.m2/repository/org/apache/maven/wagon/wagon-http-shared/3.5.3/wagon-http-shared-3.5.3.jar MD5: 68b5b8fd16b284b9c7001fc151025c80 SHA1: 635c3d5718a70e3ecfd78f2fef99bb6e0abaed58 SHA256: 8e7da766f55164fde8779aaaa125832506c2848cab4876b5305138873e28037f pkg:maven/org.apache.maven.wagon/wagon-http-shared@3.5.3 wagon-provider-api-3.5.3.jarFile Path: /home/runner/.m2/repository/org/apache/maven/wagon/wagon-provider-api/3.5.3/wagon-provider-api-3.5.3.jar MD5: 55a4be47ca51799ae3c18ed521f296df SHA1: 39c44ebb3945dee359665272d8acb83f9460491b SHA256: 5e72000338945ed3e96f8e4f578d1d0672e1af7e19c0e9014197ae5b31af3ef4 pkg:maven/org.apache.maven.wagon/wagon-provider-api@3.5.3 wagon-ssh-common-3.5.3.jarFile Path: /home/runner/.m2/repository/org/apache/maven/wagon/wagon-ssh-common/3.5.3/wagon-ssh-common-3.5.3.jar MD5: 5d8166c23822ceb0ec2b1838cde30391 SHA1: a8ef1d9c7d0d784778a51cc0fc5db39651797243 SHA256: 9f7c9453af791f7d901c4430ec482a1943ac2ce2588ce1daf05ed32eb31a7efa pkg:maven/org.apache.maven.wagon/wagon-ssh-common@3.5.3 Description:
your friendly XML navigator License:
Eclipse Public License: http://www.eclipse.org/legal/epl-v10.html File Path: /home/runner/.m2/repository/tolitius/xml-in/0.1.1/xml-in-0.1.1.jar
MD5: 754502ef9d8c1574d6d893b22f6101dc
SHA1: 0a68865842a0fa7484bca3a7be33f182d8213a97
SHA256: 43ab632812fe03b86b1a154723d809bb393e11a0ff0e6677167f14ece40f5543
Evidence Type Source Name Value Confidence Vendor file name xml-in High Vendor pom artifactid xml-in Low Vendor pom groupid tolitius Highest Vendor pom name xml-in High Vendor pom url tolitius/xml-in Highest Product file name xml-in High Product pom artifactid xml-in Highest Product pom groupid tolitius Highest Product pom name xml-in High Product pom url tolitius/xml-in High Version file version 0.1.1 High Version pom version 0.1.1 Highest