Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies;
false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and
the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties,
implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided
is at the user’s risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever
arising out of or in connection with the use of this tool, the analysis performed, or the resulting report.
Scan Information (
show all ):
dependency-check version : 9.0.9Report Generated On : Thu, 15 Feb 2024 23:32:37 GMTDependencies Scanned : 220 (220 unique)Vulnerable Dependencies : 19 Vulnerabilities Found : 31Vulnerabilities Suppressed : 0 ... NVD API Last Checked : 2024-02-15T23:32:22ZNVD API Last Modified : 2024-02-15T23:15:08ZSummary Display:
Showing Vulnerable Dependencies (click to show all) aether-api-1.0.0.v20140518.jarDescription:
The application programming interface for the repository system.
License:
http://www.eclipse.org/legal/epl-v10.html File Path: /home/runner/.gradle/caches/modules-2/files-2.1/org.eclipse.aether/aether-api/1.0.0.v20140518/be68e917f454dcd841865ad7cf9b7615b26a51f7/aether-api-1.0.0.v20140518.jar
MD5: b05ef5410dad83a4e9ba50e08e0dbbf4
SHA1: be68e917f454dcd841865ad7cf9b7615b26a51f7
SHA256: 84b98521684ab22f9528470fa6d8ab68a230e1b211623c989ba7016c306eb773
Referenced In Projects/Scopes: documentation:javadocClasspath maven-plugin-plugin:compileClasspath maven-plugin-plugin:runtimeClasspath aether-api-1.0.0.v20140518.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/io.freefair.gradle/maven-plugin-plugin@8.6 pkg:maven/org.apache.maven.plugins/maven-plugin-plugin@3.11.0 pkg:maven/org.apache.maven.plugin-tools/maven-plugin-tools-annotations@3.11.0 pkg:maven/org.apache.maven.plugin-tools/maven-plugin-tools-annotations@3.11.0 pkg:maven/org.apache.maven.plugins/maven-plugin-plugin@3.11.0 pkg:maven/org.apache.maven.plugin-tools/maven-plugin-tools-generators@3.11.0 pkg:maven/org.apache.maven.plugin-tools/maven-plugin-tools-generators@3.11.0 Evidence Type Source Name Value Confidence Vendor file name aether-api High Vendor gradle artifactid aether-api Highest Vendor gradle groupid org.eclipse.aether Highest Vendor jar package name aether Highest Vendor jar package name eclipse Highest Vendor jar package name repository Highest Vendor Manifest bundle-docurl http://www.eclipse.org/aether/aether-api/ Low Vendor Manifest bundle-requiredexecutionenvironment J2SE-1.5 Low Vendor Manifest bundle-symbolicname org.eclipse.aether.api Medium Vendor pom artifactid aether-api Low Vendor pom groupid org.eclipse.aether Highest Vendor pom name Aether API High Vendor pom parent-artifactid aether Low Product file name aether-api High Product gradle artifactid aether-api Highest Product jar package name aether Highest Product jar package name eclipse Highest Product jar package name repository Highest Product Manifest bundle-docurl http://www.eclipse.org/aether/aether-api/ Low Product Manifest Bundle-Name Aether API Medium Product Manifest bundle-requiredexecutionenvironment J2SE-1.5 Low Product Manifest bundle-symbolicname org.eclipse.aether.api Medium Product pom artifactid aether-api Highest Product pom groupid org.eclipse.aether Highest Product pom name Aether API High Product pom parent-artifactid aether Medium Version file version 1.0.0.v20140518 High Version gradle version 1.0.0.v20140518 Highest Version Manifest Bundle-Version 1.0.0.v20140518 High Version pom version 1.0.0.v20140518 Highest
aether-impl-1.0.0.v20140518.jarDescription:
An implementation of the repository system.
License:
http://www.eclipse.org/legal/epl-v10.html File Path: /home/runner/.gradle/caches/modules-2/files-2.1/org.eclipse.aether/aether-impl/1.0.0.v20140518/a5ee67be2c99dfb95ad61235d749c92ae09c926e/aether-impl-1.0.0.v20140518.jar
MD5: 819d1c095629b2bd9ed0980395c91b7d
SHA1: a5ee67be2c99dfb95ad61235d749c92ae09c926e
SHA256: 9a9b60e685385225f08e662cb9f60d96610b0987f0f47bbf3f0c92df8a897d00
Referenced In Projects/Scopes: documentation:javadocClasspath maven-plugin-plugin:compileClasspath maven-plugin-plugin:runtimeClasspath aether-impl-1.0.0.v20140518.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/io.freefair.gradle/maven-plugin-plugin@8.6 pkg:maven/org.apache.maven.plugins/maven-plugin-plugin@3.11.0 pkg:maven/org.apache.maven.plugin-tools/maven-plugin-tools-annotations@3.11.0 pkg:maven/org.apache.maven.plugin-tools/maven-plugin-tools-annotations@3.11.0 pkg:maven/org.apache.maven.plugins/maven-plugin-plugin@3.11.0 pkg:maven/org.apache.maven.plugin-tools/maven-plugin-tools-generators@3.11.0 pkg:maven/org.apache.maven.plugin-tools/maven-plugin-tools-generators@3.11.0 Evidence Type Source Name Value Confidence Vendor file name aether-impl High Vendor gradle artifactid aether-impl Highest Vendor gradle groupid org.eclipse.aether Highest Vendor jar package name aether Highest Vendor jar package name eclipse Highest Vendor jar package name impl Highest Vendor Manifest bundle-docurl http://www.eclipse.org/aether/aether-impl/ Low Vendor Manifest bundle-requiredexecutionenvironment J2SE-1.5 Low Vendor Manifest bundle-symbolicname org.eclipse.aether.impl Medium Vendor pom artifactid aether-impl Low Vendor pom groupid org.eclipse.aether Highest Vendor pom name Aether Implementation High Vendor pom parent-artifactid aether Low Product file name aether-impl High Product gradle artifactid aether-impl Highest Product jar package name aether Highest Product jar package name eclipse Highest Product jar package name impl Highest Product Manifest bundle-docurl http://www.eclipse.org/aether/aether-impl/ Low Product Manifest Bundle-Name Aether Implementation Medium Product Manifest bundle-requiredexecutionenvironment J2SE-1.5 Low Product Manifest bundle-symbolicname org.eclipse.aether.impl Medium Product pom artifactid aether-impl Highest Product pom groupid org.eclipse.aether Highest Product pom name Aether Implementation High Product pom parent-artifactid aether Medium Version file version 1.0.0.v20140518 High Version gradle version 1.0.0.v20140518 Highest Version Manifest Bundle-Version 1.0.0.v20140518 High Version pom version 1.0.0.v20140518 Highest
aether-spi-1.0.0.v20140518.jarDescription:
The service provider interface for repository system implementations and repository connectors.
License:
http://www.eclipse.org/legal/epl-v10.html File Path: /home/runner/.gradle/caches/modules-2/files-2.1/org.eclipse.aether/aether-spi/1.0.0.v20140518/985a9a12b904fb3bafd4dc6b49f6a084845703a1/aether-spi-1.0.0.v20140518.jar
MD5: 51c5870c01f48af3231ce6499464827a
SHA1: 985a9a12b904fb3bafd4dc6b49f6a084845703a1
SHA256: a3266d127a4e9f4aa9c4fa0986e31eec784e866f79112e1840d1667e17c10fb2
Referenced In Projects/Scopes: documentation:javadocClasspath maven-plugin-plugin:compileClasspath maven-plugin-plugin:runtimeClasspath aether-spi-1.0.0.v20140518.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/io.freefair.gradle/maven-plugin-plugin@8.6 pkg:maven/org.apache.maven.plugins/maven-plugin-plugin@3.11.0 pkg:maven/org.apache.maven.plugin-tools/maven-plugin-tools-annotations@3.11.0 pkg:maven/org.apache.maven.plugin-tools/maven-plugin-tools-annotations@3.11.0 pkg:maven/org.apache.maven.plugins/maven-plugin-plugin@3.11.0 pkg:maven/org.apache.maven.plugin-tools/maven-plugin-tools-generators@3.11.0 pkg:maven/org.apache.maven.plugin-tools/maven-plugin-tools-generators@3.11.0 Evidence Type Source Name Value Confidence Vendor file name aether-spi High Vendor gradle artifactid aether-spi Highest Vendor gradle groupid org.eclipse.aether Highest Vendor jar package name aether Highest Vendor jar package name eclipse Highest Vendor jar package name spi Highest Vendor Manifest bundle-docurl http://www.eclipse.org/aether/aether-spi/ Low Vendor Manifest bundle-requiredexecutionenvironment J2SE-1.5 Low Vendor Manifest bundle-symbolicname org.eclipse.aether.spi Medium Vendor pom artifactid aether-spi Low Vendor pom groupid org.eclipse.aether Highest Vendor pom name Aether SPI High Vendor pom parent-artifactid aether Low Product file name aether-spi High Product gradle artifactid aether-spi Highest Product jar package name aether Highest Product jar package name eclipse Highest Product jar package name spi Highest Product Manifest bundle-docurl http://www.eclipse.org/aether/aether-spi/ Low Product Manifest Bundle-Name Aether SPI Medium Product Manifest bundle-requiredexecutionenvironment J2SE-1.5 Low Product Manifest bundle-symbolicname org.eclipse.aether.spi Medium Product pom artifactid aether-spi Highest Product pom groupid org.eclipse.aether Highest Product pom name Aether SPI High Product pom parent-artifactid aether Medium Version file version 1.0.0.v20140518 High Version gradle version 1.0.0.v20140518 Highest Version Manifest Bundle-Version 1.0.0.v20140518 High Version pom version 1.0.0.v20140518 Highest
aether-util-1.0.0.v20140518.jarDescription:
A collection of utility classes to ease usage of the repository system.
License:
http://www.eclipse.org/legal/epl-v10.html File Path: /home/runner/.gradle/caches/modules-2/files-2.1/org.eclipse.aether/aether-util/1.0.0.v20140518/7df5ba98ce8b78985d75fdd8c2981fe69234ef85/aether-util-1.0.0.v20140518.jar
MD5: 08495ee7ecf90f0b528e7d65471532af
SHA1: 7df5ba98ce8b78985d75fdd8c2981fe69234ef85
SHA256: aff0951639837c4e3a4699a421fa79f410032f603f5c6a5bba435e98531f3984
Referenced In Projects/Scopes: documentation:javadocClasspath maven-plugin-plugin:compileClasspath maven-plugin-plugin:runtimeClasspath aether-util-1.0.0.v20140518.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/io.freefair.gradle/maven-plugin-plugin@8.6 pkg:maven/org.apache.maven.plugins/maven-plugin-plugin@3.11.0 pkg:maven/org.apache.maven.plugin-tools/maven-plugin-tools-annotations@3.11.0 pkg:maven/org.apache.maven.plugin-tools/maven-plugin-tools-annotations@3.11.0 pkg:maven/org.apache.maven.plugins/maven-plugin-plugin@3.11.0 pkg:maven/org.apache.maven.plugin-tools/maven-plugin-tools-generators@3.11.0 pkg:maven/org.apache.maven.plugin-tools/maven-plugin-tools-generators@3.11.0 Evidence Type Source Name Value Confidence Vendor file name aether-util High Vendor gradle artifactid aether-util Highest Vendor gradle groupid org.eclipse.aether Highest Vendor jar package name aether Highest Vendor jar package name eclipse Highest Vendor jar package name repository Highest Vendor jar package name util Highest Vendor Manifest bundle-docurl http://www.eclipse.org/aether/aether-util/ Low Vendor Manifest bundle-requiredexecutionenvironment J2SE-1.5 Low Vendor Manifest bundle-symbolicname org.eclipse.aether.util Medium Vendor pom artifactid aether-util Low Vendor pom groupid org.eclipse.aether Highest Vendor pom name Aether Utilities High Vendor pom parent-artifactid aether Low Product file name aether-util High Product gradle artifactid aether-util Highest Product jar package name aether Highest Product jar package name eclipse Highest Product jar package name repository Highest Product jar package name util Highest Product Manifest bundle-docurl http://www.eclipse.org/aether/aether-util/ Low Product Manifest Bundle-Name Aether Utilities Medium Product Manifest bundle-requiredexecutionenvironment J2SE-1.5 Low Product Manifest bundle-symbolicname org.eclipse.aether.util Medium Product pom artifactid aether-util Highest Product pom groupid org.eclipse.aether Highest Product pom name Aether Utilities High Product pom parent-artifactid aether Medium Version file version 1.0.0.v20140518 High Version gradle version 1.0.0.v20140518 Highest Version Manifest Bundle-Version 1.0.0.v20140518 High Version pom version 1.0.0.v20140518 Highest
annotations-13.0.jarDescription:
A set of annotations used for code inspection support and code documentation. License:
The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /home/runner/.gradle/caches/modules-2/files-2.1/org.jetbrains/annotations/13.0/919f0dfe192fb4e063e7dacadee7f8bb9a2672a9/annotations-13.0.jar
MD5: f4fb462172517b46b6cd90003508515a
SHA1: 919f0dfe192fb4e063e7dacadee7f8bb9a2672a9
SHA256: ace2a10dc8e2d5fd34925ecac03e4988b2c0f851650c94b8cef49ba1bd111478
Referenced In Projects/Scopes: documentation:javadocClasspath mjml-plugin:kotlinCompilerClasspath mjml-plugin:kotlinCompilerPluginClasspathMain quicktype-plugin:kotlinCompilerPluginClasspathMain maven-plugin-plugin:compileClasspath okhttp-plugin:runtimeClasspath quicktype-plugin:kotlinKlibCommonizerClasspath maven-plugin-plugin:runtimeClasspath okhttp-plugin:compileClasspath quicktype-plugin:runtimeClasspath github-plugin:compileClasspath quicktype-plugin:kotlinBuildToolsApiClasspath quicktype-plugin:kotlinCompilerPluginClasspathTest quicktype-plugin:compileClasspath mjml-plugin:kotlinCompilerPluginClasspathTest github-plugin:runtimeClasspath mjml-plugin:kotlinBuildToolsApiClasspath mjml-plugin:embeddedKotlin maven-plugin:compileClasspath mjml-plugin:compileClasspath maven-plugin:runtimeClasspath quicktype-plugin:kotlinCompilerClasspath mjml-plugin:kotlinKlibCommonizerClasspath annotations-13.0.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.jetbrains.kotlin/kotlin-stdlib@1.9.20 pkg:maven/io.freefair.gradle/okhttp-plugin@8.6 pkg:maven/org.jetbrains.kotlin/kotlin-compiler-embeddable@1.9.20 pkg:maven/org.jetbrains.kotlin/kotlin-stdlib@1.9.20 pkg:maven/org.jetbrains.kotlin/kotlin-reflect@1.9.20 pkg:maven/org.jetbrains.kotlin/kotlin-scripting-compiler-embeddable@1.9.20 pkg:maven/io.freefair.gradle/maven-plugin@8.6 pkg:maven/com.squareup.retrofit2/retrofit@2.9.0 pkg:maven/io.freefair.gradle/github-plugin@8.6 pkg:maven/io.freefair.gradle/maven-plugin@8.6 pkg:maven/org.jetbrains.kotlin/kotlin-build-tools-impl@1.9.20 pkg:maven/org.jetbrains.kotlin/kotlin-klib-commonizer-embeddable@1.9.20 pkg:maven/io.freefair.gradle/quicktype-plugin@8.6 pkg:maven/com.squareup.retrofit2/converter-gson@2.9.0 pkg:maven/com.squareup.okhttp3/okhttp-bom@4.12.0 pkg:maven/com.squareup.okhttp3/logging-interceptor@4.12.0 pkg:maven/org.jetbrains.kotlin/kotlin-reflect@1.9.20 pkg:maven/io.freefair.gradle/maven-plugin@8.6 pkg:maven/org.jetbrains.kotlin/kotlin-stdlib@1.9.20 pkg:maven/org.jetbrains.kotlin/kotlin-scripting-compiler-embeddable@1.9.20 pkg:maven/org.jetbrains.kotlin/kotlin-reflect@1.9.20 pkg:maven/com.squareup.retrofit2/retrofit@2.9.0 pkg:maven/io.freefair.gradle/okhttp-plugin@8.6 pkg:maven/io.freefair.gradle/okhttp-plugin@8.6 pkg:maven/io.freefair.gradle/okhttp-plugin@8.6 pkg:maven/io.freefair.gradle/maven-plugin-plugin@8.6 pkg:maven/org.jetbrains.kotlin/kotlin-klib-commonizer-embeddable@1.9.20 pkg:maven/com.squareup.retrofit2/converter-gson@2.9.0 pkg:maven/org.jetbrains.kotlin/kotlin-scripting-compiler-embeddable@1.9.20 pkg:maven/org.jetbrains.kotlin/kotlin-scripting-compiler-embeddable@1.9.20 pkg:maven/com.squareup.okhttp3/okhttp@4.12.0 pkg:maven/com.squareup.okhttp3/logging-interceptor@4.12.0 pkg:maven/org.jetbrains.kotlin/kotlin-compiler-embeddable@1.9.20 pkg:maven/com.squareup.okhttp3/okhttp@4.12.0 pkg:maven/org.jetbrains.kotlin/kotlin-stdlib@1.9.20 pkg:maven/org.jetbrains.kotlin/kotlin-reflect@1.9.20 pkg:maven/io.freefair.gradle/okhttp-plugin@8.6 pkg:maven/com.squareup.okhttp3/okhttp-bom@4.12.0 pkg:maven/org.jetbrains.kotlin/kotlin-build-tools-impl@1.9.20 Evidence Type Source Name Value Confidence Vendor file name annotations High Vendor gradle artifactid annotations Highest Vendor gradle groupid org.jetbrains Highest Vendor jar package name annotations Highest Vendor jar package name annotations Low Vendor jar package name intellij Highest Vendor jar package name intellij Low Vendor jar package name jetbrains Highest Vendor jar package name lang Low Vendor pom artifactid annotations Low Vendor pom developer id JetBrains Medium Vendor pom developer name JetBrains Team Medium Vendor pom developer org JetBrains Medium Vendor pom developer org URL http://www.jetbrains.com Medium Vendor pom groupid org.jetbrains Highest Vendor pom name IntelliJ IDEA Annotations High Vendor pom url http://www.jetbrains.org Highest Product file name annotations High Product gradle artifactid annotations Highest Product jar package name annotations Highest Product jar package name annotations Low Product jar package name intellij Highest Product jar package name jetbrains Highest Product jar package name lang Low Product pom artifactid annotations Highest Product pom developer id JetBrains Low Product pom developer name JetBrains Team Low Product pom developer org JetBrains Low Product pom developer org URL http://www.jetbrains.com Low Product pom groupid org.jetbrains Highest Product pom name IntelliJ IDEA Annotations High Product pom url http://www.jetbrains.org Medium Version file version 13.0 High Version gradle version 13.0 Highest Version pom version 13.0 Highest
aopalliance-1.0.jarFile Path: /home/runner/.gradle/caches/modules-2/files-2.1/aopalliance/aopalliance/1.0/235ba8b489512805ac13a8f9ea77a1ca5ebe3e8/aopalliance-1.0.jarMD5: 04177054e180d09e3998808efa0401c7SHA1: 0235ba8b489512805ac13a8f9ea77a1ca5ebe3e8SHA256: 0addec670fedcd3f113c5c8091d783280d23f75e3acb841b61a9cdb079376a08Referenced In Projects/Scopes:
documentation:javadocClasspath maven-plugin-plugin:compileClasspath maven-plugin-plugin:runtimeClasspath aopalliance-1.0.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/io.freefair.gradle/maven-plugin-plugin@8.6 pkg:maven/org.apache.maven.plugins/maven-plugin-plugin@3.11.0 pkg:maven/org.apache.maven.plugin-tools/maven-plugin-tools-annotations@3.11.0 pkg:maven/org.apache.maven.plugin-tools/maven-plugin-tools-annotations@3.11.0 pkg:maven/org.apache.maven.plugins/maven-plugin-plugin@3.11.0 pkg:maven/org.apache.maven.plugin-tools/maven-plugin-tools-generators@3.11.0 pkg:maven/org.apache.maven.plugin-tools/maven-plugin-tools-generators@3.11.0 Evidence Type Source Name Value Confidence Vendor file name aopalliance High Vendor gradle artifactid aopalliance Highest Vendor gradle groupid aopalliance Highest Vendor jar package name aopalliance Low Vendor jar package name intercept Low Product file name aopalliance High Product gradle artifactid aopalliance Highest Product jar package name intercept Low Version file name aopalliance Medium Version file version 1.0 High Version gradle version 1.0 Highest
apiguardian-api-1.1.2.jarDescription:
@API Guardian File Path: /home/runner/.gradle/caches/modules-2/files-2.1/org.apiguardian/apiguardian-api/1.1.2/a231e0d844d2721b0fa1b238006d15c6ded6842a/apiguardian-api-1.1.2.jarMD5: 8c7de3f82037fa4a2e8be2a2f13092afSHA1: a231e0d844d2721b0fa1b238006d15c6ded6842aSHA256: b509448ac506d607319f182537f0b35d71007582ec741832a1f111e5b5b70b38Referenced In Project/Scope: test-common:compileClasspathapiguardian-api-1.1.2.jar is in the transitive dependency tree of the listed items. Included by:
pkg:maven/org.junit/junit-bom@5.10.2 pkg:maven/org.junit.jupiter/junit-jupiter-api@5.10.2 Evidence Type Source Name Value Confidence Vendor file name apiguardian-api High Vendor gradle artifactid apiguardian-api Highest Vendor gradle groupid org.apiguardian Highest Vendor jar package name api Low Vendor jar package name apiguardian Highest Vendor jar package name apiguardian Low Vendor Manifest build-date 2021-06-27 Low Vendor Manifest build-revision aa952a1b9d5b4e9cc0af853e2c140c2455b397be Low Vendor Manifest build-time 14:53:10.089+0200 Low Vendor Manifest bundle-docurl https://github.com/apiguardian-team/apiguardian Low Vendor Manifest bundle-symbolicname org.apiguardian.api Medium Vendor Manifest Implementation-Vendor apiguardian.org High Vendor Manifest specification-vendor apiguardian.org Low Product file name apiguardian-api High Product gradle artifactid apiguardian-api Highest Product jar package name api Highest Product jar package name api Low Product jar package name apiguardian Highest Product Manifest build-date 2021-06-27 Low Product Manifest build-revision aa952a1b9d5b4e9cc0af853e2c140c2455b397be Low Product Manifest build-time 14:53:10.089+0200 Low Product Manifest bundle-docurl https://github.com/apiguardian-team/apiguardian Low Product Manifest Bundle-Name apiguardian-api Medium Product Manifest bundle-symbolicname org.apiguardian.api Medium Product Manifest Implementation-Title apiguardian-api High Product Manifest specification-title apiguardian-api Medium Version file version 1.1.2 High Version Manifest Implementation-Version 1.1.2 High
asciidoctorj-2.5.7.jarFile Path: /home/runner/.gradle/caches/modules-2/files-2.1/org.asciidoctor/asciidoctorj/2.5.7/8667fe77c2ffb5270a17389e6fe76ea89b1087e4/asciidoctorj-2.5.7.jarMD5: 0bfe80189a03a3f5ebd255c5e021f460SHA1: 8667fe77c2ffb5270a17389e6fe76ea89b1087e4SHA256: 17deb7ab1ea8e62f43e7c85843b252e684e9000ca539fdbc1a903748623496b2Referenced In Projects/Scopes:
documentation:__$$asciidoctorj$$___r documentation:__$$asciidoctorj_asciidoctor$$__r asciidoctorj-2.5.7.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/io.freefair.gradle/documentation@8.6 pkg:maven/io.freefair.gradle/documentation@8.6 Evidence Type Source Name Value Confidence Vendor file name asciidoctorj High Vendor gradle artifactid asciidoctorj Highest Vendor gradle groupid org.asciidoctor Highest Vendor jar package name asciidoctor Highest Vendor jar package name asciidoctor Low Vendor jar package name jruby Low Vendor Manifest build-date 2022-10-21 Low Vendor Manifest bundle-symbolicname org.asciidoctor.asciidoctorj Medium Vendor Manifest Implementation-Vendor asciidoctor.org High Product file name asciidoctorj High Product gradle artifactid asciidoctorj Highest Product jar package name asciidoctor Highest Product jar package name jruby Low Product Manifest build-date 2022-10-21 Low Product Manifest Bundle-Name asciidoctorj Medium Product Manifest bundle-symbolicname org.asciidoctor.asciidoctorj Medium Product Manifest Implementation-Title asciidoctorj High Version file version 2.5.7 High Version Manifest Implementation-Version 2.5.7 High
asciidoctorj-2.5.7.jar: concurrent_ruby.jarFile Path: /home/runner/.gradle/caches/modules-2/files-2.1/org.asciidoctor/asciidoctorj/2.5.7/8667fe77c2ffb5270a17389e6fe76ea89b1087e4/asciidoctorj-2.5.7.jar/gems/concurrent-ruby-1.1.7/lib/concurrent-ruby/concurrent/concurrent_ruby.jarMD5: 92015e73fc2e79f2dfc4994e6865d15bSHA1: f7535d0a5efb585fd5f49c6d18952e191ed6e2c7SHA256: 7c35aee1609b885f760688733eaa5f4d53f2ef68558f7b19edd6a7179b5e381fReferenced In Projects/Scopes:
documentation:__$$asciidoctorj$$___r documentation:__$$asciidoctorj_asciidoctor$$__r Evidence Type Source Name Value Confidence Vendor file name concurrent_ruby High Vendor jar package name concurrent_ruby Low Vendor jar package name ext Low Vendor jar package name jsr166e Low Product file name concurrent_ruby High Product jar package name ext Low Product jar package name jsr166e Low
asciidoctorj-2.5.7.jar: jruby_cache_backend.jarFile Path: /home/runner/.gradle/caches/modules-2/files-2.1/org.asciidoctor/asciidoctorj/2.5.7/8667fe77c2ffb5270a17389e6fe76ea89b1087e4/asciidoctorj-2.5.7.jar/gems/thread_safe-0.3.6-java/lib/thread_safe/jruby_cache_backend.jarMD5: 7f40e133c093c0e7baddce14ea90114bSHA1: 993f3706b397773d989d6a02fa4e91a9ea8b0a24SHA256: fd26af853ae547cdc0ff51d5875fe8cadc61edd23dc207651012217c4ff4257aReferenced In Projects/Scopes:
documentation:__$$asciidoctorj$$___r documentation:__$$asciidoctorj_asciidoctor$$__r Evidence Type Source Name Value Confidence Vendor file name jruby_cache_backend High Vendor jar package name ext Low Vendor jar package name jruby Low Vendor jar package name thread_safe Low Product file name jruby_cache_backend High Product jar package name ext Low Product jar package name jsr166e Low Product jar package name thread_safe Low
asciidoctorj-api-2.5.7.jarFile Path: /home/runner/.gradle/caches/modules-2/files-2.1/org.asciidoctor/asciidoctorj-api/2.5.7/37ea651d5f1ba2ad3d1c09eb2356b17f35c15bb5/asciidoctorj-api-2.5.7.jarMD5: c81feb8db629e8f92f08d3f97f3e3c44SHA1: 37ea651d5f1ba2ad3d1c09eb2356b17f35c15bb5SHA256: 3fe1e4a778bf2ad73c756d4be5f6b983e4002c407e2e29a04fda7f36e6faa5d5Referenced In Projects/Scopes:
documentation:__$$asciidoctorj$$___r documentation:__$$asciidoctorj_asciidoctor$$__r asciidoctorj-api-2.5.7.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.asciidoctor/asciidoctorj@2.5.7 pkg:maven/org.asciidoctor/asciidoctorj@2.5.7 Evidence Type Source Name Value Confidence Vendor file name asciidoctorj-api High Vendor gradle artifactid asciidoctorj-api Highest Vendor gradle groupid org.asciidoctor Highest Vendor jar package name asciidoctor Highest Vendor jar package name asciidoctor Low Vendor Manifest build-date 2022-10-21 Low Vendor Manifest bundle-symbolicname org.asciidoctor.asciidoctorj-api Medium Vendor Manifest Implementation-Vendor asciidoctor.org High Product file name asciidoctorj-api High Product gradle artifactid asciidoctorj-api Highest Product jar package name asciidoctor Highest Product Manifest build-date 2022-10-21 Low Product Manifest Bundle-Name asciidoctorj-api Medium Product Manifest bundle-symbolicname org.asciidoctor.asciidoctorj-api Medium Product Manifest Implementation-Title asciidoctorj-api High Version file version 2.5.7 High Version Manifest Implementation-Version 2.5.7 High
asm-9.6.jarLicense:
BSD-3-Clause;link=https://asm.ow2.io/LICENSE.txt File Path: /home/runner/.gradle/caches/modules-2/files-2.1/org.ow2.asm/asm/9.6/aa205cf0a06dbd8e04ece91c0b37c3f5d567546a/asm-9.6.jar
MD5: 6f8bccf756f170d4185bb24c8c2d2020
SHA1: aa205cf0a06dbd8e04ece91c0b37c3f5d567546a
SHA256: 3c6fac2424db3d4a853b669f4e3d1d9c3c552235e19a319673f887083c2303a1
Referenced In Projects/Scopes: quicktype-plugin:jacocoAnt code-generator-api:jacocoAnt compress-plugin:jacocoAnt documentation:javadocClasspath maven-plugin-plugin:jacocoAnt maven-plugin-plugin:compileClasspath jacoco-plugin:jacocoAnt maven-plugin-plugin:runtimeClasspath mjml-plugin:jacocoAnt plantuml-plugin:jacocoAnt github-plugin:jacocoAnt embedded-sass-plugin:jacocoAnt test-code-generator:jacocoAnt git-plugin:jacocoAnt okhttp-plugin:jacocoAnt aspectj-plugin:jacocoAnt plugin-utils:jacocoAnt maven-plugin:jacocoAnt settings-plugin:jacocoAnt jacoco-plugin:compileClasspath mkdocs-plugin:jacocoAnt lombok-plugin:jacocoAnt test-common:jacocoAnt code-generator-plugin:jacocoAnt asm-9.6.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.jacoco/org.jacoco.ant@0.8.11 pkg:maven/org.jacoco/org.jacoco.ant@0.8.11 pkg:maven/org.jacoco/org.jacoco.ant@0.8.11 pkg:maven/org.jacoco/org.jacoco.ant@0.8.11 pkg:maven/org.jacoco/org.jacoco.ant@0.8.11 pkg:maven/org.apache.maven.plugins/maven-plugin-plugin@3.11.0 pkg:maven/org.apache.maven.plugin-tools/maven-plugin-tools-annotations@3.11.0 pkg:maven/org.jacoco/org.jacoco.ant@0.8.11 pkg:maven/org.jacoco/org.jacoco.ant@0.8.11 pkg:maven/org.jacoco/org.jacoco.ant@0.8.11 pkg:maven/org.jacoco/org.jacoco.ant@0.8.11 pkg:maven/org.jacoco/org.jacoco.ant@0.8.11 pkg:maven/org.jacoco/org.jacoco.ant@0.8.11 pkg:maven/org.jacoco/org.jacoco.ant@0.8.11 pkg:maven/io.freefair.gradle/maven-plugin-plugin@8.6 pkg:maven/org.jacoco/org.jacoco.ant@0.8.11 pkg:maven/org.jacoco/org.jacoco.ant@0.8.11 pkg:maven/org.jacoco/org.jacoco.ant@0.8.11 pkg:maven/org.jacoco/org.jacoco.ant@0.8.11 pkg:maven/org.jacoco/org.jacoco.ant@0.8.11 pkg:maven/org.jacoco/org.jacoco.ant@0.8.11 pkg:maven/org.jacoco/org.jacoco.ant@0.8.11 pkg:maven/org.jacoco/org.jacoco.ant@0.8.11 pkg:maven/org.apache.maven.plugin-tools/maven-plugin-tools-generators@3.11.0 pkg:maven/org.apache.maven.plugin-tools/maven-plugin-tools-generators@3.11.0 pkg:maven/org.jacoco/org.jacoco.ant@0.8.11 pkg:maven/org.apache.maven.plugin-tools/maven-plugin-tools-annotations@3.11.0 pkg:maven/org.jacoco/org.jacoco.ant@0.8.11 pkg:maven/org.apache.maven.plugins/maven-plugin-plugin@3.11.0 Evidence Type Source Name Value Confidence Vendor file name asm High Vendor gradle artifactid asm Highest Vendor gradle groupid org.ow2.asm Highest Vendor jar package name asm Highest Vendor jar package name asm Low Vendor jar package name objectweb Highest Vendor jar package name objectweb Low Vendor Manifest bundle-docurl http://asm.ow2.org Low Vendor Manifest bundle-requiredexecutionenvironment J2SE-1.5 Low Vendor Manifest bundle-symbolicname org.objectweb.asm Medium Product file name asm High Product gradle artifactid asm Highest Product jar package name asm Highest Product jar package name asm Low Product jar package name objectweb Highest Product Manifest bundle-docurl http://asm.ow2.org Low Product Manifest Bundle-Name org.objectweb.asm Medium Product Manifest bundle-requiredexecutionenvironment J2SE-1.5 Low Product Manifest bundle-symbolicname org.objectweb.asm Medium Product Manifest Implementation-Title ASM, a very small and fast Java bytecode manipulation framework High Version file version 9.6 High Version Manifest Implementation-Version 9.6 High
asm-analysis-9.6.jarLicense:
BSD-3-Clause;link=https://asm.ow2.io/LICENSE.txt File Path: /home/runner/.gradle/caches/modules-2/files-2.1/org.ow2.asm/asm-analysis/9.6/9ce6c7b174bd997fc2552dff47964546bd7a5ec3/asm-analysis-9.6.jar
MD5: 31c84ef7cc893fb278952ae2d6a2674f
SHA1: 9ce6c7b174bd997fc2552dff47964546bd7a5ec3
SHA256: d92832d7c37edc07c60e2559ac6118b31d642e337a6671edcb7ba9fae68edbbb
Referenced In Projects/Scopes: documentation:javadocClasspath maven-plugin-plugin:compileClasspath maven-plugin-plugin:runtimeClasspath asm-analysis-9.6.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/io.freefair.gradle/maven-plugin-plugin@8.6 pkg:maven/org.apache.maven.plugins/maven-plugin-plugin@3.11.0 pkg:maven/org.apache.maven.plugin-tools/maven-plugin-tools-annotations@3.11.0 pkg:maven/org.apache.maven.plugin-tools/maven-plugin-tools-annotations@3.11.0 Evidence Type Source Name Value Confidence Vendor file name asm-analysis High Vendor gradle artifactid asm-analysis Highest Vendor gradle groupid org.ow2.asm Highest Vendor jar package name analysis Highest Vendor jar package name asm Highest Vendor jar package name asm Low Vendor jar package name objectweb Highest Vendor jar package name objectweb Low Vendor jar package name tree Highest Vendor jar package name tree Low Vendor Manifest bundle-docurl http://asm.ow2.org Low Vendor Manifest bundle-requiredexecutionenvironment J2SE-1.5 Low Vendor Manifest bundle-symbolicname org.objectweb.asm.tree.analysis Medium Vendor Manifest module-requires org.objectweb.asm;transitive=true,org.objectweb.asm.tree;transitive=true Low Product file name asm-analysis High Product gradle artifactid asm-analysis Highest Product jar package name analysis Highest Product jar package name analysis Low Product jar package name asm Highest Product jar package name asm Low Product jar package name objectweb Highest Product jar package name tree Highest Product jar package name tree Low Product Manifest bundle-docurl http://asm.ow2.org Low Product Manifest Bundle-Name org.objectweb.asm.tree.analysis Medium Product Manifest bundle-requiredexecutionenvironment J2SE-1.5 Low Product Manifest bundle-symbolicname org.objectweb.asm.tree.analysis Medium Product Manifest Implementation-Title Static code analysis API of ASM, a very small and fast Java bytecode manipulation framework High Product Manifest module-requires org.objectweb.asm;transitive=true,org.objectweb.asm.tree;transitive=true Low Version file version 9.6 High Version Manifest Implementation-Version 9.6 High
asm-commons-9.6.jarLicense:
BSD-3-Clause;link=https://asm.ow2.io/LICENSE.txt File Path: /home/runner/.gradle/caches/modules-2/files-2.1/org.ow2.asm/asm-commons/9.6/f1a9e5508eff490744144565c47326c8648be309/asm-commons-9.6.jar
MD5: 9e317c75534bd1da8c00a67c618ab288
SHA1: f1a9e5508eff490744144565c47326c8648be309
SHA256: 7aefd0d5c0901701c69f7513feda765fb6be33af2ce7aa17c5781fc87657c511
Referenced In Projects/Scopes: quicktype-plugin:jacocoAnt code-generator-api:jacocoAnt compress-plugin:jacocoAnt documentation:javadocClasspath maven-plugin-plugin:jacocoAnt maven-plugin-plugin:compileClasspath jacoco-plugin:jacocoAnt maven-plugin-plugin:runtimeClasspath mjml-plugin:jacocoAnt plantuml-plugin:jacocoAnt github-plugin:jacocoAnt embedded-sass-plugin:jacocoAnt test-code-generator:jacocoAnt git-plugin:jacocoAnt okhttp-plugin:jacocoAnt aspectj-plugin:jacocoAnt plugin-utils:jacocoAnt maven-plugin:jacocoAnt settings-plugin:jacocoAnt jacoco-plugin:compileClasspath mkdocs-plugin:jacocoAnt lombok-plugin:jacocoAnt test-common:jacocoAnt code-generator-plugin:jacocoAnt asm-commons-9.6.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.jacoco/org.jacoco.ant@0.8.11 pkg:maven/org.jacoco/org.jacoco.ant@0.8.11 pkg:maven/org.jacoco/org.jacoco.ant@0.8.11 pkg:maven/org.jacoco/org.jacoco.ant@0.8.11 pkg:maven/org.jacoco/org.jacoco.ant@0.8.11 pkg:maven/org.apache.maven.plugins/maven-plugin-plugin@3.11.0 pkg:maven/org.jacoco/org.jacoco.ant@0.8.11 pkg:maven/org.jacoco/org.jacoco.ant@0.8.11 pkg:maven/org.jacoco/org.jacoco.ant@0.8.11 pkg:maven/org.jacoco/org.jacoco.ant@0.8.11 pkg:maven/org.jacoco/org.jacoco.ant@0.8.11 pkg:maven/org.jacoco/org.jacoco.ant@0.8.11 pkg:maven/org.jacoco/org.jacoco.ant@0.8.11 pkg:maven/io.freefair.gradle/maven-plugin-plugin@8.6 pkg:maven/org.jacoco/org.jacoco.ant@0.8.11 pkg:maven/org.jacoco/org.jacoco.ant@0.8.11 pkg:maven/org.jacoco/org.jacoco.ant@0.8.11 pkg:maven/org.jacoco/org.jacoco.ant@0.8.11 pkg:maven/org.jacoco/org.jacoco.ant@0.8.11 pkg:maven/org.jacoco/org.jacoco.ant@0.8.11 pkg:maven/org.jacoco/org.jacoco.ant@0.8.11 pkg:maven/org.jacoco/org.jacoco.ant@0.8.11 pkg:maven/org.apache.maven.plugin-tools/maven-plugin-tools-generators@3.11.0 pkg:maven/org.apache.maven.plugin-tools/maven-plugin-tools-generators@3.11.0 pkg:maven/org.jacoco/org.jacoco.ant@0.8.11 pkg:maven/org.jacoco/org.jacoco.ant@0.8.11 pkg:maven/org.apache.maven.plugins/maven-plugin-plugin@3.11.0 Evidence Type Source Name Value Confidence Vendor file name asm-commons High Vendor gradle artifactid asm-commons Highest Vendor gradle groupid org.ow2.asm Highest Vendor jar package name asm Highest Vendor jar package name asm Low Vendor jar package name commons Highest Vendor jar package name commons Low Vendor jar package name objectweb Highest Vendor jar package name objectweb Low Vendor Manifest bundle-docurl http://asm.ow2.org Low Vendor Manifest bundle-requiredexecutionenvironment J2SE-1.5 Low Vendor Manifest bundle-symbolicname org.objectweb.asm.commons Medium Vendor Manifest module-requires org.objectweb.asm;transitive=true,org.objectweb.asm.tree;transitive=true Low Product file name asm-commons High Product gradle artifactid asm-commons Highest Product jar package name asm Highest Product jar package name asm Low Product jar package name commons Highest Product jar package name commons Low Product jar package name objectweb Highest Product Manifest bundle-docurl http://asm.ow2.org Low Product Manifest Bundle-Name org.objectweb.asm.commons Medium Product Manifest bundle-requiredexecutionenvironment J2SE-1.5 Low Product Manifest bundle-symbolicname org.objectweb.asm.commons Medium Product Manifest Implementation-Title Usefull class adapters based on ASM, a very small and fast Java bytecode manipulation framework High Product Manifest module-requires org.objectweb.asm;transitive=true,org.objectweb.asm.tree;transitive=true Low Version file version 9.6 High Version Manifest Implementation-Version 9.6 High
asm-tree-9.6.jarLicense:
BSD-3-Clause;link=https://asm.ow2.io/LICENSE.txt File Path: /home/runner/.gradle/caches/modules-2/files-2.1/org.ow2.asm/asm-tree/9.6/c0cdda9d211e965d2a4448aa3fd86110f2f8c2de/asm-tree-9.6.jar
MD5: 6062608f1a98afe1e853d01fa1221a9e
SHA1: c0cdda9d211e965d2a4448aa3fd86110f2f8c2de
SHA256: c43ecf17b539c777e15da7b5b86553b377e2d39a683de6285567d5283888e7ef
Referenced In Projects/Scopes: quicktype-plugin:jacocoAnt code-generator-api:jacocoAnt compress-plugin:jacocoAnt documentation:javadocClasspath maven-plugin-plugin:jacocoAnt maven-plugin-plugin:compileClasspath jacoco-plugin:jacocoAnt maven-plugin-plugin:runtimeClasspath mjml-plugin:jacocoAnt plantuml-plugin:jacocoAnt github-plugin:jacocoAnt embedded-sass-plugin:jacocoAnt test-code-generator:jacocoAnt git-plugin:jacocoAnt okhttp-plugin:jacocoAnt aspectj-plugin:jacocoAnt plugin-utils:jacocoAnt maven-plugin:jacocoAnt settings-plugin:jacocoAnt jacoco-plugin:compileClasspath mkdocs-plugin:jacocoAnt lombok-plugin:jacocoAnt test-common:jacocoAnt code-generator-plugin:jacocoAnt asm-tree-9.6.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.jacoco/org.jacoco.ant@0.8.11 pkg:maven/org.jacoco/org.jacoco.ant@0.8.11 pkg:maven/org.jacoco/org.jacoco.ant@0.8.11 pkg:maven/org.jacoco/org.jacoco.ant@0.8.11 pkg:maven/org.jacoco/org.jacoco.ant@0.8.11 pkg:maven/org.apache.maven.plugins/maven-plugin-plugin@3.11.0 pkg:maven/org.apache.maven.plugin-tools/maven-plugin-tools-annotations@3.11.0 pkg:maven/org.jacoco/org.jacoco.ant@0.8.11 pkg:maven/org.jacoco/org.jacoco.ant@0.8.11 pkg:maven/org.jacoco/org.jacoco.ant@0.8.11 pkg:maven/org.jacoco/org.jacoco.ant@0.8.11 pkg:maven/org.jacoco/org.jacoco.ant@0.8.11 pkg:maven/org.jacoco/org.jacoco.ant@0.8.11 pkg:maven/org.jacoco/org.jacoco.ant@0.8.11 pkg:maven/io.freefair.gradle/maven-plugin-plugin@8.6 pkg:maven/org.jacoco/org.jacoco.ant@0.8.11 pkg:maven/org.jacoco/org.jacoco.ant@0.8.11 pkg:maven/org.jacoco/org.jacoco.ant@0.8.11 pkg:maven/org.jacoco/org.jacoco.ant@0.8.11 pkg:maven/org.jacoco/org.jacoco.ant@0.8.11 pkg:maven/org.jacoco/org.jacoco.ant@0.8.11 pkg:maven/org.jacoco/org.jacoco.ant@0.8.11 pkg:maven/org.jacoco/org.jacoco.ant@0.8.11 pkg:maven/org.apache.maven.plugin-tools/maven-plugin-tools-generators@3.11.0 pkg:maven/org.apache.maven.plugin-tools/maven-plugin-tools-generators@3.11.0 pkg:maven/org.jacoco/org.jacoco.ant@0.8.11 pkg:maven/org.apache.maven.plugin-tools/maven-plugin-tools-annotations@3.11.0 pkg:maven/org.jacoco/org.jacoco.ant@0.8.11 pkg:maven/org.apache.maven.plugins/maven-plugin-plugin@3.11.0 Evidence Type Source Name Value Confidence Vendor file name asm-tree High Vendor gradle artifactid asm-tree Highest Vendor gradle groupid org.ow2.asm Highest Vendor jar package name asm Highest Vendor jar package name asm Low Vendor jar package name objectweb Highest Vendor jar package name objectweb Low Vendor jar package name tree Highest Vendor jar package name tree Low Vendor Manifest bundle-docurl http://asm.ow2.org Low Vendor Manifest bundle-requiredexecutionenvironment J2SE-1.5 Low Vendor Manifest bundle-symbolicname org.objectweb.asm.tree Medium Vendor Manifest module-requires org.objectweb.asm;transitive=true Low Product file name asm-tree High Product gradle artifactid asm-tree Highest Product jar package name asm Highest Product jar package name asm Low Product jar package name objectweb Highest Product jar package name tree Highest Product jar package name tree Low Product Manifest bundle-docurl http://asm.ow2.org Low Product Manifest Bundle-Name org.objectweb.asm.tree Medium Product Manifest bundle-requiredexecutionenvironment J2SE-1.5 Low Product Manifest bundle-symbolicname org.objectweb.asm.tree Medium Product Manifest Implementation-Title Tree API of ASM, a very small and fast Java bytecode manipulation framework High Product Manifest module-requires org.objectweb.asm;transitive=true Low Version file version 9.6 High Version Manifest Implementation-Version 9.6 High
asm-util-9.6.jarLicense:
BSD-3-Clause;link=https://asm.ow2.io/LICENSE.txt File Path: /home/runner/.gradle/caches/modules-2/files-2.1/org.ow2.asm/asm-util/9.6/f77caf84eb93786a749b2baa40865b9613e3eaee/asm-util-9.6.jar
MD5: bd3bc1c176a787373e9a031073c9574b
SHA1: f77caf84eb93786a749b2baa40865b9613e3eaee
SHA256: c635a7402f4aa9bf66b2f4230cea62025a0fe1cd63e8729adefc9b1994fac4c3
Referenced In Projects/Scopes: documentation:javadocClasspath maven-plugin-plugin:compileClasspath maven-plugin-plugin:runtimeClasspath asm-util-9.6.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/io.freefair.gradle/maven-plugin-plugin@8.6 pkg:maven/org.apache.maven.plugins/maven-plugin-plugin@3.11.0 pkg:maven/org.apache.maven.plugin-tools/maven-plugin-tools-annotations@3.11.0 pkg:maven/org.apache.maven.plugin-tools/maven-plugin-tools-annotations@3.11.0 Evidence Type Source Name Value Confidence Vendor file name asm-util High Vendor gradle artifactid asm-util Highest Vendor gradle groupid org.ow2.asm Highest Vendor jar package name asm Highest Vendor jar package name asm Low Vendor jar package name objectweb Highest Vendor jar package name objectweb Low Vendor jar package name util Highest Vendor jar package name util Low Vendor Manifest bundle-docurl http://asm.ow2.org Low Vendor Manifest bundle-requiredexecutionenvironment J2SE-1.5 Low Vendor Manifest bundle-symbolicname org.objectweb.asm.util Medium Vendor Manifest module-requires org.objectweb.asm;transitive=true,org.objectweb.asm.tree;transitive=true,org.objectweb.asm.tree.analysis;transitive=true Low Product file name asm-util High Product gradle artifactid asm-util Highest Product jar package name asm Highest Product jar package name asm Low Product jar package name objectweb Highest Product jar package name util Highest Product jar package name util Low Product Manifest bundle-docurl http://asm.ow2.org Low Product Manifest Bundle-Name org.objectweb.asm.util Medium Product Manifest bundle-requiredexecutionenvironment J2SE-1.5 Low Product Manifest bundle-symbolicname org.objectweb.asm.util Medium Product Manifest Implementation-Title Utilities for ASM, a very small and fast Java bytecode manipulation framework High Product Manifest module-requires org.objectweb.asm;transitive=true,org.objectweb.asm.tree;transitive=true,org.objectweb.asm.tree.analysis;transitive=true Low Version file version 9.6 High Version Manifest Implementation-Version 9.6 High
aspectj-plugin-8.6.jarFile Path: /home/runner/work/gradle-plugins/gradle-plugins/aspectj-plugin/build/libs/aspectj-plugin-8.6.jarMD5: 01693372f81fc68b2bc79d36484ce204SHA1: 91ad3f9d9f044d168604d7e20e9ca3856c061999SHA256: a2efd26de65b6e5fec4e17db1d4d971443e9243404ec3cad8e79c5a00985a47cReferenced In Project/Scope: documentation:javadocClasspathaspectj-plugin-8.6.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/io.freefair.gradle/documentation@8.6
Evidence Type Source Name Value Confidence Vendor file name aspectj-plugin High Vendor gradle artifactid aspectj-plugin Highest Vendor gradle groupid io.freefair.gradle Highest Vendor jar package name freefair Low Vendor jar package name gradle Low Vendor jar package name io Low Product file name aspectj-plugin High Product gradle artifactid aspectj-plugin Highest Product jar package name freefair Low Product jar package name gradle Low Product jar package name plugins Low Version file version 8.6 High Version Manifest Implementation-Version 8.6 High
assertj-core-3.25.3.jarDescription:
Rich and fluent assertions for testing in Java License:
Apache License, Version 2.0: https://www.apache.org/licenses/LICENSE-2.0.txt File Path: /home/runner/.gradle/caches/modules-2/files-2.1/org.assertj/assertj-core/3.25.3/792b270e73aa1cfc28fa135be0b95e69ea451432/assertj-core-3.25.3.jar
MD5: 88258246abdcbf7298b7c3401273e15b
SHA1: 792b270e73aa1cfc28fa135be0b95e69ea451432
SHA256: 7fbdffa1996d43cc08e2576e01008b07e57bbad2b4741aa6c3ab73ce8511130e
Referenced In Projects/Scopes: documentation:javadocClasspath test-common:compileClasspath test-common:runtimeClasspath assertj-core-3.25.3.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/io.freefair.gradle/test-common@8.6 pkg:maven/io.freefair.gradle/test-common@8.6 pkg:maven/io.freefair.gradle/test-common@8.6 Evidence Type Source Name Value Confidence Vendor file name assertj-core High Vendor gradle artifactid assertj-core Highest Vendor gradle groupid org.assertj Highest Vendor jar package name assertions Highest Vendor jar package name assertj Highest Vendor jar package name core Highest Vendor Manifest bundle-developers joel-costigliola;email="joel.costigliola at gmail.com";name="Joel Costigliola";roles="Owner,Developer",scordio;name="Stefano Cordio";roles=Developer,PascalSchumacher;name="Pascal Schumacher";roles=Developer,epeee;name="Erhard Pointl";roles=Developer,croesch;name="Christian Rösch";roles=Developer,VanRoy;name="Julien Roy";roles=Developer,regis1512;name="Régis Pouiller";roles=Developer,fbiville;name="Florent Biville";roles=Developer,Patouche;name="Patrick Allain";roles=Developer Low Vendor Manifest bundle-docurl https://assertj.github.io/doc/#assertj-core Low Vendor Manifest bundle-symbolicname assertj-core Medium Vendor Manifest multi-release true Low Vendor pom artifactid assertj-core Low Vendor pom developer email joel.costigliola at gmail.com Low Vendor pom developer id croesch Medium Vendor pom developer id epeee Medium Vendor pom developer id fbiville Medium Vendor pom developer id joel-costigliola Medium Vendor pom developer id PascalSchumacher Medium Vendor pom developer id Patouche Medium Vendor pom developer id regis1512 Medium Vendor pom developer id scordio Medium Vendor pom developer id VanRoy Medium Vendor pom developer name Christian Rösch Medium Vendor pom developer name Erhard Pointl Medium Vendor pom developer name Florent Biville Medium Vendor pom developer name Joel Costigliola Medium Vendor pom developer name Julien Roy Medium Vendor pom developer name Pascal Schumacher Medium Vendor pom developer name Patrick Allain Medium Vendor pom developer name Régis Pouiller Medium Vendor pom developer name Stefano Cordio Medium Vendor pom groupid org.assertj Highest Vendor pom name AssertJ Core High Vendor pom url https://assertj.github.io/doc/#assertj-core Highest Product file name assertj-core High Product gradle artifactid assertj-core Highest Product jar package name assertions Highest Product jar package name assertj Highest Product jar package name core Highest Product Manifest bundle-developers joel-costigliola;email="joel.costigliola at gmail.com";name="Joel Costigliola";roles="Owner,Developer",scordio;name="Stefano Cordio";roles=Developer,PascalSchumacher;name="Pascal Schumacher";roles=Developer,epeee;name="Erhard Pointl";roles=Developer,croesch;name="Christian Rösch";roles=Developer,VanRoy;name="Julien Roy";roles=Developer,regis1512;name="Régis Pouiller";roles=Developer,fbiville;name="Florent Biville";roles=Developer,Patouche;name="Patrick Allain";roles=Developer Low Product Manifest bundle-docurl https://assertj.github.io/doc/#assertj-core Low Product Manifest Bundle-Name AssertJ Core Medium Product Manifest bundle-symbolicname assertj-core Medium Product Manifest multi-release true Low Product pom artifactid assertj-core Highest Product pom developer email joel.costigliola at gmail.com Low Product pom developer id croesch Low Product pom developer id epeee Low Product pom developer id fbiville Low Product pom developer id joel-costigliola Low Product pom developer id PascalSchumacher Low Product pom developer id Patouche Low Product pom developer id regis1512 Low Product pom developer id scordio Low Product pom developer id VanRoy Low Product pom developer name Christian Rösch Low Product pom developer name Erhard Pointl Low Product pom developer name Florent Biville Low Product pom developer name Joel Costigliola Low Product pom developer name Julien Roy Low Product pom developer name Pascal Schumacher Low Product pom developer name Patrick Allain Low Product pom developer name Régis Pouiller Low Product pom developer name Stefano Cordio Low Product pom groupid org.assertj Highest Product pom name AssertJ Core High Product pom url https://assertj.github.io/doc/#assertj-core Medium Version file version 3.25.3 High Version gradle version 3.25.3 Highest Version Manifest Bundle-Version 3.25.3 High Version pom version 3.25.3 Highest
byte-buddy-1.14.11.jarDescription:
Byte Buddy is a Java library for creating Java classes at run time.
This artifact is a build of Byte Buddy with all ASM dependencies repackaged into its own name space.
License:
https://www.apache.org/licenses/LICENSE-2.0.txt File Path: /home/runner/.gradle/caches/modules-2/files-2.1/net.bytebuddy/byte-buddy/1.14.11/725602eb7c8c56b51b9c21f273f9df5c909d9e7d/byte-buddy-1.14.11.jar
MD5: c28e36075a114b176953fc10a5370be7
SHA1: 725602eb7c8c56b51b9c21f273f9df5c909d9e7d
SHA256: 62ae28187ed2b062813da6a9d567bfee733c341582699b62dd980230729a0313
Referenced In Projects/Scopes: documentation:javadocClasspath test-common:compileClasspath test-common:runtimeClasspath byte-buddy-1.14.11.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.assertj/assertj-core@3.25.3 pkg:maven/org.assertj/assertj-core@3.25.3 pkg:maven/io.freefair.gradle/test-common@8.6 Evidence Type Source Name Value Confidence Vendor file name byte-buddy High Vendor gradle artifactid byte-buddy Highest Vendor gradle groupid net.bytebuddy Highest Vendor jar package name asm Highest Vendor jar package name build Highest Vendor jar package name bytebuddy Highest Vendor jar package name net Highest Vendor Manifest build-jdk-spec 1.8 Low Vendor Manifest bundle-symbolicname net.bytebuddy.byte-buddy Medium Vendor Manifest multi-release true Low Vendor pom artifactid byte-buddy Low Vendor pom groupid net.bytebuddy Highest Vendor pom name Byte Buddy (without dependencies) High Vendor pom parent-artifactid byte-buddy-parent Low Product file name byte-buddy High Product gradle artifactid byte-buddy Highest Product jar package name asm Highest Product jar package name build Highest Product jar package name bytebuddy Highest Product jar package name net Highest Product Manifest build-jdk-spec 1.8 Low Product Manifest Bundle-Name Byte Buddy (without dependencies) Medium Product Manifest bundle-symbolicname net.bytebuddy.byte-buddy Medium Product Manifest multi-release true Low Product pom artifactid byte-buddy Highest Product pom groupid net.bytebuddy Highest Product pom name Byte Buddy (without dependencies) High Product pom parent-artifactid byte-buddy-parent Medium Version file version 1.14.11 High Version gradle version 1.14.11 Highest Version Manifest Bundle-Version 1.14.11 High Version pom version 1.14.11 Highest
cdi-api-1.2.jarDescription:
APIs for CDI (Contexts and Dependency Injection for Java EE) License:
Apache License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.html File Path: /home/runner/.gradle/caches/modules-2/files-2.1/javax.enterprise/cdi-api/1.2/53bba91dc3968adf411e076df020cf207283d7dc/cdi-api-1.2.jar
MD5: 2a8c973affa178efb89e6c50f78d79da
SHA1: 53bba91dc3968adf411e076df020cf207283d7dc
SHA256: cc5ce2cbc62fe96bf59af00bba00bde823a1094462b4364747863510b76c0518
Referenced In Projects/Scopes: documentation:javadocClasspath maven-plugin-plugin:compileClasspath maven-plugin-plugin:runtimeClasspath cdi-api-1.2.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/io.freefair.gradle/maven-plugin-plugin@8.6 pkg:maven/org.apache.maven.plugins/maven-plugin-plugin@3.11.0 pkg:maven/org.apache.maven.plugin-tools/maven-plugin-tools-annotations@3.11.0 pkg:maven/org.apache.maven.plugin-tools/maven-plugin-tools-annotations@3.11.0 pkg:maven/org.apache.maven.plugins/maven-plugin-plugin@3.11.0 pkg:maven/org.apache.maven.plugin-tools/maven-plugin-tools-generators@3.11.0 pkg:maven/org.apache.maven.plugin-tools/maven-plugin-tools-generators@3.11.0 Evidence Type Source Name Value Confidence Vendor file name cdi-api High Vendor gradle artifactid cdi-api Highest Vendor gradle groupid javax.enterprise Highest Vendor jar package name enterprise Highest Vendor jar package name javax Highest Vendor Manifest bundle-docurl http://jboss.org Low Vendor Manifest bundle-symbolicname javax.enterprise.cdi-api Medium Vendor Manifest implementation-url http://cdi-spec.org Low Vendor Manifest Implementation-Vendor JBoss by Red Hat, Inc. High Vendor Manifest specification-vendor JBoss by Red Hat, Inc. Low Vendor pom artifactid cdi-api Low Vendor pom developer email asd[at]redhat[dot]com Low Vendor pom developer email jhartinger[at]redhat[dot]com Low Vendor pom developer email mkouba[at]redhat[dot]com Low Vendor pom developer email pmuir[at]redhat[dot]com Low Vendor pom developer email struberg[at]yahoo[dot]de Low Vendor pom developer id asabotdu Medium Vendor pom developer id jhartinger Medium Vendor pom developer id mkouba Medium Vendor pom developer id mstruberg Medium Vendor pom developer id pmuir Medium Vendor pom developer name Antoine Sabot-Durand Medium Vendor pom developer name Jozef Hartinger Medium Vendor pom developer name Mark Struberg Medium Vendor pom developer name Martin Kouba Medium Vendor pom developer name Pete Muir Medium Vendor pom developer org Red Hat Inc. Medium Vendor pom groupid javax.enterprise Highest Vendor pom name CDI APIs High Vendor pom organization name JBoss by Red Hat, Inc. High Vendor pom organization url http://jboss.org Medium Vendor pom parent-artifactid weld-parent Low Vendor pom parent-groupid org.jboss.weld Medium Vendor pom url http://cdi-spec.org Highest Product file name cdi-api High Product gradle artifactid cdi-api Highest Product jar package name enterprise Highest Product jar package name javax Highest Product Manifest bundle-docurl http://jboss.org Low Product Manifest Bundle-Name CDI APIs Medium Product Manifest bundle-symbolicname javax.enterprise.cdi-api Medium Product Manifest Implementation-Title CDI APIs High Product Manifest implementation-url http://cdi-spec.org Low Product Manifest specification-title CDI APIs Medium Product pom artifactid cdi-api Highest Product pom developer email asd[at]redhat[dot]com Low Product pom developer email jhartinger[at]redhat[dot]com Low Product pom developer email mkouba[at]redhat[dot]com Low Product pom developer email pmuir[at]redhat[dot]com Low Product pom developer email struberg[at]yahoo[dot]de Low Product pom developer id asabotdu Low Product pom developer id jhartinger Low Product pom developer id mkouba Low Product pom developer id mstruberg Low Product pom developer id pmuir Low Product pom developer name Antoine Sabot-Durand Low Product pom developer name Jozef Hartinger Low Product pom developer name Mark Struberg Low Product pom developer name Martin Kouba Low Product pom developer name Pete Muir Low Product pom developer org Red Hat Inc. Low Product pom groupid javax.enterprise Highest Product pom name CDI APIs High Product pom organization name JBoss by Red Hat, Inc. Low Product pom organization url http://jboss.org Low Product pom parent-artifactid weld-parent Medium Product pom parent-groupid org.jboss.weld Medium Product pom url http://cdi-spec.org Medium Version file version 1.2 High Version gradle version 1.2 Highest Version pom parent-version 1.2 Low Version pom version 1.2 Highest
classgraph-4.8.149.jarDescription:
The uber-fast, ultra-lightweight classpath and module scanner for JVM languages. License:
The MIT License (MIT): http://opensource.org/licenses/MIT File Path: /home/runner/.gradle/caches/modules-2/files-2.1/io.github.classgraph/classgraph/4.8.149/4bc2f188bc9001473d4a26ac488c2ae1a3e906de/classgraph-4.8.149.jar
MD5: 7fca2eb70908395af9ac43858b428c35
SHA1: 4bc2f188bc9001473d4a26ac488c2ae1a3e906de
SHA256: ece8abfe1277450a8b95e57fc56991dca1fd42ffefdad88f65fe171ac576f604
Referenced In Projects/Scopes: embedded-sass-plugin:runtimeClasspath embedded-sass-plugin:compileClasspath classgraph-4.8.149.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.webjars/webjars-locator-core@0.55 pkg:maven/org.webjars/webjars-locator-core@0.55 Evidence Type Source Name Value Confidence Vendor file name classgraph High Vendor gradle artifactid classgraph Highest Vendor gradle groupid io.github.classgraph Highest Vendor jar package name classgraph Highest Vendor jar package name github Highest Vendor jar package name io Highest Vendor jar package name scanner Highest Vendor Manifest build-jdk-spec 1.8 Low Vendor Manifest bundle-category Utilities Low Vendor Manifest bundle-symbolicname io.github.classgraph.classgraph Medium Vendor Manifest multi-release true Low Vendor pom artifactid classgraph Low Vendor pom developer email luke.hutch@gmail.com Low Vendor pom developer name Luke Hutchison Medium Vendor pom developer org ClassGraph Medium Vendor pom developer org URL https://github.com/classgraph Medium Vendor pom groupid io.github.classgraph Highest Vendor pom name ClassGraph High Vendor pom url classgraph/classgraph Highest Product file name classgraph High Product gradle artifactid classgraph Highest Product jar package name classgraph Highest Product jar package name github Highest Product jar package name io Highest Product jar package name scanner Highest Product Manifest build-jdk-spec 1.8 Low Product Manifest bundle-category Utilities Low Product Manifest Bundle-Name ClassGraph Medium Product Manifest bundle-symbolicname io.github.classgraph.classgraph Medium Product Manifest Implementation-Title ClassGraph High Product Manifest multi-release true Low Product Manifest specification-title ClassGraph Medium Product pom artifactid classgraph Highest Product pom developer email luke.hutch@gmail.com Low Product pom developer name Luke Hutchison Low Product pom developer org ClassGraph Low Product pom developer org URL https://github.com/classgraph Low Product pom groupid io.github.classgraph Highest Product pom name ClassGraph High Product pom url classgraph/classgraph High Version file version 4.8.149 High Version gradle version 4.8.149 Highest Version Manifest Bundle-Version 4.8.149 High Version Manifest Implementation-Version 4.8.149 High Version pom version 4.8.149 Highest
classgraph-4.8.165.jarDescription:
The uber-fast, ultra-lightweight classpath and module scanner for JVM languages. License:
The MIT License (MIT): http://opensource.org/licenses/MIT File Path: /home/runner/.gradle/caches/modules-2/files-2.1/io.github.classgraph/classgraph/4.8.165/d7237a1fc235030b7b548eb3d671f714da01e50b/classgraph-4.8.165.jar
MD5: 184a77ae08192b53063aa42e540d2d4a
SHA1: d7237a1fc235030b7b548eb3d671f714da01e50b
SHA256: 5258d9218fc6413f4d14218a5a6e784528e349f60f48883b77de74bb478ebafd
Referenced In Projects/Scopes: documentation:javadocClasspath code-generator-plugin:compileClasspath code-generator-plugin:runtimeClasspath classgraph-4.8.165.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/io.freefair.gradle/embedded-sass-plugin@8.6 pkg:maven/io.freefair.gradle/code-generator-plugin@8.6 pkg:maven/io.freefair.gradle/code-generator-plugin@8.6 pkg:maven/io.freefair.gradle/code-generator-plugin@8.6 Evidence Type Source Name Value Confidence Vendor file name classgraph High Vendor gradle artifactid classgraph Highest Vendor gradle groupid io.github.classgraph Highest Vendor jar package name classgraph Highest Vendor jar package name github Highest Vendor jar package name io Highest Vendor jar package name scanner Highest Vendor Manifest build-jdk-spec 11 Low Vendor Manifest bundle-category Utilities Low Vendor Manifest bundle-symbolicname io.github.classgraph.classgraph Medium Vendor Manifest multi-release true Low Vendor pom artifactid classgraph Low Vendor pom developer email luke.hutch@gmail.com Low Vendor pom developer name Luke Hutchison Medium Vendor pom developer org ClassGraph Medium Vendor pom developer org URL https://github.com/classgraph Medium Vendor pom groupid io.github.classgraph Highest Vendor pom name ClassGraph High Vendor pom url classgraph/classgraph Highest Product file name classgraph High Product gradle artifactid classgraph Highest Product jar package name classgraph Highest Product jar package name github Highest Product jar package name io Highest Product jar package name scanner Highest Product Manifest build-jdk-spec 11 Low Product Manifest bundle-category Utilities Low Product Manifest Bundle-Name ClassGraph Medium Product Manifest bundle-symbolicname io.github.classgraph.classgraph Medium Product Manifest Implementation-Title ClassGraph High Product Manifest multi-release true Low Product Manifest specification-title ClassGraph Medium Product pom artifactid classgraph Highest Product pom developer email luke.hutch@gmail.com Low Product pom developer name Luke Hutchison Low Product pom developer org ClassGraph Low Product pom developer org URL https://github.com/classgraph Low Product pom groupid io.github.classgraph Highest Product pom name ClassGraph High Product pom url classgraph/classgraph High Version file version 4.8.165 High Version gradle version 4.8.165 Highest Version Manifest Bundle-Version 4.8.165 High Version Manifest Implementation-Version 4.8.165 High Version pom version 4.8.165 Highest
code-generator-api-8.6.jarFile Path: /home/runner/work/gradle-plugins/gradle-plugins/code-generator-api/build/libs/code-generator-api-8.6.jarMD5: a9bf4c79af632dea3fc9278dfb871b71SHA1: 1c60db1b3908910175c3b42fbae68128b0ce2536SHA256: cf0d967dcfdc8d562d9fbead9a875710add68e72e3b6345df2dfecaa1aa48c85Referenced In Projects/Scopes:
documentation:javadocClasspath code-generator-plugin:compileClasspath test-code-generator:compileClasspath test-code-generator:runtimeClasspath code-generator-plugin:runtimeClasspath code-generator-api-8.6.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/io.freefair.gradle/code-generator-plugin@8.6 pkg:maven/io.freefair.gradle/test-code-generator@8.6 pkg:maven/io.freefair.gradle/documentation@8.6 pkg:maven/io.freefair.gradle/test-code-generator@8.6 pkg:maven/io.freefair.gradle/code-generator-plugin@8.6 pkg:maven/io.freefair.gradle/code-generator-plugin@8.6 pkg:maven/io.freefair.gradle/test-code-generator@8.6 Evidence Type Source Name Value Confidence Vendor file name code-generator-api High Vendor gradle artifactid code-generator-api Highest Vendor gradle groupid io.freefair.gradle Highest Vendor jar package name freefair Low Vendor jar package name gradle Low Vendor jar package name io Low Product file name code-generator-api High Product gradle artifactid code-generator-api Highest Product jar package name codegenerator Low Product jar package name freefair Low Product jar package name gradle Low Version file version 8.6 High Version Manifest Implementation-Version 8.6 High
code-generator-plugin-8.6.jarFile Path: /home/runner/work/gradle-plugins/gradle-plugins/code-generator-plugin/build/libs/code-generator-plugin-8.6.jarMD5: 6d991261a47e83acb25e58bcce61bca0SHA1: 87a9d6516a522d5b7c0e2a817787fba511d5551cSHA256: 196ae5a69ed4a43e8d1ae6719dc3e675fde45835802f3aca447e34e01743710aReferenced In Project/Scope: documentation:javadocClasspathcode-generator-plugin-8.6.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/io.freefair.gradle/documentation@8.6
Evidence Type Source Name Value Confidence Vendor file name code-generator-plugin High Vendor gradle artifactid code-generator-plugin Highest Vendor gradle groupid io.freefair.gradle Highest Vendor jar package name freefair Low Vendor jar package name gradle Low Vendor jar package name io Low Product file name code-generator-plugin High Product gradle artifactid code-generator-plugin Highest Product jar package name freefair Low Product jar package name gradle Low Product jar package name plugin Low Version file version 8.6 High Version Manifest Implementation-Version 8.6 High
commons-codec-1.11.jarDescription:
The Apache Commons Codec package contains simple encoder and decoders for
various formats such as Base64 and Hexadecimal. In addition to these
widely used encoders and decoders, the codec package also maintains a
collection of phonetic encoding utilities.
License:
https://www.apache.org/licenses/LICENSE-2.0.txt File Path: /home/runner/.gradle/caches/modules-2/files-2.1/commons-codec/commons-codec/1.11/3acb4705652e16236558f0f4f2192cc33c3bd189/commons-codec-1.11.jar
MD5: 567159b1ae257a43e1391a8f59d24cfe
SHA1: 3acb4705652e16236558f0f4f2192cc33c3bd189
SHA256: e599d5318e97aa48f42136a2927e6dfa4e8881dff0e6c8e3109ddbbff51d7b7d
Referenced In Projects/Scopes: documentation:javadocClasspath maven-plugin-plugin:compileClasspath maven-plugin-plugin:runtimeClasspath commons-codec-1.11.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/io.freefair.gradle/maven-plugin-plugin@8.6 pkg:maven/org.apache.maven.plugins/maven-plugin-plugin@3.11.0 pkg:maven/org.apache.maven.plugin-tools/maven-plugin-tools-annotations@3.11.0 pkg:maven/org.apache.maven.plugin-tools/maven-plugin-tools-annotations@3.11.0 pkg:maven/org.apache.maven.plugins/maven-plugin-plugin@3.11.0 pkg:maven/org.apache.maven.plugin-tools/maven-plugin-tools-generators@3.11.0 pkg:maven/org.apache.maven.plugin-tools/maven-plugin-tools-generators@3.11.0 Evidence Type Source Name Value Confidence Vendor file name commons-codec High Vendor gradle artifactid commons-codec Highest Vendor gradle groupid commons-codec Highest Vendor jar package name apache Highest Vendor jar package name codec Highest Vendor jar package name commons Highest Vendor jar package name encoder Highest Vendor Manifest automatic-module-name org.apache.commons.codec Medium Vendor Manifest bundle-docurl http://commons.apache.org/proper/commons-codec/ Low Vendor Manifest bundle-symbolicname org.apache.commons.codec Medium Vendor Manifest implementation-url http://commons.apache.org/proper/commons-codec/ Low Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor Manifest Implementation-Vendor-Id commons-codec Medium Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor pom artifactid commons-codec Low Vendor pom developer email bayard@apache.org Low Vendor pom developer email dgraham@apache.org Low Vendor pom developer email dlr@finemaltcoding.com Low Vendor pom developer email ggregory@apache.org Low Vendor pom developer email jon@collab.net Low Vendor pom developer email julius@apache.org Low Vendor pom developer email rwaldhoff@apache.org Low Vendor pom developer email sanders@totalsync.com Low Vendor pom developer email tn@apache.org Low Vendor pom developer email tobrien@apache.org Low Vendor pom developer id bayard Medium Vendor pom developer id dgraham Medium Vendor pom developer id dlr Medium Vendor pom developer id ggregory Medium Vendor pom developer id jon Medium Vendor pom developer id julius Medium Vendor pom developer id rwaldhoff Medium Vendor pom developer id sanders Medium Vendor pom developer id tn Medium Vendor pom developer id tobrien Medium Vendor pom developer name Daniel Rall Medium Vendor pom developer name David Graham Medium Vendor pom developer name Gary Gregory Medium Vendor pom developer name Henri Yandell Medium Vendor pom developer name Jon S. Stevens Medium Vendor pom developer name Julius Davies Medium Vendor pom developer name Rodney Waldhoff Medium Vendor pom developer name Scott Sanders Medium Vendor pom developer name Thomas Neidhart Medium Vendor pom developer name Tim OBrien Medium Vendor pom developer org URL http://juliusdavies.ca/ Medium Vendor pom groupid commons-codec Highest Vendor pom name Apache Commons Codec High Vendor pom parent-artifactid commons-parent Low Vendor pom parent-groupid org.apache.commons Medium Vendor pom url http://commons.apache.org/proper/commons-codec/ Highest Product file name commons-codec High Product gradle artifactid commons-codec Highest Product jar package name apache Highest Product jar package name codec Highest Product jar package name commons Highest Product jar package name encoder Highest Product Manifest automatic-module-name org.apache.commons.codec Medium Product Manifest bundle-docurl http://commons.apache.org/proper/commons-codec/ Low Product Manifest Bundle-Name Apache Commons Codec Medium Product Manifest bundle-symbolicname org.apache.commons.codec Medium Product Manifest Implementation-Title Apache Commons Codec High Product Manifest implementation-url http://commons.apache.org/proper/commons-codec/ Low Product Manifest specification-title Apache Commons Codec Medium Product pom artifactid commons-codec Highest Product pom developer email bayard@apache.org Low Product pom developer email dgraham@apache.org Low Product pom developer email dlr@finemaltcoding.com Low Product pom developer email ggregory@apache.org Low Product pom developer email jon@collab.net Low Product pom developer email julius@apache.org Low Product pom developer email rwaldhoff@apache.org Low Product pom developer email sanders@totalsync.com Low Product pom developer email tn@apache.org Low Product pom developer email tobrien@apache.org Low Product pom developer id bayard Low Product pom developer id dgraham Low Product pom developer id dlr Low Product pom developer id ggregory Low Product pom developer id jon Low Product pom developer id julius Low Product pom developer id rwaldhoff Low Product pom developer id sanders Low Product pom developer id tn Low Product pom developer id tobrien Low Product pom developer name Daniel Rall Low Product pom developer name David Graham Low Product pom developer name Gary Gregory Low Product pom developer name Henri Yandell Low Product pom developer name Jon S. Stevens Low Product pom developer name Julius Davies Low Product pom developer name Rodney Waldhoff Low Product pom developer name Scott Sanders Low Product pom developer name Thomas Neidhart Low Product pom developer name Tim OBrien Low Product pom developer org URL http://juliusdavies.ca/ Low Product pom groupid commons-codec Highest Product pom name Apache Commons Codec High Product pom parent-artifactid commons-parent Medium Product pom parent-groupid org.apache.commons Medium Product pom url http://commons.apache.org/proper/commons-codec/ Medium Version file version 1.11 High Version gradle version 1.11 Highest Version Manifest Implementation-Version 1.11 High Version pom parent-version 1.11 Low Version pom version 1.11 Highest
commons-collections-3.2.1.jarDescription:
Types that extend and augment the Java Collections Framework. License:
http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /home/runner/.gradle/caches/modules-2/files-2.1/commons-collections/commons-collections/3.2.1/761ea405b9b37ced573d2df0d1e3a4e0f9edc668/commons-collections-3.2.1.jar
MD5: 13bc641afd7fd95e09b260f69c1e4c91
SHA1: 761ea405b9b37ced573d2df0d1e3a4e0f9edc668
SHA256: 87363a4c94eaabeefd8b930cb059f66b64c9f7d632862f23de3012da7660047b
Referenced In Projects/Scopes: documentation:javadocClasspath maven-plugin-plugin:compileClasspath maven-plugin-plugin:runtimeClasspath commons-collections-3.2.1.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/io.freefair.gradle/maven-plugin-plugin@8.6 pkg:maven/org.apache.maven.plugins/maven-plugin-plugin@3.11.0 pkg:maven/org.apache.maven.plugins/maven-plugin-plugin@3.11.0 pkg:maven/org.apache.maven.plugin-tools/maven-plugin-tools-generators@3.11.0 pkg:maven/org.apache.maven.plugin-tools/maven-plugin-tools-generators@3.11.0 Evidence Type Source Name Value Confidence Vendor file name commons-collections High Vendor gradle artifactid commons-collections Highest Vendor gradle groupid commons-collections Highest Vendor jar package name apache Highest Vendor jar package name collections Highest Vendor jar package name commons Highest Vendor Manifest bundle-docurl http://commons.apache.org/collections/ Low Vendor Manifest bundle-symbolicname org.apache.commons.collections Medium Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor Manifest Implementation-Vendor-Id org.apache Medium Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor pom artifactid commons-collections Low Vendor pom developer id amamment Medium Vendor pom developer id bayard Medium Vendor pom developer id craigmcc Medium Vendor pom developer id geirm Medium Vendor pom developer id jcarman Medium Vendor pom developer id matth Medium Vendor pom developer id morgand Medium Vendor pom developer id psteitz Medium Vendor pom developer id rdonkin Medium Vendor pom developer id rwaldhoff Medium Vendor pom developer id scolebourne Medium Vendor pom developer name Arun M. Thomas Medium Vendor pom developer name Craig McClanahan Medium Vendor pom developer name Geir Magnusson Medium Vendor pom developer name Henri Yandell Medium Vendor pom developer name James Carman Medium Vendor pom developer name Matthew Hawthorne Medium Vendor pom developer name Morgan Delagrange Medium Vendor pom developer name Phil Steitz Medium Vendor pom developer name Robert Burrell Donkin Medium Vendor pom developer name Rodney Waldhoff Medium Vendor pom developer name Stephen Colebourne Medium Vendor pom groupid commons-collections Highest Vendor pom name Commons Collections High Vendor pom parent-artifactid commons-parent Low Vendor pom parent-groupid org.apache.commons Medium Vendor pom url http://commons.apache.org/collections/ Highest Product file name commons-collections High Product gradle artifactid commons-collections Highest Product jar package name apache Highest Product jar package name collections Highest Product jar package name commons Highest Product Manifest bundle-docurl http://commons.apache.org/collections/ Low Product Manifest Bundle-Name Commons Collections Medium Product Manifest bundle-symbolicname org.apache.commons.collections Medium Product Manifest Implementation-Title Commons Collections High Product Manifest specification-title Commons Collections Medium Product pom artifactid commons-collections Highest Product pom developer id amamment Low Product pom developer id bayard Low Product pom developer id craigmcc Low Product pom developer id geirm Low Product pom developer id jcarman Low Product pom developer id matth Low Product pom developer id morgand Low Product pom developer id psteitz Low Product pom developer id rdonkin Low Product pom developer id rwaldhoff Low Product pom developer id scolebourne Low Product pom developer name Arun M. Thomas Low Product pom developer name Craig McClanahan Low Product pom developer name Geir Magnusson Low Product pom developer name Henri Yandell Low Product pom developer name James Carman Low Product pom developer name Matthew Hawthorne Low Product pom developer name Morgan Delagrange Low Product pom developer name Phil Steitz Low Product pom developer name Robert Burrell Donkin Low Product pom developer name Rodney Waldhoff Low Product pom developer name Stephen Colebourne Low Product pom groupid commons-collections Highest Product pom name Commons Collections High Product pom parent-artifactid commons-parent Medium Product pom parent-groupid org.apache.commons Medium Product pom url http://commons.apache.org/collections/ Medium Version file version 3.2.1 High Version gradle version 3.2.1 Highest Version Manifest Bundle-Version 3.2.1 High Version Manifest Implementation-Version 3.2.1 High Version pom parent-version 3.2.1 Low Version pom version 3.2.1 Highest
CVE-2015-6420 suppress
Serialized-object interfaces in certain Cisco Collaboration and Social Media; Endpoint Clients and Client Software; Network Application, Service, and Acceleration; Network and Content Security Devices; Network Management and Provisioning; Routing and Switching - Enterprise and Service Provider; Unified Computing; Voice and Unified Communications Devices; Video, Streaming, TelePresence, and Transcoding Devices; Wireless; and Cisco Hosted Services products allow remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections (ACC) library. CWE-502 Deserialization of Untrusted Data
CVSSv2:
Base Score: HIGH (7.5) Vector: /AV:N/AC:L/Au:N/C:P/I:P/A:P References:
Vulnerable Software & Versions: (show all )
commons-compress-1.25.0.jarDescription:
Apache Commons Compress defines an API for working with
compression and archive formats. These include: bzip2, gzip, pack200,
LZMA, XZ, Snappy, traditional Unix Compress, DEFLATE, DEFLATE64, LZ4,
Brotli, Zstandard and ar, cpio, jar, tar, zip, dump, 7z, arj.
License:
https://www.apache.org/licenses/LICENSE-2.0.txt File Path: /home/runner/.gradle/caches/modules-2/files-2.1/org.apache.commons/commons-compress/1.25.0/9d35aec423da6c8a7f93d7e9e1c6b1d9fe14bb5e/commons-compress-1.25.0.jar
MD5: 45f94488e95ceeaf2f401c4f5542b35c
SHA1: 9d35aec423da6c8a7f93d7e9e1c6b1d9fe14bb5e
SHA256: d0ec8014ebbb0749f471803122b21796afddf2e98e194e4374622e5fbaf69f49
Referenced In Projects/Scopes: documentation:javadocClasspath compress-plugin:compileClasspath compress-plugin:runtimeClasspath maven-plugin-plugin:compileClasspath maven-plugin-plugin:runtimeClasspath commons-compress-1.25.0.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/io.freefair.gradle/compress-plugin@8.6 pkg:maven/io.freefair.gradle/maven-plugin-plugin@8.6 pkg:maven/org.apache.maven.plugins/maven-plugin-plugin@3.11.0 pkg:maven/org.apache.maven.plugin-tools/maven-plugin-tools-annotations@3.11.0 pkg:maven/org.apache.maven.plugin-tools/maven-plugin-tools-annotations@3.11.0 pkg:maven/io.freefair.gradle/compress-plugin@8.6 pkg:maven/io.freefair.gradle/compress-plugin@8.6 Evidence Type Source Name Value Confidence Vendor file name commons-compress High Vendor gradle artifactid commons-compress Highest Vendor gradle groupid org.apache.commons Highest Vendor jar package name apache Highest Vendor jar package name commons Highest Vendor jar package name compress Highest Vendor Manifest automatic-module-name org.apache.commons.compress Medium Vendor Manifest build-jdk-spec 21 Low Vendor Manifest bundle-docurl https://commons.apache.org/proper/commons-compress/ Low Vendor Manifest bundle-symbolicname org.apache.commons.commons-compress Medium Vendor Manifest extension-name org.apache.commons.compress Medium Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor Manifest Implementation-Vendor-Id org.apache Medium Vendor Manifest multi-release true Low Vendor Manifest originally-created-by Apache Maven Bundle Plugin 5.1.9 Low Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor pom artifactid commons-compress Low Vendor pom developer email bodewig at apache.org Low Vendor pom developer email chtompki at apache.org Low Vendor pom developer email damjan at apache.org Low Vendor pom developer email ebourg at apache.org Low Vendor pom developer email ggregory at apache.org Low Vendor pom developer email grobmeier at apache.org Low Vendor pom developer email julius at apache.org Low Vendor pom developer email peterlee at apache.org Low Vendor pom developer email sebb at apache.org Low Vendor pom developer email tcurdt at apache.org Low Vendor pom developer id bodewig Medium Vendor pom developer id chtompki Medium Vendor pom developer id damjan Medium Vendor pom developer id ebourg Medium Vendor pom developer id ggregory Medium Vendor pom developer id grobmeier Medium Vendor pom developer id julius Medium Vendor pom developer id peterlee Medium Vendor pom developer id sebb Medium Vendor pom developer id tcurdt Medium Vendor pom developer name Christian Grobmeier Medium Vendor pom developer name Damjan Jovanovic Medium Vendor pom developer name Emmanuel Bourg Medium Vendor pom developer name Gary Gregory Medium Vendor pom developer name Julius Davies Medium Vendor pom developer name Peter Alfred Lee Medium Vendor pom developer name Rob Tompkins Medium Vendor pom developer name Sebastian Bazley Medium Vendor pom developer name Stefan Bodewig Medium Vendor pom developer name Torsten Curdt Medium Vendor pom developer org The Apache Software Foundation Medium Vendor pom developer org URL https://www.apache.org/ Medium Vendor pom groupid org.apache.commons Highest Vendor pom name Apache Commons Compress High Vendor pom parent-artifactid commons-parent Low Vendor pom url https://commons.apache.org/proper/commons-compress/ Highest Product file name commons-compress High Product gradle artifactid commons-compress Highest Product jar package name 9 Highest Product jar package name apache Highest Product jar package name commons Highest Product jar package name compress Highest Product Manifest automatic-module-name org.apache.commons.compress Medium Product Manifest build-jdk-spec 21 Low Product Manifest bundle-docurl https://commons.apache.org/proper/commons-compress/ Low Product Manifest Bundle-Name Apache Commons Compress Medium Product Manifest bundle-symbolicname org.apache.commons.commons-compress Medium Product Manifest extension-name org.apache.commons.compress Medium Product Manifest Implementation-Title Apache Commons Compress High Product Manifest multi-release true Low Product Manifest originally-created-by Apache Maven Bundle Plugin 5.1.9 Low Product Manifest specification-title Apache Commons Compress Medium Product pom artifactid commons-compress Highest Product pom developer email bodewig at apache.org Low Product pom developer email chtompki at apache.org Low Product pom developer email damjan at apache.org Low Product pom developer email ebourg at apache.org Low Product pom developer email ggregory at apache.org Low Product pom developer email grobmeier at apache.org Low Product pom developer email julius at apache.org Low Product pom developer email peterlee at apache.org Low Product pom developer email sebb at apache.org Low Product pom developer email tcurdt at apache.org Low Product pom developer id bodewig Low Product pom developer id chtompki Low Product pom developer id damjan Low Product pom developer id ebourg Low Product pom developer id ggregory Low Product pom developer id grobmeier Low Product pom developer id julius Low Product pom developer id peterlee Low Product pom developer id sebb Low Product pom developer id tcurdt Low Product pom developer name Christian Grobmeier Low Product pom developer name Damjan Jovanovic Low Product pom developer name Emmanuel Bourg Low Product pom developer name Gary Gregory Low Product pom developer name Julius Davies Low Product pom developer name Peter Alfred Lee Low Product pom developer name Rob Tompkins Low Product pom developer name Sebastian Bazley Low Product pom developer name Stefan Bodewig Low Product pom developer name Torsten Curdt Low Product pom developer org The Apache Software Foundation Low Product pom developer org URL https://www.apache.org/ Low Product pom groupid org.apache.commons Highest Product pom name Apache Commons Compress High Product pom parent-artifactid commons-parent Medium Product pom url https://commons.apache.org/proper/commons-compress/ Medium Version file version 1.25.0 High Version gradle version 1.25.0 Highest Version Manifest Bundle-Version 1.25.0 High Version Manifest Implementation-Version 1.25.0 High Version pom parent-version 1.25.0 Low Version pom version 1.25.0 Highest
commons-io-2.15.1.jarDescription:
The Apache Commons IO library contains utility classes, stream implementations, file filters,
file comparators, endian transformation classes, and much more.
License:
https://www.apache.org/licenses/LICENSE-2.0.txt File Path: /home/runner/.gradle/caches/modules-2/files-2.1/commons-io/commons-io/2.15.1/f11560da189ab563a5c8e351941415430e9304ea/commons-io-2.15.1.jar
MD5: 84351f7991a0e6722f00e96a4ccc376f
SHA1: f11560da189ab563a5c8e351941415430e9304ea
SHA256: a58af12ee1b68cfd2ebb0c27caef164f084381a00ec81a48cc275fd7ea54e154
Referenced In Projects/Scopes: documentation:javadocClasspath maven-plugin-plugin:compileClasspath maven-plugin-plugin:runtimeClasspath commons-io-2.15.1.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/io.freefair.gradle/maven-plugin-plugin@8.6 pkg:maven/org.apache.maven.plugins/maven-plugin-plugin@3.11.0 pkg:maven/org.apache.maven.plugin-tools/maven-plugin-tools-annotations@3.11.0 pkg:maven/org.apache.maven.plugin-tools/maven-plugin-tools-annotations@3.11.0 Evidence Type Source Name Value Confidence Vendor file name commons-io High Vendor gradle artifactid commons-io Highest Vendor gradle groupid commons-io Highest Vendor jar package name apache Highest Vendor jar package name commons Highest Vendor jar package name file Highest Vendor jar package name io Highest Vendor Manifest automatic-module-name org.apache.commons.io Medium Vendor Manifest build-jdk-spec 21 Low Vendor Manifest bundle-docurl https://commons.apache.org/proper/commons-io/ Low Vendor Manifest bundle-symbolicname org.apache.commons.commons-io Medium Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor Manifest multi-release true Low Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor pom artifactid commons-io Low Vendor pom developer email bayard@apache.org Low Vendor pom developer email dion@apache.org Low Vendor pom developer email ggregory at apache.org Low Vendor pom developer email jeremias@apache.org Low Vendor pom developer email jochen.wiedmann@gmail.com Low Vendor pom developer email krosenvold@apache.org Low Vendor pom developer email martinc@apache.org Low Vendor pom developer email matth@apache.org Low Vendor pom developer email nicolaken@apache.org Low Vendor pom developer email roxspring@apache.org Low Vendor pom developer email sanders@apache.org Low Vendor pom developer id bayard Medium Vendor pom developer id dion Medium Vendor pom developer id ggregory Medium Vendor pom developer id jeremias Medium Vendor pom developer id jochen Medium Vendor pom developer id jukka Medium Vendor pom developer id krosenvold Medium Vendor pom developer id martinc Medium Vendor pom developer id matth Medium Vendor pom developer id niallp Medium Vendor pom developer id nicolaken Medium Vendor pom developer id roxspring Medium Vendor pom developer id sanders Medium Vendor pom developer id scolebourne Medium Vendor pom developer name dIon Gillard Medium Vendor pom developer name Gary Gregory Medium Vendor pom developer name Henri Yandell Medium Vendor pom developer name Jeremias Maerki Medium Vendor pom developer name Jochen Wiedmann Medium Vendor pom developer name Jukka Zitting Medium Vendor pom developer name Kristian Rosenvold Medium Vendor pom developer name Martin Cooper Medium Vendor pom developer name Matthew Hawthorne Medium Vendor pom developer name Niall Pemberton Medium Vendor pom developer name Nicola Ken Barozzi Medium Vendor pom developer name Rob Oxspring Medium Vendor pom developer name Scott Sanders Medium Vendor pom developer name Stephen Colebourne Medium Vendor pom developer org The Apache Software Foundation Medium Vendor pom developer org URL https://www.apache.org/ Medium Vendor pom groupid commons-io Highest Vendor pom name Apache Commons IO High Vendor pom parent-artifactid commons-parent Low Vendor pom parent-groupid org.apache.commons Medium Vendor pom url https://commons.apache.org/proper/commons-io/ Highest Product file name commons-io High Product gradle artifactid commons-io Highest Product jar package name apache Highest Product jar package name commons Highest Product jar package name file Highest Product jar package name io Highest Product Manifest automatic-module-name org.apache.commons.io Medium Product Manifest build-jdk-spec 21 Low Product Manifest bundle-docurl https://commons.apache.org/proper/commons-io/ Low Product Manifest Bundle-Name Apache Commons IO Medium Product Manifest bundle-symbolicname org.apache.commons.commons-io Medium Product Manifest Implementation-Title Apache Commons IO High Product Manifest multi-release true Low Product Manifest specification-title Apache Commons IO Medium Product pom artifactid commons-io Highest Product pom developer email bayard@apache.org Low Product pom developer email dion@apache.org Low Product pom developer email ggregory at apache.org Low Product pom developer email jeremias@apache.org Low Product pom developer email jochen.wiedmann@gmail.com Low Product pom developer email krosenvold@apache.org Low Product pom developer email martinc@apache.org Low Product pom developer email matth@apache.org Low Product pom developer email nicolaken@apache.org Low Product pom developer email roxspring@apache.org Low Product pom developer email sanders@apache.org Low Product pom developer id bayard Low Product pom developer id dion Low Product pom developer id ggregory Low Product pom developer id jeremias Low Product pom developer id jochen Low Product pom developer id jukka Low Product pom developer id krosenvold Low Product pom developer id martinc Low Product pom developer id matth Low Product pom developer id niallp Low Product pom developer id nicolaken Low Product pom developer id roxspring Low Product pom developer id sanders Low Product pom developer id scolebourne Low Product pom developer name dIon Gillard Low Product pom developer name Gary Gregory Low Product pom developer name Henri Yandell Low Product pom developer name Jeremias Maerki Low Product pom developer name Jochen Wiedmann Low Product pom developer name Jukka Zitting Low Product pom developer name Kristian Rosenvold Low Product pom developer name Martin Cooper Low Product pom developer name Matthew Hawthorne Low Product pom developer name Niall Pemberton Low Product pom developer name Nicola Ken Barozzi Low Product pom developer name Rob Oxspring Low Product pom developer name Scott Sanders Low Product pom developer name Stephen Colebourne Low Product pom developer org The Apache Software Foundation Low Product pom developer org URL https://www.apache.org/ Low Product pom groupid commons-io Highest Product pom name Apache Commons IO High Product pom parent-artifactid commons-parent Medium Product pom parent-groupid org.apache.commons Medium Product pom url https://commons.apache.org/proper/commons-io/ Medium Version file version 2.15.1 High Version gradle version 2.15.1 Highest Version Manifest Bundle-Version 2.15.1 High Version Manifest Implementation-Version 2.15.1 High Version pom parent-version 2.15.1 Low Version pom version 2.15.1 Highest
commons-lang-2.4.jarDescription:
Commons Lang, a package of Java utility classes for the
classes that are in java.lang's hierarchy, or are considered to be so
standard as to justify existence in java.lang.
License:
http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /home/runner/.gradle/caches/modules-2/files-2.1/commons-lang/commons-lang/2.4/16313e02a793435009f1e458fa4af5d879f6fb11/commons-lang-2.4.jar
MD5: 237a8e845441bad2e535c57d985c8204
SHA1: 16313e02a793435009f1e458fa4af5d879f6fb11
SHA256: 2c73b940c91250bc98346926270f13a6a10bb6e29d2c9316a70d134e382c873e
Referenced In Projects/Scopes: documentation:javadocClasspath maven-plugin-plugin:compileClasspath maven-plugin-plugin:runtimeClasspath commons-lang-2.4.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/io.freefair.gradle/maven-plugin-plugin@8.6 pkg:maven/org.apache.maven.plugins/maven-plugin-plugin@3.11.0 pkg:maven/org.apache.maven.plugins/maven-plugin-plugin@3.11.0 pkg:maven/org.apache.maven.plugin-tools/maven-plugin-tools-generators@3.11.0 pkg:maven/org.apache.maven.plugin-tools/maven-plugin-tools-generators@3.11.0 Evidence Type Source Name Value Confidence Vendor file name commons-lang High Vendor gradle artifactid commons-lang Highest Vendor gradle groupid commons-lang Highest Vendor jar package name apache Highest Vendor jar package name commons Highest Vendor jar package name lang Highest Vendor Manifest bundle-docurl http://commons.apache.org/lang/ Low Vendor Manifest bundle-symbolicname org.apache.commons.lang Medium Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor Manifest Implementation-Vendor-Id org.apache Medium Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor pom artifactid commons-lang Low Vendor pom developer email bayard@apache.org Low Vendor pom developer email dlr@finemaltcoding.com Low Vendor pom developer email ggregory@seagullsw.com Low Vendor pom developer email jcarman@apache.org Low Vendor pom developer email phil@steitz.com Low Vendor pom developer email rdonkin@apache.org Low Vendor pom developer email scolebourne@joda.org Low Vendor pom developer email stevencaswell@apache.org Low Vendor pom developer id bayard Medium Vendor pom developer id dlr Medium Vendor pom developer id fredrik Medium Vendor pom developer id ggregory Medium Vendor pom developer id jcarman Medium Vendor pom developer id mbenson Medium Vendor pom developer id niallp Medium Vendor pom developer id psteitz Medium Vendor pom developer id rdonkin Medium Vendor pom developer id scaswell Medium Vendor pom developer id scolebourne Medium Vendor pom developer name Daniel Rall Medium Vendor pom developer name Fredrik Westermarck Medium Vendor pom developer name Gary D. Gregory Medium Vendor pom developer name Henri Yandell Medium Vendor pom developer name James Carman Medium Vendor pom developer name Matt Benson Medium Vendor pom developer name Niall Pemberton Medium Vendor pom developer name Phil Steitz Medium Vendor pom developer name Robert Burrell Donkin Medium Vendor pom developer name Stephen Colebourne Medium Vendor pom developer name Steven Caswell Medium Vendor pom developer org Carman Consulting, Inc. Medium Vendor pom developer org CollabNet, Inc. Medium Vendor pom developer org Seagull Software Medium Vendor pom developer org SITA ATS Ltd Medium Vendor pom groupid commons-lang Highest Vendor pom name Commons Lang High Vendor pom parent-artifactid commons-parent Low Vendor pom parent-groupid org.apache.commons Medium Vendor pom url http://commons.apache.org/lang/ Highest Product file name commons-lang High Product gradle artifactid commons-lang Highest Product jar package name apache Highest Product jar package name commons Highest Product jar package name lang Highest Product Manifest bundle-docurl http://commons.apache.org/lang/ Low Product Manifest Bundle-Name Commons Lang Medium Product Manifest bundle-symbolicname org.apache.commons.lang Medium Product Manifest Implementation-Title Commons Lang High Product Manifest specification-title Commons Lang Medium Product pom artifactid commons-lang Highest Product pom developer email bayard@apache.org Low Product pom developer email dlr@finemaltcoding.com Low Product pom developer email ggregory@seagullsw.com Low Product pom developer email jcarman@apache.org Low Product pom developer email phil@steitz.com Low Product pom developer email rdonkin@apache.org Low Product pom developer email scolebourne@joda.org Low Product pom developer email stevencaswell@apache.org Low Product pom developer id bayard Low Product pom developer id dlr Low Product pom developer id fredrik Low Product pom developer id ggregory Low Product pom developer id jcarman Low Product pom developer id mbenson Low Product pom developer id niallp Low Product pom developer id psteitz Low Product pom developer id rdonkin Low Product pom developer id scaswell Low Product pom developer id scolebourne Low Product pom developer name Daniel Rall Low Product pom developer name Fredrik Westermarck Low Product pom developer name Gary D. Gregory Low Product pom developer name Henri Yandell Low Product pom developer name James Carman Low Product pom developer name Matt Benson Low Product pom developer name Niall Pemberton Low Product pom developer name Phil Steitz Low Product pom developer name Robert Burrell Donkin Low Product pom developer name Stephen Colebourne Low Product pom developer name Steven Caswell Low Product pom developer org Carman Consulting, Inc. Low Product pom developer org CollabNet, Inc. Low Product pom developer org Seagull Software Low Product pom developer org SITA ATS Ltd Low Product pom groupid commons-lang Highest Product pom name Commons Lang High Product pom parent-artifactid commons-parent Medium Product pom parent-groupid org.apache.commons Medium Product pom url http://commons.apache.org/lang/ Medium Version file version 2.4 High Version gradle version 2.4 Highest Version Manifest Bundle-Version 2.4 High Version Manifest Implementation-Version 2.4 High Version pom parent-version 2.4 Low Version pom version 2.4 Highest
commons-logging-1.2.jarDescription:
Apache Commons Logging is a thin adapter allowing configurable bridging to other,
well known logging systems. License:
http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /home/runner/.gradle/caches/modules-2/files-2.1/commons-logging/commons-logging/1.2/4bfc12adfe4842bf07b657f0369c4cb522955686/commons-logging-1.2.jar
MD5: 040b4b4d8eac886f6b4a2a3bd2f31b00
SHA1: 4bfc12adfe4842bf07b657f0369c4cb522955686
SHA256: daddea1ea0be0f56978ab3006b8ac92834afeefbd9b7e4e6316fca57df0fa636
Referenced In Projects/Scopes: documentation:javadocClasspath maven-plugin-plugin:compileClasspath maven-plugin-plugin:runtimeClasspath commons-logging-1.2.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/io.freefair.gradle/maven-plugin-plugin@8.6 pkg:maven/org.apache.maven.plugins/maven-plugin-plugin@3.11.0 pkg:maven/org.apache.maven.plugin-tools/maven-plugin-tools-annotations@3.11.0 pkg:maven/org.apache.maven.plugin-tools/maven-plugin-tools-annotations@3.11.0 pkg:maven/org.apache.maven.plugins/maven-plugin-plugin@3.11.0 pkg:maven/org.apache.maven.plugin-tools/maven-plugin-tools-generators@3.11.0 pkg:maven/org.apache.maven.plugin-tools/maven-plugin-tools-generators@3.11.0 Evidence Type Source Name Value Confidence Vendor file name commons-logging High Vendor gradle artifactid commons-logging Highest Vendor gradle groupid commons-logging Highest Vendor jar package name apache Highest Vendor jar package name commons Highest Vendor jar package name logging Highest Vendor Manifest bundle-docurl http://commons.apache.org/proper/commons-logging/ Low Vendor Manifest bundle-symbolicname org.apache.commons.logging Medium Vendor Manifest implementation-build tags/LOGGING_1_2_RC2@r1608092; 2014-07-05 20:11:44+0200 Low Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor Manifest Implementation-Vendor-Id org.apache Medium Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor pom artifactid commons-logging Low Vendor pom developer email baliuka@apache.org Low Vendor pom developer email costin@apache.org Low Vendor pom developer email craigmcc@apache.org Low Vendor pom developer email dennisl@apache.org Low Vendor pom developer email donaldp@apache.org Low Vendor pom developer email morgand@apache.org Low Vendor pom developer email rdonkin@apache.org Low Vendor pom developer email rsitze@apache.org Low Vendor pom developer email rwaldhoff@apache.org Low Vendor pom developer email sanders@apache.org Low Vendor pom developer email skitching@apache.org Low Vendor pom developer email tn@apache.org Low Vendor pom developer id baliuka Medium Vendor pom developer id bstansberry Medium Vendor pom developer id costin Medium Vendor pom developer id craigmcc Medium Vendor pom developer id dennisl Medium Vendor pom developer id donaldp Medium Vendor pom developer id morgand Medium Vendor pom developer id rdonkin Medium Vendor pom developer id rsitze Medium Vendor pom developer id rwaldhoff Medium Vendor pom developer id sanders Medium Vendor pom developer id skitching Medium Vendor pom developer id tn Medium Vendor pom developer name Brian Stansberry Medium Vendor pom developer name Costin Manolache Medium Vendor pom developer name Craig McClanahan Medium Vendor pom developer name Dennis Lundberg Medium Vendor pom developer name Juozas Baliuka Medium Vendor pom developer name Morgan Delagrange Medium Vendor pom developer name Peter Donald Medium Vendor pom developer name Richard Sitze Medium Vendor pom developer name Robert Burrell Donkin Medium Vendor pom developer name Rodney Waldhoff Medium Vendor pom developer name Scott Sanders Medium Vendor pom developer name Simon Kitching Medium Vendor pom developer name Thomas Neidhart Medium Vendor pom developer org Apache Medium Vendor pom developer org The Apache Software Foundation Medium Vendor pom groupid commons-logging Highest Vendor pom name Apache Commons Logging High Vendor pom parent-artifactid commons-parent Low Vendor pom parent-groupid org.apache.commons Medium Vendor pom url http://commons.apache.org/proper/commons-logging/ Highest Product file name commons-logging High Product gradle artifactid commons-logging Highest Product jar package name apache Highest Product jar package name commons Highest Product jar package name logging Highest Product Manifest bundle-docurl http://commons.apache.org/proper/commons-logging/ Low Product Manifest Bundle-Name Apache Commons Logging Medium Product Manifest bundle-symbolicname org.apache.commons.logging Medium Product Manifest implementation-build tags/LOGGING_1_2_RC2@r1608092; 2014-07-05 20:11:44+0200 Low Product Manifest Implementation-Title Apache Commons Logging High Product Manifest specification-title Apache Commons Logging Medium Product pom artifactid commons-logging Highest Product pom developer email baliuka@apache.org Low Product pom developer email costin@apache.org Low Product pom developer email craigmcc@apache.org Low Product pom developer email dennisl@apache.org Low Product pom developer email donaldp@apache.org Low Product pom developer email morgand@apache.org Low Product pom developer email rdonkin@apache.org Low Product pom developer email rsitze@apache.org Low Product pom developer email rwaldhoff@apache.org Low Product pom developer email sanders@apache.org Low Product pom developer email skitching@apache.org Low Product pom developer email tn@apache.org Low Product pom developer id baliuka Low Product pom developer id bstansberry Low Product pom developer id costin Low Product pom developer id craigmcc Low Product pom developer id dennisl Low Product pom developer id donaldp Low Product pom developer id morgand Low Product pom developer id rdonkin Low Product pom developer id rsitze Low Product pom developer id rwaldhoff Low Product pom developer id sanders Low Product pom developer id skitching Low Product pom developer id tn Low Product pom developer name Brian Stansberry Low Product pom developer name Costin Manolache Low Product pom developer name Craig McClanahan Low Product pom developer name Dennis Lundberg Low Product pom developer name Juozas Baliuka Low Product pom developer name Morgan Delagrange Low Product pom developer name Peter Donald Low Product pom developer name Richard Sitze Low Product pom developer name Robert Burrell Donkin Low Product pom developer name Rodney Waldhoff Low Product pom developer name Scott Sanders Low Product pom developer name Simon Kitching Low Product pom developer name Thomas Neidhart Low Product pom developer org Apache Low Product pom developer org The Apache Software Foundation Low Product pom groupid commons-logging Highest Product pom name Apache Commons Logging High Product pom parent-artifactid commons-parent Medium Product pom parent-groupid org.apache.commons Medium Product pom url http://commons.apache.org/proper/commons-logging/ Medium Version file version 1.2 High Version gradle version 1.2 Highest Version Manifest Implementation-Version 1.2 High Version pom parent-version 1.2 Low Version pom version 1.2 Highest
compress-plugin-8.6.jarFile Path: /home/runner/work/gradle-plugins/gradle-plugins/compress-plugin/build/libs/compress-plugin-8.6.jarMD5: f81d6acc9ceba419a608f5cb764e8e45SHA1: 5c0c5ff278af97091bf17a353f6a37123c4969b7SHA256: 2874da6e316c225e7c4344d5c133c46054c9e58a29f0693160ffe3fbdf473e2bReferenced In Project/Scope: documentation:javadocClasspathcompress-plugin-8.6.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/io.freefair.gradle/documentation@8.6
Evidence Type Source Name Value Confidence Vendor file name compress-plugin High Vendor gradle artifactid compress-plugin Highest Vendor gradle groupid io.freefair.gradle Highest Vendor jar package name freefair Low Vendor jar package name gradle Low Vendor jar package name io Low Product file name compress-plugin High Product gradle artifactid compress-plugin Highest Product jar package name freefair Low Product jar package name gradle Low Product jar package name plugins Low Version file version 8.6 High Version Manifest Implementation-Version 8.6 High
converter-gson-2.9.0.jarFile Path: /home/runner/.gradle/caches/modules-2/files-2.1/com.squareup.retrofit2/converter-gson/2.9.0/fc93484fc67ab52b1e0ccbdaa3922d8a6678e097/converter-gson-2.9.0.jarMD5: a4d032098e196d2735c1cff92968ab20SHA1: fc93484fc67ab52b1e0ccbdaa3922d8a6678e097SHA256: 32aa206b9a29c9df5eda93a092cfb3b0b9133e232c062baa882f0319f0e79f0eReferenced In Projects/Scopes:
documentation:javadocClasspath github-plugin:compileClasspath github-plugin:runtimeClasspath converter-gson-2.9.0.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/io.freefair.gradle/github-plugin@8.6 pkg:maven/io.freefair.gradle/github-plugin@8.6 pkg:maven/io.freefair.gradle/github-plugin@8.6 Evidence Type Source Name Value Confidence Vendor file name converter-gson High Vendor gradle artifactid converter-gson Highest Vendor gradle groupid com.squareup.retrofit2 Highest Vendor jar package name converter Highest Vendor jar package name converter Low Vendor jar package name gson Highest Vendor jar package name gson Low Vendor jar package name retrofit2 Highest Vendor jar package name retrofit2 Low Vendor Manifest automatic-module-name retrofit2.converter.gson Medium Product file name converter-gson High Product gradle artifactid converter-gson Highest Product jar package name converter Highest Product jar package name converter Low Product jar package name gson Highest Product jar package name gson Low Product jar package name retrofit2 Highest Product Manifest automatic-module-name retrofit2.converter.gson Medium Version file name converter-gson Medium Version file version 2.9.0 High Version gradle version 2.9.0 Highest
dec-0.1.2.jarDescription:
Brotli is a generic-purpose lossless compression algorithm. License:
http://www.opensource.org/licenses/mit-license.php File Path: /home/runner/.gradle/caches/modules-2/files-2.1/org.brotli/dec/0.1.2/c26a897ae0d524809eef1c786cc6183b4ddcc3b/dec-0.1.2.jar
MD5: 4b1cd14cf29733941cc536b27e6aedfa
SHA1: 0c26a897ae0d524809eef1c786cc6183b4ddcc3b
SHA256: 615c0c3efef990d77831104475fba6a1f7971388691d4bad1471ad84101f6d52
Referenced In Projects/Scopes: documentation:javadocClasspath compress-plugin:compileClasspath compress-plugin:runtimeClasspath dec-0.1.2.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/io.freefair.gradle/compress-plugin@8.6 pkg:maven/io.freefair.gradle/compress-plugin@8.6 pkg:maven/io.freefair.gradle/compress-plugin@8.6 Evidence Type Source Name Value Confidence Vendor file name dec High Vendor gradle artifactid dec Highest Vendor gradle groupid org.brotli Highest Vendor jar package name brotli Highest Vendor jar package name dec Highest Vendor Manifest bundle-docurl http://brotli.org/dec Low Vendor Manifest bundle-symbolicname org.brotli.dec Medium Vendor pom artifactid dec Low Vendor pom groupid org.brotli Highest Vendor pom name : High Vendor pom parent-artifactid parent Low Product file name dec High Product gradle artifactid dec Highest Product jar package name brotli Highest Product jar package name dec Highest Product Manifest bundle-docurl http://brotli.org/dec Low Product Manifest Bundle-Name org.brotli:dec Medium Product Manifest bundle-symbolicname org.brotli.dec Medium Product pom artifactid dec Highest Product pom groupid org.brotli Highest Product pom name : High Product pom parent-artifactid parent Medium Version file version 0.1.2 High Version gradle version 0.1.2 Highest Version Manifest Bundle-Version 0.1.2 High Version pom version 0.1.2 Highest
doxia-logging-api-1.11.1.jarDescription:
Doxia Logging API. File Path: /home/runner/.gradle/caches/modules-2/files-2.1/org.apache.maven.doxia/doxia-logging-api/1.11.1/ee28757cce6ee0215bac550dead25074c97c532d/doxia-logging-api-1.11.1.jarMD5: 6452e33a36b87939630e0b18f8ffcff0SHA1: ee28757cce6ee0215bac550dead25074c97c532dSHA256: 243c66f842cd2b3ded7c6d2c36b177a65c3f5d94800cef988ba3e29ec8cf60c9Referenced In Projects/Scopes:
documentation:javadocClasspath maven-plugin-plugin:compileClasspath maven-plugin-plugin:runtimeClasspath doxia-logging-api-1.11.1.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/io.freefair.gradle/maven-plugin-plugin@8.6 pkg:maven/org.apache.maven.plugins/maven-plugin-plugin@3.11.0 pkg:maven/org.apache.maven.plugin-tools/maven-plugin-tools-annotations@3.11.0 pkg:maven/org.apache.maven.plugin-tools/maven-plugin-tools-annotations@3.11.0 pkg:maven/org.apache.maven.plugins/maven-plugin-plugin@3.11.0 pkg:maven/org.apache.maven.plugin-tools/maven-plugin-tools-generators@3.11.0 pkg:maven/org.apache.maven.plugin-tools/maven-plugin-tools-generators@3.11.0 Evidence Type Source Name Value Confidence Vendor file name doxia-logging-api High Vendor gradle artifactid doxia-logging-api Highest Vendor gradle groupid org.apache.maven.doxia Highest Vendor jar package name apache Highest Vendor jar package name doxia Highest Vendor jar package name logging Highest Vendor jar package name maven Highest Vendor Manifest build-jdk-spec 1.8 Low Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor pom artifactid doxia-logging-api Low Vendor pom groupid org.apache.maven.doxia Highest Vendor pom name Doxia :: Logging API High Vendor pom parent-artifactid doxia Low Product file name doxia-logging-api High Product gradle artifactid doxia-logging-api Highest Product jar package name apache Highest Product jar package name doxia Highest Product jar package name logging Highest Product jar package name maven Highest Product Manifest build-jdk-spec 1.8 Low Product Manifest Implementation-Title Doxia :: Logging API High Product Manifest specification-title Doxia :: Logging API Medium Product pom artifactid doxia-logging-api Highest Product pom groupid org.apache.maven.doxia Highest Product pom name Doxia :: Logging API High Product pom parent-artifactid doxia Medium Version file version 1.11.1 High Version gradle version 1.11.1 Highest Version Manifest Implementation-Version 1.11.1 High Version pom version 1.11.1 Highest
doxia-sink-api-1.11.1.jarDescription:
Doxia Sink API. File Path: /home/runner/.gradle/caches/modules-2/files-2.1/org.apache.maven.doxia/doxia-sink-api/1.11.1/59c2255f58c78fbbcb7e638e82bd2914e78aec8b/doxia-sink-api-1.11.1.jarMD5: b1bd5c9efde9f14969fa881b87fe709bSHA1: 59c2255f58c78fbbcb7e638e82bd2914e78aec8bSHA256: 39ac38bb7d752ea003be17a0065522e4e1b076a4f7e374bea55259f3e133f28fReferenced In Projects/Scopes:
documentation:javadocClasspath maven-plugin-plugin:compileClasspath maven-plugin-plugin:runtimeClasspath doxia-sink-api-1.11.1.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/io.freefair.gradle/maven-plugin-plugin@8.6 pkg:maven/org.apache.maven.plugins/maven-plugin-plugin@3.11.0 pkg:maven/org.apache.maven.plugin-tools/maven-plugin-tools-annotations@3.11.0 pkg:maven/org.apache.maven.plugin-tools/maven-plugin-tools-annotations@3.11.0 pkg:maven/org.apache.maven.plugins/maven-plugin-plugin@3.11.0 pkg:maven/org.apache.maven.plugin-tools/maven-plugin-tools-generators@3.11.0 pkg:maven/org.apache.maven.plugin-tools/maven-plugin-tools-generators@3.11.0 Evidence Type Source Name Value Confidence Vendor file name doxia-sink-api High Vendor gradle artifactid doxia-sink-api Highest Vendor gradle groupid org.apache.maven.doxia Highest Vendor jar package name apache Highest Vendor jar package name doxia Highest Vendor jar package name maven Highest Vendor jar package name sink Highest Vendor Manifest build-jdk-spec 1.8 Low Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor pom artifactid doxia-sink-api Low Vendor pom groupid org.apache.maven.doxia Highest Vendor pom name Doxia :: Sink API High Vendor pom parent-artifactid doxia Low Product file name doxia-sink-api High Product gradle artifactid doxia-sink-api Highest Product jar package name apache Highest Product jar package name doxia Highest Product jar package name maven Highest Product jar package name sink Highest Product Manifest build-jdk-spec 1.8 Low Product Manifest Implementation-Title Doxia :: Sink API High Product Manifest specification-title Doxia :: Sink API Medium Product pom artifactid doxia-sink-api Highest Product pom groupid org.apache.maven.doxia Highest Product pom name Doxia :: Sink API High Product pom parent-artifactid doxia Medium Version file version 1.11.1 High Version gradle version 1.11.1 Highest Version Manifest Implementation-Version 1.11.1 High Version pom version 1.11.1 Highest
embedded-sass-plugin-8.6.jarFile Path: /home/runner/work/gradle-plugins/gradle-plugins/embedded-sass-plugin/build/libs/embedded-sass-plugin-8.6.jarMD5: a6f4bc0cd4403e8f7e7c46181cb1773bSHA1: 17ff835a52e69cd912f0b8557fbb57243cb7449fSHA256: 144e979b97e775e85d6d2c368b54b35a09cf084b8c16fb168b5f79745f7f569fReferenced In Project/Scope: documentation:javadocClasspathembedded-sass-plugin-8.6.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/io.freefair.gradle/documentation@8.6
Evidence Type Source Name Value Confidence Vendor file name embedded-sass-plugin High Vendor gradle artifactid embedded-sass-plugin Highest Vendor gradle groupid io.freefair.gradle Highest Vendor jar package name freefair Low Vendor jar package name gradle Low Vendor jar package name io Low Product file name embedded-sass-plugin High Product gradle artifactid embedded-sass-plugin Highest Product jar package name freefair Low Product jar package name gradle Low Product jar package name plugins Low Version file version 8.6 High Version Manifest Implementation-Version 8.6 High
git-plugin-8.6.jarFile Path: /home/runner/work/gradle-plugins/gradle-plugins/git-plugin/build/libs/git-plugin-8.6.jarMD5: f934c44268db822330c9515f43c26d4aSHA1: faa5de8a94a1843ad2004d39af7c210e03af559dSHA256: fa95533c3ef502291779d053a6c6953dbe5417e70590de67d055b1b2dc4ae852Referenced In Project/Scope: documentation:javadocClasspathgit-plugin-8.6.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/io.freefair.gradle/documentation@8.6
Evidence Type Source Name Value Confidence Vendor file name git-plugin High Vendor gradle artifactid git-plugin Highest Vendor gradle groupid io.freefair.gradle Highest Vendor jar package name freefair Low Vendor jar package name gradle Low Vendor jar package name io Low Product file name git-plugin High Product gradle artifactid git-plugin Highest Product jar package name freefair Low Product jar package name gradle Low Product jar package name plugins Low Version file version 8.6 High Version Manifest Implementation-Version 8.6 High
github-plugin-8.6.jarFile Path: /home/runner/work/gradle-plugins/gradle-plugins/github-plugin/build/libs/github-plugin-8.6.jarMD5: 381f3f125881ee1d2dbc18754754666dSHA1: b70d8ad6e108505ce38ae746a670b845d0400612SHA256: 2e3ec28fe25ab8a97c2ebbeb85ed682430ee8ab9641cf18287a61dffafe6859aReferenced In Project/Scope: documentation:javadocClasspathgithub-plugin-8.6.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/io.freefair.gradle/documentation@8.6
Evidence Type Source Name Value Confidence Vendor file name github-plugin High Vendor gradle artifactid github-plugin Highest Vendor gradle groupid io.freefair.gradle Highest Vendor jar package name freefair Low Vendor jar package name gradle Low Vendor jar package name io Low Product file name github-plugin High Product gradle artifactid github-plugin Highest Product jar package name freefair Low Product jar package name gradle Low Product jar package name plugins Low Version file version 8.6 High Version Manifest Implementation-Version 8.6 High
gradle-node-plugin-7.0.0.jarFile Path: /home/runner/.gradle/caches/modules-2/files-2.1/com.github.node-gradle/gradle-node-plugin/7.0.0/af9bce20964420e50d46e45fc14103200c651fd9/gradle-node-plugin-7.0.0.jarMD5: b98aef5efa9518376c89bf9d024b78d7SHA1: af9bce20964420e50d46e45fc14103200c651fd9SHA256: 285a384698f1c3a683afd19be12eb63bbb1602ee5b643b88e42ddf67251382b2Referenced In Projects/Scopes:
mjml-plugin:runtimeClasspath mjml-plugin:compileClasspath mjml-plugin:implementationDependenciesMetadata gradle-node-plugin-7.0.0.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/io.freefair.gradle/mjml-plugin@8.6 pkg:maven/io.freefair.gradle/mjml-plugin@8.6 pkg:maven/io.freefair.gradle/mjml-plugin@8.6 Evidence Type Source Name Value Confidence Vendor file name gradle-node-plugin High Vendor gradle artifactid gradle-node-plugin Highest Vendor gradle groupid com.github.node-gradle Highest Vendor jar package name github Low Vendor jar package name gradle Low Vendor jar package name node Low Product file name gradle-node-plugin High Product gradle artifactid gradle-node-plugin Highest Product jar package name gradle Low Product jar package name node Low Version file name gradle-node-plugin Medium Version file version 7.0.0 High Version gradle version 7.0.0 Highest
gradle-node-plugin-7.0.2.jarFile Path: /home/runner/.gradle/caches/modules-2/files-2.1/com.github.node-gradle/gradle-node-plugin/7.0.2/6853f790daea0f2e25e0b1acf8d268a014c814f6/gradle-node-plugin-7.0.2.jarMD5: ff61ad86b0121190004bff23a7ae4fd3SHA1: 6853f790daea0f2e25e0b1acf8d268a014c814f6SHA256: bfd8cb644593e7f6b6b719011fdaca4af0c02485e28176904470f300e48a19e2Referenced In Projects/Scopes:
documentation:javadocClasspath quicktype-plugin:runtimeClasspath quicktype-plugin:compileClasspath quicktype-plugin:implementationDependenciesMetadata gradle-node-plugin-7.0.2.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/io.freefair.gradle/quicktype-plugin@8.6 pkg:maven/io.freefair.gradle/quicktype-plugin@8.6 pkg:maven/io.freefair.gradle/mjml-plugin@8.6 pkg:maven/io.freefair.gradle/quicktype-plugin@8.6 pkg:maven/io.freefair.gradle/quicktype-plugin@8.6 Evidence Type Source Name Value Confidence Vendor file name gradle-node-plugin High Vendor gradle artifactid gradle-node-plugin Highest Vendor gradle groupid com.github.node-gradle Highest Vendor jar package name github Low Vendor jar package name gradle Low Vendor jar package name node Low Product file name gradle-node-plugin High Product gradle artifactid gradle-node-plugin Highest Product jar package name gradle Low Product jar package name node Low Version file name gradle-node-plugin Medium Version file version 7.0.2 High Version gradle version 7.0.2 Highest
gson-2.8.5.jarDescription:
Gson JSON library File Path: /home/runner/.gradle/caches/modules-2/files-2.1/com.google.code.gson/gson/2.8.5/f645ed69d595b24d4cf8b3fbb64cc505bede8829/gson-2.8.5.jarMD5: 089104cb90d8b4e1aa00b1f5faef0742SHA1: f645ed69d595b24d4cf8b3fbb64cc505bede8829SHA256: 233a0149fc365c9f6edbd683cfe266b19bdc773be98eabdaf6b3c924b48e7d81Referenced In Projects/Scopes:
documentation:javadocClasspath github-plugin:compileClasspath github-plugin:runtimeClasspath gson-2.8.5.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.squareup.retrofit2/converter-gson@2.9.0 pkg:maven/com.squareup.retrofit2/converter-gson@2.9.0 pkg:maven/io.freefair.gradle/github-plugin@8.6 Evidence Type Source Name Value Confidence Vendor file name gson High Vendor gradle artifactid gson Highest Vendor gradle groupid com.google.code.gson Highest Vendor jar package name google Highest Vendor jar package name gson Highest Vendor Manifest bundle-contactaddress https://github.com/google/gson Low Vendor Manifest bundle-requiredexecutionenvironment J2SE-1.5, JavaSE-1.6, JavaSE-1.7, JavaSE-1.8 Low Vendor Manifest bundle-symbolicname com.google.gson Medium Vendor pom artifactid gson Low Vendor pom groupid com.google.code.gson Highest Vendor pom name Gson High Vendor pom parent-artifactid gson-parent Low Product file name gson High Product gradle artifactid gson Highest Product jar package name google Highest Product jar package name gson Highest Product Manifest bundle-contactaddress https://github.com/google/gson Low Product Manifest Bundle-Name Gson Medium Product Manifest bundle-requiredexecutionenvironment J2SE-1.5, JavaSE-1.6, JavaSE-1.7, JavaSE-1.8 Low Product Manifest bundle-symbolicname com.google.gson Medium Product pom artifactid gson Highest Product pom groupid com.google.code.gson Highest Product pom name Gson High Product pom parent-artifactid gson-parent Medium Version file version 2.8.5 High Version gradle version 2.8.5 Highest Version Manifest Bundle-Version 2.8.5 High Version pom version 2.8.5 Highest
CVE-2022-25647 suppress
The package com.google.code.gson:gson before 2.8.9 are vulnerable to Deserialization of Untrusted Data via the writeReplace() method in internal classes, which may lead to DoS attacks. CWE-502 Deserialization of Untrusted Data
CVSSv2:
Base Score: MEDIUM (5.0) Vector: /AV:N/AC:L/Au:N/C:N/I:N/A:P CVSSv3:
Base Score: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:3.9/RC:R/MAV:A References:
Vulnerable Software & Versions: (show all )
guava-16.0.1.jarDescription:
Guava is a suite of core and expanded libraries that include
utility classes, google's collections, io classes, and much
much more.
Guava has only one code dependency - javax.annotation,
per the JSR-305 spec.
License:
http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /home/runner/.gradle/caches/modules-2/files-2.1/com.google.guava/guava/16.0.1/5fa98cd1a63c99a44dd8d3b77e4762b066a5d0c5/guava-16.0.1.jar
MD5: a68693df58191585d9af914cfbe6067a
SHA1: 5fa98cd1a63c99a44dd8d3b77e4762b066a5d0c5
SHA256: a896857d07845d38c7dc5bbc0457b6d9b0f62ecffda010e5e9ec12d561f676d3
Referenced In Projects/Scopes: documentation:javadocClasspath maven-plugin-plugin:compileClasspath maven-plugin-plugin:runtimeClasspath guava-16.0.1.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/io.freefair.gradle/maven-plugin-plugin@8.6 pkg:maven/org.apache.maven.plugins/maven-plugin-plugin@3.11.0 pkg:maven/org.apache.maven.plugin-tools/maven-plugin-tools-annotations@3.11.0 pkg:maven/org.apache.maven.plugin-tools/maven-plugin-tools-annotations@3.11.0 pkg:maven/org.apache.maven.plugins/maven-plugin-plugin@3.11.0 pkg:maven/org.apache.maven.plugin-tools/maven-plugin-tools-generators@3.11.0 pkg:maven/org.apache.maven.plugin-tools/maven-plugin-tools-generators@3.11.0 Evidence Type Source Name Value Confidence Vendor file name guava High Vendor gradle artifactid guava Highest Vendor gradle groupid com.google.guava Highest Vendor jar package name google Highest Vendor Manifest bundle-symbolicname com.google.guava Medium Vendor pom artifactid guava Low Vendor pom groupid com.google.guava Highest Vendor pom name Guava: Google Core Libraries for Java High Vendor pom parent-artifactid guava-parent Low Product file name guava High Product gradle artifactid guava Highest Product jar package name google Highest Product Manifest Bundle-Name Guava: Google Core Libraries for Java Medium Product Manifest bundle-symbolicname com.google.guava Medium Product pom artifactid guava Highest Product pom groupid com.google.guava Highest Product pom name Guava: Google Core Libraries for Java High Product pom parent-artifactid guava-parent Medium Version file version 16.0.1 High Version gradle version 16.0.1 Highest Version Manifest Bundle-Version 16.0.1 High Version pom version 16.0.1 Highest
CVE-2023-2976 suppress
Use of Java's default temporary directory for file creation in `FileBackedOutputStream` in Google Guava versions 1.0 to 31.1 on Unix systems and Android Ice Cream Sandwich allows other users and apps on the machine with access to the default Java temporary directory to be able to access the files created by the class.
Even though the security vulnerability is fixed in version 32.0.0, we recommend using version 32.0.1 as version 32.0.0 breaks some functionality under Windows.
CWE-552 Files or Directories Accessible to External Parties
CVSSv3:
Base Score: HIGH (7.1) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N/E:1.8/RC:R/MAV:A References:
Vulnerable Software & Versions:
CVE-2018-10237 suppress
Unbounded memory allocation in Google Guava 11.0 through 24.x before 24.1.1 allows remote attackers to conduct denial of service attacks against servers that depend on this library and deserialize attacker-provided data, because the AtomicDoubleArray class (when serialized with Java serialization) and the CompoundOrdering class (when serialized with GWT serialization) perform eager allocation without appropriate checks on what a client has sent and whether the data size is reasonable. CWE-770 Allocation of Resources Without Limits or Throttling
CVSSv2:
Base Score: MEDIUM (4.3) Vector: /AV:N/AC:M/Au:N/C:N/I:N/A:P CVSSv3:
Base Score: MEDIUM (5.9) Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:2.2/RC:R/MAV:A References:
Vulnerable Software & Versions: (show all )
CVE-2020-8908 suppress
A temp directory creation vulnerability exists in all versions of Guava, allowing an attacker with access to the machine to potentially access data in a temporary directory created by the Guava API com.google.common.io.Files.createTempDir(). By default, on unix-like systems, the created directory is world-readable (readable by an attacker with access to the system). The method in question has been marked @Deprecated in versions 30.0 and later and should not be used. For Android developers, we recommend choosing a temporary directory API provided by Android, such as context.getCacheDir(). For other Java developers, we recommend migrating to the Java 7 API java.nio.file.Files.createTempDirectory() which explicitly configures permissions of 700, or configuring the Java runtime's java.io.tmpdir system property to point to a location whose permissions are appropriately configured.
CWE-378 Creation of Temporary File With Insecure Permissions, CWE-732 Incorrect Permission Assignment for Critical Resource
CVSSv2:
Base Score: LOW (2.1) Vector: /AV:L/AC:L/Au:N/C:P/I:N/A:N CVSSv3:
Base Score: LOW (3.3) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:1.8/RC:R/MAV:A References:
Vulnerable Software & Versions: (show all )
httpclient-4.5.14.jarDescription:
Apache HttpComponents Client
File Path: /home/runner/.gradle/caches/modules-2/files-2.1/org.apache.httpcomponents/httpclient/4.5.14/1194890e6f56ec29177673f2f12d0b8e627dec98/httpclient-4.5.14.jarMD5: 2cb357c4b763f47e58af6cad47df6ba3SHA1: 1194890e6f56ec29177673f2f12d0b8e627dec98SHA256: c8bc7e1c51a6d4ce72f40d2ebbabf1c4b68bfe76e732104b04381b493478e9d6Referenced In Projects/Scopes:
documentation:javadocClasspath maven-plugin-plugin:compileClasspath maven-plugin-plugin:runtimeClasspath httpclient-4.5.14.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/io.freefair.gradle/maven-plugin-plugin@8.6 pkg:maven/org.apache.maven.plugins/maven-plugin-plugin@3.11.0 pkg:maven/org.apache.maven.plugin-tools/maven-plugin-tools-annotations@3.11.0 pkg:maven/org.apache.maven.plugin-tools/maven-plugin-tools-annotations@3.11.0 pkg:maven/org.apache.maven.plugins/maven-plugin-plugin@3.11.0 pkg:maven/org.apache.maven.plugin-tools/maven-plugin-tools-generators@3.11.0 pkg:maven/org.apache.maven.plugin-tools/maven-plugin-tools-generators@3.11.0 Evidence Type Source Name Value Confidence Vendor file name httpclient High Vendor gradle artifactid httpclient Highest Vendor gradle groupid org.apache.httpcomponents Highest Vendor jar package name apache Highest Vendor jar package name client Highest Vendor jar package name httpclient Highest Vendor Manifest automatic-module-name org.apache.httpcomponents.httpclient Medium Vendor Manifest implementation-url http://hc.apache.org/httpcomponents-client-ga Low Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor Manifest Implementation-Vendor-Id org.apache.httpcomponents Medium Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor pom artifactid httpclient Low Vendor pom groupid org.apache.httpcomponents Highest Vendor pom name Apache HttpClient High Vendor pom parent-artifactid httpcomponents-client Low Vendor pom url http://hc.apache.org/httpcomponents-client-ga Highest Product file name httpclient High Product gradle artifactid httpclient Highest Product jar package name apache Highest Product jar package name client Highest Product jar package name http Highest Product jar package name httpclient Highest Product Manifest automatic-module-name org.apache.httpcomponents.httpclient Medium Product Manifest Implementation-Title Apache HttpClient High Product Manifest implementation-url http://hc.apache.org/httpcomponents-client-ga Low Product Manifest specification-title Apache HttpClient Medium Product pom artifactid httpclient Highest Product pom groupid org.apache.httpcomponents Highest Product pom name Apache HttpClient High Product pom parent-artifactid httpcomponents-client Medium Product pom url http://hc.apache.org/httpcomponents-client-ga Medium Version file version 4.5.14 High Version gradle version 4.5.14 Highest Version Manifest Implementation-Version 4.5.14 High Version pom version 4.5.14 Highest
httpcore-4.4.16.jarDescription:
Apache HttpComponents Core (blocking I/O)
File Path: /home/runner/.gradle/caches/modules-2/files-2.1/org.apache.httpcomponents/httpcore/4.4.16/51cf043c87253c9f58b539c9f7e44c8894223850/httpcore-4.4.16.jarMD5: 28d2cd9bf8789fd2ec774fb88436ebd1SHA1: 51cf043c87253c9f58b539c9f7e44c8894223850SHA256: 6c9b3dd142a09dc468e23ad39aad6f75a0f2b85125104469f026e52a474e464fReferenced In Projects/Scopes:
documentation:javadocClasspath maven-plugin-plugin:compileClasspath maven-plugin-plugin:runtimeClasspath httpcore-4.4.16.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/io.freefair.gradle/maven-plugin-plugin@8.6 pkg:maven/org.apache.maven.plugins/maven-plugin-plugin@3.11.0 pkg:maven/org.apache.maven.plugin-tools/maven-plugin-tools-annotations@3.11.0 pkg:maven/org.apache.maven.plugin-tools/maven-plugin-tools-annotations@3.11.0 pkg:maven/org.apache.maven.plugins/maven-plugin-plugin@3.11.0 pkg:maven/org.apache.maven.plugin-tools/maven-plugin-tools-generators@3.11.0 pkg:maven/org.apache.maven.plugin-tools/maven-plugin-tools-generators@3.11.0 Evidence Type Source Name Value Confidence Vendor file name httpcore High Vendor gradle artifactid httpcore Highest Vendor gradle groupid org.apache.httpcomponents Highest Vendor jar package name apache Highest Vendor Manifest automatic-module-name org.apache.httpcomponents.httpcore Medium Vendor Manifest implementation-build ${scmBranch}@r${buildNumber}; 2022-11-26 09:44:32+0000 Low Vendor Manifest implementation-url http://hc.apache.org/httpcomponents-core-ga Low Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor Manifest Implementation-Vendor-Id org.apache Medium Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor Manifest url http://hc.apache.org/httpcomponents-core-ga Low Vendor pom artifactid httpcore Low Vendor pom groupid org.apache.httpcomponents Highest Vendor pom name Apache HttpCore High Vendor pom parent-artifactid httpcomponents-core Low Vendor pom url http://hc.apache.org/httpcomponents-core-ga Highest Product file name httpcore High Product gradle artifactid httpcore Highest Product jar package name apache Highest Product jar package name http Highest Product Manifest automatic-module-name org.apache.httpcomponents.httpcore Medium Product Manifest implementation-build ${scmBranch}@r${buildNumber}; 2022-11-26 09:44:32+0000 Low Product Manifest Implementation-Title HttpComponents Apache HttpCore High Product Manifest implementation-url http://hc.apache.org/httpcomponents-core-ga Low Product Manifest specification-title HttpComponents Apache HttpCore Medium Product Manifest url http://hc.apache.org/httpcomponents-core-ga Low Product pom artifactid httpcore Highest Product pom groupid org.apache.httpcomponents Highest Product pom name Apache HttpCore High Product pom parent-artifactid httpcomponents-core Medium Product pom url http://hc.apache.org/httpcomponents-core-ga Medium Version file version 4.4.16 High Version gradle version 4.4.16 Highest Version Manifest Implementation-Version 4.4.16 High Version pom version 4.4.16 Highest
jackson-annotations-2.14.2.jarDescription:
Core annotations used for value types, used by Jackson data binding package.
License:
The Apache Software License, Version 2.0: https://www.apache.org/licenses/LICENSE-2.0.txt File Path: /home/runner/.gradle/caches/modules-2/files-2.1/com.fasterxml.jackson.core/jackson-annotations/2.14.2/a7aae9525864930723e3453ab799521fdfd9d873/jackson-annotations-2.14.2.jar
MD5: 10d19982a8890f6eb37557af2f58e272
SHA1: a7aae9525864930723e3453ab799521fdfd9d873
SHA256: 2c6869d505cf60dc066734b7d50339f975bd3adc635e26a78abb71acb4473c0d
Referenced In Projects/Scopes: mjml-plugin:runtimeClasspath quicktype-plugin:runtimeClasspath jackson-annotations-2.14.2.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.github.node-gradle/gradle-node-plugin@7.0.0 pkg:maven/com.github.node-gradle/gradle-node-plugin@7.0.2 Evidence Type Source Name Value Confidence Vendor file name jackson-annotations High Vendor gradle artifactid jackson-annotations Highest Vendor gradle groupid com.fasterxml.jackson.core Highest Vendor jar package name fasterxml Highest Vendor jar package name jackson Highest Vendor Manifest build-jdk-spec 1.8 Low Vendor Manifest bundle-docurl https://github.com/FasterXML/jackson Low Vendor Manifest bundle-symbolicname com.fasterxml.jackson.core.jackson-annotations Medium Vendor Manifest Implementation-Vendor FasterXML High Vendor Manifest Implementation-Vendor-Id com.fasterxml.jackson.core Medium Vendor Manifest specification-vendor FasterXML Low Vendor pom artifactid jackson-annotations Low Vendor pom groupid com.fasterxml.jackson.core Highest Vendor pom name Jackson-annotations High Vendor pom parent-artifactid jackson-parent Low Vendor pom parent-groupid com.fasterxml.jackson Medium Vendor pom url FasterXML/jackson Highest Product file name jackson-annotations High Product gradle artifactid jackson-annotations Highest Product hint analyzer product java8 Highest Product hint analyzer product modules Highest Product jar package name fasterxml Highest Product jar package name jackson Highest Product Manifest build-jdk-spec 1.8 Low Product Manifest bundle-docurl https://github.com/FasterXML/jackson Low Product Manifest Bundle-Name Jackson-annotations Medium Product Manifest bundle-symbolicname com.fasterxml.jackson.core.jackson-annotations Medium Product Manifest Implementation-Title Jackson-annotations High Product Manifest specification-title Jackson-annotations Medium Product pom artifactid jackson-annotations Highest Product pom groupid com.fasterxml.jackson.core Highest Product pom name Jackson-annotations High Product pom parent-artifactid jackson-parent Medium Product pom parent-groupid com.fasterxml.jackson Medium Product pom url FasterXML/jackson High Version file version 2.14.2 High Version gradle version 2.14.2 Highest Version Manifest Bundle-Version 2.14.2 High Version Manifest Implementation-Version 2.14.2 High Version pom parent-version 2.14.2 Low Version pom version 2.14.2 Highest
jackson-annotations-2.15.2.jarDescription:
Core annotations used for value types, used by Jackson data binding package.
License:
The Apache Software License, Version 2.0: https://www.apache.org/licenses/LICENSE-2.0.txt File Path: /home/runner/.gradle/caches/modules-2/files-2.1/com.fasterxml.jackson.core/jackson-annotations/2.15.2/4724a65ac8e8d156a24898d50fd5dbd3642870b8/jackson-annotations-2.15.2.jar
MD5: 71dabcaac955a8bd17b5bba6580aac5b
SHA1: 4724a65ac8e8d156a24898d50fd5dbd3642870b8
SHA256: 04e21f94dcfee4b078fa5a5f53047b785aaba69d19de392f616e7a7fe5d3882f
Referenced In Project/Scope: documentation:javadocClasspath
jackson-annotations-2.15.2.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/io.freefair.gradle/embedded-sass-plugin@8.6 pkg:maven/io.freefair.gradle/quicktype-plugin@8.6 pkg:maven/io.freefair.gradle/mjml-plugin@8.6 Evidence Type Source Name Value Confidence Vendor file name jackson-annotations High Vendor gradle artifactid jackson-annotations Highest Vendor gradle groupid com.fasterxml.jackson.core Highest Vendor jar package name fasterxml Highest Vendor jar package name jackson Highest Vendor Manifest build-jdk-spec 1.8 Low Vendor Manifest bundle-docurl https://github.com/FasterXML/jackson Low Vendor Manifest bundle-symbolicname com.fasterxml.jackson.core.jackson-annotations Medium Vendor Manifest Implementation-Vendor FasterXML High Vendor Manifest Implementation-Vendor-Id com.fasterxml.jackson.core Medium Vendor Manifest specification-vendor FasterXML Low Vendor pom artifactid jackson-annotations Low Vendor pom groupid com.fasterxml.jackson.core Highest Vendor pom name Jackson-annotations High Vendor pom parent-artifactid jackson-parent Low Vendor pom parent-groupid com.fasterxml.jackson Medium Vendor pom url FasterXML/jackson Highest Product file name jackson-annotations High Product gradle artifactid jackson-annotations Highest Product hint analyzer product java8 Highest Product hint analyzer product modules Highest Product jar package name fasterxml Highest Product jar package name jackson Highest Product Manifest build-jdk-spec 1.8 Low Product Manifest bundle-docurl https://github.com/FasterXML/jackson Low Product Manifest Bundle-Name Jackson-annotations Medium Product Manifest bundle-symbolicname com.fasterxml.jackson.core.jackson-annotations Medium Product Manifest Implementation-Title Jackson-annotations High Product Manifest specification-title Jackson-annotations Medium Product pom artifactid jackson-annotations Highest Product pom groupid com.fasterxml.jackson.core Highest Product pom name Jackson-annotations High Product pom parent-artifactid jackson-parent Medium Product pom parent-groupid com.fasterxml.jackson Medium Product pom url FasterXML/jackson High Version file version 2.15.2 High Version gradle version 2.15.2 Highest Version Manifest Bundle-Version 2.15.2 High Version Manifest Implementation-Version 2.15.2 High Version pom parent-version 2.15.2 Low Version pom version 2.15.2 Highest
jackson-core-2.14.2.jarDescription:
Core Jackson processing abstractions (aka Streaming API), implementation for JSON License:
The Apache Software License, Version 2.0: https://www.apache.org/licenses/LICENSE-2.0.txt File Path: /home/runner/.gradle/caches/modules-2/files-2.1/com.fasterxml.jackson.core/jackson-core/2.14.2/f804090e6399ce0cf78242db086017512dd71fcc/jackson-core-2.14.2.jar
MD5: 6ee422ee4c481b2d5aacb2b5e36a7dc0
SHA1: f804090e6399ce0cf78242db086017512dd71fcc
SHA256: b5d37a77c88277b97e3593c8740925216c06df8e4172bbde058528df04ad3e7a
Referenced In Projects/Scopes: mjml-plugin:runtimeClasspath quicktype-plugin:runtimeClasspath jackson-core-2.14.2.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.github.node-gradle/gradle-node-plugin@7.0.0 pkg:maven/com.github.node-gradle/gradle-node-plugin@7.0.2 Evidence Type Source Name Value Confidence Vendor file name jackson-core High Vendor gradle artifactid jackson-core Highest Vendor gradle groupid com.fasterxml.jackson.core Highest Vendor jar package name base Highest Vendor jar package name core Highest Vendor jar package name fasterxml Highest Vendor jar package name jackson Highest Vendor jar package name json Highest Vendor Manifest build-jdk-spec 1.8 Low Vendor Manifest bundle-docurl https://github.com/FasterXML/jackson-core Low Vendor Manifest bundle-symbolicname com.fasterxml.jackson.core.jackson-core Medium Vendor Manifest Implementation-Vendor FasterXML High Vendor Manifest Implementation-Vendor-Id com.fasterxml.jackson.core Medium Vendor Manifest multi-release true Low Vendor Manifest specification-vendor FasterXML Low Vendor pom artifactid jackson-core Low Vendor pom groupid com.fasterxml.jackson.core Highest Vendor pom name Jackson-core High Vendor pom parent-artifactid jackson-base Low Vendor pom parent-groupid com.fasterxml.jackson Medium Vendor pom url FasterXML/jackson-core Highest Product file name jackson-core High Product gradle artifactid jackson-core Highest Product hint analyzer product java8 Highest Product hint analyzer product modules Highest Product jar package name base Highest Product jar package name core Highest Product jar package name fasterxml Highest Product jar package name jackson Highest Product jar package name json Highest Product Manifest build-jdk-spec 1.8 Low Product Manifest bundle-docurl https://github.com/FasterXML/jackson-core Low Product Manifest Bundle-Name Jackson-core Medium Product Manifest bundle-symbolicname com.fasterxml.jackson.core.jackson-core Medium Product Manifest Implementation-Title Jackson-core High Product Manifest multi-release true Low Product Manifest specification-title Jackson-core Medium Product pom artifactid jackson-core Highest Product pom groupid com.fasterxml.jackson.core Highest Product pom name Jackson-core High Product pom parent-artifactid jackson-base Medium Product pom parent-groupid com.fasterxml.jackson Medium Product pom url FasterXML/jackson-core High Version file version 2.14.2 High Version gradle version 2.14.2 Highest Version Manifest Bundle-Version 2.14.2 High Version Manifest Implementation-Version 2.14.2 High Version pom version 2.14.2 Highest
jackson-core-2.15.2.jarDescription:
Core Jackson processing abstractions (aka Streaming API), implementation for JSON License:
The Apache Software License, Version 2.0: https://www.apache.org/licenses/LICENSE-2.0.txt File Path: /home/runner/.gradle/caches/modules-2/files-2.1/com.fasterxml.jackson.core/jackson-core/2.15.2/a6fe1836469a69b3ff66037c324d75fc66ef137c/jackson-core-2.15.2.jar
MD5: e51fdee85b48e6637ad9e85ee76b58df
SHA1: a6fe1836469a69b3ff66037c324d75fc66ef137c
SHA256: 303c99e82b1faa91a0bae5d8fbeb56f7e2adf9b526a900dd723bf140d62bd4b4
Referenced In Projects/Scopes: documentation:javadocClasspath embedded-sass-plugin:runtimeClasspath embedded-sass-plugin:compileClasspath jackson-core-2.15.2.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/io.freefair.gradle/embedded-sass-plugin@8.6 pkg:maven/io.freefair.gradle/quicktype-plugin@8.6 pkg:maven/io.freefair.gradle/mjml-plugin@8.6 pkg:maven/org.webjars/webjars-locator-core@0.55 pkg:maven/org.webjars/webjars-locator-core@0.55 Evidence Type Source Name Value Confidence Vendor file name jackson-core High Vendor gradle artifactid jackson-core Highest Vendor gradle groupid com.fasterxml.jackson.core Highest Vendor jar package name base Highest Vendor jar package name com Highest Vendor jar package name core Highest Vendor jar package name fasterxml Highest Vendor jar package name jackson Highest Vendor jar package name json Highest Vendor Manifest build-jdk-spec 1.8 Low Vendor Manifest bundle-docurl https://github.com/FasterXML/jackson-core Low Vendor Manifest bundle-symbolicname com.fasterxml.jackson.core.jackson-core Medium Vendor Manifest Implementation-Vendor FasterXML High Vendor Manifest Implementation-Vendor-Id com.fasterxml.jackson.core Medium Vendor Manifest multi-release true Low Vendor Manifest specification-vendor FasterXML Low Vendor pom artifactid jackson-core Low Vendor pom groupid com.fasterxml.jackson.core Highest Vendor pom name Jackson-core High Vendor pom parent-artifactid jackson-base Low Vendor pom parent-groupid com.fasterxml.jackson Medium Vendor pom url FasterXML/jackson-core Highest Product file name jackson-core High Product gradle artifactid jackson-core Highest Product hint analyzer product java8 Highest Product hint analyzer product modules Highest Product jar package name base Highest Product jar package name com Highest Product jar package name core Highest Product jar package name fasterxml Highest Product jar package name jackson Highest Product jar package name json Highest Product Manifest build-jdk-spec 1.8 Low Product Manifest bundle-docurl https://github.com/FasterXML/jackson-core Low Product Manifest Bundle-Name Jackson-core Medium Product Manifest bundle-symbolicname com.fasterxml.jackson.core.jackson-core Medium Product Manifest Implementation-Title Jackson-core High Product Manifest multi-release true Low Product Manifest specification-title Jackson-core Medium Product pom artifactid jackson-core Highest Product pom groupid com.fasterxml.jackson.core Highest Product pom name Jackson-core High Product pom parent-artifactid jackson-base Medium Product pom parent-groupid com.fasterxml.jackson Medium Product pom url FasterXML/jackson-core High Version file version 2.15.2 High Version gradle version 2.15.2 Highest Version Manifest Bundle-Version 2.15.2 High Version Manifest Implementation-Version 2.15.2 High Version pom version 2.15.2 Highest
jackson-databind-2.14.2.jarDescription:
General data-binding functionality for Jackson: works on core streaming API License:
The Apache Software License, Version 2.0: https://www.apache.org/licenses/LICENSE-2.0.txt File Path: /home/runner/.gradle/caches/modules-2/files-2.1/com.fasterxml.jackson.core/jackson-databind/2.14.2/1e71fddbc80bb86f71a6345ac1e8ab8a00e7134/jackson-databind-2.14.2.jar
MD5: c1b12dd14734cd1986132bf55042dd7e
SHA1: 01e71fddbc80bb86f71a6345ac1e8ab8a00e7134
SHA256: 501d3abce4d18dcc381058ec593c5b94477906bba6efbac14dae40a642f77424
Referenced In Projects/Scopes: mjml-plugin:runtimeClasspath quicktype-plugin:runtimeClasspath jackson-databind-2.14.2.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.github.node-gradle/gradle-node-plugin@7.0.0 pkg:maven/com.github.node-gradle/gradle-node-plugin@7.0.2 Evidence Type Source Name Value Confidence Vendor file name jackson-databind High Vendor gradle artifactid jackson-databind Highest Vendor gradle groupid com.fasterxml.jackson.core Highest Vendor jar package name databind Highest Vendor jar package name fasterxml Highest Vendor jar package name jackson Highest Vendor Manifest build-jdk-spec 1.8 Low Vendor Manifest bundle-docurl https://github.com/FasterXML/jackson Low Vendor Manifest bundle-symbolicname com.fasterxml.jackson.core.jackson-databind Medium Vendor Manifest Implementation-Vendor FasterXML High Vendor Manifest Implementation-Vendor-Id com.fasterxml.jackson.core Medium Vendor Manifest multi-release true Low Vendor Manifest specification-vendor FasterXML Low Vendor pom artifactid jackson-databind Low Vendor pom groupid com.fasterxml.jackson.core Highest Vendor pom name jackson-databind High Vendor pom parent-artifactid jackson-base Low Vendor pom parent-groupid com.fasterxml.jackson Medium Vendor pom url FasterXML/jackson Highest Product file name jackson-databind High Product gradle artifactid jackson-databind Highest Product hint analyzer product java8 Highest Product hint analyzer product modules Highest Product jar package name databind Highest Product jar package name fasterxml Highest Product jar package name jackson Highest Product Manifest build-jdk-spec 1.8 Low Product Manifest bundle-docurl https://github.com/FasterXML/jackson Low Product Manifest Bundle-Name jackson-databind Medium Product Manifest bundle-symbolicname com.fasterxml.jackson.core.jackson-databind Medium Product Manifest Implementation-Title jackson-databind High Product Manifest multi-release true Low Product Manifest specification-title jackson-databind Medium Product pom artifactid jackson-databind Highest Product pom groupid com.fasterxml.jackson.core Highest Product pom name jackson-databind High Product pom parent-artifactid jackson-base Medium Product pom parent-groupid com.fasterxml.jackson Medium Product pom url FasterXML/jackson High Version file version 2.14.2 High Version gradle version 2.14.2 Highest Version Manifest Bundle-Version 2.14.2 High Version Manifest Implementation-Version 2.14.2 High Version pom version 2.14.2 Highest
CVE-2023-35116 suppress
jackson-databind through 2.15.2 allows attackers to cause a denial of service or other unspecified impact via a crafted object that uses cyclic dependencies. NOTE: the vendor's perspective is that this is not a valid vulnerability report, because the steps of constructing a cyclic data structure and trying to serialize it cannot be achieved by an external attacker. CWE-770 Allocation of Resources Without Limits or Throttling
CVSSv3:
Base Score: MEDIUM (4.7) Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H/E:1.0/RC:R/MAV:A References:
Vulnerable Software & Versions:
jackson-databind-2.15.2.jarDescription:
General data-binding functionality for Jackson: works on core streaming API License:
The Apache Software License, Version 2.0: https://www.apache.org/licenses/LICENSE-2.0.txt File Path: /home/runner/.gradle/caches/modules-2/files-2.1/com.fasterxml.jackson.core/jackson-databind/2.15.2/9353b021f10c307c00328f52090de2bdb4b6ff9c/jackson-databind-2.15.2.jar
MD5: 20ac0d0526a456274409fa852eb74087
SHA1: 9353b021f10c307c00328f52090de2bdb4b6ff9c
SHA256: 0eb2fdad6e40ab8832a78c9b22f58196dd970594e8d3d5a26ead87847c4f3a96
Referenced In Project/Scope: documentation:javadocClasspath
jackson-databind-2.15.2.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/io.freefair.gradle/embedded-sass-plugin@8.6 pkg:maven/io.freefair.gradle/quicktype-plugin@8.6 pkg:maven/io.freefair.gradle/mjml-plugin@8.6 Evidence Type Source Name Value Confidence Vendor file name jackson-databind High Vendor gradle artifactid jackson-databind Highest Vendor gradle groupid com.fasterxml.jackson.core Highest Vendor jar package name databind Highest Vendor jar package name fasterxml Highest Vendor jar package name jackson Highest Vendor Manifest build-jdk-spec 1.8 Low Vendor Manifest bundle-docurl https://github.com/FasterXML/jackson Low Vendor Manifest bundle-symbolicname com.fasterxml.jackson.core.jackson-databind Medium Vendor Manifest Implementation-Vendor FasterXML High Vendor Manifest Implementation-Vendor-Id com.fasterxml.jackson.core Medium Vendor Manifest multi-release true Low Vendor Manifest specification-vendor FasterXML Low Vendor pom artifactid jackson-databind Low Vendor pom groupid com.fasterxml.jackson.core Highest Vendor pom name jackson-databind High Vendor pom parent-artifactid jackson-base Low Vendor pom parent-groupid com.fasterxml.jackson Medium Vendor pom url FasterXML/jackson Highest Product file name jackson-databind High Product gradle artifactid jackson-databind Highest Product hint analyzer product java8 Highest Product hint analyzer product modules Highest Product jar package name databind Highest Product jar package name fasterxml Highest Product jar package name jackson Highest Product Manifest build-jdk-spec 1.8 Low Product Manifest bundle-docurl https://github.com/FasterXML/jackson Low Product Manifest Bundle-Name jackson-databind Medium Product Manifest bundle-symbolicname com.fasterxml.jackson.core.jackson-databind Medium Product Manifest Implementation-Title jackson-databind High Product Manifest multi-release true Low Product Manifest specification-title jackson-databind Medium Product pom artifactid jackson-databind Highest Product pom groupid com.fasterxml.jackson.core Highest Product pom name jackson-databind High Product pom parent-artifactid jackson-base Medium Product pom parent-groupid com.fasterxml.jackson Medium Product pom url FasterXML/jackson High Version file version 2.15.2 High Version gradle version 2.15.2 Highest Version Manifest Bundle-Version 2.15.2 High Version Manifest Implementation-Version 2.15.2 High Version pom version 2.15.2 Highest
CVE-2023-35116 suppress
jackson-databind through 2.15.2 allows attackers to cause a denial of service or other unspecified impact via a crafted object that uses cyclic dependencies. NOTE: the vendor's perspective is that this is not a valid vulnerability report, because the steps of constructing a cyclic data structure and trying to serialize it cannot be achieved by an external attacker. CWE-770 Allocation of Resources Without Limits or Throttling
CVSSv3:
Base Score: MEDIUM (4.7) Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H/E:1.0/RC:R/MAV:A References:
Vulnerable Software & Versions:
jacoco-plugin-8.6.jarFile Path: /home/runner/work/gradle-plugins/gradle-plugins/jacoco-plugin/build/libs/jacoco-plugin-8.6.jarMD5: 5edcdbfd38bd7acbcb07a1b960d78a49SHA1: d56f2f7b9b301962f2aad296e10f7b4b7094d213SHA256: 2d548ba42d9426a807aa4954dde81e4433bc45408ba605fa2848c54d14665426Referenced In Project/Scope: documentation:javadocClasspathjacoco-plugin-8.6.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/io.freefair.gradle/documentation@8.6
Evidence Type Source Name Value Confidence Vendor file name jacoco-plugin High Vendor gradle artifactid jacoco-plugin Highest Vendor gradle groupid io.freefair.gradle Highest Vendor jar package name freefair Low Vendor jar package name gradle Low Vendor jar package name io Low Product file name jacoco-plugin High Product gradle artifactid jacoco-plugin Highest Product jar package name freefair Low Product jar package name gradle Low Product jar package name plugins Low Version file version 8.6 High Version Manifest Implementation-Version 8.6 High
javapoet-1.13.0.jarDescription:
Use beautiful Java code to generate beautiful Java code. License:
Apache 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /home/runner/.gradle/caches/modules-2/files-2.1/com.squareup/javapoet/1.13.0/d6562d385049f35eb50403fa86bb11cce76b866a/javapoet-1.13.0.jar
MD5: 8d9a3cbeaa83e6700478b73c33a1b4fe
SHA1: d6562d385049f35eb50403fa86bb11cce76b866a
SHA256: 4c7517e848a71b36d069d12bb3bf46a70fd4cda3105d822b0ed2e19c00b69291
Referenced In Projects/Scopes: documentation:javadocClasspath test-common:compileClasspath test-common:runtimeClasspath javapoet-1.13.0.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/io.freefair.gradle/test-common@8.6 pkg:maven/io.freefair.gradle/test-common@8.6 pkg:maven/io.freefair.gradle/test-common@8.6 Evidence Type Source Name Value Confidence Vendor file name javapoet High Vendor gradle artifactid javapoet Highest Vendor gradle groupid com.squareup Highest Vendor jar package name javapoet Highest Vendor jar package name squareup Highest Vendor Manifest automatic-module-name com.squareup.javapoet Medium Vendor pom artifactid javapoet Low Vendor pom groupid com.squareup Highest Vendor pom name JavaPoet High Vendor pom organization name Square, Inc. High Vendor pom organization url http://squareup.com Medium Vendor pom url http://github.com/square/javapoet/ Highest Product file name javapoet High Product gradle artifactid javapoet Highest Product jar package name javapoet Highest Product jar package name squareup Highest Product Manifest automatic-module-name com.squareup.javapoet Medium Product pom artifactid javapoet Highest Product pom groupid com.squareup Highest Product pom name JavaPoet High Product pom organization name Square, Inc. Low Product pom organization url http://squareup.com Low Product pom url http://github.com/square/javapoet/ Medium Version file version 1.13.0 High Version gradle version 1.13.0 Highest Version pom version 1.13.0 Highest
javax.annotation-api-1.2.jarDescription:
Common Annotations for the JavaTM Platform API License:
CDDL + GPLv2 with classpath exception: https://glassfish.dev.java.net/nonav/public/CDDL+GPL.html File Path: /home/runner/.gradle/caches/modules-2/files-2.1/javax.annotation/javax.annotation-api/1.2/479c1e06db31c432330183f5cae684163f186146/javax.annotation-api-1.2.jar
MD5: 75fe320d2b3763bd6883ae1ede35e987
SHA1: 479c1e06db31c432330183f5cae684163f186146
SHA256: 5909b396ca3a2be10d0eea32c74ef78d816e1b4ead21de1d78de1f890d033e04
Referenced In Projects/Scopes: documentation:javadocClasspath maven-plugin-plugin:compileClasspath maven-plugin-plugin:runtimeClasspath javax.annotation-api-1.2.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/io.freefair.gradle/maven-plugin-plugin@8.6 pkg:maven/org.apache.maven.plugins/maven-plugin-plugin@3.11.0 pkg:maven/org.apache.maven.plugin-tools/maven-plugin-tools-annotations@3.11.0 pkg:maven/org.apache.maven.plugin-tools/maven-plugin-tools-annotations@3.11.0 pkg:maven/org.apache.maven.plugins/maven-plugin-plugin@3.11.0 pkg:maven/org.apache.maven.plugin-tools/maven-plugin-tools-generators@3.11.0 pkg:maven/org.apache.maven.plugin-tools/maven-plugin-tools-generators@3.11.0 Evidence Type Source Name Value Confidence Vendor file name javax.annotation-api High Vendor gradle artifactid javax.annotation-api Highest Vendor gradle groupid javax.annotation Highest Vendor jar package name annotation Highest Vendor jar package name javax Highest Vendor Manifest bundle-docurl https://glassfish.java.net Low Vendor Manifest bundle-symbolicname javax.annotation-api Medium Vendor Manifest extension-name javax.annotation Medium Vendor Manifest Implementation-Vendor GlassFish Community High Vendor Manifest Implementation-Vendor-Id org.glassfish Medium Vendor Manifest specification-vendor Oracle Corporation Low Vendor pom artifactid javax.annotation-api Low Vendor pom developer id mode Medium Vendor pom developer name Rajiv Mordani Medium Vendor pom developer org Oracle, Inc. Medium Vendor pom groupid javax.annotation Highest Vendor pom name API High Vendor pom organization name GlassFish Community High Vendor pom organization url https://glassfish.java.net Medium Vendor pom parent-artifactid jvnet-parent Low Vendor pom parent-groupid net.java Medium Vendor pom url http://jcp.org/en/jsr/detail?id=250 Highest Product file name javax.annotation-api High Product gradle artifactid javax.annotation-api Highest Product jar package name annotation Highest Product jar package name javax Highest Product Manifest bundle-docurl https://glassfish.java.net Low Product Manifest Bundle-Name javax.annotation API Medium Product Manifest bundle-symbolicname javax.annotation-api Medium Product Manifest extension-name javax.annotation Medium Product pom artifactid javax.annotation-api Highest Product pom developer id mode Low Product pom developer name Rajiv Mordani Low Product pom developer org Oracle, Inc. Low Product pom groupid javax.annotation Highest Product pom name API High Product pom organization name GlassFish Community Low Product pom organization url https://glassfish.java.net Low Product pom parent-artifactid jvnet-parent Medium Product pom parent-groupid net.java Medium Product pom url http://jcp.org/en/jsr/detail?id=250 Medium Version file version 1.2 High Version gradle version 1.2 Highest Version Manifest Bundle-Version 1.2 High Version Manifest Implementation-Version 1.2 High Version pom parent-version 1.2 Low Version pom version 1.2 Highest
javax.inject-1.jarFile Path: /home/runner/.gradle/caches/modules-2/files-2.1/javax.inject/javax.inject/1/6975da39a7040257bd51d21a231b76c915872d38/javax.inject-1.jarMD5: 289075e48b909e9e74e6c915b3631d2eSHA1: 6975da39a7040257bd51d21a231b76c915872d38SHA256: 91c77044a50c481636c32d916fd89c9118a72195390452c81065080f957de7ffReferenced In Projects/Scopes:
documentation:javadocClasspath maven-plugin-plugin:compileClasspath maven-plugin-plugin:runtimeClasspath javax.inject-1.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/io.freefair.gradle/maven-plugin-plugin@8.6 pkg:maven/org.apache.maven.plugins/maven-plugin-plugin@3.11.0 pkg:maven/org.apache.maven.plugin-tools/maven-plugin-tools-annotations@3.11.0 pkg:maven/org.apache.maven.plugin-tools/maven-plugin-tools-annotations@3.11.0 pkg:maven/org.apache.maven.plugins/maven-plugin-plugin@3.11.0 pkg:maven/org.apache.maven.plugin-tools/maven-plugin-tools-generators@3.11.0 pkg:maven/org.apache.maven.plugin-tools/maven-plugin-tools-generators@3.11.0 Evidence Type Source Name Value Confidence Vendor file name javax.inject-1 High Vendor gradle artifactid javax.inject Highest Vendor gradle groupid javax.inject Highest Vendor jar package name inject Low Vendor jar package name javax Low Product file name javax.inject-1 High Product gradle artifactid javax.inject Highest Product jar package name inject Low Version file name javax.inject-1 Medium Version file version 1 Medium Version gradle version 1 Highest
jcommander-1.82.jarFile Path: /home/runner/.gradle/caches/modules-2/files-2.1/com.beust/jcommander/1.82/a7c5fef184d238065de38f81bbc6ee50cca2e21/jcommander-1.82.jarMD5: c350dc0db8aa038e6bbaf0050720d69cSHA1: 0a7c5fef184d238065de38f81bbc6ee50cca2e21SHA256: deeac157c8de6822878d85d0c7bc8467a19cc8484d37788f7804f039dde280b1Referenced In Projects/Scopes:
documentation:__$$asciidoctorj$$___r documentation:__$$asciidoctorj_asciidoctor$$__r jcommander-1.82.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.asciidoctor/asciidoctorj@2.5.7 pkg:maven/org.asciidoctor/asciidoctorj@2.5.7 Evidence Type Source Name Value Confidence Vendor file name jcommander High Vendor gradle artifactid jcommander Highest Vendor gradle groupid com.beust Highest Vendor jar package name beust Low Vendor jar package name jcommander Low Product file name jcommander High Product gradle artifactid jcommander Highest Product jar package name jcommander Low Version file name jcommander Medium Version file version 1.82 High Version gradle version 1.82 Highest
jruby-complete-9.3.8.0.jar (shaded: com.github.jnr:jffi:1.3.9)Description:
Java Foreign Function Interface License:
The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /home/runner/.gradle/caches/modules-2/files-2.1/org.jruby/jruby-complete/9.3.8.0/8e11191265ab501930125081d8c21a3f55f1b8cd/jruby-complete-9.3.8.0.jar/META-INF/maven/com.github.jnr/jffi/pom.xml
MD5: 5d1a63e1ca400249e3d30b9358d16d98
SHA1: 174c6ac29abb9e8303247a149453c51414799eec
SHA256: cc4aa6c329a4457a8185dbc4da21f5ec062e2225aec79c20083b20d751127a1c
Referenced In Projects/Scopes: documentation:__$$asciidoctorj$$___r documentation:__$$asciidoctorj_asciidoctor$$__r Evidence Type Source Name Value Confidence Vendor pom artifactid jffi Low Vendor pom developer email wmeissner@gmail.com Low Vendor pom developer id wmeissner Medium Vendor pom developer name Wayne Meissner Medium Vendor pom groupid com.github.jnr Highest Vendor pom name jffi High Vendor pom url http://github.com/jnr/jffi Highest Product pom artifactid jffi Highest Product pom developer email wmeissner@gmail.com Low Product pom developer id wmeissner Low Product pom developer name Wayne Meissner Low Product pom groupid com.github.jnr Highest Product pom name jffi High Product pom url http://github.com/jnr/jffi Medium Version pom version 1.3.9 Highest
jruby-complete-9.3.8.0.jar (shaded: com.github.jnr:jnr-a64asm:1.0.0)Description:
A pure-java A64 assembler License:
The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /home/runner/.gradle/caches/modules-2/files-2.1/org.jruby/jruby-complete/9.3.8.0/8e11191265ab501930125081d8c21a3f55f1b8cd/jruby-complete-9.3.8.0.jar/META-INF/maven/com.github.jnr/jnr-a64asm/pom.xml
MD5: 49cf6d2169962d46d987325c15c3ca65
SHA1: 17a5a92b79393a59e19ba38e1bdf8252a660e359
SHA256: 9dd9c299ca3ec9287db2ec26571a5cc611dc21a1a4f5d2ef1255a924face47a8
Referenced In Projects/Scopes: documentation:__$$asciidoctorj$$___r documentation:__$$asciidoctorj_asciidoctor$$__r Evidence Type Source Name Value Confidence Vendor pom artifactid jnr-a64asm Low Vendor pom developer email ossdev@puresoftware.com Low Vendor pom developer id ossdev Medium Vendor pom developer name ossdev Medium Vendor pom groupid com.github.jnr Highest Vendor pom name jnr-a64asm High Product pom artifactid jnr-a64asm Highest Product pom developer email ossdev@puresoftware.com Low Product pom developer id ossdev Low Product pom developer name ossdev Low Product pom groupid com.github.jnr Highest Product pom name jnr-a64asm High Version pom version 1.0.0 Highest
jruby-complete-9.3.8.0.jar (shaded: com.github.jnr:jnr-constants:0.10.3)Description:
A set of platform constants (e.g. errno values) License:
The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /home/runner/.gradle/caches/modules-2/files-2.1/org.jruby/jruby-complete/9.3.8.0/8e11191265ab501930125081d8c21a3f55f1b8cd/jruby-complete-9.3.8.0.jar/META-INF/maven/com.github.jnr/jnr-constants/pom.xml
MD5: c95844446f54429b217cf286410bce7d
SHA1: 36dc060b908125fcdc15ba1e4a30d551eb611cd1
SHA256: e6cfebe4ae44de96a1ec8ee3ff3eb1134ed493b0a15b29a8663e39b6fdaba7a2
Referenced In Projects/Scopes: documentation:__$$asciidoctorj$$___r documentation:__$$asciidoctorj_asciidoctor$$__r Evidence Type Source Name Value Confidence Vendor pom artifactid jnr-constants Low Vendor pom developer email headius@headius.com Low Vendor pom developer email wmeissner@gmail.com Low Vendor pom developer id headius Medium Vendor pom developer id wmeissner Medium Vendor pom developer name Charles Oliver Nutter Medium Vendor pom developer name Wayne Meissner Medium Vendor pom groupid com.github.jnr Highest Vendor pom name jnr-constants High Vendor pom url http://github.com/jnr/jnr-constants Highest Product pom artifactid jnr-constants Highest Product pom developer email headius@headius.com Low Product pom developer email wmeissner@gmail.com Low Product pom developer id headius Low Product pom developer id wmeissner Low Product pom developer name Charles Oliver Nutter Low Product pom developer name Wayne Meissner Low Product pom groupid com.github.jnr Highest Product pom name jnr-constants High Product pom url http://github.com/jnr/jnr-constants Medium Version pom version 0.10.3 Highest
jruby-complete-9.3.8.0.jar (shaded: com.github.jnr:jnr-enxio:0.32.13)Description:
Native I/O access for java License:
The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /home/runner/.gradle/caches/modules-2/files-2.1/org.jruby/jruby-complete/9.3.8.0/8e11191265ab501930125081d8c21a3f55f1b8cd/jruby-complete-9.3.8.0.jar/META-INF/maven/com.github.jnr/jnr-enxio/pom.xml
MD5: 7d7dd084ca7cc9c9e634408d0f768925
SHA1: dc0486133eafd86b3c665251bedea096146aec69
SHA256: a5caef6df94a2580542dd42c673374d38450d96fbcd8e77c98e6a85f8967fd39
Referenced In Projects/Scopes: documentation:__$$asciidoctorj$$___r documentation:__$$asciidoctorj_asciidoctor$$__r Evidence Type Source Name Value Confidence Vendor pom artifactid jnr-enxio Low Vendor pom developer email wmeissner@gmail.com Low Vendor pom developer id wmeissner Medium Vendor pom developer name Wayne Meissner Medium Vendor pom groupid com.github.jnr Highest Vendor pom name jnr-enxio High Vendor pom url http://github.com/jnr/jnr-enxio Highest Product pom artifactid jnr-enxio Highest Product pom developer email wmeissner@gmail.com Low Product pom developer id wmeissner Low Product pom developer name Wayne Meissner Low Product pom groupid com.github.jnr Highest Product pom name jnr-enxio High Product pom url http://github.com/jnr/jnr-enxio Medium Version pom version 0.32.13 Highest
jruby-complete-9.3.8.0.jar (shaded: com.github.jnr:jnr-ffi:2.2.11)Description:
A library for invoking native functions from java License:
The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /home/runner/.gradle/caches/modules-2/files-2.1/org.jruby/jruby-complete/9.3.8.0/8e11191265ab501930125081d8c21a3f55f1b8cd/jruby-complete-9.3.8.0.jar/META-INF/maven/com.github.jnr/jnr-ffi/pom.xml
MD5: 231775a58f949c06373696f2a7ab0ba8
SHA1: 3dac1a9f6214f802a736b7ea0f09473b89ecc11a
SHA256: 8be242591cacccb6cae9da700f4373ddad00760e8da679697a98128bb42a5f7b
Referenced In Projects/Scopes: documentation:__$$asciidoctorj$$___r documentation:__$$asciidoctorj_asciidoctor$$__r Evidence Type Source Name Value Confidence Vendor pom artifactid jnr-ffi Low Vendor pom developer email headius@headius.com Low Vendor pom developer email wmeissner@gmail.com Low Vendor pom developer id headius Medium Vendor pom developer id wmeissner Medium Vendor pom developer name Charles Oliver Nutter Medium Vendor pom developer name Wayne Meissner Medium Vendor pom groupid com.github.jnr Highest Vendor pom name jnr-ffi High Vendor pom url http://github.com/jnr/jnr-ffi Highest Product pom artifactid jnr-ffi Highest Product pom developer email headius@headius.com Low Product pom developer email wmeissner@gmail.com Low Product pom developer id headius Low Product pom developer id wmeissner Low Product pom developer name Charles Oliver Nutter Low Product pom developer name Wayne Meissner Low Product pom groupid com.github.jnr Highest Product pom name jnr-ffi High Product pom url http://github.com/jnr/jnr-ffi Medium Version pom version 2.2.11 Highest
jruby-complete-9.3.8.0.jar (shaded: com.github.jnr:jnr-netdb:1.2.0)Description:
Lookup TCP and UDP services from java License:
The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /home/runner/.gradle/caches/modules-2/files-2.1/org.jruby/jruby-complete/9.3.8.0/8e11191265ab501930125081d8c21a3f55f1b8cd/jruby-complete-9.3.8.0.jar/META-INF/maven/com.github.jnr/jnr-netdb/pom.xml
MD5: 5f7adefaf9448cf27718e23106a879f9
SHA1: 3a6045d944a9b4720156cd533ca1cbd1f22bc4b5
SHA256: 44e976a6bf822ff20321b19940387b90a8ade8aaeeacbeecb55171cf2d40f1e7
Referenced In Projects/Scopes: documentation:__$$asciidoctorj$$___r documentation:__$$asciidoctorj_asciidoctor$$__r Evidence Type Source Name Value Confidence Vendor pom artifactid jnr-netdb Low Vendor pom developer email wmeissner@gmail.com Low Vendor pom developer id wmeissner Medium Vendor pom developer name Wayne Meissner Medium Vendor pom groupid com.github.jnr Highest Vendor pom name jnr-netdb High Vendor pom url http://github.com/jnr/jnr-netdb Highest Product pom artifactid jnr-netdb Highest Product pom developer email wmeissner@gmail.com Low Product pom developer id wmeissner Low Product pom developer name Wayne Meissner Low Product pom groupid com.github.jnr Highest Product pom name jnr-netdb High Product pom url http://github.com/jnr/jnr-netdb Medium Version pom version 1.2.0 Highest
jruby-complete-9.3.8.0.jar (shaded: com.github.jnr:jnr-posix:3.1.15)Description:
Common cross-project/cross-platform POSIX APIs
License:
Eclipse Public License - v 2.0: https://www.eclipse.org/legal/epl-2.0/
GNU General Public License Version 2: http://www.gnu.org/copyleft/gpl.html
GNU Lesser General Public License Version 2.1: http://www.gnu.org/licenses/lgpl.html File Path: /home/runner/.gradle/caches/modules-2/files-2.1/org.jruby/jruby-complete/9.3.8.0/8e11191265ab501930125081d8c21a3f55f1b8cd/jruby-complete-9.3.8.0.jar/META-INF/maven/com.github.jnr/jnr-posix/pom.xml
MD5: dc0f4cb313df0bc9556e435f2f6c09c2
SHA1: 0edc3357372e1ebdb86f673ab258ff2a0089b1ab
SHA256: aa3c236e5fbc6ec365e4c811ecea4dbca7591851cec7c7a1df6b324c4eb082a3
Referenced In Projects/Scopes: documentation:__$$asciidoctorj$$___r documentation:__$$asciidoctorj_asciidoctor$$__r Evidence Type Source Name Value Confidence Vendor pom artifactid jnr-posix Low Vendor pom developer email headius@headius.com Low Vendor pom developer email tom.enebo@gmail.com Low Vendor pom developer email wmeissner@gmail.com Low Vendor pom developer id enebo Medium Vendor pom developer id headius Medium Vendor pom developer id wmeissner Medium Vendor pom developer name Charles Oliver Nutter Medium Vendor pom developer name Thomas E Enebo Medium Vendor pom developer name Wayne Meissner Medium Vendor pom groupid com.github.jnr Highest Vendor pom name jnr-posix High Product pom artifactid jnr-posix Highest Product pom developer email headius@headius.com Low Product pom developer email tom.enebo@gmail.com Low Product pom developer email wmeissner@gmail.com Low Product pom developer id enebo Low Product pom developer id headius Low Product pom developer id wmeissner Low Product pom developer name Charles Oliver Nutter Low Product pom developer name Thomas E Enebo Low Product pom developer name Wayne Meissner Low Product pom groupid com.github.jnr Highest Product pom name jnr-posix High Version pom version 3.1.15 Highest
jruby-complete-9.3.8.0.jar (shaded: com.github.jnr:jnr-unixsocket:0.38.17)Description:
UNIX socket channels for java License:
The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /home/runner/.gradle/caches/modules-2/files-2.1/org.jruby/jruby-complete/9.3.8.0/8e11191265ab501930125081d8c21a3f55f1b8cd/jruby-complete-9.3.8.0.jar/META-INF/maven/com.github.jnr/jnr-unixsocket/pom.xml
MD5: 1b3d4a4f25bd2a9e2b1a3d70483079b2
SHA1: 45e1898b528db500d5d175a07039b0f45408dfd6
SHA256: de848159e1524644e9f1c574af7f46b751e6e530f35a27eeb4c853e91ea1c2e1
Referenced In Projects/Scopes: documentation:__$$asciidoctorj$$___r documentation:__$$asciidoctorj_asciidoctor$$__r Evidence Type Source Name Value Confidence Vendor pom artifactid jnr-unixsocket Low Vendor pom developer email fritz-github@fritz-elfert.de Low Vendor pom developer email wmeissner@gmail.com Low Vendor pom developer id felfert Medium Vendor pom developer id wmeissner Medium Vendor pom developer name Fritz Elfert Medium Vendor pom developer name Wayne Meissner Medium Vendor pom groupid com.github.jnr Highest Vendor pom name jnr-unixsocket High Vendor pom url http://github.com/jnr/jnr-unixsocket Highest Product pom artifactid jnr-unixsocket Highest Product pom developer email fritz-github@fritz-elfert.de Low Product pom developer email wmeissner@gmail.com Low Product pom developer id felfert Low Product pom developer id wmeissner Low Product pom developer name Fritz Elfert Low Product pom developer name Wayne Meissner Low Product pom groupid com.github.jnr Highest Product pom name jnr-unixsocket High Product pom url http://github.com/jnr/jnr-unixsocket Medium Version pom version 0.38.17 Highest
jruby-complete-9.3.8.0.jar (shaded: com.github.jnr:jnr-x86asm:1.0.2)Description:
A pure-java X86 and X86_64 assembler License:
MIT License: http://www.opensource.org/licenses/mit-license.php File Path: /home/runner/.gradle/caches/modules-2/files-2.1/org.jruby/jruby-complete/9.3.8.0/8e11191265ab501930125081d8c21a3f55f1b8cd/jruby-complete-9.3.8.0.jar/META-INF/maven/com.github.jnr/jnr-x86asm/pom.xml
MD5: cb16b0b890c8b7a726a547ca0b58d00a
SHA1: 91de5c25955d1f321832738dce614b45e9939050
SHA256: ea862ce3bd96ccb8ca36b8e9e7baef2da3fbbfbdc256baeaa8c8a873911074e7
Referenced In Projects/Scopes: documentation:__$$asciidoctorj$$___r documentation:__$$asciidoctorj_asciidoctor$$__r Evidence Type Source Name Value Confidence Vendor pom artifactid jnr-x86asm Low Vendor pom developer email wmeissner@gmail.com Low Vendor pom developer id wmeissner Medium Vendor pom developer name Wayne Meissner Medium Vendor pom groupid com.github.jnr Highest Vendor pom name jnr-x86asm High Vendor pom url http://github.com/jnr/jnr-x86asm Highest Product pom artifactid jnr-x86asm Highest Product pom developer email wmeissner@gmail.com Low Product pom developer id wmeissner Low Product pom developer name Wayne Meissner Low Product pom groupid com.github.jnr Highest Product pom name jnr-x86asm High Product pom url http://github.com/jnr/jnr-x86asm Medium Version pom version 1.0.2 Highest
jruby-complete-9.3.8.0.jar (shaded: com.headius:backport9:1.12)License:
The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /home/runner/.gradle/caches/modules-2/files-2.1/org.jruby/jruby-complete/9.3.8.0/8e11191265ab501930125081d8c21a3f55f1b8cd/jruby-complete-9.3.8.0.jar/META-INF/maven/com.headius/backport9/pom.xml
MD5: 1af02442211713e3e00a1b7f8bf7a92e
SHA1: c0b388a50a3030e56089ada5154366529a5da213
SHA256: 861b04ed538064ff8053aa619cdd407a7d290e7623be8d38719fa7633dd96f5a
Referenced In Projects/Scopes: documentation:__$$asciidoctorj$$___r documentation:__$$asciidoctorj_asciidoctor$$__r Evidence Type Source Name Value Confidence Vendor pom artifactid backport9 Low Vendor pom developer email headius@headius.com Low Vendor pom developer id headius Medium Vendor pom developer name Charles Nutter Medium Vendor pom groupid com.headius Highest Product pom artifactid backport9 Highest Product pom developer email headius@headius.com Low Product pom developer id headius Low Product pom developer name Charles Nutter Low Product pom groupid com.headius Highest Version pom version 1.12 Highest
jruby-complete-9.3.8.0.jar (shaded: com.headius:invokebinder:1.12)License:
The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /home/runner/.gradle/caches/modules-2/files-2.1/org.jruby/jruby-complete/9.3.8.0/8e11191265ab501930125081d8c21a3f55f1b8cd/jruby-complete-9.3.8.0.jar/META-INF/maven/com.headius/invokebinder/pom.xml
MD5: d1ba5bea2e98d321d3bc7f7bc6c512ff
SHA1: a6c6a3452366292f645d1f80612a984367f5ec13
SHA256: 0fd6ec9c1ab88504895a8a88d4a1a538a04be59bc5a889d610bf4035224653b5
Referenced In Projects/Scopes: documentation:__$$asciidoctorj$$___r documentation:__$$asciidoctorj_asciidoctor$$__r Evidence Type Source Name Value Confidence Vendor pom artifactid invokebinder Low Vendor pom developer email headius@headius.com Low Vendor pom developer id headius Medium Vendor pom developer name Charles Nutter Medium Vendor pom groupid com.headius Highest Vendor pom name invokebinder High Vendor pom url http://maven.apache.org Highest Product pom artifactid invokebinder Highest Product pom developer email headius@headius.com Low Product pom developer id headius Low Product pom developer name Charles Nutter Low Product pom groupid com.headius Highest Product pom name invokebinder High Product pom url http://maven.apache.org Medium Version pom version 1.12 Highest
jruby-complete-9.3.8.0.jar (shaded: com.headius:options:1.6)License:
The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /home/runner/.gradle/caches/modules-2/files-2.1/org.jruby/jruby-complete/9.3.8.0/8e11191265ab501930125081d8c21a3f55f1b8cd/jruby-complete-9.3.8.0.jar/META-INF/maven/com.headius/options/pom.xml
MD5: ab8aa85f5cc1c1d0ff704b1dc3837e2a
SHA1: 78e835c2bb1a934075961f2954452a0871b931be
SHA256: b5597f285a7c770acb92cef914788c613c7beaf79eace8a9f56d7f5026a5817e
Referenced In Projects/Scopes: documentation:__$$asciidoctorj$$___r documentation:__$$asciidoctorj_asciidoctor$$__r Evidence Type Source Name Value Confidence Vendor pom artifactid options Low Vendor pom developer email headius@headius.com Low Vendor pom developer id headius Medium Vendor pom developer name Charles Nutter Medium Vendor pom groupid com.headius Highest Vendor pom name options High Vendor pom url headius/options Highest Product pom artifactid options Highest Product pom developer email headius@headius.com Low Product pom developer id headius Low Product pom developer name Charles Nutter Low Product pom groupid com.headius Highest Product pom name options High Product pom url headius/options High Version pom version 1.6 Highest
jruby-complete-9.3.8.0.jar (shaded: com.jcraft:jzlib:1.1.3)Description:
JZlib is a re-implementation of zlib in pure Java License:
BSD: http://www.jcraft.com/jzlib/LICENSE.txt File Path: /home/runner/.gradle/caches/modules-2/files-2.1/org.jruby/jruby-complete/9.3.8.0/8e11191265ab501930125081d8c21a3f55f1b8cd/jruby-complete-9.3.8.0.jar/META-INF/maven/com.jcraft/jzlib/pom.xml
MD5: 856f139610c4e36c1b0bdb5ad007c2a5
SHA1: 6e6789004c70477a6e2ea92c066b757534e63a10
SHA256: edb67251608556ad9584d00e46b5ef38ecf1246d571c0f80f24f50b285a9f682
Referenced In Projects/Scopes: documentation:__$$asciidoctorj$$___r documentation:__$$asciidoctorj_asciidoctor$$__r Evidence Type Source Name Value Confidence Vendor pom artifactid jzlib Low Vendor pom developer email ymnk at jcraft D0t com Low Vendor pom developer id ymnk Medium Vendor pom developer name Atsuhiko Yamanaka Medium Vendor pom developer org JCraft,Inc. Medium Vendor pom developer org URL http://www.jcraft.com/ Medium Vendor pom groupid com.jcraft Highest Vendor pom name JZlib High Vendor pom organization name jcraft High Vendor pom organization url http://www.jcraft.com/ Medium Vendor pom url http://www.jcraft.com/jzlib/ Highest Product pom artifactid jzlib Highest Product pom developer email ymnk at jcraft D0t com Low Product pom developer id ymnk Low Product pom developer name Atsuhiko Yamanaka Low Product pom developer org JCraft,Inc. Low Product pom developer org URL http://www.jcraft.com/ Low Product pom groupid com.jcraft Highest Product pom name JZlib High Product pom organization name jcraft Low Product pom organization url http://www.jcraft.com/ Low Product pom url http://www.jcraft.com/jzlib/ Medium Version pom version 1.1.3 Highest
jruby-complete-9.3.8.0.jar (shaded: joda-time:joda-time:2.10.10)Description:
Date and time library to replace JDK date handling License:
Apache License, Version 2.0: https://www.apache.org/licenses/LICENSE-2.0.txt File Path: /home/runner/.gradle/caches/modules-2/files-2.1/org.jruby/jruby-complete/9.3.8.0/8e11191265ab501930125081d8c21a3f55f1b8cd/jruby-complete-9.3.8.0.jar/META-INF/maven/joda-time/joda-time/pom.xml
MD5: ef13c82390e8506f05364178a3300018
SHA1: d6b3422231b9c976bc409b906f114fa0697b280c
SHA256: 9c62e83b103e38b10351603e246d7e54899d4a8f1d305176f5546dd3f8c55358
Referenced In Projects/Scopes: documentation:__$$asciidoctorj$$___r documentation:__$$asciidoctorj_asciidoctor$$__r Evidence Type Source Name Value Confidence Vendor pom artifactid joda-time Low Vendor pom developer id broneill Medium Vendor pom developer id jodastephen Medium Vendor pom developer name Brian S O'Neill Medium Vendor pom developer name Stephen Colebourne Medium Vendor pom groupid joda-time Highest Vendor pom name Joda-Time High Vendor pom organization name Joda.org High Vendor pom organization url https://www.joda.org Medium Vendor pom url https://www.joda.org/joda-time/ Highest Product pom artifactid joda-time Highest Product pom developer id broneill Low Product pom developer id jodastephen Low Product pom developer name Brian S O'Neill Low Product pom developer name Stephen Colebourne Low Product pom groupid joda-time Highest Product pom name Joda-Time High Product pom organization name Joda.org Low Product pom organization url https://www.joda.org Low Product pom url https://www.joda.org/joda-time/ Medium Version pom version 2.10.10 Highest
jruby-complete-9.3.8.0.jar (shaded: me.qmx.jitescript:jitescript:0.4.1)Description:
Java API for Bytecode License:
The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /home/runner/.gradle/caches/modules-2/files-2.1/org.jruby/jruby-complete/9.3.8.0/8e11191265ab501930125081d8c21a3f55f1b8cd/jruby-complete-9.3.8.0.jar/META-INF/maven/me.qmx.jitescript/jitescript/pom.xml
MD5: a8244f2c8843244d8934742315b47154
SHA1: 63a1b1c6c7ac7c29e8d7a065a9c2649058455749
SHA256: 4001176ebaedccf43616c92dad87d0d305b54000cfae4e999675e8acb35735f6
Referenced In Projects/Scopes: documentation:__$$asciidoctorj$$___r documentation:__$$asciidoctorj_asciidoctor$$__r Evidence Type Source Name Value Confidence Vendor pom artifactid jitescript Low Vendor pom developer email qmx@qmx.me Low Vendor pom developer id qmx Medium Vendor pom developer name Douglas Campos Medium Vendor pom groupid me.qmx.jitescript Highest Vendor pom name jitescript High Vendor pom url qmx/jitescript Highest Product pom artifactid jitescript Highest Product pom developer email qmx@qmx.me Low Product pom developer id qmx Low Product pom developer name Douglas Campos Low Product pom groupid me.qmx.jitescript Highest Product pom name jitescript High Product pom url qmx/jitescript High Version pom version 0.4.1 Highest
jruby-complete-9.3.8.0.jar (shaded: org.jruby.jcodings:jcodings:1.0.57)Description:
Byte based encoding support library for java License:
MIT License: http://www.opensource.org/licenses/mit-license.php File Path: /home/runner/.gradle/caches/modules-2/files-2.1/org.jruby/jruby-complete/9.3.8.0/8e11191265ab501930125081d8c21a3f55f1b8cd/jruby-complete-9.3.8.0.jar/META-INF/maven/org.jruby.jcodings/jcodings/pom.xml
MD5: ace4d97fafd4d6410b9ab88a7261e73f
SHA1: d5a1f30683c63fefe6b57f90fd1bdcd8c68bd165
SHA256: 1e34fc29607b56e4b6003598da3a05c4ed8c87a05e0b011ad699137beb833d8f
Referenced In Projects/Scopes: documentation:__$$asciidoctorj$$___r documentation:__$$asciidoctorj_asciidoctor$$__r Evidence Type Source Name Value Confidence Vendor pom artifactid jcodings Low Vendor pom developer email headius@headius.com Low Vendor pom developer email lopx@gazeta.pl Low Vendor pom developer id headius Medium Vendor pom developer id lopex Medium Vendor pom developer name Charles Oliver Nutter Medium Vendor pom developer name Marcin Mielzynski Medium Vendor pom groupid org.jruby.jcodings Highest Vendor pom name JCodings High Product pom artifactid jcodings Highest Product pom developer email headius@headius.com Low Product pom developer email lopx@gazeta.pl Low Product pom developer id headius Low Product pom developer id lopex Low Product pom developer name Charles Oliver Nutter Low Product pom developer name Marcin Mielzynski Low Product pom groupid org.jruby.jcodings Highest Product pom name JCodings High Version pom version 1.0.57 Highest
jruby-complete-9.3.8.0.jar (shaded: org.jruby.joni:joni:2.1.43)Description:
Java port of Oniguruma: http://www.geocities.jp/kosako3/oniguruma
that uses byte arrays directly instead of java Strings and chars
License:
MIT License: http://www.opensource.org/licenses/mit-license.php File Path: /home/runner/.gradle/caches/modules-2/files-2.1/org.jruby/jruby-complete/9.3.8.0/8e11191265ab501930125081d8c21a3f55f1b8cd/jruby-complete-9.3.8.0.jar/META-INF/maven/org.jruby.joni/joni/pom.xml
MD5: 2d05ca83c96cf602c3af73539106d1d3
SHA1: 3883bc9616a31c5936ccb724150ab5a336a4c816
SHA256: bfe531310628079273c7fb2174bc4658540cea56e93d966d060d9833ad9c425a
Referenced In Projects/Scopes: documentation:__$$asciidoctorj$$___r documentation:__$$asciidoctorj_asciidoctor$$__r Evidence Type Source Name Value Confidence Vendor pom artifactid joni Low Vendor pom developer email lopx@gazeta.pl Low Vendor pom developer id lopex Medium Vendor pom developer name Marcin Mielzynski Medium Vendor pom groupid org.jruby.joni Highest Vendor pom name Joni High Product pom artifactid joni Highest Product pom developer email lopx@gazeta.pl Low Product pom developer id lopex Low Product pom developer name Marcin Mielzynski Low Product pom groupid org.jruby.joni Highest Product pom name Joni High Version pom version 2.1.43 Highest
jruby-complete-9.3.8.0.jar (shaded: org.jruby:dirgra:0.3)Description:
Simple Directed Graph License:
EPL: http://www.eclipse.org/legal/epl-v10.html File Path: /home/runner/.gradle/caches/modules-2/files-2.1/org.jruby/jruby-complete/9.3.8.0/8e11191265ab501930125081d8c21a3f55f1b8cd/jruby-complete-9.3.8.0.jar/META-INF/maven/org.jruby/dirgra/pom.xml
MD5: 4d7f76247a22e56064ab9db464794cd4
SHA1: 91c78b3f134c5b1f04d3a6447d246cf0a0d9a8e2
SHA256: d0f49f7eaf14307bc8ce44b14fe999c1330e029043f6e8a125b5a9f7ed1c417a
Referenced In Projects/Scopes: documentation:__$$asciidoctorj$$___r documentation:__$$asciidoctorj_asciidoctor$$__r Evidence Type Source Name Value Confidence Vendor pom artifactid dirgra Low Vendor pom developer email tom.enebo@gmail.com Low Vendor pom developer id enebo Medium Vendor pom developer name Thomas E. Enebo Medium Vendor pom groupid org.jruby Highest Vendor pom name Dirgra High Vendor pom url jruby/dirgra Highest Product pom artifactid dirgra Highest Product pom developer email tom.enebo@gmail.com Low Product pom developer id enebo Low Product pom developer name Thomas E. Enebo Low Product pom groupid org.jruby Highest Product pom name Dirgra High Product pom url jruby/dirgra High Version pom version 0.3 Highest
jruby-complete-9.3.8.0.jar (shaded: org.jruby:jruby-base:9.3.8.0)File Path: /home/runner/.gradle/caches/modules-2/files-2.1/org.jruby/jruby-complete/9.3.8.0/8e11191265ab501930125081d8c21a3f55f1b8cd/jruby-complete-9.3.8.0.jar/META-INF/maven/org.jruby/jruby-base/pom.xmlMD5: 38df003437aebcf620ce9ce72bbce81cSHA1: 30d7a33eee5406164c3ec8089edff0452746da7bSHA256: cd294c6d580215fe80782cd0f36520d77a0ed84a211f47a238085f894af4541fReferenced In Projects/Scopes:
documentation:__$$asciidoctorj$$___r documentation:__$$asciidoctorj_asciidoctor$$__r Evidence Type Source Name Value Confidence Vendor pom artifactid jruby-base Low Vendor pom groupid org.jruby Highest Vendor pom name JRuby Base High Vendor pom parent-artifactid jruby-parent Low Product pom artifactid jruby-base Highest Product pom groupid org.jruby Highest Product pom name JRuby Base High Product pom parent-artifactid jruby-parent Medium Version pom version 9.3.8.0 Highest
jruby-complete-9.3.8.0.jar (shaded: org.jruby:jruby-core:9.3.8.0)File Path: /home/runner/.gradle/caches/modules-2/files-2.1/org.jruby/jruby-complete/9.3.8.0/8e11191265ab501930125081d8c21a3f55f1b8cd/jruby-complete-9.3.8.0.jar/META-INF/maven/org.jruby/jruby-core/pom.xmlMD5: 7105cc82edfb7d6fd77f4c1a8b6d7f1aSHA1: 1b17b9b7e8eb6c5351136c2c80e041be80bf3a5eSHA256: 9aff65fffb6c5db14304e523e8a7de80e38ebac12cb5711c0bdfa5a18cd050b3Referenced In Projects/Scopes:
documentation:__$$asciidoctorj$$___r documentation:__$$asciidoctorj_asciidoctor$$__r Evidence Type Source Name Value Confidence Vendor pom artifactid jruby-core Low Vendor pom groupid org.jruby Highest Vendor pom name JRuby Core High Vendor pom parent-artifactid jruby-parent Low Product pom artifactid jruby-core Highest Product pom groupid org.jruby Highest Product pom name JRuby Core High Product pom parent-artifactid jruby-parent Medium Version pom version 9.3.8.0 Highest
jruby-complete-9.3.8.0.jar (shaded: org.jruby:jruby-stdlib:9.3.8.0)File Path: /home/runner/.gradle/caches/modules-2/files-2.1/org.jruby/jruby-complete/9.3.8.0/8e11191265ab501930125081d8c21a3f55f1b8cd/jruby-complete-9.3.8.0.jar/META-INF/maven/org.jruby/jruby-stdlib/pom.xmlMD5: 5b3dd30283430bc13c278cb8043ec30aSHA1: c6d66034002c3e5a2e53f9d7bd9374faf1eba9eeSHA256: 82298921e4b5bddc6bdfaa9bfe1f475edc59dadd64b3498fdc9607831a22ae1bReferenced In Projects/Scopes:
documentation:__$$asciidoctorj$$___r documentation:__$$asciidoctorj_asciidoctor$$__r Evidence Type Source Name Value Confidence Vendor pom artifactid jruby-stdlib Low Vendor pom groupid org.jruby Highest Vendor pom name JRuby Lib Setup High Vendor pom parent-artifactid jruby-parent Low Product pom artifactid jruby-stdlib Highest Product pom groupid org.jruby Highest Product pom name JRuby Lib Setup High Product pom parent-artifactid jruby-parent Medium Version pom version 9.3.8.0 Highest
jruby-complete-9.3.8.0.jarDescription:
JRuby 9.3.8.0 OSGi bundle License:
http://www.gnu.org/licenses/gpl-2.0-standalone.html, http://www.gnu.org/licenses/lgpl-2.1-standalone.html, http://www.eclipse.org/legal/epl-v20.html File Path: /home/runner/.gradle/caches/modules-2/files-2.1/org.jruby/jruby-complete/9.3.8.0/8e11191265ab501930125081d8c21a3f55f1b8cd/jruby-complete-9.3.8.0.jar
MD5: 2d5ad438a1fefda48f8ab797454f43fd
SHA1: 8e11191265ab501930125081d8c21a3f55f1b8cd
SHA256: b574542f75c71d543ae057a707ca9840e778d62ab6da610e94cd7bbfa5eef5d5
Referenced In Projects/Scopes: documentation:__$$asciidoctorj$$___r documentation:__$$asciidoctorj_asciidoctor$$__r jruby-complete-9.3.8.0.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.asciidoctor/asciidoctorj@2.5.7 pkg:maven/org.asciidoctor/asciidoctorj@2.5.7 pkg:maven/io.freefair.gradle/documentation@8.6 pkg:maven/io.freefair.gradle/documentation@8.6 Evidence Type Source Name Value Confidence Vendor file name jruby-complete High Vendor gradle artifactid jruby-complete Highest Vendor gradle groupid org.jruby Highest Vendor jar package name jruby Highest Vendor jar package name org Highest Vendor Manifest automatic-module-name org.jruby.complete Medium Vendor Manifest bundle-docurl https://www.jruby.org Low Vendor Manifest bundle-symbolicname org.jruby.jruby Medium Vendor Manifest embed-transitive true Low Vendor pom artifactid jruby-complete Low Vendor pom groupid org.jruby Highest Vendor pom name JRuby Complete High Vendor pom parent-artifactid jruby-artifacts Low Product file name jruby-complete High Product gradle artifactid jruby-complete Highest Product jar package name jruby Highest Product jar package name org Highest Product jar package name osgi Highest Product Manifest automatic-module-name org.jruby.complete Medium Product Manifest bundle-docurl https://www.jruby.org Low Product Manifest Bundle-Name JRuby 9.3.8.0 Medium Product Manifest bundle-symbolicname org.jruby.jruby Medium Product Manifest embed-transitive true Low Product pom artifactid jruby-complete Highest Product pom groupid org.jruby Highest Product pom name JRuby Complete High Product pom parent-artifactid jruby-artifacts Medium Version file version 9.3.8.0 High Version gradle version 9.3.8.0 Highest Version Manifest Bundle-Version 9.3.8.0 High Version pom version 9.3.8.0 Highest
jruby-complete-9.3.8.0.jar: bcpkix-jdk15on-1.68.jarFile Path: /home/runner/.gradle/caches/modules-2/files-2.1/org.jruby/jruby-complete/9.3.8.0/8e11191265ab501930125081d8c21a3f55f1b8cd/jruby-complete-9.3.8.0.jar/META-INF/jruby.home/lib/ruby/stdlib/org/bouncycastle/bcpkix-jdk15on/1.68/bcpkix-jdk15on-1.68.jarMD5: 37e058210e056a04d4521d8185fb0051SHA1: 81da950604ff0b2652348cbd2b48fde46ced9867SHA256: fb8d0f8f673ad6e16c604732093d7aa31b26ff4e0bd9cae1d7f99984c06b8a0fReferenced In Projects/Scopes:
documentation:__$$asciidoctorj$$___r documentation:__$$asciidoctorj_asciidoctor$$__r Evidence Type Source Name Value Confidence Vendor file name bcpkix-jdk15on High Vendor jar package name bouncycastle Highest Vendor jar package name bouncycastle Low Vendor jar package name pkix Highest Vendor Manifest application-library-allowable-codebase * Low Vendor Manifest application-name Bouncy Castle PKIX API Medium Vendor Manifest automatic-module-name org.bouncycastle.pkix Medium Vendor Manifest bundle-requiredexecutionenvironment J2SE-1.5 Low Vendor Manifest bundle-symbolicname bcpkix Medium Vendor Manifest caller-allowable-codebase * Low Vendor Manifest codebase * Low Vendor Manifest extension-name org.bouncycastle.bcpkix Medium Vendor Manifest Implementation-Vendor BouncyCastle.org High Vendor Manifest Implementation-Vendor-Id org.bouncycastle Medium Vendor Manifest multi-release true Low Vendor Manifest originally-created-by 25.275-b01 (Private Build) Low Vendor Manifest permissions all-permissions Low Vendor Manifest specification-vendor BouncyCastle.org Low Vendor Manifest trusted-library true Low Product file name bcpkix-jdk15on High Product jar package name bouncycastle Highest Product jar package name pkix Highest Product Manifest application-library-allowable-codebase * Low Product Manifest application-name Bouncy Castle PKIX API Medium Product Manifest automatic-module-name org.bouncycastle.pkix Medium Product Manifest Bundle-Name bcpkix Medium Product Manifest bundle-requiredexecutionenvironment J2SE-1.5 Low Product Manifest bundle-symbolicname bcpkix Medium Product Manifest caller-allowable-codebase * Low Product Manifest codebase * Low Product Manifest extension-name org.bouncycastle.bcpkix Medium Product Manifest multi-release true Low Product Manifest originally-created-by 25.275-b01 (Private Build) Low Product Manifest permissions all-permissions Low Product Manifest trusted-library true Low Version file name bcpkix-jdk15on Medium Version file version 1.68 High Version Manifest Bundle-Version 1.68 High Version Manifest Implementation-Version 1.68.00.0 High
jruby-complete-9.3.8.0.jar: bcprov-jdk15on-1.68.jarFile Path: /home/runner/.gradle/caches/modules-2/files-2.1/org.jruby/jruby-complete/9.3.8.0/8e11191265ab501930125081d8c21a3f55f1b8cd/jruby-complete-9.3.8.0.jar/META-INF/jruby.home/lib/ruby/stdlib/org/bouncycastle/bcprov-jdk15on/1.68/bcprov-jdk15on-1.68.jarMD5: f34043ac8be2793843364b4406a15543SHA1: 46a080368d38b428d237a59458f9bc915222894dSHA256: f732a46c8de7e2232f2007c682a21d1f4cc8a8a0149b6b7bd6aa1afdc65a0f8dReferenced In Projects/Scopes:
documentation:__$$asciidoctorj$$___r documentation:__$$asciidoctorj_asciidoctor$$__r Evidence Type Source Name Value Confidence Vendor file name bcprov-jdk15on High Vendor jar package name bouncycastle Highest Vendor jar package name bouncycastle Low Vendor jar package name org Highest Vendor jar package name provider Highest Vendor Manifest application-library-allowable-codebase * Low Vendor Manifest application-name Bouncy Castle Provider Medium Vendor Manifest automatic-module-name org.bouncycastle.provider Medium Vendor Manifest bundle-requiredexecutionenvironment J2SE-1.5 Low Vendor Manifest bundle-symbolicname bcprov Medium Vendor Manifest caller-allowable-codebase * Low Vendor Manifest codebase * Low Vendor Manifest extension-name org.bouncycastle.bcprovider Medium Vendor Manifest Implementation-Vendor BouncyCastle.org High Vendor Manifest Implementation-Vendor-Id org.bouncycastle Medium Vendor Manifest multi-release true Low Vendor Manifest originally-created-by 25.275-b01 (Private Build) Low Vendor Manifest permissions all-permissions Low Vendor Manifest specification-vendor BouncyCastle.org Low Vendor Manifest trusted-library true Low Product file name bcprov-jdk15on High Product hint analyzer product legion-of-the-bouncy-castle-java-crytography-api High Product hint analyzer product the_bouncy_castle_crypto_package_for_java High Product jar package name bouncycastle Highest Product jar package name org Highest Product jar package name provider Highest Product Manifest application-library-allowable-codebase * Low Product Manifest application-name Bouncy Castle Provider Medium Product Manifest automatic-module-name org.bouncycastle.provider Medium Product Manifest Bundle-Name bcprov Medium Product Manifest bundle-requiredexecutionenvironment J2SE-1.5 Low Product Manifest bundle-symbolicname bcprov Medium Product Manifest caller-allowable-codebase * Low Product Manifest codebase * Low Product Manifest extension-name org.bouncycastle.bcprovider Medium Product Manifest multi-release true Low Product Manifest originally-created-by 25.275-b01 (Private Build) Low Product Manifest permissions all-permissions Low Product Manifest trusted-library true Low Version file version 1.68 High Version Manifest Implementation-Version 1.68.0 High
CVE-2023-33202 suppress
Bouncy Castle for Java before 1.73 contains a potential Denial of Service (DoS) issue within the Bouncy Castle org.bouncycastle.openssl.PEMParser class. This class parses OpenSSL PEM encoded streams containing X.509 certificates, PKCS8 encoded keys, and PKCS7 objects. Parsing a file that has crafted ASN.1 data through the PEMParser causes an OutOfMemoryError, which can enable a denial of service attack. (For users of the FIPS Java API: BC-FJA 1.0.2.3 and earlier are affected; BC-FJA 1.0.2.4 is fixed.) CWE-400 Uncontrolled Resource Consumption
CVSSv3:
Base Score: MEDIUM (5.5) Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:1.8/RC:R/MAV:A References:
Vulnerable Software & Versions:
jruby-complete-9.3.8.0.jar: bctls-jdk15on-1.68.jarFile Path: /home/runner/.gradle/caches/modules-2/files-2.1/org.jruby/jruby-complete/9.3.8.0/8e11191265ab501930125081d8c21a3f55f1b8cd/jruby-complete-9.3.8.0.jar/META-INF/jruby.home/lib/ruby/stdlib/org/bouncycastle/bctls-jdk15on/1.68/bctls-jdk15on-1.68.jarMD5: 31459bc4acb8b285deffd1f163751046SHA1: 5046fe5893b16dd7e72a34d04d25c83968ddeff3SHA256: 9d862b35f241debf89211d92fb5ba5a0b0ac1ddb2c9ae214b84d80bc285bab25Referenced In Projects/Scopes:
documentation:__$$asciidoctorj$$___r documentation:__$$asciidoctorj_asciidoctor$$__r Evidence Type Source Name Value Confidence Vendor file name bctls-jdk15on High Vendor jar package name bouncycastle Highest Vendor jar package name bouncycastle Low Vendor jar package name org Highest Vendor jar package name provider Highest Vendor jar package name tls Highest Vendor Manifest application-library-allowable-codebase * Low Vendor Manifest application-name Bouncy Castle TLS API and Provider Medium Vendor Manifest automatic-module-name org.bouncycastle.tls Medium Vendor Manifest bundle-requiredexecutionenvironment J2SE-1.5 Low Vendor Manifest bundle-symbolicname bctls Medium Vendor Manifest caller-allowable-codebase * Low Vendor Manifest codebase * Low Vendor Manifest extension-name org.bouncycastle.bctls Medium Vendor Manifest Implementation-Vendor BouncyCastle.org High Vendor Manifest Implementation-Vendor-Id org.bouncycastle Medium Vendor Manifest multi-release true Low Vendor Manifest originally-created-by 25.275-b01 (Private Build) Low Vendor Manifest permissions all-permissions Low Vendor Manifest specification-vendor BouncyCastle.org Low Vendor Manifest trusted-library true Low Product file name bctls-jdk15on High Product jar package name bouncycastle Highest Product jar package name org Highest Product jar package name provider Highest Product jar package name tls Highest Product Manifest application-library-allowable-codebase * Low Product Manifest application-name Bouncy Castle TLS API and Provider Medium Product Manifest automatic-module-name org.bouncycastle.tls Medium Product Manifest Bundle-Name bctls Medium Product Manifest bundle-requiredexecutionenvironment J2SE-1.5 Low Product Manifest bundle-symbolicname bctls Medium Product Manifest caller-allowable-codebase * Low Product Manifest codebase * Low Product Manifest extension-name org.bouncycastle.bctls Medium Product Manifest multi-release true Low Product Manifest originally-created-by 25.275-b01 (Private Build) Low Product Manifest permissions all-permissions Low Product Manifest trusted-library true Low Version file name bctls-jdk15on Medium Version file version 1.68 High Version Manifest Bundle-Version 1.68 High Version Manifest Implementation-Version 1.68.00.0 High
jruby-complete-9.3.8.0.jar: cparse-jruby.jarFile Path: /home/runner/.gradle/caches/modules-2/files-2.1/org.jruby/jruby-complete/9.3.8.0/8e11191265ab501930125081d8c21a3f55f1b8cd/jruby-complete-9.3.8.0.jar/META-INF/jruby.home/lib/ruby/stdlib/racc/cparse-jruby.jarMD5: d44fe1421fbbcebaa9f922dc8f9ee90eSHA1: dde4adfef288358dafebc1857a4dbef5b41c20d1SHA256: 52a75469ecab7e6a4a6f79e5419c4e8d881d42f830b0d287091ef1c498123c34Referenced In Projects/Scopes:
documentation:__$$asciidoctorj$$___r documentation:__$$asciidoctorj_asciidoctor$$__r Evidence Type Source Name Value Confidence Vendor file name cparse-jruby High Vendor jar package name headius Low Vendor jar package name racc Low Product file name cparse-jruby High Product jar package name racc Low
jruby-complete-9.3.8.0.jar: darkfish.jsFile Path: /home/runner/.gradle/caches/modules-2/files-2.1/org.jruby/jruby-complete/9.3.8.0/8e11191265ab501930125081d8c21a3f55f1b8cd/jruby-complete-9.3.8.0.jar/META-INF/jruby.home/lib/ruby/stdlib/rdoc/generator/template/darkfish/js/darkfish.jsMD5: 14a006c8a8c126d3a032db6a6778a2d6SHA1: 5de3c13a83ac02d213bacc7c5642673b7692f1c9SHA256: 00cb86c2c4b1d8d18f1971ca0b2cd7eb5ecad12a68db6c78d575e053a853ce39Referenced In Projects/Scopes:
documentation:__$$asciidoctorj$$___r documentation:__$$asciidoctorj_asciidoctor$$__r Evidence Type Source Name Value Confidence
jruby-complete-9.3.8.0.jar: generator.jarFile Path: /home/runner/.gradle/caches/modules-2/files-2.1/org.jruby/jruby-complete/9.3.8.0/8e11191265ab501930125081d8c21a3f55f1b8cd/jruby-complete-9.3.8.0.jar/META-INF/jruby.home/lib/ruby/stdlib/json/ext/generator.jarMD5: 6db38de099e2ce60c777cb168de21e0dSHA1: 76ea0e00c7db180f3f2432fb0120bcea19ff2dc8SHA256: f6d4a830771618e697220f5707eabe831e25d46aff8da9e7cc5b60ef744714a3Referenced In Projects/Scopes:
documentation:__$$asciidoctorj$$___r documentation:__$$asciidoctorj_asciidoctor$$__r Evidence Type Source Name Value Confidence Vendor file name generator High Vendor jar package name ext Low Vendor jar package name json Low Product file name generator High Product jar package name ext Low
jruby-complete-9.3.8.0.jar: jline-2.14.6.jarLicense:
The BSD License: http://www.opensource.org/licenses/bsd-license.php File Path: /home/runner/.gradle/caches/modules-2/files-2.1/org.jruby/jruby-complete/9.3.8.0/8e11191265ab501930125081d8c21a3f55f1b8cd/jruby-complete-9.3.8.0.jar/META-INF/jruby.home/lib/ruby/stdlib/jline/jline/2.14.6/jline-2.14.6.jar
MD5: 480423551649bc6980b43f09e4717272
SHA1: c3aeac59c022bdc497c8c48ed86fa50450e4896a
SHA256: 97d1acaac82409be42e622d7a54d3ae9d08517e8aefdea3d2ba9791150c2f02d
Referenced In Projects/Scopes: documentation:__$$asciidoctorj$$___r documentation:__$$asciidoctorj_asciidoctor$$__r Evidence Type Source Name Value Confidence Vendor file name jline High Vendor jar package name jline Highest Vendor Manifest bundle-symbolicname jline Medium Vendor pom artifactid jline Low Vendor pom developer email gnodet@gmail.com Low Vendor pom developer email jason@planet57.com Low Vendor pom developer email mprudhom@gmail.com Low Vendor pom developer id gnodet Medium Vendor pom developer id jdillon Medium Vendor pom developer id mprudhom Medium Vendor pom developer name Guillaume Nodet Medium Vendor pom developer name Jason Dillon Medium Vendor pom developer name Marc Prud'hommeaux Medium Vendor pom groupid jline Highest Vendor pom name JLine High Product file name jline High Product jar package name jline Highest Product Manifest Bundle-Name JLine Medium Product Manifest bundle-symbolicname jline Medium Product pom artifactid jline Highest Product pom developer email gnodet@gmail.com Low Product pom developer email jason@planet57.com Low Product pom developer email mprudhom@gmail.com Low Product pom developer id gnodet Low Product pom developer id jdillon Low Product pom developer id mprudhom Low Product pom developer name Guillaume Nodet Low Product pom developer name Jason Dillon Low Product pom developer name Marc Prud'hommeaux Low Product pom groupid jline Highest Product pom name JLine High Version file version 2.14.6 High Version Manifest Bundle-Version 2.14.6 High Version pom version 2.14.6 Highest
jruby-complete-9.3.8.0.jar: jopenssl.jar (shaded: rubygems:jruby-openssl:0.13.0)Description:
JRuby-OpenSSL is an add-on gem for JRuby that emulates the Ruby OpenSSL native library. License:
EPL-1.0: http://opensource.org/licenses/EPL-1.0
GPL-2.0: http://opensource.org/licenses/GPL-2.0
LGPL-2.1: http://opensource.org/licenses/LGPL-2.1 File Path: /home/runner/.gradle/caches/modules-2/files-2.1/org.jruby/jruby-complete/9.3.8.0/8e11191265ab501930125081d8c21a3f55f1b8cd/jruby-complete-9.3.8.0.jar/META-INF/jruby.home/lib/ruby/stdlib/jopenssl.jar/META-INF/maven/rubygems/jruby-openssl/pom.xml
MD5: 7d01b449528196196f27f061da72a97d
SHA1: e27fc66c82ed5b144afc548817047a577bb1383d
SHA256: eaa82ac5816e9e562bd3d3b8f00b19db4ca10201faf9bc5f72b3fac9c02c839e
Referenced In Projects/Scopes: documentation:__$$asciidoctorj$$___r documentation:__$$asciidoctorj_asciidoctor$$__r Evidence Type Source Name Value Confidence Vendor pom artifactid jruby-openssl Low Vendor pom developer email self+jruby-openssl@kares.org Low Vendor pom developer name JRuby contributors Medium Vendor pom developer name Karol Bucek Medium Vendor pom developer name Ola Bini Medium Vendor pom groupid rubygems Highest Vendor pom name JRuby OpenSSL High Vendor pom url jruby/jruby-openssl Highest Product pom artifactid jruby-openssl Highest Product pom developer email self+jruby-openssl@kares.org Low Product pom developer name JRuby contributors Low Product pom developer name Karol Bucek Low Product pom developer name Ola Bini Low Product pom groupid rubygems Highest Product pom name JRuby OpenSSL High Product pom url jruby/jruby-openssl High Version pom version 0.13.0 Highest
jruby-complete-9.3.8.0.jar: jopenssl.jarFile Path: /home/runner/.gradle/caches/modules-2/files-2.1/org.jruby/jruby-complete/9.3.8.0/8e11191265ab501930125081d8c21a3f55f1b8cd/jruby-complete-9.3.8.0.jar/META-INF/jruby.home/lib/ruby/stdlib/jopenssl.jarMD5: 8b010aa9489d4acc20f11fe933ef17cdSHA1: 602fff52a522aee546c55174e4ca560c93dc0425SHA256: 76f6d5357e0ebb2c8dff1d259d09763d47d4931e0132821469d08a98a95ff0f5Referenced In Projects/Scopes:
documentation:__$$asciidoctorj$$___r documentation:__$$asciidoctorj_asciidoctor$$__r Evidence Type Source Name Value Confidence Vendor file name jopenssl High Vendor jar package name ext Low Vendor jar package name jruby Low Vendor jar package name openssl Low Product file name jopenssl High Product jar package name ext Low Product jar package name openssl Low
jruby-complete-9.3.8.0.jar: navigation.jsFile Path: /home/runner/.gradle/caches/modules-2/files-2.1/org.jruby/jruby-complete/9.3.8.0/8e11191265ab501930125081d8c21a3f55f1b8cd/jruby-complete-9.3.8.0.jar/META-INF/jruby.home/lib/ruby/stdlib/rdoc/generator/template/json_index/js/navigation.jsMD5: 0f2526548577d42eed5939333c321065SHA1: a99b9374c2e37d315a6279b9238615252becac49SHA256: 757a5fb0031eb9bc47912ec87bcf16ce5ae855bb072bdb318437ffd806d7ee56Referenced In Projects/Scopes:
documentation:__$$asciidoctorj$$___r documentation:__$$asciidoctorj_asciidoctor$$__r Evidence Type Source Name Value Confidence
jruby-complete-9.3.8.0.jar: parser.jarFile Path: /home/runner/.gradle/caches/modules-2/files-2.1/org.jruby/jruby-complete/9.3.8.0/8e11191265ab501930125081d8c21a3f55f1b8cd/jruby-complete-9.3.8.0.jar/META-INF/jruby.home/lib/ruby/stdlib/json/ext/parser.jarMD5: 83373299e1f1bdcb6b4808cfb81a6506SHA1: 5499bb123ddf779ce9627a7b99d2d1e0b9eb63ccSHA256: c2018bf2eb02def0ba64b784d05ec5019db9f7ebfdcd01f9e36efb6b745318c4Referenced In Projects/Scopes:
documentation:__$$asciidoctorj$$___r documentation:__$$asciidoctorj_asciidoctor$$__r Evidence Type Source Name Value Confidence Vendor file name parser High Vendor jar package name ext Low Vendor jar package name json Low Product file name parser High Product jar package name ext Low
jruby-complete-9.3.8.0.jar: psych.jarFile Path: /home/runner/.gradle/caches/modules-2/files-2.1/org.jruby/jruby-complete/9.3.8.0/8e11191265ab501930125081d8c21a3f55f1b8cd/jruby-complete-9.3.8.0.jar/META-INF/jruby.home/lib/ruby/stdlib/psych.jarMD5: 30566c4d2a723788b9368cc0b6759147SHA1: 51c6c3b4a4dbca8fb1c184f3691c26d222829854SHA256: 8938f788b10374cef7ca1968f6523b1eedb679da944c871987067dca6051d7c0Referenced In Projects/Scopes:
documentation:__$$asciidoctorj$$___r documentation:__$$asciidoctorj_asciidoctor$$__r Evidence Type Source Name Value Confidence Vendor file name psych High Vendor jar package name ext Low Vendor jar package name jruby Low Vendor jar package name psych Low Product file name psych High Product jar package name ext Low Product jar package name psych Low
jruby-complete-9.3.8.0.jar: readline.jar (shaded: rubygems:jruby-readline:1.3.7)Description:
readline extension for JRuby License:
EPL-1.0: http://opensource.org/licenses/EPL-1.0
GPL-2.0: http://opensource.org/licenses/GPL-2.0
LGPL-2.1: http://opensource.org/licenses/LGPL-2.1 File Path: /home/runner/.gradle/caches/modules-2/files-2.1/org.jruby/jruby-complete/9.3.8.0/8e11191265ab501930125081d8c21a3f55f1b8cd/jruby-complete-9.3.8.0.jar/META-INF/jruby.home/lib/ruby/stdlib/readline.jar/META-INF/maven/rubygems/jruby-readline/pom.xml
MD5: f675c86ab93d2adadaab3e9ec7445fe6
SHA1: 3cb722b663bcb103aafaed0789d9491684d21eb6
SHA256: b931e0b3f3ff77ee17bb63301f5caabd262e046db28f190c434f565249383408
Referenced In Projects/Scopes: documentation:__$$asciidoctorj$$___r documentation:__$$asciidoctorj_asciidoctor$$__r Evidence Type Source Name Value Confidence Vendor pom artifactid jruby-readline Low Vendor pom developer email dev@jruby.org Low Vendor pom developer name JRuby contributors Medium Vendor pom groupid rubygems Highest Vendor pom name JRuby Readline High Vendor pom url jruby/jruby Highest Product pom artifactid jruby-readline Highest Product pom developer email dev@jruby.org Low Product pom developer name JRuby contributors Low Product pom groupid rubygems Highest Product pom name JRuby Readline High Product pom url jruby/jruby High Version pom version 1.3.7 Highest
jruby-complete-9.3.8.0.jar: readline.jarFile Path: /home/runner/.gradle/caches/modules-2/files-2.1/org.jruby/jruby-complete/9.3.8.0/8e11191265ab501930125081d8c21a3f55f1b8cd/jruby-complete-9.3.8.0.jar/META-INF/jruby.home/lib/ruby/stdlib/readline.jarMD5: ee095d6e2062601784e821c0761b7a8dSHA1: f94495275a3d40af13986495b60d7a2029d8eba5SHA256: 25f6e191a7cddf15c926d9c5fb598237517b201d041f35f5cd01ae446b17d9d4Referenced In Projects/Scopes:
documentation:__$$asciidoctorj$$___r documentation:__$$asciidoctorj_asciidoctor$$__r Evidence Type Source Name Value Confidence Vendor file name readline High Vendor jar package name demo Low Vendor jar package name jruby Low Vendor jar package name readline Low Product file name readline High Product jar package name demo Low Product jar package name readline Low
jruby-complete-9.3.8.0.jar: search.jsFile Path: /home/runner/.gradle/caches/modules-2/files-2.1/org.jruby/jruby-complete/9.3.8.0/8e11191265ab501930125081d8c21a3f55f1b8cd/jruby-complete-9.3.8.0.jar/META-INF/jruby.home/lib/ruby/stdlib/rdoc/generator/template/darkfish/js/search.jsMD5: 84b747a9f491cfb6740ab520d0c0602cSHA1: 7227a18b55ac08a0f8cc03ea8ac063f6dba1a1e5SHA256: 972b0c1524a5789afa094459c524b4a7333b58536c9b2db6280468621a2c5439Referenced In Projects/Scopes:
documentation:__$$asciidoctorj$$___r documentation:__$$asciidoctorj_asciidoctor$$__r Evidence Type Source Name Value Confidence
jruby-complete-9.3.8.0.jar: searcher.jsFile Path: /home/runner/.gradle/caches/modules-2/files-2.1/org.jruby/jruby-complete/9.3.8.0/8e11191265ab501930125081d8c21a3f55f1b8cd/jruby-complete-9.3.8.0.jar/META-INF/jruby.home/lib/ruby/stdlib/rdoc/generator/template/json_index/js/searcher.jsMD5: e6753e62548eadebce36524f6178fd0bSHA1: ff8ca51fd50d759d6ad7b78a171c8646968f7520SHA256: e1b5467dd44b05a13e7b798a9c149954e9861089575dcaf8b302489c44bc359aReferenced In Projects/Scopes:
documentation:__$$asciidoctorj$$___r documentation:__$$asciidoctorj_asciidoctor$$__r Evidence Type Source Name Value Confidence
jruby-complete-9.3.8.0.jar: snakeyaml-1.31.jarDescription:
YAML 1.1 parser and emitter for Java License:
Apache License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /home/runner/.gradle/caches/modules-2/files-2.1/org.jruby/jruby-complete/9.3.8.0/8e11191265ab501930125081d8c21a3f55f1b8cd/jruby-complete-9.3.8.0.jar/META-INF/jruby.home/lib/ruby/stdlib/org/yaml/snakeyaml/1.31/snakeyaml-1.31.jar
MD5: b5db04d0705604e0fadcd5f66ad65d60
SHA1: cf26b7b05fef01e7bec00cb88ab4feeeba743e12
SHA256: 64ff54977e93243b5431b9335bb6a90c05ec7c9f189298a36575c58de72e1c07
Referenced In Projects/Scopes: documentation:__$$asciidoctorj$$___r documentation:__$$asciidoctorj_asciidoctor$$__r Evidence Type Source Name Value Confidence Vendor file name snakeyaml High Vendor jar package name emitter Highest Vendor jar package name parser Highest Vendor jar package name snakeyaml Highest Vendor jar package name yaml Highest Vendor Manifest automatic-module-name org.yaml.snakeyaml Medium Vendor Manifest bundle-symbolicname org.yaml.snakeyaml Medium Vendor pom artifactid snakeyaml Low Vendor pom developer email alexander.maslov@gmail.com Low Vendor pom developer email public.somov@gmail.com Low Vendor pom developer id asomov Medium Vendor pom developer id maslovalex Medium Vendor pom developer name Alexander Maslov Medium Vendor pom developer name Andrey Somov Medium Vendor pom groupid org.yaml Highest Vendor pom name SnakeYAML High Vendor pom url https://bitbucket.org/snakeyaml/snakeyaml Highest Product file name snakeyaml High Product jar package name emitter Highest Product jar package name parser Highest Product jar package name snakeyaml Highest Product jar package name yaml Highest Product Manifest automatic-module-name org.yaml.snakeyaml Medium Product Manifest Bundle-Name SnakeYAML Medium Product Manifest bundle-symbolicname org.yaml.snakeyaml Medium Product pom artifactid snakeyaml Highest Product pom developer email alexander.maslov@gmail.com Low Product pom developer email public.somov@gmail.com Low Product pom developer id asomov Low Product pom developer id maslovalex Low Product pom developer name Alexander Maslov Low Product pom developer name Andrey Somov Low Product pom groupid org.yaml Highest Product pom name SnakeYAML High Product pom url https://bitbucket.org/snakeyaml/snakeyaml Medium Version file version 1.31 High Version pom version 1.31 Highest
CVE-2022-1471 suppress
SnakeYaml's Constructor() class does not restrict types which can be instantiated during deserialization.��Deserializing yaml content provided by an attacker can lead to remote code execution. We recommend using SnakeYaml's SafeConsturctor when parsing untrusted content to restrict deserialization. We recommend upgrading to version 2.0 and beyond.
CWE-502 Deserialization of Untrusted Data, CWE-20 Improper Input Validation
CVSSv3:
Base Score: CRITICAL (9.8) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:3.9/RC:R/MAV:A References:
Vulnerable Software & Versions:
CVE-2022-38751 (OSSINDEX) suppress
Using snakeYAML to parse untrusted YAML files may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stackoverflow. CWE-787 Out-of-bounds Write
CVSSv3:
Base Score: MEDIUM (6.5) Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H References:
Vulnerable Software & Versions (OSSINDEX):
cpe:2.3:a:org.yaml:snakeyaml:1.31:*:*:*:*:*:*:* CVE-2022-38752 suppress
Using snakeYAML to parse untrusted YAML files may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stack-overflow. CWE-787 Out-of-bounds Write, CWE-121 Stack-based Buffer Overflow
CVSSv3:
Base Score: MEDIUM (6.5) Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:2.8/RC:R/MAV:A References:
Vulnerable Software & Versions:
CVE-2022-41854 suppress
Those using Snakeyaml to parse untrusted YAML files may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stack overflow. This effect may support a denial of service attack. CWE-787 Out-of-bounds Write, CWE-121 Stack-based Buffer Overflow
CVSSv3:
Base Score: MEDIUM (6.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:2.8/RC:R/MAV:A References:
Vulnerable Software & Versions:
jsoup-1.17.2.jarDescription:
jsoup is a Java library that simplifies working with real-world HTML and XML. It offers an easy-to-use API for URL fetching, data parsing, extraction, and manipulation using DOM API methods, CSS, and xpath selectors. jsoup implements the WHATWG HTML5 specification, and parses HTML to the same DOM as modern browsers. License:
The MIT License: https://jsoup.org/license File Path: /home/runner/.gradle/caches/modules-2/files-2.1/org.jsoup/jsoup/1.17.2/1e75b08d7019546a954f1e359477f916f537a34d/jsoup-1.17.2.jar
MD5: d9dd58c3f8a09f45e57d85e78993be6e
SHA1: 1e75b08d7019546a954f1e359477f916f537a34d
SHA256: f60b33b38e9d7ac93eaaa68a6c70f706bb99036494b2e2add2bfee11d09ac6f5
Referenced In Projects/Scopes: documentation:javadocClasspath maven-plugin-plugin:compileClasspath maven-plugin-plugin:runtimeClasspath jsoup-1.17.2.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/io.freefair.gradle/maven-plugin-plugin@8.6 pkg:maven/org.apache.maven.plugins/maven-plugin-plugin@3.11.0 pkg:maven/org.apache.maven.plugin-tools/maven-plugin-tools-annotations@3.11.0 pkg:maven/org.apache.maven.plugin-tools/maven-plugin-tools-annotations@3.11.0 pkg:maven/org.apache.maven.plugins/maven-plugin-plugin@3.11.0 pkg:maven/org.apache.maven.plugin-tools/maven-plugin-tools-generators@3.11.0 pkg:maven/org.apache.maven.plugin-tools/maven-plugin-tools-generators@3.11.0 Evidence Type Source Name Value Confidence Vendor file name jsoup High Vendor gradle artifactid jsoup Highest Vendor gradle groupid org.jsoup Highest Vendor jar package name jsoup Highest Vendor jar package name org Highest Vendor jar package name parser Highest Vendor Manifest build-jdk-spec 17 Low Vendor Manifest bundle-docurl https://jsoup.org/ Low Vendor Manifest bundle-symbolicname org.jsoup Medium Vendor Manifest Implementation-Vendor Jonathan Hedley High Vendor Manifest multi-release true Low Vendor Manifest originally-created-by Apache Maven Bundle Plugin 5.1.9 Low Vendor pom artifactid jsoup Low Vendor pom developer email jonathan@hedley.net Low Vendor pom developer id jhy Medium Vendor pom developer name Jonathan Hedley Medium Vendor pom groupid org.jsoup Highest Vendor pom name jsoup Java HTML Parser High Vendor pom organization name Jonathan Hedley High Vendor pom organization url https://jhy.io/ Medium Vendor pom url https://jsoup.org/ Highest Product file name jsoup High Product gradle artifactid jsoup Highest Product jar package name 9 Highest Product jar package name jsoup Highest Product jar package name org Highest Product jar package name parser Highest Product Manifest build-jdk-spec 17 Low Product Manifest bundle-docurl https://jsoup.org/ Low Product Manifest Bundle-Name jsoup Java HTML Parser Medium Product Manifest bundle-symbolicname org.jsoup Medium Product Manifest Implementation-Title jsoup Java HTML Parser High Product Manifest multi-release true Low Product Manifest originally-created-by Apache Maven Bundle Plugin 5.1.9 Low Product pom artifactid jsoup Highest Product pom developer email jonathan@hedley.net Low Product pom developer id jhy Low Product pom developer name Jonathan Hedley Low Product pom groupid org.jsoup Highest Product pom name jsoup Java HTML Parser High Product pom organization name Jonathan Hedley Low Product pom organization url https://jhy.io/ Low Product pom url https://jsoup.org/ Medium Version file version 1.17.2 High Version gradle version 1.17.2 Highest Version Manifest Bundle-Version 1.17.2 High Version Manifest Implementation-Version 1.17.2 High Version pom version 1.17.2 Highest
jtidy-r938.jarDescription:
JTidy is a Java port of HTML Tidy, a HTML syntax checker and pretty printer. Like its non-Java cousin, JTidy can be
used as a tool for cleaning up malformed and faulty HTML. In addition, JTidy provides a DOM interface to the
document that is being processed, which effectively makes you able to use JTidy as a DOM parser for real-world HTML.
License:
Java HTML Tidy License: http://jtidy.svn.sourceforge.net/viewvc/jtidy/trunk/jtidy/LICENSE.txt?revision=95 File Path: /home/runner/.gradle/caches/modules-2/files-2.1/net.sf.jtidy/jtidy/r938/ab08d87a225a715a69107732b67f21e1da930349/jtidy-r938.jar
MD5: 6a9121561b8f98c0a8fb9b6e57f50e6b
SHA1: ab08d87a225a715a69107732b67f21e1da930349
SHA256: 6fc03e51e73fa884f06e7eae0761e045e56fdeb4e146a4d952e3023cc9e3fb43
Referenced In Projects/Scopes: documentation:javadocClasspath maven-plugin-plugin:compileClasspath maven-plugin-plugin:runtimeClasspath jtidy-r938.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/io.freefair.gradle/maven-plugin-plugin@8.6 pkg:maven/org.apache.maven.plugins/maven-plugin-plugin@3.11.0 pkg:maven/org.apache.maven.plugins/maven-plugin-plugin@3.11.0 pkg:maven/org.apache.maven.plugin-tools/maven-plugin-tools-generators@3.11.0 pkg:maven/org.apache.maven.plugin-tools/maven-plugin-tools-generators@3.11.0 Evidence Type Source Name Value Confidence Vendor file name jtidy-r938 High Vendor gradle artifactid jtidy Highest Vendor gradle groupid net.sf.jtidy Highest Vendor jar package name parser Highest Vendor jar package name tidy Low Vendor jar package name w3c Low Vendor pom artifactid jtidy Low Vendor pom developer email atripp AT users.sourceforge.net Low Vendor pom developer email fgiust AT users.sourceforge.net Low Vendor pom developer email garypeskin AT users.sourceforge.net Low Vendor pom developer email lempinen AT users.sourceforge.net Low Vendor pom developer email russgold AT users.sourceforge.net Low Vendor pom developer id atripp Medium Vendor pom developer id fgiust Medium Vendor pom developer id garypeskin Medium Vendor pom developer id lempinen Medium Vendor pom developer id russgold Medium Vendor pom developer name Andy Tripp Medium Vendor pom developer name Fabrizio Giustina Medium Vendor pom developer name Gary L Peskin Medium Vendor pom developer name Russell Gold Medium Vendor pom developer name Sami Lempinen Medium Vendor pom developer org Sourceforge Medium Vendor pom groupid net.sf.jtidy Highest Vendor pom name JTidy High Vendor pom organization name sourceforge High Vendor pom organization url http://sourceforge.net Medium Vendor pom url http://jtidy.sourceforge.net Highest Product file name jtidy-r938 High Product gradle artifactid jtidy Highest Product jar package name parser Highest Product jar package name tidy Low Product pom artifactid jtidy Highest Product pom developer email atripp AT users.sourceforge.net Low Product pom developer email fgiust AT users.sourceforge.net Low Product pom developer email garypeskin AT users.sourceforge.net Low Product pom developer email lempinen AT users.sourceforge.net Low Product pom developer email russgold AT users.sourceforge.net Low Product pom developer id atripp Low Product pom developer id fgiust Low Product pom developer id garypeskin Low Product pom developer id lempinen Low Product pom developer id russgold Low Product pom developer name Andy Tripp Low Product pom developer name Fabrizio Giustina Low Product pom developer name Gary L Peskin Low Product pom developer name Russell Gold Low Product pom developer name Sami Lempinen Low Product pom developer org Sourceforge Low Product pom groupid net.sf.jtidy Highest Product pom name JTidy High Product pom organization name sourceforge Low Product pom organization url http://sourceforge.net Low Product pom url http://jtidy.sourceforge.net Medium Version gradle version r938 Highest Version pom version r938 Highest
CVE-2023-34623 suppress
An issue was discovered jtidy thru r938 allows attackers to cause a denial of service or other unspecified impacts via crafted object that uses cyclic dependencies. CWE-787 Out-of-bounds Write
CVSSv3:
Base Score: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:3.9/RC:R/MAV:A References:
Vulnerable Software & Versions:
junit-jupiter-api-5.10.2.jarFile Path: /home/runner/.gradle/caches/modules-2/files-2.1/org.junit.jupiter/junit-jupiter-api/5.10.2/fb55d6e2bce173f35fd28422e7975539621055ef/junit-jupiter-api-5.10.2.jarMD5: 6e691e23a36de8cbda5cbcc9f31461e3SHA1: fb55d6e2bce173f35fd28422e7975539621055efSHA256: afff77c186cd317275803872fa5133aa801fd6ac40bd91c78a6cf8009b4b17ccReferenced In Projects/Scopes:
documentation:javadocClasspath test-common:compileClasspath test-common:runtimeClasspath junit-jupiter-api-5.10.2.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/io.freefair.gradle/test-common@8.6 pkg:maven/org.junit/junit-bom@5.10.2 pkg:maven/org.junit.jupiter/junit-jupiter-api@5.10.2 pkg:maven/io.freefair.gradle/test-common@8.6 pkg:maven/org.junit.jupiter/junit-jupiter-api@5.10.2 pkg:maven/org.junit/junit-bom@5.10.2 pkg:maven/io.freefair.gradle/test-common@8.6 Evidence Type Source Name Value Confidence Vendor file name junit-jupiter-api High Vendor gradle artifactid junit-jupiter-api Highest Vendor gradle groupid org.junit.jupiter Highest Vendor jar package name api Highest Vendor jar package name api Low Vendor jar package name junit Highest Vendor jar package name junit Low Vendor jar package name jupiter Highest Vendor jar package name jupiter Low Vendor Manifest build-date 2024-02-04 Low Vendor Manifest build-revision 4c0dddad1b96d4a20e92a2cd583954643ac56ac0 Low Vendor Manifest build-time 09:34:27.111+0100 Low Vendor Manifest bundle-symbolicname junit-jupiter-api Medium Vendor Manifest Implementation-Vendor junit.org High Vendor Manifest specification-vendor junit.org Low Product file name junit-jupiter-api High Product gradle artifactid junit-jupiter-api Highest Product jar package name api Highest Product jar package name api Low Product jar package name junit Highest Product jar package name jupiter Highest Product jar package name jupiter Low Product Manifest build-date 2024-02-04 Low Product Manifest build-revision 4c0dddad1b96d4a20e92a2cd583954643ac56ac0 Low Product Manifest build-time 09:34:27.111+0100 Low Product Manifest Bundle-Name JUnit Jupiter API Medium Product Manifest bundle-symbolicname junit-jupiter-api Medium Product Manifest Implementation-Title junit-jupiter-api High Product Manifest specification-title junit-jupiter-api Medium Version file version 5.10.2 High Version Manifest Implementation-Version 5.10.2 High
junit-platform-commons-1.10.2.jarFile Path: /home/runner/.gradle/caches/modules-2/files-2.1/org.junit.platform/junit-platform-commons/1.10.2/3197154a1f0c88da46c47a9ca27611ac7ec5d797/junit-platform-commons-1.10.2.jarMD5: ae199049daca42c359e64974009025c5SHA1: 3197154a1f0c88da46c47a9ca27611ac7ec5d797SHA256: b56a5ec000a479df4973b18bba24c98fe0db8faa14c8907d3ef451d8c71fd8aeReferenced In Projects/Scopes:
documentation:javadocClasspath test-common:compileClasspath test-common:runtimeClasspath junit-platform-commons-1.10.2.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.junit/junit-bom@5.10.2 pkg:maven/org.junit.jupiter/junit-jupiter-api@5.10.2 pkg:maven/org.junit.jupiter/junit-jupiter-api@5.10.2 pkg:maven/org.junit/junit-bom@5.10.2 pkg:maven/io.freefair.gradle/test-common@8.6 Evidence Type Source Name Value Confidence Vendor file name junit-platform-commons High Vendor gradle artifactid junit-platform-commons Highest Vendor gradle groupid org.junit.platform Highest Vendor jar package name commons Highest Vendor jar package name commons Low Vendor jar package name junit Highest Vendor jar package name junit Low Vendor jar package name org Highest Vendor jar package name platform Highest Vendor jar package name platform Low Vendor Manifest build-date 2024-02-04 Low Vendor Manifest build-revision 4c0dddad1b96d4a20e92a2cd583954643ac56ac0 Low Vendor Manifest build-time 09:34:27.111+0100 Low Vendor Manifest bundle-symbolicname junit-platform-commons Medium Vendor Manifest Implementation-Vendor junit.org High Vendor Manifest multi-release true Low Vendor Manifest specification-vendor junit.org Low Product file name junit-platform-commons High Product gradle artifactid junit-platform-commons Highest Product jar package name commons Highest Product jar package name commons Low Product jar package name junit Highest Product jar package name platform Highest Product jar package name platform Low Product jar package name util Low Product Manifest build-date 2024-02-04 Low Product Manifest build-revision 4c0dddad1b96d4a20e92a2cd583954643ac56ac0 Low Product Manifest build-time 09:34:27.111+0100 Low Product Manifest Bundle-Name JUnit Platform Commons Medium Product Manifest bundle-symbolicname junit-platform-commons Medium Product Manifest Implementation-Title junit-platform-commons High Product Manifest multi-release true Low Product Manifest specification-title junit-platform-commons Medium Version file version 1.10.2 High Version Manifest Implementation-Version 1.10.2 High
kotlin-android-extensions-1.9.20.jarFile Path: /home/runner/.gradle/caches/modules-2/files-2.1/org.jetbrains.kotlin/kotlin-android-extensions/1.9.20/dc8cc72af5e78fc56701ba850d8ca6091e2c3c5e/kotlin-android-extensions-1.9.20.jarMD5: 000fbea57a8803335b79ab608c9f8764SHA1: dc8cc72af5e78fc56701ba850d8ca6091e2c3c5eSHA256: b771239469f0af07e180f746cfde6a7956c2b6261e1ae20e5b1d620a0dd29bffReferenced In Projects/Scopes:
documentation:javadocClasspath quicktype-plugin:runtimeClasspath kotlin-android-extensions-1.9.20.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/io.freefair.gradle/quicktype-plugin@8.6 pkg:maven/io.freefair.gradle/aspectj-plugin@8.6 pkg:maven/org.jetbrains.kotlin/kotlin-gradle-plugin@1.9.20 Evidence Type Source Name Value Confidence Vendor file name kotlin-android-extensions High Vendor gradle artifactid kotlin-android-extensions Highest Vendor gradle groupid org.jetbrains.kotlin Highest Vendor jar package name android Low Vendor jar package name jetbrains Highest Vendor jar package name jetbrains Low Vendor jar package name kotlin Low Vendor Manifest Implementation-Vendor JetBrains High Product file name kotlin-android-extensions High Product gradle artifactid kotlin-android-extensions Highest Product jar package name android Highest Product jar package name android Low Product jar package name extensions Highest Product jar package name kotlin Highest Product jar package name kotlin Low Product jar package name synthetic Low Product Manifest Implementation-Title kotlin-android-extensions High Version file name kotlin-android-extensions Medium Version file version 1.9.20 High Version gradle version 1.9.20 Highest Version Manifest Implementation-Version 1.9.255-SNAPSHOT High
kotlin-assignment-compiler-plugin-embeddable-1.9.20.jarFile Path: /home/runner/.gradle/caches/modules-2/files-2.1/org.jetbrains.kotlin/kotlin-assignment-compiler-plugin-embeddable/1.9.20/53843a4dd44f0748c8cb02e0355c6a58e454d3f0/kotlin-assignment-compiler-plugin-embeddable-1.9.20.jarMD5: f84ffd21284bbabdee60dc05cc8a31d1SHA1: 53843a4dd44f0748c8cb02e0355c6a58e454d3f0SHA256: c621b857f5fe131219d8576e191d06f2db7a6df80fa149d046c32eba26906addReferenced In Projects/Scopes:
mjml-plugin:kotlinCompilerPluginClasspathMain mjml-plugin:kotlinCompilerPluginClasspathTest kotlin-assignment-compiler-plugin-embeddable-1.9.20.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/io.freefair.gradle/mjml-plugin@8.6 pkg:maven/io.freefair.gradle/mjml-plugin@8.6 Evidence Type Source Name Value Confidence Vendor file name kotlin-assignment-compiler-plugin-embeddable High Vendor gradle artifactid kotlin-assignment-compiler-plugin-embeddable Highest Vendor gradle groupid org.jetbrains.kotlin Highest Vendor jar package name assignment Low Vendor jar package name jetbrains Highest Vendor jar package name jetbrains Low Vendor jar package name kotlin Low Vendor Manifest Implementation-Vendor JetBrains High Product file name kotlin-assignment-compiler-plugin-embeddable High Product gradle artifactid kotlin-assignment-compiler-plugin-embeddable Highest Product jar package name assignment Highest Product jar package name assignment Low Product jar package name kotlin Highest Product jar package name kotlin Low Product jar package name plugin Highest Product jar package name plugin Low Product Manifest Implementation-Title kotlin-assignment-compiler-plugin.embeddable High Version file name kotlin-assignment-compiler-plugin-embeddable Medium Version file version 1.9.20 High Version gradle version 1.9.20 Highest Version Manifest Implementation-Version 1.9.255-SNAPSHOT High
kotlin-build-common-1.9.20.jarFile Path: /home/runner/.gradle/caches/modules-2/files-2.1/org.jetbrains.kotlin/kotlin-build-common/1.9.20/2b6924142255752cbd52bbd28da7588137897fa1/kotlin-build-common-1.9.20.jarMD5: e275ef9d49e72fc34a51b376f77de5fbSHA1: 2b6924142255752cbd52bbd28da7588137897fa1SHA256: 17319416d0fa12cd77a9f365f8b8cb9c616953883368a5c7f529cf082da9e98dReferenced In Projects/Scopes:
quicktype-plugin:kotlinBuildToolsApiClasspath mjml-plugin:kotlinBuildToolsApiClasspath kotlin-build-common-1.9.20.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.jetbrains.kotlin/kotlin-build-tools-impl@1.9.20 pkg:maven/org.jetbrains.kotlin/kotlin-build-tools-impl@1.9.20 Evidence Type Source Name Value Confidence Vendor file name kotlin-build-common High Vendor gradle artifactid kotlin-build-common Highest Vendor gradle groupid org.jetbrains.kotlin Highest Vendor jar package name incremental Low Vendor jar package name jetbrains Highest Vendor jar package name jetbrains Low Vendor jar package name kotlin Low Vendor Manifest Implementation-Vendor JetBrains High Product file name kotlin-build-common High Product gradle artifactid kotlin-build-common Highest Product jar package name build Highest Product jar package name incremental Low Product jar package name kotlin Highest Product jar package name kotlin Low Product Manifest Implementation-Title kotlin-build-common High Version file name kotlin-build-common Medium Version file version 1.9.20 High Version gradle version 1.9.20 Highest Version Manifest Implementation-Version 1.9.255-SNAPSHOT High
kotlin-build-tools-api-1.9.20.jarFile Path: /home/runner/.gradle/caches/modules-2/files-2.1/org.jetbrains.kotlin/kotlin-build-tools-api/1.9.20/7d93e9729dada991126a4699484f275d6bdc2bb6/kotlin-build-tools-api-1.9.20.jarMD5: d198342d234320740d50caa6b650df0cSHA1: 7d93e9729dada991126a4699484f275d6bdc2bb6SHA256: c722948c568352cdc19dc8a8b245d14aae507d4dcffde6a7b26c535c472c1b17Referenced In Projects/Scopes:
documentation:javadocClasspath quicktype-plugin:runtimeClasspath quicktype-plugin:kotlinBuildToolsApiClasspath mjml-plugin:kotlinBuildToolsApiClasspath kotlin-build-tools-api-1.9.20.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/io.freefair.gradle/quicktype-plugin@8.6 pkg:maven/io.freefair.gradle/aspectj-plugin@8.6 pkg:maven/org.jetbrains.kotlin/kotlin-build-tools-impl@1.9.20 pkg:maven/org.jetbrains.kotlin/kotlin-gradle-plugin@1.9.20 pkg:maven/org.jetbrains.kotlin/kotlin-build-tools-impl@1.9.20 Evidence Type Source Name Value Confidence Vendor file name kotlin-build-tools-api High Vendor gradle artifactid kotlin-build-tools-api Highest Vendor gradle groupid org.jetbrains.kotlin Highest Vendor jar package name buildtools Low Vendor jar package name jetbrains Highest Vendor jar package name jetbrains Low Vendor jar package name kotlin Low Vendor Manifest Implementation-Vendor JetBrains High Product file name kotlin-build-tools-api High Product gradle artifactid kotlin-build-tools-api Highest Product jar package name api Highest Product jar package name api Low Product jar package name buildtools Low Product jar package name kotlin Highest Product jar package name kotlin Low Product Manifest Implementation-Title kotlin-build-tools-api High Version file name kotlin-build-tools-api Medium Version file version 1.9.20 High Version gradle version 1.9.20 Highest Version Manifest Implementation-Version 1.9.255-SNAPSHOT High
kotlin-build-tools-impl-1.9.20.jarFile Path: /home/runner/.gradle/caches/modules-2/files-2.1/org.jetbrains.kotlin/kotlin-build-tools-impl/1.9.20/b7ea524d377a4f81973d52083fe257c14293dc9/kotlin-build-tools-impl-1.9.20.jarMD5: a6f2282c211d133a4c602b28c30a83efSHA1: 0b7ea524d377a4f81973d52083fe257c14293dc9SHA256: b7377a08d67dcddcbe4f7930d8cb0f7d0055789fbb30efdbe97008405d1f026dReferenced In Projects/Scopes:
quicktype-plugin:kotlinBuildToolsApiClasspath mjml-plugin:kotlinBuildToolsApiClasspath kotlin-build-tools-impl-1.9.20.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/io.freefair.gradle/quicktype-plugin@8.6 pkg:maven/io.freefair.gradle/mjml-plugin@8.6 Evidence Type Source Name Value Confidence Vendor file name kotlin-build-tools-impl High Vendor gradle artifactid kotlin-build-tools-impl Highest Vendor gradle groupid org.jetbrains.kotlin Highest Vendor jar package name buildtools Low Vendor jar package name jetbrains Highest Vendor jar package name jetbrains Low Vendor jar package name kotlin Low Vendor Manifest Implementation-Vendor JetBrains High Product file name kotlin-build-tools-impl High Product gradle artifactid kotlin-build-tools-impl Highest Product jar package name buildtools Low Product jar package name internal Low Product jar package name kotlin Highest Product jar package name kotlin Low Product Manifest Implementation-Title kotlin-build-tools-impl High Version file name kotlin-build-tools-impl Medium Version file version 1.9.20 High Version gradle version 1.9.20 Highest Version Manifest Implementation-Version 1.9.255-SNAPSHOT High
kotlin-compiler-embeddable-1.9.20.jarFile Path: /home/runner/.gradle/caches/modules-2/files-2.1/org.jetbrains.kotlin/kotlin-compiler-embeddable/1.9.20/b44d2f7d8c1c67c0ed66d40e57e52623ca753db7/kotlin-compiler-embeddable-1.9.20.jarMD5: 788dce78ad5a3c096ccbb957fd3364eaSHA1: b44d2f7d8c1c67c0ed66d40e57e52623ca753db7SHA256: a25024fe5da8440de01af045c4fcb954a22f078738ec02616085f0cfc57b2702Referenced In Projects/Scopes:
documentation:javadocClasspath quicktype-plugin:runtimeClasspath mjml-plugin:kotlinCompilerClasspath quicktype-plugin:kotlinBuildToolsApiClasspath mjml-plugin:kotlinBuildToolsApiClasspath quicktype-plugin:kotlinKlibCommonizerClasspath quicktype-plugin:kotlinCompilerClasspath mjml-plugin:kotlinKlibCommonizerClasspath kotlin-compiler-embeddable-1.9.20.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/io.freefair.gradle/quicktype-plugin@8.6 pkg:maven/io.freefair.gradle/quicktype-plugin@8.6 pkg:maven/io.freefair.gradle/mjml-plugin@8.6 pkg:maven/org.jetbrains.kotlin/kotlin-klib-commonizer-embeddable@1.9.20 pkg:maven/io.freefair.gradle/aspectj-plugin@8.6 pkg:maven/org.jetbrains.kotlin/kotlin-build-tools-impl@1.9.20 pkg:maven/org.jetbrains.kotlin/kotlin-gradle-plugin@1.9.20 pkg:maven/org.jetbrains.kotlin/kotlin-klib-commonizer-embeddable@1.9.20 pkg:maven/org.jetbrains.kotlin/kotlin-build-tools-impl@1.9.20 Evidence Type Source Name Value Confidence Vendor file name kotlin-compiler-embeddable High Vendor gradle artifactid kotlin-compiler-embeddable Highest Vendor gradle groupid org.jetbrains.kotlin Highest Vendor jar package name jetbrains Highest Vendor jar package name jetbrains Low Vendor jar package name kotlin Low Vendor Manifest Implementation-Vendor JetBrains High Product file name kotlin-compiler-embeddable High Product gradle artifactid kotlin-compiler-embeddable Highest Product jar package name compiler Highest Product jar package name kotlin Highest Product jar package name kotlin Low Product Manifest Implementation-Title kotlin-compiler-embeddable High Version file name kotlin-compiler-embeddable Medium Version file version 1.9.20 High Version gradle version 1.9.20 Highest Version Manifest Implementation-Version 1.9.255-SNAPSHOT High
kotlin-compiler-runner-1.9.20.jarFile Path: /home/runner/.gradle/caches/modules-2/files-2.1/org.jetbrains.kotlin/kotlin-compiler-runner/1.9.20/1bceefc81bd554fac50828e4f442ff9243cacf33/kotlin-compiler-runner-1.9.20.jarMD5: c82ae3a34c76a7e5097402604671a725SHA1: 1bceefc81bd554fac50828e4f442ff9243cacf33SHA256: 49769c046f8d392654a4ab52af795455bd41e88d8392aeab9028f0edd5e8d50bReferenced In Projects/Scopes:
documentation:javadocClasspath quicktype-plugin:runtimeClasspath quicktype-plugin:kotlinBuildToolsApiClasspath mjml-plugin:kotlinBuildToolsApiClasspath kotlin-compiler-runner-1.9.20.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/io.freefair.gradle/quicktype-plugin@8.6 pkg:maven/io.freefair.gradle/aspectj-plugin@8.6 pkg:maven/org.jetbrains.kotlin/kotlin-build-tools-impl@1.9.20 pkg:maven/org.jetbrains.kotlin/kotlin-gradle-plugin@1.9.20 pkg:maven/org.jetbrains.kotlin/kotlin-build-tools-impl@1.9.20 Evidence Type Source Name Value Confidence Vendor file name kotlin-compiler-runner High Vendor gradle artifactid kotlin-compiler-runner Highest Vendor gradle groupid org.jetbrains.kotlin Highest Vendor jar package name compilerrunner Low Vendor jar package name jetbrains Highest Vendor jar package name jetbrains Low Vendor jar package name kotlin Low Vendor Manifest Implementation-Vendor JetBrains High Product file name kotlin-compiler-runner High Product gradle artifactid kotlin-compiler-runner Highest Product jar package name compilerrunner Low Product jar package name kotlin Highest Product jar package name kotlin Low Product Manifest Implementation-Title kotlin-compiler-runner High Version file name kotlin-compiler-runner Medium Version file version 1.9.20 High Version gradle version 1.9.20 Highest Version Manifest Implementation-Version 1.9.255-SNAPSHOT High
kotlin-daemon-client-1.9.20.jarFile Path: /home/runner/.gradle/caches/modules-2/files-2.1/org.jetbrains.kotlin/kotlin-daemon-client/1.9.20/29f5166f4fa1e17b6cbd3af1d7e1fcaa359d9f88/kotlin-daemon-client-1.9.20.jarMD5: 4f46aeada4e73361b4bb2be71784b434SHA1: 29f5166f4fa1e17b6cbd3af1d7e1fcaa359d9f88SHA256: 582230cbcfd65d36b94bc9d127f90024b8cf17dfa4a67ef6a929f14c6c27661cReferenced In Projects/Scopes:
documentation:javadocClasspath quicktype-plugin:runtimeClasspath quicktype-plugin:kotlinBuildToolsApiClasspath mjml-plugin:kotlinBuildToolsApiClasspath kotlin-daemon-client-1.9.20.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/io.freefair.gradle/quicktype-plugin@8.6 pkg:maven/io.freefair.gradle/aspectj-plugin@8.6 pkg:maven/org.jetbrains.kotlin/kotlin-build-tools-impl@1.9.20 pkg:maven/org.jetbrains.kotlin/kotlin-gradle-plugin@1.9.20 pkg:maven/org.jetbrains.kotlin/kotlin-build-tools-impl@1.9.20 Evidence Type Source Name Value Confidence Vendor file name kotlin-daemon-client High Vendor gradle artifactid kotlin-daemon-client Highest Vendor gradle groupid org.jetbrains.kotlin Highest Vendor jar package name daemon Low Vendor jar package name jetbrains Highest Vendor jar package name jetbrains Low Vendor jar package name kotlin Low Vendor Manifest Implementation-Vendor JetBrains High Product file name kotlin-daemon-client High Product gradle artifactid kotlin-daemon-client Highest Product jar package name client Highest Product jar package name daemon Highest Product jar package name daemon Low Product jar package name kotlin Highest Product jar package name kotlin Low Product Manifest Implementation-Title kotlin-daemon-client High Version file name kotlin-daemon-client Medium Version file version 1.9.20 High Version gradle version 1.9.20 Highest Version Manifest Implementation-Version 1.9.255-SNAPSHOT High
kotlin-daemon-embeddable-1.9.20.jarFile Path: /home/runner/.gradle/caches/modules-2/files-2.1/org.jetbrains.kotlin/kotlin-daemon-embeddable/1.9.20/a2a6b491bc53049e2f1af33245481db49034ba52/kotlin-daemon-embeddable-1.9.20.jarMD5: 5c1d5ace55a2f200c383d0d5c195ca0fSHA1: a2a6b491bc53049e2f1af33245481db49034ba52SHA256: a939cb5d6ee2a758c9285bd9f3286824beabe12d9a4b5f49f784d0bca329dea5Referenced In Projects/Scopes:
documentation:javadocClasspath quicktype-plugin:runtimeClasspath mjml-plugin:kotlinCompilerClasspath quicktype-plugin:kotlinBuildToolsApiClasspath mjml-plugin:kotlinBuildToolsApiClasspath quicktype-plugin:kotlinKlibCommonizerClasspath quicktype-plugin:kotlinCompilerClasspath mjml-plugin:kotlinKlibCommonizerClasspath kotlin-daemon-embeddable-1.9.20.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/io.freefair.gradle/quicktype-plugin@8.6 pkg:maven/org.jetbrains.kotlin/kotlin-compiler-embeddable@1.9.20 pkg:maven/org.jetbrains.kotlin/kotlin-compiler-embeddable@1.9.20 pkg:maven/org.jetbrains.kotlin/kotlin-klib-commonizer-embeddable@1.9.20 pkg:maven/io.freefair.gradle/aspectj-plugin@8.6 pkg:maven/org.jetbrains.kotlin/kotlin-build-tools-impl@1.9.20 pkg:maven/org.jetbrains.kotlin/kotlin-gradle-plugin@1.9.20 pkg:maven/org.jetbrains.kotlin/kotlin-klib-commonizer-embeddable@1.9.20 pkg:maven/org.jetbrains.kotlin/kotlin-build-tools-impl@1.9.20 Evidence Type Source Name Value Confidence Vendor file name kotlin-daemon-embeddable High Vendor gradle artifactid kotlin-daemon-embeddable Highest Vendor gradle groupid org.jetbrains.kotlin Highest Vendor jar package name daemon Low Vendor jar package name jetbrains Highest Vendor jar package name jetbrains Low Vendor jar package name kotlin Low Vendor Manifest Implementation-Vendor JetBrains High Product file name kotlin-daemon-embeddable High Product gradle artifactid kotlin-daemon-embeddable Highest Product jar package name common Low Product jar package name daemon Highest Product jar package name daemon Low Product jar package name kotlin Highest Product jar package name kotlin Low Product Manifest Implementation-Title kotlin-daemon-embeddable High Version file name kotlin-daemon-embeddable Medium Version file version 1.9.20 High Version gradle version 1.9.20 Highest Version Manifest Implementation-Version 1.9.255-SNAPSHOT High
kotlin-gradle-plugin-1.9.20-gradle81.jar (shaded: com.github.gundy:semver4j:0.16.4)Description:
Java implementation of a node-style SemVer expression parser/evaluator License:
MIT License: http://www.opensource.org/licenses/mit-license.php File Path: /home/runner/.gradle/caches/modules-2/files-2.1/org.jetbrains.kotlin/kotlin-gradle-plugin/1.9.20/d67c5ea81ba3098bf02a3feff06c378740af2bc3/kotlin-gradle-plugin-1.9.20-gradle81.jar/META-INF/maven/com.github.gundy/semver4j/pom.xml
MD5: b2f793eaa1115b41eaa8bb63080406f8
SHA1: ca8df209029884f283afdcd7b104fb88576a18b1
SHA256: 32001db2443b339dd21f5b79ff29d1ade722d1ba080c214bde819f0f72d1604d
Referenced In Projects/Scopes: documentation:javadocClasspath quicktype-plugin:runtimeClasspath quicktype-plugin:compileClasspath quicktype-plugin:implementationDependenciesMetadata Evidence Type Source Name Value Confidence Vendor pom artifactid semver4j Low Vendor pom developer email gundy@acm.org Low Vendor pom developer id gundy Medium Vendor pom developer name David Gundersen Medium Vendor pom groupid com.github.gundy Highest Vendor pom name SemVer4J High Vendor pom url http://github.com/gundy/semver4j Highest Product pom artifactid semver4j Highest Product pom developer email gundy@acm.org Low Product pom developer id gundy Low Product pom developer name David Gundersen Low Product pom groupid com.github.gundy Highest Product pom name SemVer4J High Product pom url http://github.com/gundy/semver4j Medium Version pom version 0.16.4 Highest
kotlin-gradle-plugin-1.9.20-gradle81.jar (shaded: com.google.code.gson:gson:2.8.9)License:
Apache-2.0: https://www.apache.org/licenses/LICENSE-2.0.txt File Path: /home/runner/.gradle/caches/modules-2/files-2.1/org.jetbrains.kotlin/kotlin-gradle-plugin/1.9.20/d67c5ea81ba3098bf02a3feff06c378740af2bc3/kotlin-gradle-plugin-1.9.20-gradle81.jar/META-INF/maven/com.google.code.gson/gson/pom.xml
MD5: 6cddce19473acd4bb9cfe35fad04f802
SHA1: e40b03e4cc2b52efb19af75c07596e9d15a52d82
SHA256: afded6e6a690fbf3ad4ae65ada397f0a90a5f630b303d1b741b9c97926fdd4de
Referenced In Projects/Scopes: documentation:javadocClasspath quicktype-plugin:runtimeClasspath quicktype-plugin:compileClasspath quicktype-plugin:implementationDependenciesMetadata Evidence Type Source Name Value Confidence Vendor pom artifactid gson Low Vendor pom groupid com.google.code.gson Highest Vendor pom name Gson High Vendor pom parent-artifactid gson-parent Low Product pom artifactid gson Highest Product pom groupid com.google.code.gson Highest Product pom name Gson High Product pom parent-artifactid gson-parent Medium Version pom version 2.8.9 Highest
kotlin-gradle-plugin-1.9.20-gradle81.jar (shaded: com.google.guava:guava:29.0-jre)Description:
Guava is a suite of core and expanded libraries that include
utility classes, google's collections, io classes, and much
much more.
File Path: /home/runner/.gradle/caches/modules-2/files-2.1/org.jetbrains.kotlin/kotlin-gradle-plugin/1.9.20/d67c5ea81ba3098bf02a3feff06c378740af2bc3/kotlin-gradle-plugin-1.9.20-gradle81.jar/META-INF/maven/com.google.guava/guava/pom.xmlMD5: d1ed8d2bec41bdbdee173c0545b0a238SHA1: e40cdee0d70244df1e963daac53a16241aea4585SHA256: 9027e934098903d287f1ba61c8b65f01d1d1e1da7a6fbcc04bf3de0544014426Referenced In Projects/Scopes:
documentation:javadocClasspath quicktype-plugin:runtimeClasspath quicktype-plugin:compileClasspath quicktype-plugin:implementationDependenciesMetadata Evidence Type Source Name Value Confidence Vendor pom artifactid guava Low Vendor pom groupid com.google.guava Highest Vendor pom name Guava: Google Core Libraries for Java High Vendor pom parent-artifactid guava-parent Low Product pom artifactid guava Highest Product pom groupid com.google.guava Highest Product pom name Guava: Google Core Libraries for Java High Product pom parent-artifactid guava-parent Medium Version pom version 29.0-jre Highest
CVE-2023-2976 suppress
Use of Java's default temporary directory for file creation in `FileBackedOutputStream` in Google Guava versions 1.0 to 31.1 on Unix systems and Android Ice Cream Sandwich allows other users and apps on the machine with access to the default Java temporary directory to be able to access the files created by the class.
Even though the security vulnerability is fixed in version 32.0.0, we recommend using version 32.0.1 as version 32.0.0 breaks some functionality under Windows.
CWE-552 Files or Directories Accessible to External Parties
CVSSv3:
Base Score: HIGH (7.1) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N/E:1.8/RC:R/MAV:A References:
Vulnerable Software & Versions:
CVE-2020-8908 suppress
A temp directory creation vulnerability exists in all versions of Guava, allowing an attacker with access to the machine to potentially access data in a temporary directory created by the Guava API com.google.common.io.Files.createTempDir(). By default, on unix-like systems, the created directory is world-readable (readable by an attacker with access to the system). The method in question has been marked @Deprecated in versions 30.0 and later and should not be used. For Android developers, we recommend choosing a temporary directory API provided by Android, such as context.getCacheDir(). For other Java developers, we recommend migrating to the Java 7 API java.nio.file.Files.createTempDirectory() which explicitly configures permissions of 700, or configuring the Java runtime's java.io.tmpdir system property to point to a location whose permissions are appropriately configured.
CWE-378 Creation of Temporary File With Insecure Permissions, CWE-732 Incorrect Permission Assignment for Critical Resource
CVSSv2:
Base Score: LOW (2.1) Vector: /AV:L/AC:L/Au:N/C:P/I:N/A:N CVSSv3:
Base Score: LOW (3.3) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:1.8/RC:R/MAV:A References:
Vulnerable Software & Versions: (show all )
kotlin-gradle-plugin-1.9.20-gradle81.jar (shaded: org.antlr:antlr4-runtime:4.5.2-1)Description:
The ANTLR 4 Runtime File Path: /home/runner/.gradle/caches/modules-2/files-2.1/org.jetbrains.kotlin/kotlin-gradle-plugin/1.9.20/d67c5ea81ba3098bf02a3feff06c378740af2bc3/kotlin-gradle-plugin-1.9.20-gradle81.jar/META-INF/maven/org.antlr/antlr4-runtime/pom.xmlMD5: be6f8b9c66278c52274a8e6ba6fe351aSHA1: 6c4013c6b772dd3e8cc00837ccf5edd7619e8d21SHA256: 93bac9b6bc714d559904ed43242782a8cbe543cebf0104bb3ecc1786a9cb661eReferenced In Projects/Scopes:
documentation:javadocClasspath quicktype-plugin:runtimeClasspath quicktype-plugin:compileClasspath quicktype-plugin:implementationDependenciesMetadata Evidence Type Source Name Value Confidence Vendor pom artifactid antlr4-runtime Low Vendor pom groupid org.antlr Highest Vendor pom name ANTLR 4 Runtime High Vendor pom parent-artifactid antlr4-master Low Product pom artifactid antlr4-runtime Highest Product pom groupid org.antlr Highest Product pom name ANTLR 4 Runtime High Product pom parent-artifactid antlr4-master Medium Version pom version 4.5.2-1 Highest
kotlin-gradle-plugin-1.9.20-gradle81.jarFile Path: /home/runner/.gradle/caches/modules-2/files-2.1/org.jetbrains.kotlin/kotlin-gradle-plugin/1.9.20/d67c5ea81ba3098bf02a3feff06c378740af2bc3/kotlin-gradle-plugin-1.9.20-gradle81.jarMD5: 00bf90a3d29bc247d87dc273c357bad7SHA1: d67c5ea81ba3098bf02a3feff06c378740af2bc3SHA256: 04910fca652f8dbe804a49c8e72971bf641d03cd8b45a065ba4ce10c6584eaacReferenced In Projects/Scopes:
documentation:javadocClasspath quicktype-plugin:runtimeClasspath quicktype-plugin:compileClasspath quicktype-plugin:implementationDependenciesMetadata kotlin-gradle-plugin-1.9.20-gradle81.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/io.freefair.gradle/quicktype-plugin@8.6 pkg:maven/io.freefair.gradle/quicktype-plugin@8.6 pkg:maven/io.freefair.gradle/quicktype-plugin@8.6 pkg:maven/org.jetbrains.kotlin/kotlin-gradle-plugin@1.9.20 pkg:maven/io.freefair.gradle/quicktype-plugin@8.6 pkg:maven/org.jetbrains.kotlin/kotlin-gradle-plugin@1.9.20 pkg:maven/io.freefair.gradle/aspectj-plugin@8.6 pkg:maven/org.jetbrains.kotlin/kotlin-gradle-plugin@1.9.20 Evidence Type Source Name Value Confidence Vendor file name kotlin-gradle-plugin High Vendor gradle artifactid kotlin-gradle-plugin Highest Vendor gradle groupid org.jetbrains.kotlin Highest Vendor jar package name gradle Low Vendor jar package name jetbrains Highest Vendor jar package name jetbrains Low Vendor jar package name kotlin Low Vendor Manifest Implementation-Vendor JetBrains High Product file name kotlin-gradle-plugin High Product gradle artifactid kotlin-gradle-plugin Highest Product jar package name gradle Highest Product jar package name gradle Low Product jar package name kotlin Highest Product jar package name kotlin Low Product jar package name plugin Highest Product Manifest Implementation-Title kotlin-gradle-plugin High Version file name kotlin-gradle-plugin Medium Version file version 1.9.20 High Version gradle version 1.9.20 Highest Version Manifest Implementation-Version 1.9.255-SNAPSHOT High
kotlin-gradle-plugin-annotations-1.9.20.jarFile Path: /home/runner/.gradle/caches/modules-2/files-2.1/org.jetbrains.kotlin/kotlin-gradle-plugin-annotations/1.9.20/f108d325d3118738cd0c263b390ac5d96426764c/kotlin-gradle-plugin-annotations-1.9.20.jarMD5: 8df23e9c24f69a213ae6988bbc998f99SHA1: f108d325d3118738cd0c263b390ac5d96426764cSHA256: 2a5c3622e2468584d1ab7dab3acd8ffb60403b637dd0603af675e26d3a054329Referenced In Projects/Scopes:
documentation:javadocClasspath quicktype-plugin:runtimeClasspath aspectj-plugin:compileClasspath aspectj-plugin:runtimeClasspath quicktype-plugin:compileClasspath quicktype-plugin:implementationDependenciesMetadata kotlin-gradle-plugin-annotations-1.9.20.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/io.freefair.gradle/quicktype-plugin@8.6 pkg:maven/org.jetbrains.kotlin/kotlin-gradle-plugin-api@1.9.20 pkg:maven/org.jetbrains.kotlin/kotlin-gradle-plugin-api@1.9.20 pkg:maven/org.jetbrains.kotlin/kotlin-gradle-plugin@1.9.20 pkg:maven/org.jetbrains.kotlin/kotlin-gradle-plugin@1.9.20 pkg:maven/io.freefair.gradle/aspectj-plugin@8.6 pkg:maven/org.jetbrains.kotlin/kotlin-gradle-plugin@1.9.20 Evidence Type Source Name Value Confidence Vendor file name kotlin-gradle-plugin-annotations High Vendor gradle artifactid kotlin-gradle-plugin-annotations Highest Vendor gradle groupid org.jetbrains.kotlin Highest Vendor jar package name gradle Low Vendor jar package name jetbrains Highest Vendor jar package name jetbrains Low Vendor jar package name kotlin Low Vendor Manifest Implementation-Vendor JetBrains High Product file name kotlin-gradle-plugin-annotations High Product gradle artifactid kotlin-gradle-plugin-annotations Highest Product jar package name gradle Highest Product jar package name gradle Low Product jar package name kotlin Highest Product jar package name kotlin Low Product Manifest Implementation-Title kotlin-gradle-plugin-annotations High Version file name kotlin-gradle-plugin-annotations Medium Version file version 1.9.20 High Version gradle version 1.9.20 Highest Version Manifest Implementation-Version 1.9.255-SNAPSHOT High
kotlin-gradle-plugin-api-1.9.20.jarFile Path: /home/runner/.gradle/caches/modules-2/files-2.1/org.jetbrains.kotlin/kotlin-gradle-plugin-api/1.9.20/f277b92784489a1d60142cb05537609d4fdd5c91/kotlin-gradle-plugin-api-1.9.20.jarMD5: 20cf0cdcdfe5f14b3794c2c2f8c66dd6SHA1: f277b92784489a1d60142cb05537609d4fdd5c91SHA256: 287c26765f8692e5eb5505854126819cfbb0c7d5d49bbe5f45771427ea19913dReferenced In Projects/Scopes:
documentation:javadocClasspath quicktype-plugin:runtimeClasspath aspectj-plugin:compileClasspath aspectj-plugin:runtimeClasspath quicktype-plugin:compileClasspath quicktype-plugin:implementationDependenciesMetadata kotlin-gradle-plugin-api-1.9.20.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/io.freefair.gradle/quicktype-plugin@8.6 pkg:maven/org.jetbrains.kotlin/kotlin-gradle-plugin-api@1.9.20 pkg:maven/io.freefair.gradle/aspectj-plugin@8.6 pkg:maven/org.jetbrains.kotlin/kotlin-gradle-plugin-api@1.9.20 pkg:maven/org.jetbrains.kotlin/kotlin-gradle-plugin@1.9.20 pkg:maven/io.freefair.gradle/aspectj-plugin@8.6 pkg:maven/org.jetbrains.kotlin/kotlin-gradle-plugin@1.9.20 pkg:maven/io.freefair.gradle/aspectj-plugin@8.6 pkg:maven/org.jetbrains.kotlin/kotlin-gradle-plugin@1.9.20 Evidence Type Source Name Value Confidence Vendor file name kotlin-gradle-plugin-api High Vendor gradle artifactid kotlin-gradle-plugin-api Highest Vendor gradle groupid org.jetbrains.kotlin Highest Vendor jar package name gradle Low Vendor jar package name jetbrains Highest Vendor jar package name jetbrains Low Vendor jar package name kotlin Low Vendor Manifest Implementation-Vendor JetBrains High Product file name kotlin-gradle-plugin-api High Product gradle artifactid kotlin-gradle-plugin-api Highest Product jar package name gradle Highest Product jar package name gradle Low Product jar package name kotlin Highest Product jar package name kotlin Low Product jar package name plugin Highest Product jar package name plugin Low Product Manifest Implementation-Title kotlin-gradle-plugin-api High Version file name kotlin-gradle-plugin-api Medium Version file version 1.9.20 High Version gradle version 1.9.20 Highest Version Manifest Implementation-Version 1.9.255-SNAPSHOT High
kotlin-gradle-plugin-idea-1.9.20.jarFile Path: /home/runner/.gradle/caches/modules-2/files-2.1/org.jetbrains.kotlin/kotlin-gradle-plugin-idea/1.9.20/83cf5d4acdbf6c1e7b32ca96cb79b96e4cce032e/kotlin-gradle-plugin-idea-1.9.20.jarMD5: 0f4a854fd2e9fd9640341914e20a4f72SHA1: 83cf5d4acdbf6c1e7b32ca96cb79b96e4cce032eSHA256: 8d1af87632d95148f122a9fa0ae2903c19ee6fab7d01e017f76e0d2c9a022c20Referenced In Projects/Scopes:
documentation:javadocClasspath quicktype-plugin:runtimeClasspath kotlin-gradle-plugin-idea-1.9.20.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/io.freefair.gradle/quicktype-plugin@8.6 pkg:maven/io.freefair.gradle/aspectj-plugin@8.6 pkg:maven/org.jetbrains.kotlin/kotlin-gradle-plugin@1.9.20 Evidence Type Source Name Value Confidence Vendor file name kotlin-gradle-plugin-idea High Vendor gradle artifactid kotlin-gradle-plugin-idea Highest Vendor gradle groupid org.jetbrains.kotlin Highest Vendor jar package name gradle Low Vendor jar package name jetbrains Low Vendor jar package name kotlin Low Product file name kotlin-gradle-plugin-idea High Product gradle artifactid kotlin-gradle-plugin-idea Highest Product jar package name gradle Low Product jar package name idea Low Product jar package name kotlin Low Version file name kotlin-gradle-plugin-idea Medium Version file version 1.9.20 High Version gradle version 1.9.20 Highest
kotlin-gradle-plugin-idea-proto-1.9.20.jar (shaded: com.google.protobuf:protobuf-java:3.21.9)Description:
Core Protocol Buffers library. Protocol Buffers are a way of encoding structured data in an
efficient yet extensible format.
File Path: /home/runner/.gradle/caches/modules-2/files-2.1/org.jetbrains.kotlin/kotlin-gradle-plugin-idea-proto/1.9.20/c35d575cec4f2e5759fd63df8a3207653bae9ade/kotlin-gradle-plugin-idea-proto-1.9.20.jar/META-INF/maven/com.google.protobuf/protobuf-java/pom.xmlMD5: a2dfabfa0f929c53986cf63a10619aaeSHA1: bd038b83cdb28c8102b00f2163f908e23bc3eb61SHA256: 66b34002eee26fd0e3d9387ef7d8e70021cf049ad93b083eb8f7143bbd176d29Referenced In Projects/Scopes:
documentation:javadocClasspath quicktype-plugin:runtimeClasspath Evidence Type Source Name Value Confidence Vendor pom artifactid protobuf-java Low Vendor pom groupid com.google.protobuf Highest Vendor pom name Protocol Buffers [Core] High Vendor pom parent-artifactid protobuf-parent Low Product pom artifactid protobuf-java Highest Product pom groupid com.google.protobuf Highest Product pom name Protocol Buffers [Core] High Product pom parent-artifactid protobuf-parent Medium Version pom version 3.21.9 Highest
kotlin-gradle-plugin-idea-proto-1.9.20.jar (shaded: com.google.protobuf:protobuf-kotlin:3.21.9)Description:
Kotlin core Protocol Buffers library. Protocol Buffers are a way of encoding structured data in an
efficient yet extensible format.
File Path: /home/runner/.gradle/caches/modules-2/files-2.1/org.jetbrains.kotlin/kotlin-gradle-plugin-idea-proto/1.9.20/c35d575cec4f2e5759fd63df8a3207653bae9ade/kotlin-gradle-plugin-idea-proto-1.9.20.jar/META-INF/maven/com.google.protobuf/protobuf-kotlin/pom.xmlMD5: af12eecad210f41ac71b549f62e38a7bSHA1: 222361a7e9f4f7bb1291ea81e57c615a3d6082bdSHA256: 74408f909e1d9c3969055c431ac013485f5aa75c71214e9a933ee58f98853123Referenced In Projects/Scopes:
documentation:javadocClasspath quicktype-plugin:runtimeClasspath Evidence Type Source Name Value Confidence Vendor pom artifactid protobuf-kotlin Low Vendor pom groupid com.google.protobuf Highest Vendor pom name Protocol Buffers [Kotlin-Core] High Vendor pom parent-artifactid protobuf-parent Low Product pom artifactid protobuf-kotlin Highest Product pom groupid com.google.protobuf Highest Product pom name Protocol Buffers [Kotlin-Core] High Product pom parent-artifactid protobuf-parent Medium Version pom version 3.21.9 Highest
kotlin-gradle-plugin-idea-proto-1.9.20.jarFile Path: /home/runner/.gradle/caches/modules-2/files-2.1/org.jetbrains.kotlin/kotlin-gradle-plugin-idea-proto/1.9.20/c35d575cec4f2e5759fd63df8a3207653bae9ade/kotlin-gradle-plugin-idea-proto-1.9.20.jarMD5: 62884551a057296fc85a82a1e9637ac6SHA1: c35d575cec4f2e5759fd63df8a3207653bae9adeSHA256: c67b0d8849febdd9a964eda0bd167c167c4d056ca8dd389241d92e1d763c9490Referenced In Projects/Scopes:
documentation:javadocClasspath quicktype-plugin:runtimeClasspath kotlin-gradle-plugin-idea-proto-1.9.20.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/io.freefair.gradle/quicktype-plugin@8.6 pkg:maven/io.freefair.gradle/aspectj-plugin@8.6 pkg:maven/org.jetbrains.kotlin/kotlin-gradle-plugin@1.9.20 Evidence Type Source Name Value Confidence Vendor file name kotlin-gradle-plugin-idea-proto High Vendor gradle artifactid kotlin-gradle-plugin-idea-proto Highest Vendor gradle groupid org.jetbrains.kotlin Highest Vendor jar package name gradle Low Vendor jar package name jetbrains Highest Vendor jar package name jetbrains Low Vendor jar package name kotlin Low Vendor Manifest Implementation-Vendor JetBrains High Product file name kotlin-gradle-plugin-idea-proto High Product gradle artifactid kotlin-gradle-plugin-idea-proto Highest Product jar package name gradle Highest Product jar package name gradle Low Product jar package name idea Highest Product jar package name idea Low Product jar package name kotlin Highest Product jar package name kotlin Low Product Manifest Implementation-Title kotlin-gradle-plugin-idea-proto High Version file name kotlin-gradle-plugin-idea-proto Medium Version file version 1.9.20 High Version gradle version 1.9.20 Highest Version Manifest Implementation-Version 1.9.255-SNAPSHOT High
kotlin-gradle-plugin-model-1.9.20.jarFile Path: /home/runner/.gradle/caches/modules-2/files-2.1/org.jetbrains.kotlin/kotlin-gradle-plugin-model/1.9.20/2091f519531ac87226a6a13a7bc8cd77e50a880e/kotlin-gradle-plugin-model-1.9.20.jarMD5: 9989dd31a772b2d3d0c6745ea1fbd3daSHA1: 2091f519531ac87226a6a13a7bc8cd77e50a880eSHA256: 7f930f0e454b75818f5f8976ba515f3aec887671a5fe85380ac97f05da9986a7Referenced In Projects/Scopes:
documentation:javadocClasspath quicktype-plugin:runtimeClasspath quicktype-plugin:compileClasspath quicktype-plugin:implementationDependenciesMetadata kotlin-gradle-plugin-model-1.9.20.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/io.freefair.gradle/quicktype-plugin@8.6 pkg:maven/org.jetbrains.kotlin/kotlin-gradle-plugin@1.9.20 pkg:maven/org.jetbrains.kotlin/kotlin-gradle-plugin@1.9.20 pkg:maven/io.freefair.gradle/aspectj-plugin@8.6 pkg:maven/org.jetbrains.kotlin/kotlin-gradle-plugin@1.9.20 Evidence Type Source Name Value Confidence Vendor file name kotlin-gradle-plugin-model High Vendor gradle artifactid kotlin-gradle-plugin-model Highest Vendor gradle groupid org.jetbrains.kotlin Highest Vendor jar package name gradle Low Vendor jar package name jetbrains Highest Vendor jar package name jetbrains Low Vendor jar package name kotlin Low Vendor Manifest Implementation-Vendor JetBrains High Product file name kotlin-gradle-plugin-model High Product gradle artifactid kotlin-gradle-plugin-model Highest Product jar package name gradle Highest Product jar package name gradle Low Product jar package name kotlin Highest Product jar package name kotlin Low Product jar package name model Highest Product jar package name model Low Product Manifest Implementation-Title kotlin-gradle-plugin-model High Version file name kotlin-gradle-plugin-model Medium Version file version 1.9.20 High Version gradle version 1.9.20 Highest Version Manifest Implementation-Version 1.9.255-SNAPSHOT High
kotlin-klib-commonizer-api-1.9.20.jarFile Path: /home/runner/.gradle/caches/modules-2/files-2.1/org.jetbrains.kotlin/kotlin-klib-commonizer-api/1.9.20/7d7c93b8d08058de2d02e604938c3c08117b580c/kotlin-klib-commonizer-api-1.9.20.jarMD5: 876a56731ad2d4c3fbc36177cccbc716SHA1: 7d7c93b8d08058de2d02e604938c3c08117b580cSHA256: 89b6260828953042e310a52592aa5b595f5f89b641cc6a3d3a8155ef92d88ffeReferenced In Projects/Scopes:
documentation:javadocClasspath quicktype-plugin:runtimeClasspath kotlin-klib-commonizer-api-1.9.20.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/io.freefair.gradle/quicktype-plugin@8.6 pkg:maven/io.freefair.gradle/aspectj-plugin@8.6 pkg:maven/org.jetbrains.kotlin/kotlin-gradle-plugin@1.9.20 Evidence Type Source Name Value Confidence Vendor file name kotlin-klib-commonizer-api High Vendor gradle artifactid kotlin-klib-commonizer-api Highest Vendor gradle groupid org.jetbrains.kotlin Highest Vendor jar package name commonizer Low Vendor jar package name jetbrains Highest Vendor jar package name jetbrains Low Vendor jar package name kotlin Low Vendor Manifest Implementation-Vendor JetBrains High Product file name kotlin-klib-commonizer-api High Product gradle artifactid kotlin-klib-commonizer-api Highest Product jar package name commonizer Highest Product jar package name commonizer Low Product jar package name kotlin Highest Product jar package name kotlin Low Product Manifest Implementation-Title kotlin-klib-commonizer-api High Version file name kotlin-klib-commonizer-api Medium Version file version 1.9.20 High Version gradle version 1.9.20 Highest Version Manifest Implementation-Version 1.9.255-SNAPSHOT High
kotlin-klib-commonizer-embeddable-1.9.20.jarFile Path: /home/runner/.gradle/caches/modules-2/files-2.1/org.jetbrains.kotlin/kotlin-klib-commonizer-embeddable/1.9.20/5d5a5034f42b602f259454f0833537245691ea17/kotlin-klib-commonizer-embeddable-1.9.20.jarMD5: 50af1c6b80f52508994dd626e6ae4dfdSHA1: 5d5a5034f42b602f259454f0833537245691ea17SHA256: 8b36530fb4b68198c7733adbe3749d481af2bd9c0b03e89d88bfe93e12fda0f9Referenced In Projects/Scopes:
quicktype-plugin:kotlinKlibCommonizerClasspath mjml-plugin:kotlinKlibCommonizerClasspath kotlin-klib-commonizer-embeddable-1.9.20.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/io.freefair.gradle/quicktype-plugin@8.6 pkg:maven/io.freefair.gradle/mjml-plugin@8.6 Evidence Type Source Name Value Confidence Vendor file name kotlin-klib-commonizer-embeddable High Vendor gradle artifactid kotlin-klib-commonizer-embeddable Highest Vendor gradle groupid org.jetbrains.kotlin Highest Vendor jar package name internal Low Vendor jar package name jetbrains Highest Vendor jar package name kotlinx Low Vendor jar package name metadata Low Vendor Manifest Implementation-Vendor JetBrains High Product file name kotlin-klib-commonizer-embeddable High Product gradle artifactid kotlin-klib-commonizer-embeddable Highest Product jar package name commonizer Highest Product jar package name internal Low Product jar package name klib Highest Product jar package name kotlin Highest Product jar package name metadata Low Product Manifest Implementation-Title kotlin-klib-commonizer-embeddable High Version file name kotlin-klib-commonizer-embeddable Medium Version file version 1.9.20 High Version gradle version 1.9.20 Highest Version Manifest Implementation-Version 1.9.255-SNAPSHOT High
kotlin-native-utils-1.9.20.jarFile Path: /home/runner/.gradle/caches/modules-2/files-2.1/org.jetbrains.kotlin/kotlin-native-utils/1.9.20/6362ed0e22ed64a738215490c1835d5a6264a5ac/kotlin-native-utils-1.9.20.jarMD5: a14ffa6a624525b57e8f6339acf55749SHA1: 6362ed0e22ed64a738215490c1835d5a6264a5acSHA256: b0f92bc9253a907f0ce285328643fe8a36c27ed494b5c5919ee09c2926d8e8d2Referenced In Projects/Scopes:
documentation:javadocClasspath quicktype-plugin:runtimeClasspath aspectj-plugin:compileClasspath aspectj-plugin:runtimeClasspath quicktype-plugin:compileClasspath quicktype-plugin:implementationDependenciesMetadata kotlin-native-utils-1.9.20.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/io.freefair.gradle/quicktype-plugin@8.6 pkg:maven/org.jetbrains.kotlin/kotlin-gradle-plugin-api@1.9.20 pkg:maven/org.jetbrains.kotlin/kotlin-gradle-plugin-api@1.9.20 pkg:maven/org.jetbrains.kotlin/kotlin-gradle-plugin@1.9.20 pkg:maven/org.jetbrains.kotlin/kotlin-gradle-plugin@1.9.20 pkg:maven/io.freefair.gradle/aspectj-plugin@8.6 pkg:maven/org.jetbrains.kotlin/kotlin-gradle-plugin@1.9.20 Evidence Type Source Name Value Confidence Vendor file name kotlin-native-utils High Vendor gradle artifactid kotlin-native-utils Highest Vendor gradle groupid org.jetbrains.kotlin Highest Vendor jar package name jetbrains Highest Vendor jar package name jetbrains Low Vendor jar package name konan Low Vendor jar package name kotlin Low Vendor Manifest Implementation-Vendor JetBrains High Product file name kotlin-native-utils High Product gradle artifactid kotlin-native-utils Highest Product jar package name konan Low Product jar package name kotlin Highest Product jar package name kotlin Low Product jar package name target Low Product Manifest Implementation-Title kotlin-native-utils High Version file name kotlin-native-utils Medium Version file version 1.9.20 High Version gradle version 1.9.20 Highest Version Manifest Implementation-Version 1.9.255-SNAPSHOT High
kotlin-project-model-1.9.20.jarFile Path: /home/runner/.gradle/caches/modules-2/files-2.1/org.jetbrains.kotlin/kotlin-project-model/1.9.20/11532396237b2ead81b82227b81ace798eeb46ba/kotlin-project-model-1.9.20.jarMD5: 6357ac930952328fad7613751e81f2b9SHA1: 11532396237b2ead81b82227b81ace798eeb46baSHA256: 261a9b40e240e259ac359c16938002ecc6c08434a5c6e5e5bffee242a3c50218Referenced In Projects/Scopes:
documentation:javadocClasspath quicktype-plugin:runtimeClasspath aspectj-plugin:compileClasspath aspectj-plugin:runtimeClasspath quicktype-plugin:compileClasspath quicktype-plugin:implementationDependenciesMetadata kotlin-project-model-1.9.20.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/io.freefair.gradle/quicktype-plugin@8.6 pkg:maven/org.jetbrains.kotlin/kotlin-gradle-plugin-api@1.9.20 pkg:maven/org.jetbrains.kotlin/kotlin-gradle-plugin-api@1.9.20 pkg:maven/org.jetbrains.kotlin/kotlin-gradle-plugin@1.9.20 pkg:maven/org.jetbrains.kotlin/kotlin-gradle-plugin@1.9.20 pkg:maven/io.freefair.gradle/aspectj-plugin@8.6 pkg:maven/org.jetbrains.kotlin/kotlin-gradle-plugin@1.9.20 Evidence Type Source Name Value Confidence Vendor file name kotlin-project-model High Vendor gradle artifactid kotlin-project-model Highest Vendor gradle groupid org.jetbrains.kotlin Highest Vendor jar package name jetbrains Highest Vendor jar package name jetbrains Low Vendor jar package name kotlin Low Vendor jar package name project Low Vendor Manifest Implementation-Vendor JetBrains High Product file name kotlin-project-model High Product gradle artifactid kotlin-project-model Highest Product jar package name kotlin Highest Product jar package name kotlin Low Product jar package name model Highest Product jar package name model Low Product jar package name project Highest Product jar package name project Low Product Manifest Implementation-Title kotlin-project-model High Version file name kotlin-project-model Medium Version file version 1.9.20 High Version gradle version 1.9.20 Highest Version Manifest Implementation-Version 1.9.255-SNAPSHOT High
kotlin-reflect-1.6.10.jarFile Path: /home/runner/.gradle/caches/modules-2/files-2.1/org.jetbrains.kotlin/kotlin-reflect/1.6.10/1cbe9c92c12a94eea200d23c2bbaedaf3daf5132/kotlin-reflect-1.6.10.jarMD5: a22187e3070e39a1cdb6a53970fa714dSHA1: 1cbe9c92c12a94eea200d23c2bbaedaf3daf5132SHA256: 3277ac102ae17aad10a55abec75ff5696c8d109790396434b496e75087854203Referenced In Projects/Scopes:
mjml-plugin:kotlinCompilerClasspath quicktype-plugin:kotlinBuildToolsApiClasspath mjml-plugin:kotlinBuildToolsApiClasspath quicktype-plugin:kotlinKlibCommonizerClasspath quicktype-plugin:kotlinCompilerClasspath mjml-plugin:kotlinKlibCommonizerClasspath kotlin-reflect-1.6.10.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.jetbrains.kotlin/kotlin-compiler-embeddable@1.9.20 pkg:maven/org.jetbrains.kotlin/kotlin-compiler-embeddable@1.9.20 pkg:maven/org.jetbrains.kotlin/kotlin-klib-commonizer-embeddable@1.9.20 pkg:maven/org.jetbrains.kotlin/kotlin-build-tools-impl@1.9.20 pkg:maven/org.jetbrains.kotlin/kotlin-klib-commonizer-embeddable@1.9.20 pkg:maven/org.jetbrains.kotlin/kotlin-build-tools-impl@1.9.20 Evidence Type Source Name Value Confidence Vendor file name kotlin-reflect High Vendor gradle artifactid kotlin-reflect Highest Vendor gradle groupid org.jetbrains.kotlin Highest Vendor jar package name jvm Low Vendor jar package name kotlin Low Vendor jar package name reflect Low Vendor Manifest Implementation-Vendor JetBrains High Vendor Manifest kotlin-runtime-component Main Low Vendor Manifest multi-release true Low Product file name kotlin-reflect High Product gradle artifactid kotlin-reflect Highest Product jar package name internal Low Product jar package name jvm Low Product jar package name kotlin Highest Product jar package name reflect Highest Product jar package name reflect Low Product Manifest Implementation-Title kotlin-reflect High Product Manifest kotlin-runtime-component Main Low Product Manifest multi-release true Low Version file name kotlin-reflect Medium Version file version 1.6.10 High Version gradle version 1.6.10 Highest Version Manifest Implementation-Version 1.6.10-release-923(1.6.10) High
kotlin-reflect-1.9.20.jarFile Path: /home/runner/.gradle/caches/modules-2/files-2.1/org.jetbrains.kotlin/kotlin-reflect/1.9.20/34eeb4eed5f493cdbb760ef50a5653ec414006bf/kotlin-reflect-1.9.20.jarMD5: 603c079e252d2a37693511cd8d4f04aeSHA1: 34eeb4eed5f493cdbb760ef50a5653ec414006bfSHA256: 49b66f9a89d50fd2954c2e8aeac80e4f488b0a09322a25efad6261576713dc0fReferenced In Projects/Scopes:
documentation:javadocClasspath quicktype-plugin:runtimeClasspath quicktype-plugin:compileClasspath mjml-plugin:embeddedKotlin mjml-plugin:compileClasspath mjml-plugin:compileOnlyDependenciesMetadata quicktype-plugin:implementationDependenciesMetadata kotlin-reflect-1.9.20.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/io.freefair.gradle/quicktype-plugin@8.6 pkg:maven/io.freefair.gradle/quicktype-plugin@8.6 pkg:maven/io.freefair.gradle/quicktype-plugin@8.6 pkg:maven/io.freefair.gradle/mjml-plugin@8.6 pkg:maven/io.freefair.gradle/mjml-plugin@8.6 pkg:maven/io.freefair.gradle/mjml-plugin@8.6 pkg:maven/io.freefair.gradle/quicktype-plugin@8.6 Evidence Type Source Name Value Confidence Vendor file name kotlin-reflect High Vendor gradle artifactid kotlin-reflect Highest Vendor gradle groupid org.jetbrains.kotlin Highest Vendor jar package name jvm Low Vendor jar package name kotlin Low Vendor jar package name reflect Low Vendor Manifest Implementation-Vendor JetBrains High Vendor Manifest kotlin-runtime-component Main Low Vendor Manifest multi-release true Low Product file name kotlin-reflect High Product gradle artifactid kotlin-reflect Highest Product jar package name internal Low Product jar package name jvm Low Product jar package name kotlin Highest Product jar package name reflect Highest Product jar package name reflect Low Product Manifest Implementation-Title kotlin-reflect High Product Manifest kotlin-runtime-component Main Low Product Manifest multi-release true Low Version file name kotlin-reflect Medium Version file version 1.9.20 High Version gradle version 1.9.20 Highest Version Manifest Implementation-Version 1.9.255-SNAPSHOT High
kotlin-sam-with-receiver-compiler-plugin-embeddable-1.9.20.jarFile Path: /home/runner/.gradle/caches/modules-2/files-2.1/org.jetbrains.kotlin/kotlin-sam-with-receiver-compiler-plugin-embeddable/1.9.20/5b04c29930350a551045a62fdbde3d84ebdeaf65/kotlin-sam-with-receiver-compiler-plugin-embeddable-1.9.20.jarMD5: 2793280ac740e1c3bdc5090f668a7541SHA1: 5b04c29930350a551045a62fdbde3d84ebdeaf65SHA256: d362170a1cc153160f0cb2038c84411034b56c055a9b316f32c0b7b7168ca0f2Referenced In Projects/Scopes:
mjml-plugin:kotlinCompilerPluginClasspathMain mjml-plugin:kotlinCompilerPluginClasspathTest kotlin-sam-with-receiver-compiler-plugin-embeddable-1.9.20.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/io.freefair.gradle/mjml-plugin@8.6 pkg:maven/io.freefair.gradle/mjml-plugin@8.6 Evidence Type Source Name Value Confidence Vendor file name kotlin-sam-with-receiver-compiler-plugin-embeddable High Vendor gradle artifactid kotlin-sam-with-receiver-compiler-plugin-embeddable Highest Vendor gradle groupid org.jetbrains.kotlin Highest Vendor jar package name jetbrains Highest Vendor jar package name jetbrains Low Vendor jar package name kotlin Low Vendor jar package name samwithreceiver Low Vendor Manifest Implementation-Vendor JetBrains High Product file name kotlin-sam-with-receiver-compiler-plugin-embeddable High Product gradle artifactid kotlin-sam-with-receiver-compiler-plugin-embeddable Highest Product jar package name kotlin Highest Product jar package name kotlin Low Product jar package name samwithreceiver Low Product Manifest Implementation-Title kotlin-sam-with-receiver-compiler-plugin.embeddable High Version file name kotlin-sam-with-receiver-compiler-plugin-embeddable Medium Version file version 1.9.20 High Version gradle version 1.9.20 Highest Version Manifest Implementation-Version 1.9.255-SNAPSHOT High
kotlin-script-runtime-1.9.20.jarFile Path: /home/runner/.gradle/caches/modules-2/files-2.1/org.jetbrains.kotlin/kotlin-script-runtime/1.9.20/6fdfef711b8e07f1a4d0979a60acd7bc8a800777/kotlin-script-runtime-1.9.20.jarMD5: 448f3cef7b52d1552ad3c3d61b08ce04SHA1: 6fdfef711b8e07f1a4d0979a60acd7bc8a800777SHA256: a26a6256a76f766ab8bacdb409b3f8c940d999712a8e88864252b678d66bab9eReferenced In Projects/Scopes:
mjml-plugin:kotlinCompilerClasspath mjml-plugin:kotlinCompilerPluginClasspathMain quicktype-plugin:kotlinBuildToolsApiClasspath quicktype-plugin:kotlinCompilerPluginClasspathTest quicktype-plugin:kotlinCompilerPluginClasspathMain mjml-plugin:kotlinCompilerPluginClasspathTest mjml-plugin:kotlinBuildToolsApiClasspath quicktype-plugin:kotlinKlibCommonizerClasspath quicktype-plugin:kotlinCompilerClasspath mjml-plugin:kotlinKlibCommonizerClasspath kotlin-script-runtime-1.9.20.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.jetbrains.kotlin/kotlin-compiler-embeddable@1.9.20 pkg:maven/org.jetbrains.kotlin/kotlin-compiler-embeddable@1.9.20 pkg:maven/org.jetbrains.kotlin/kotlin-scripting-compiler-embeddable@1.9.20 pkg:maven/org.jetbrains.kotlin/kotlin-scripting-compiler-embeddable@1.9.20 pkg:maven/org.jetbrains.kotlin/kotlin-klib-commonizer-embeddable@1.9.20 pkg:maven/org.jetbrains.kotlin/kotlin-scripting-compiler-embeddable@1.9.20 pkg:maven/org.jetbrains.kotlin/kotlin-scripting-compiler-embeddable@1.9.20 pkg:maven/org.jetbrains.kotlin/kotlin-build-tools-impl@1.9.20 pkg:maven/org.jetbrains.kotlin/kotlin-klib-commonizer-embeddable@1.9.20 pkg:maven/org.jetbrains.kotlin/kotlin-build-tools-impl@1.9.20 Evidence Type Source Name Value Confidence Vendor file name kotlin-script-runtime High Vendor gradle artifactid kotlin-script-runtime Highest Vendor gradle groupid org.jetbrains.kotlin Highest Vendor jar package name kotlin Low Vendor jar package name script Low Vendor Manifest Implementation-Vendor JetBrains High Vendor Manifest kotlin-runtime-component Main Low Product file name kotlin-script-runtime High Product gradle artifactid kotlin-script-runtime Highest Product jar package name dependencies Low Product jar package name kotlin Highest Product jar package name script Highest Product jar package name script Low Product Manifest Implementation-Title kotlin-script-runtime High Product Manifest kotlin-runtime-component Main Low Version file name kotlin-script-runtime Medium Version file version 1.9.20 High Version gradle version 1.9.20 Highest Version Manifest Implementation-Version 1.9.255-SNAPSHOT High
kotlin-scripting-common-1.9.20.jarFile Path: /home/runner/.gradle/caches/modules-2/files-2.1/org.jetbrains.kotlin/kotlin-scripting-common/1.9.20/d2abd0f9c63e61fa54bd43f29458c2606b02abdc/kotlin-scripting-common-1.9.20.jarMD5: 8193e0ddf5ce7011d52f39df787eaea0SHA1: d2abd0f9c63e61fa54bd43f29458c2606b02abdcSHA256: 5aa08477cb73f7927413aec683a4aa3b3f99e87be0630255ce697452a1a42d65Referenced In Projects/Scopes:
documentation:javadocClasspath quicktype-plugin:runtimeClasspath mjml-plugin:kotlinCompilerPluginClasspathMain quicktype-plugin:kotlinCompilerPluginClasspathTest quicktype-plugin:kotlinCompilerPluginClasspathMain mjml-plugin:kotlinCompilerPluginClasspathTest kotlin-scripting-common-1.9.20.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/io.freefair.gradle/quicktype-plugin@8.6 pkg:maven/org.jetbrains.kotlin/kotlin-scripting-compiler-embeddable@1.9.20 pkg:maven/org.jetbrains.kotlin/kotlin-scripting-compiler-embeddable@1.9.20 pkg:maven/org.jetbrains.kotlin/kotlin-scripting-compiler-embeddable@1.9.20 pkg:maven/org.jetbrains.kotlin/kotlin-scripting-compiler-embeddable@1.9.20 pkg:maven/io.freefair.gradle/aspectj-plugin@8.6 pkg:maven/org.jetbrains.kotlin/kotlin-gradle-plugin@1.9.20 Evidence Type Source Name Value Confidence Vendor file name kotlin-scripting-common High Vendor gradle artifactid kotlin-scripting-common Highest Vendor gradle groupid org.jetbrains.kotlin Highest Vendor jar package name experimental Low Vendor jar package name kotlin Low Vendor jar package name script Low Vendor Manifest Implementation-Vendor JetBrains High Product file name kotlin-scripting-common High Product gradle artifactid kotlin-scripting-common Highest Product jar package name api Low Product jar package name experimental Low Product jar package name kotlin Highest Product jar package name script Low Product Manifest Implementation-Title kotlin-scripting-common High Version file name kotlin-scripting-common Medium Version file version 1.9.20 High Version gradle version 1.9.20 Highest Version Manifest Implementation-Version 1.9.255-SNAPSHOT High
kotlin-scripting-compiler-embeddable-1.9.20.jarFile Path: /home/runner/.gradle/caches/modules-2/files-2.1/org.jetbrains.kotlin/kotlin-scripting-compiler-embeddable/1.9.20/c2c32f862094042ee6c84e21df4669b41191af88/kotlin-scripting-compiler-embeddable-1.9.20.jarMD5: 51dc793e60da12fb07ff0789c77bccabSHA1: c2c32f862094042ee6c84e21df4669b41191af88SHA256: 2181dd0c4d52c6f696ad9f17934233790f4d68234b1418d6376fda7e5c374c4eReferenced In Projects/Scopes:
documentation:javadocClasspath quicktype-plugin:runtimeClasspath mjml-plugin:kotlinCompilerPluginClasspathMain quicktype-plugin:kotlinCompilerPluginClasspathTest quicktype-plugin:kotlinCompilerPluginClasspathMain mjml-plugin:kotlinCompilerPluginClasspathTest kotlin-scripting-compiler-embeddable-1.9.20.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/io.freefair.gradle/quicktype-plugin@8.6 pkg:maven/io.freefair.gradle/quicktype-plugin@8.6 pkg:maven/io.freefair.gradle/mjml-plugin@8.6 pkg:maven/io.freefair.gradle/quicktype-plugin@8.6 pkg:maven/io.freefair.gradle/mjml-plugin@8.6 pkg:maven/io.freefair.gradle/aspectj-plugin@8.6 pkg:maven/org.jetbrains.kotlin/kotlin-gradle-plugin@1.9.20 Evidence Type Source Name Value Confidence Vendor file name kotlin-scripting-compiler-embeddable High Vendor gradle artifactid kotlin-scripting-compiler-embeddable Highest Vendor gradle groupid org.jetbrains.kotlin Highest Vendor jar package name jetbrains Highest Vendor jar package name jetbrains Low Vendor jar package name kotlin Low Vendor jar package name scripting Low Vendor Manifest Implementation-Vendor JetBrains High Product file name kotlin-scripting-compiler-embeddable High Product gradle artifactid kotlin-scripting-compiler-embeddable Highest Product jar package name compiler Highest Product jar package name compiler Low Product jar package name kotlin Highest Product jar package name kotlin Low Product jar package name scripting Highest Product jar package name scripting Low Product Manifest Implementation-Title kotlin-scripting-compiler-embeddable High Version file name kotlin-scripting-compiler-embeddable Medium Version file version 1.9.20 High Version gradle version 1.9.20 Highest Version Manifest Implementation-Version 1.9.255-SNAPSHOT High
kotlin-scripting-compiler-impl-embeddable-1.9.20.jarFile Path: /home/runner/.gradle/caches/modules-2/files-2.1/org.jetbrains.kotlin/kotlin-scripting-compiler-impl-embeddable/1.9.20/ed985bbca9227a8cf97d5b2f81d371f1d7efee61/kotlin-scripting-compiler-impl-embeddable-1.9.20.jarMD5: 249e8a01e03dba8578b0306dcdee4389SHA1: ed985bbca9227a8cf97d5b2f81d371f1d7efee61SHA256: dc9ab6f69c592ad1f1d2e2b994b97509d0ee09480bea6bc771eeeef3071eb817Referenced In Projects/Scopes:
documentation:javadocClasspath quicktype-plugin:runtimeClasspath mjml-plugin:kotlinCompilerPluginClasspathMain quicktype-plugin:kotlinCompilerPluginClasspathTest quicktype-plugin:kotlinCompilerPluginClasspathMain mjml-plugin:kotlinCompilerPluginClasspathTest kotlin-scripting-compiler-impl-embeddable-1.9.20.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/io.freefair.gradle/quicktype-plugin@8.6 pkg:maven/org.jetbrains.kotlin/kotlin-scripting-compiler-embeddable@1.9.20 pkg:maven/org.jetbrains.kotlin/kotlin-scripting-compiler-embeddable@1.9.20 pkg:maven/org.jetbrains.kotlin/kotlin-scripting-compiler-embeddable@1.9.20 pkg:maven/org.jetbrains.kotlin/kotlin-scripting-compiler-embeddable@1.9.20 pkg:maven/io.freefair.gradle/aspectj-plugin@8.6 pkg:maven/org.jetbrains.kotlin/kotlin-gradle-plugin@1.9.20 Evidence Type Source Name Value Confidence Vendor file name kotlin-scripting-compiler-impl-embeddable High Vendor gradle artifactid kotlin-scripting-compiler-impl-embeddable Highest Vendor gradle groupid org.jetbrains.kotlin Highest Vendor jar package name jetbrains Highest Vendor jar package name jetbrains Low Vendor jar package name kotlin Low Vendor jar package name scripting Low Vendor Manifest Implementation-Vendor JetBrains High Product file name kotlin-scripting-compiler-impl-embeddable High Product gradle artifactid kotlin-scripting-compiler-impl-embeddable Highest Product jar package name definitions Low Product jar package name kotlin Highest Product jar package name kotlin Low Product jar package name scripting Highest Product jar package name scripting Low Product Manifest Implementation-Title kotlin-scripting-compiler-impl-embeddable High Version file name kotlin-scripting-compiler-impl-embeddable Medium Version file version 1.9.20 High Version gradle version 1.9.20 Highest Version Manifest Implementation-Version 1.9.255-SNAPSHOT High
kotlin-scripting-jvm-1.9.20.jarFile Path: /home/runner/.gradle/caches/modules-2/files-2.1/org.jetbrains.kotlin/kotlin-scripting-jvm/1.9.20/5277cafe6949e047a271433202f32e8377b00ebb/kotlin-scripting-jvm-1.9.20.jarMD5: 8a0b55521109a64ff37f1a19d5d32812SHA1: 5277cafe6949e047a271433202f32e8377b00ebbSHA256: 809f73bdd4dd7766ae1ef2ced968896ce9c03d6a5fe6de6f6799778851f75bd3Referenced In Projects/Scopes:
documentation:javadocClasspath quicktype-plugin:runtimeClasspath mjml-plugin:kotlinCompilerPluginClasspathMain quicktype-plugin:kotlinCompilerPluginClasspathTest quicktype-plugin:kotlinCompilerPluginClasspathMain mjml-plugin:kotlinCompilerPluginClasspathTest kotlin-scripting-jvm-1.9.20.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/io.freefair.gradle/quicktype-plugin@8.6 pkg:maven/org.jetbrains.kotlin/kotlin-scripting-compiler-embeddable@1.9.20 pkg:maven/org.jetbrains.kotlin/kotlin-scripting-compiler-embeddable@1.9.20 pkg:maven/org.jetbrains.kotlin/kotlin-scripting-compiler-embeddable@1.9.20 pkg:maven/org.jetbrains.kotlin/kotlin-scripting-compiler-embeddable@1.9.20 pkg:maven/io.freefair.gradle/aspectj-plugin@8.6 pkg:maven/org.jetbrains.kotlin/kotlin-gradle-plugin@1.9.20 Evidence Type Source Name Value Confidence Vendor file name kotlin-scripting-jvm High Vendor gradle artifactid kotlin-scripting-jvm Highest Vendor gradle groupid org.jetbrains.kotlin Highest Vendor jar package name experimental Low Vendor jar package name kotlin Low Vendor jar package name script Low Vendor Manifest Implementation-Vendor JetBrains High Product file name kotlin-scripting-jvm High Product gradle artifactid kotlin-scripting-jvm Highest Product jar package name experimental Low Product jar package name jvm Highest Product jar package name jvm Low Product jar package name kotlin Highest Product jar package name script Low Product Manifest Implementation-Title kotlin-scripting-jvm High Version file name kotlin-scripting-jvm Medium Version file version 1.9.20 High Version gradle version 1.9.20 Highest Version Manifest Implementation-Version 1.9.255-SNAPSHOT High
kotlin-stdlib-1.9.10.jarFile Path: /home/runner/.gradle/caches/modules-2/files-2.1/org.jetbrains.kotlin/kotlin-stdlib/1.9.10/72812e8a368917ab5c0a5081b56915ffdfec93b7/kotlin-stdlib-1.9.10.jarMD5: da8348128b101f854fafa9a31e3806bdSHA1: 72812e8a368917ab5c0a5081b56915ffdfec93b7SHA256: 55e989c512b80907799f854309f3bc7782c5b3d13932442d0379d5c472711504Referenced In Projects/Scopes:
github-plugin:compileClasspath github-plugin:runtimeClasspath maven-plugin-plugin:compileClasspath okhttp-plugin:runtimeClasspath maven-plugin-plugin:runtimeClasspath maven-plugin:compileClasspath okhttp-plugin:compileClasspath maven-plugin:runtimeClasspath kotlin-stdlib-1.9.10.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/io.freefair.gradle/okhttp-plugin@8.6 pkg:maven/com.squareup.retrofit2/converter-gson@2.9.0 pkg:maven/com.squareup.retrofit2/retrofit@2.9.0 pkg:maven/com.squareup.okhttp3/okhttp@4.12.0 pkg:maven/io.freefair.gradle/maven-plugin@8.6 pkg:maven/com.squareup.retrofit2/converter-gson@2.9.0 pkg:maven/com.squareup.okhttp3/okhttp-bom@4.12.0 pkg:maven/com.squareup.okhttp3/logging-interceptor@4.12.0 pkg:maven/com.squareup.okhttp3/logging-interceptor@4.12.0 pkg:maven/io.freefair.gradle/maven-plugin@8.6 pkg:maven/com.squareup.okhttp3/okhttp@4.12.0 pkg:maven/io.freefair.gradle/okhttp-plugin@8.6 pkg:maven/com.squareup.retrofit2/retrofit@2.9.0 pkg:maven/io.freefair.gradle/okhttp-plugin@8.6 pkg:maven/com.squareup.okhttp3/okhttp-bom@4.12.0 pkg:maven/io.freefair.gradle/okhttp-plugin@8.6 Evidence Type Source Name Value Confidence Vendor file name kotlin-stdlib High Vendor gradle artifactid kotlin-stdlib Highest Vendor gradle groupid org.jetbrains.kotlin Highest Vendor jar package name kotlin Low Vendor Manifest Implementation-Vendor JetBrains High Vendor Manifest kotlin-runtime-component Main Low Vendor Manifest multi-release true Low Product file name kotlin-stdlib High Product gradle artifactid kotlin-stdlib Highest Product jar package name kotlin Highest Product Manifest Implementation-Title kotlin-stdlib High Product Manifest kotlin-runtime-component Main Low Product Manifest multi-release true Low Version file name kotlin-stdlib Medium Version file version 1.9.10 High Version gradle version 1.9.10 Highest Version Manifest Implementation-Version 1.9.10-release-459 High
kotlin-stdlib-1.9.20-all.jarFile Path: /home/runner/.gradle/caches/modules-2/files-2.1/org.jetbrains.kotlin/kotlin-stdlib/1.9.20/6c69e7b26179394dafd3c90e630ef763b8c1a267/kotlin-stdlib-1.9.20-all.jarMD5: 4468f2ad5cecac0c0c2639699aafcfc1SHA1: 6c69e7b26179394dafd3c90e630ef763b8c1a267SHA256: cec38bc3302e72a8aaf9cde436b5a9071ee0331e2ad05e84d8bb897334d7e9d4Referenced In Projects/Scopes:
quicktype-plugin:apiDependenciesMetadata mjml-plugin:compileOnlyDependenciesMetadata quicktype-plugin:implementationDependenciesMetadata kotlin-stdlib-1.9.20-all.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.jetbrains.kotlin/kotlin-reflect@1.9.20 pkg:maven/io.freefair.gradle/quicktype-plugin@8.6 pkg:maven/io.freefair.gradle/mjml-plugin@8.6 pkg:maven/org.jetbrains.kotlin/kotlin-reflect@1.9.20 pkg:maven/io.freefair.gradle/quicktype-plugin@8.6 Evidence Type Source Name Value Confidence Vendor file name kotlin-stdlib High Vendor gradle artifactid kotlin-stdlib Highest Vendor gradle groupid org.jetbrains.kotlin Highest Product file name kotlin-stdlib High Product gradle artifactid kotlin-stdlib Highest Version file name kotlin-stdlib Medium Version file version 1.9.20 High Version gradle version 1.9.20 Highest
kotlin-stdlib-1.9.20.jarFile Path: /home/runner/.gradle/caches/modules-2/files-2.1/org.jetbrains.kotlin/kotlin-stdlib/1.9.20/e58b4816ac517e9cc5df1db051120c63d4cde669/kotlin-stdlib-1.9.20.jarMD5: 405681a02b165f82fc680133482b210cSHA1: e58b4816ac517e9cc5df1db051120c63d4cde669SHA256: 28a35bcdff46d864f80f346a617e486284b208d17378c41900dfb1de95a90e6cReferenced In Projects/Scopes:
documentation:javadocClasspath mjml-plugin:kotlinCompilerClasspath mjml-plugin:kotlinCompilerPluginClasspathMain quicktype-plugin:kotlinCompilerPluginClasspathMain quicktype-plugin:kotlinKlibCommonizerClasspath quicktype-plugin:runtimeClasspath quicktype-plugin:kotlinBuildToolsApiClasspath quicktype-plugin:kotlinCompilerPluginClasspathTest quicktype-plugin:compileClasspath mjml-plugin:kotlinCompilerPluginClasspathTest mjml-plugin:kotlinBuildToolsApiClasspath mjml-plugin:embeddedKotlin mjml-plugin:compileClasspath quicktype-plugin:kotlinCompilerClasspath mjml-plugin:kotlinKlibCommonizerClasspath kotlin-stdlib-1.9.20.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/io.freefair.gradle/maven-plugin-plugin@8.6 pkg:maven/org.jetbrains.kotlin/kotlin-compiler-embeddable@1.9.20 pkg:maven/org.jetbrains.kotlin/kotlin-reflect@1.9.20 pkg:maven/org.jetbrains.kotlin/kotlin-scripting-compiler-embeddable@1.9.20 pkg:maven/io.freefair.gradle/maven-plugin@8.6 pkg:maven/org.jetbrains.kotlin/kotlin-klib-commonizer-embeddable@1.9.20 pkg:maven/io.freefair.gradle/mjml-plugin@8.6 pkg:maven/org.jetbrains.kotlin/kotlin-scripting-compiler-embeddable@1.9.20 pkg:maven/org.jetbrains.kotlin/kotlin-scripting-compiler-embeddable@1.9.20 pkg:maven/io.freefair.gradle/github-plugin@8.6 pkg:maven/org.jetbrains.kotlin/kotlin-build-tools-impl@1.9.20 pkg:maven/org.jetbrains.kotlin/kotlin-klib-commonizer-embeddable@1.9.20 pkg:maven/io.freefair.gradle/quicktype-plugin@8.6 pkg:maven/org.jetbrains.kotlin/kotlin-reflect@1.9.20 pkg:maven/io.freefair.gradle/quicktype-plugin@8.6 pkg:maven/org.jetbrains.kotlin/kotlin-compiler-embeddable@1.9.20 pkg:maven/org.jetbrains.kotlin/kotlin-scripting-compiler-embeddable@1.9.20 pkg:maven/io.freefair.gradle/mjml-plugin@8.6 pkg:maven/org.jetbrains.kotlin/kotlin-reflect@1.9.20 pkg:maven/org.jetbrains.kotlin/kotlin-reflect@1.9.20 pkg:maven/io.freefair.gradle/quicktype-plugin@8.6 pkg:maven/io.freefair.gradle/okhttp-plugin@8.6 pkg:maven/org.jetbrains.kotlin/kotlin-build-tools-impl@1.9.20 Evidence Type Source Name Value Confidence Vendor file name kotlin-stdlib High Vendor gradle artifactid kotlin-stdlib Highest Vendor gradle groupid org.jetbrains.kotlin Highest Vendor jar package name kotlin Low Vendor Manifest Implementation-Vendor JetBrains High Vendor Manifest kotlin-runtime-component Main Low Vendor Manifest multi-release true Low Product file name kotlin-stdlib High Product gradle artifactid kotlin-stdlib Highest Product jar package name kotlin Highest Product Manifest Implementation-Title kotlin-stdlib High Product Manifest kotlin-runtime-component Main Low Product Manifest multi-release true Low Version file name kotlin-stdlib Medium Version file version 1.9.20 High Version gradle version 1.9.20 Highest Version Manifest Implementation-Version 1.9.255-SNAPSHOT High
kotlin-stdlib-common-1.9.10.jarFile Path: /home/runner/.gradle/caches/modules-2/files-2.1/org.jetbrains.kotlin/kotlin-stdlib-common/1.9.10/dafaf2c27f27c09220cee312df10917d9a5d97ce/kotlin-stdlib-common-1.9.10.jarMD5: de4024a53c843e959f2d50ecd1f0e951SHA1: dafaf2c27f27c09220cee312df10917d9a5d97ceSHA256: cde3341ba18a2ba262b0b7cf6c55b20c90e8d434e42c9a13e6a3f770db965a88Referenced In Projects/Scopes:
github-plugin:compileClasspath github-plugin:runtimeClasspath maven-plugin-plugin:compileClasspath okhttp-plugin:runtimeClasspath maven-plugin-plugin:runtimeClasspath maven-plugin:compileClasspath okhttp-plugin:compileClasspath maven-plugin:runtimeClasspath kotlin-stdlib-common-1.9.10.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/io.freefair.gradle/okhttp-plugin@8.6 pkg:maven/com.squareup.retrofit2/converter-gson@2.9.0 pkg:maven/com.squareup.retrofit2/retrofit@2.9.0 pkg:maven/com.squareup.okhttp3/okhttp@4.12.0 pkg:maven/io.freefair.gradle/maven-plugin@8.6 pkg:maven/com.squareup.retrofit2/converter-gson@2.9.0 pkg:maven/com.squareup.okhttp3/okhttp-bom@4.12.0 pkg:maven/com.squareup.okhttp3/logging-interceptor@4.12.0 pkg:maven/com.squareup.okhttp3/logging-interceptor@4.12.0 pkg:maven/io.freefair.gradle/maven-plugin@8.6 pkg:maven/com.squareup.okhttp3/okhttp@4.12.0 pkg:maven/io.freefair.gradle/okhttp-plugin@8.6 pkg:maven/com.squareup.retrofit2/retrofit@2.9.0 pkg:maven/io.freefair.gradle/okhttp-plugin@8.6 pkg:maven/com.squareup.okhttp3/okhttp-bom@4.12.0 pkg:maven/io.freefair.gradle/okhttp-plugin@8.6 Evidence Type Source Name Value Confidence Vendor file name kotlin-stdlib-common High Vendor gradle artifactid kotlin-stdlib-common Highest Vendor gradle groupid org.jetbrains.kotlin Highest Vendor Manifest Implementation-Vendor JetBrains High Vendor Manifest kotlin-runtime-component Main Low Product file name kotlin-stdlib-common High Product gradle artifactid kotlin-stdlib-common Highest Product Manifest Implementation-Title kotlin-stdlib-common High Product Manifest kotlin-runtime-component Main Low Version file name kotlin-stdlib-common Medium Version file version 1.9.10 High Version gradle version 1.9.10 Highest Version Manifest Implementation-Version 1.9.10-release-459 High
kotlin-stdlib-jdk7-1.9.10.jarFile Path: /home/runner/.gradle/caches/modules-2/files-2.1/org.jetbrains.kotlin/kotlin-stdlib-jdk7/1.9.10/bc5bfc2690338defd5195b05c57562f2194eeb10/kotlin-stdlib-jdk7-1.9.10.jarMD5: 14f35bcc452b095f3034a1471960ccccSHA1: bc5bfc2690338defd5195b05c57562f2194eeb10SHA256: ac6361bf9ad1ed382c2103d9712c47cdec166232b4903ed596e8876b0681c9b7Referenced In Projects/Scopes:
documentation:javadocClasspath github-plugin:compileClasspath github-plugin:runtimeClasspath maven-plugin-plugin:compileClasspath okhttp-plugin:runtimeClasspath maven-plugin-plugin:runtimeClasspath maven-plugin:compileClasspath okhttp-plugin:compileClasspath maven-plugin:runtimeClasspath kotlin-stdlib-jdk7-1.9.10.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/io.freefair.gradle/maven-plugin-plugin@8.6 pkg:maven/io.freefair.gradle/okhttp-plugin@8.6 pkg:maven/io.freefair.gradle/maven-plugin@8.6 pkg:maven/com.squareup.retrofit2/converter-gson@2.9.0 pkg:maven/com.squareup.retrofit2/retrofit@2.9.0 pkg:maven/io.freefair.gradle/github-plugin@8.6 pkg:maven/com.squareup.okhttp3/okhttp@4.12.0 pkg:maven/io.freefair.gradle/maven-plugin@8.6 pkg:maven/io.freefair.gradle/quicktype-plugin@8.6 pkg:maven/com.squareup.retrofit2/converter-gson@2.9.0 pkg:maven/com.squareup.okhttp3/okhttp-bom@4.12.0 pkg:maven/com.squareup.okhttp3/logging-interceptor@4.12.0 pkg:maven/com.squareup.okhttp3/logging-interceptor@4.12.0 pkg:maven/io.freefair.gradle/maven-plugin@8.6 pkg:maven/com.squareup.okhttp3/okhttp@4.12.0 pkg:maven/io.freefair.gradle/okhttp-plugin@8.6 pkg:maven/com.squareup.retrofit2/retrofit@2.9.0 pkg:maven/io.freefair.gradle/okhttp-plugin@8.6 pkg:maven/com.squareup.okhttp3/okhttp-bom@4.12.0 pkg:maven/io.freefair.gradle/okhttp-plugin@8.6 pkg:maven/io.freefair.gradle/okhttp-plugin@8.6 Evidence Type Source Name Value Confidence Vendor file name kotlin-stdlib-jdk7 High Vendor gradle artifactid kotlin-stdlib-jdk7 Highest Vendor gradle groupid org.jetbrains.kotlin Highest Vendor jar package name meta-inf Low Vendor jar package name versions Low Vendor Manifest Implementation-Vendor JetBrains High Vendor Manifest kotlin-runtime-component Main Low Vendor Manifest multi-release true Low Product file name kotlin-stdlib-jdk7 High Product gradle artifactid kotlin-stdlib-jdk7 Highest Product jar package name module-info Low Product jar package name versions Low Product Manifest Implementation-Title kotlin-stdlib-jdk7 High Product Manifest kotlin-runtime-component Main Low Product Manifest multi-release true Low Version file name kotlin-stdlib-jdk7 Medium Version file version 1.9.10 High Version gradle version 1.9.10 Highest Version Manifest Implementation-Version 1.9.10-release-459 High
kotlin-stdlib-jdk8-1.9.10.jarFile Path: /home/runner/.gradle/caches/modules-2/files-2.1/org.jetbrains.kotlin/kotlin-stdlib-jdk8/1.9.10/c7510d64a83411a649c76f2778304ddf71d7437b/kotlin-stdlib-jdk8-1.9.10.jarMD5: d223cbd9e57f02cf4e9f3d9ed01edceeSHA1: c7510d64a83411a649c76f2778304ddf71d7437bSHA256: a4c74d94d64ce1abe53760fe0389dd941f6fc558d0dab35e47c085a11ec80f28Referenced In Projects/Scopes:
documentation:javadocClasspath github-plugin:compileClasspath github-plugin:runtimeClasspath maven-plugin-plugin:compileClasspath okhttp-plugin:runtimeClasspath maven-plugin-plugin:runtimeClasspath maven-plugin:compileClasspath okhttp-plugin:compileClasspath maven-plugin:runtimeClasspath kotlin-stdlib-jdk8-1.9.10.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/io.freefair.gradle/maven-plugin-plugin@8.6 pkg:maven/io.freefair.gradle/okhttp-plugin@8.6 pkg:maven/io.freefair.gradle/maven-plugin@8.6 pkg:maven/com.squareup.retrofit2/converter-gson@2.9.0 pkg:maven/com.squareup.retrofit2/retrofit@2.9.0 pkg:maven/io.freefair.gradle/github-plugin@8.6 pkg:maven/com.squareup.okhttp3/okhttp@4.12.0 pkg:maven/io.freefair.gradle/maven-plugin@8.6 pkg:maven/io.freefair.gradle/quicktype-plugin@8.6 pkg:maven/com.squareup.retrofit2/converter-gson@2.9.0 pkg:maven/com.squareup.okhttp3/okhttp-bom@4.12.0 pkg:maven/com.squareup.okhttp3/logging-interceptor@4.12.0 pkg:maven/com.squareup.okhttp3/logging-interceptor@4.12.0 pkg:maven/io.freefair.gradle/maven-plugin@8.6 pkg:maven/com.squareup.okhttp3/okhttp@4.12.0 pkg:maven/io.freefair.gradle/okhttp-plugin@8.6 pkg:maven/com.squareup.retrofit2/retrofit@2.9.0 pkg:maven/io.freefair.gradle/okhttp-plugin@8.6 pkg:maven/com.squareup.okhttp3/okhttp-bom@4.12.0 pkg:maven/io.freefair.gradle/okhttp-plugin@8.6 pkg:maven/io.freefair.gradle/okhttp-plugin@8.6 Evidence Type Source Name Value Confidence Vendor file name kotlin-stdlib-jdk8 High Vendor gradle artifactid kotlin-stdlib-jdk8 Highest Vendor gradle groupid org.jetbrains.kotlin Highest Vendor jar package name meta-inf Low Vendor jar package name versions Low Vendor Manifest Implementation-Vendor JetBrains High Vendor Manifest kotlin-runtime-component Main Low Vendor Manifest multi-release true Low Product file name kotlin-stdlib-jdk8 High Product gradle artifactid kotlin-stdlib-jdk8 Highest Product jar package name module-info Low Product jar package name versions Low Product Manifest Implementation-Title kotlin-stdlib-jdk8 High Product Manifest kotlin-runtime-component Main Low Product Manifest multi-release true Low Version file name kotlin-stdlib-jdk8 Medium Version file version 1.9.10 High Version gradle version 1.9.10 Highest Version Manifest Implementation-Version 1.9.10-release-459 High
kotlin-tooling-core-1.9.20.jarFile Path: /home/runner/.gradle/caches/modules-2/files-2.1/org.jetbrains.kotlin/kotlin-tooling-core/1.9.20/bdc01105250e7ecc8bbcf49a21805685cd557dda/kotlin-tooling-core-1.9.20.jarMD5: d2f3d8b451a8d165d532db475845a22bSHA1: bdc01105250e7ecc8bbcf49a21805685cd557ddaSHA256: 8938eb97e36320daa3e6fb2a60fd2a05b232ff4a557173c5019f045b8832d9f4Referenced In Projects/Scopes:
documentation:javadocClasspath quicktype-plugin:runtimeClasspath aspectj-plugin:compileClasspath aspectj-plugin:runtimeClasspath quicktype-plugin:compileClasspath quicktype-plugin:implementationDependenciesMetadata kotlin-tooling-core-1.9.20.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/io.freefair.gradle/quicktype-plugin@8.6 pkg:maven/org.jetbrains.kotlin/kotlin-gradle-plugin-api@1.9.20 pkg:maven/org.jetbrains.kotlin/kotlin-gradle-plugin-api@1.9.20 pkg:maven/org.jetbrains.kotlin/kotlin-gradle-plugin@1.9.20 pkg:maven/org.jetbrains.kotlin/kotlin-gradle-plugin@1.9.20 pkg:maven/io.freefair.gradle/aspectj-plugin@8.6 pkg:maven/org.jetbrains.kotlin/kotlin-gradle-plugin@1.9.20 Evidence Type Source Name Value Confidence Vendor file name kotlin-tooling-core High Vendor gradle artifactid kotlin-tooling-core Highest Vendor gradle groupid org.jetbrains.kotlin Highest Vendor jar package name jetbrains Low Vendor jar package name kotlin Low Vendor jar package name tooling Low Product file name kotlin-tooling-core High Product gradle artifactid kotlin-tooling-core Highest Product jar package name core Low Product jar package name kotlin Low Product jar package name tooling Low Version file name kotlin-tooling-core Medium Version file version 1.9.20 High Version gradle version 1.9.20 Highest
kotlin-util-io-1.9.20.jarFile Path: /home/runner/.gradle/caches/modules-2/files-2.1/org.jetbrains.kotlin/kotlin-util-io/1.9.20/13fa0df6f8e5aea3ee927e6299063d4a159766ca/kotlin-util-io-1.9.20.jarMD5: d9079626536387eb7c4def6c07edc69aSHA1: 13fa0df6f8e5aea3ee927e6299063d4a159766caSHA256: c74fdaaae9d79fdf03327ee8738251e024b24b24d8b5377a1a429ac3b7f72ccaReferenced In Projects/Scopes:
documentation:javadocClasspath quicktype-plugin:runtimeClasspath aspectj-plugin:compileClasspath aspectj-plugin:runtimeClasspath quicktype-plugin:compileClasspath quicktype-plugin:implementationDependenciesMetadata kotlin-util-io-1.9.20.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/io.freefair.gradle/quicktype-plugin@8.6 pkg:maven/org.jetbrains.kotlin/kotlin-gradle-plugin-api@1.9.20 pkg:maven/org.jetbrains.kotlin/kotlin-gradle-plugin-api@1.9.20 pkg:maven/org.jetbrains.kotlin/kotlin-gradle-plugin@1.9.20 pkg:maven/org.jetbrains.kotlin/kotlin-gradle-plugin@1.9.20 pkg:maven/io.freefair.gradle/aspectj-plugin@8.6 pkg:maven/org.jetbrains.kotlin/kotlin-gradle-plugin@1.9.20 Evidence Type Source Name Value Confidence Vendor file name kotlin-util-io High Vendor gradle artifactid kotlin-util-io Highest Vendor gradle groupid org.jetbrains.kotlin Highest Vendor jar package name jetbrains Highest Vendor jar package name jetbrains Low Vendor jar package name konan Low Vendor jar package name kotlin Low Vendor Manifest Implementation-Vendor JetBrains High Product file name kotlin-util-io High Product gradle artifactid kotlin-util-io Highest Product jar package name file Low Product jar package name konan Low Product jar package name kotlin Highest Product jar package name kotlin Low Product jar package name util Highest Product Manifest Implementation-Title kotlin-util-io High Version file name kotlin-util-io Medium Version file version 1.9.20 High Version gradle version 1.9.20 Highest Version Manifest Implementation-Version 1.9.255-SNAPSHOT High
kotlin-util-klib-1.9.20.jarFile Path: /home/runner/.gradle/caches/modules-2/files-2.1/org.jetbrains.kotlin/kotlin-util-klib/1.9.20/73daea30b3c18d1ffc1e86f36e242a5bf78e9c85/kotlin-util-klib-1.9.20.jarMD5: c514598d2339efe1f575b4a28ff1dfc6SHA1: 73daea30b3c18d1ffc1e86f36e242a5bf78e9c85SHA256: c453efe27a0632d16151bfdf0084a12b8cc019fd2cb342e2b8892accce4e91b2Referenced In Projects/Scopes:
documentation:javadocClasspath quicktype-plugin:runtimeClasspath aspectj-plugin:compileClasspath aspectj-plugin:runtimeClasspath quicktype-plugin:compileClasspath quicktype-plugin:implementationDependenciesMetadata kotlin-util-klib-1.9.20.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/io.freefair.gradle/quicktype-plugin@8.6 pkg:maven/org.jetbrains.kotlin/kotlin-gradle-plugin-api@1.9.20 pkg:maven/org.jetbrains.kotlin/kotlin-gradle-plugin-api@1.9.20 pkg:maven/org.jetbrains.kotlin/kotlin-gradle-plugin@1.9.20 pkg:maven/org.jetbrains.kotlin/kotlin-gradle-plugin@1.9.20 pkg:maven/io.freefair.gradle/aspectj-plugin@8.6 pkg:maven/org.jetbrains.kotlin/kotlin-gradle-plugin@1.9.20 Evidence Type Source Name Value Confidence Vendor file name kotlin-util-klib High Vendor gradle artifactid kotlin-util-klib Highest Vendor gradle groupid org.jetbrains.kotlin Highest Vendor jar package name jetbrains Highest Vendor jar package name jetbrains Low Vendor jar package name kotlin Low Vendor jar package name library Low Vendor Manifest Implementation-Vendor JetBrains High Product file name kotlin-util-klib High Product gradle artifactid kotlin-util-klib Highest Product jar package name impl Low Product jar package name kotlin Highest Product jar package name kotlin Low Product jar package name library Low Product Manifest Implementation-Title kotlin-util-klib High Version file name kotlin-util-klib Medium Version file version 1.9.20 High Version gradle version 1.9.20 Highest Version Manifest Implementation-Version 1.9.255-SNAPSHOT High
kotlinx-coroutines-core-jvm-1.5.0.jarFile Path: /home/runner/.gradle/caches/modules-2/files-2.1/org.jetbrains.kotlinx/kotlinx-coroutines-core-jvm/1.5.0/d8cebccdcddd029022aa8646a5a953ff88b13ac8/kotlinx-coroutines-core-jvm-1.5.0.jarMD5: 0a0d2e63b7d71b97778cbd41bb3dfce0SHA1: d8cebccdcddd029022aa8646a5a953ff88b13ac8SHA256: 78d6cc7135f84d692ff3752fcfd1fa1bbe0940d7df70652e4f1eaeec0c78afbbReferenced In Projects/Scopes:
documentation:javadocClasspath quicktype-plugin:runtimeClasspath quicktype-plugin:kotlinBuildToolsApiClasspath mjml-plugin:kotlinBuildToolsApiClasspath kotlinx-coroutines-core-jvm-1.5.0.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/io.freefair.gradle/quicktype-plugin@8.6 pkg:maven/io.freefair.gradle/aspectj-plugin@8.6 pkg:maven/org.jetbrains.kotlin/kotlin-build-tools-impl@1.9.20 pkg:maven/org.jetbrains.kotlin/kotlin-gradle-plugin@1.9.20 pkg:maven/org.jetbrains.kotlin/kotlin-build-tools-impl@1.9.20 Evidence Type Source Name Value Confidence Vendor file name kotlinx-coroutines-core-jvm High Vendor gradle artifactid kotlinx-coroutines-core-jvm Highest Vendor gradle groupid org.jetbrains.kotlinx Highest Vendor jar package name coroutines Low Vendor jar package name kotlinx Low Vendor Manifest can-retransform-classes true Low Product file name kotlinx-coroutines-core-jvm High Product gradle artifactid kotlinx-coroutines-core-jvm Highest Product jar package name coroutines Low Product Manifest can-retransform-classes true Low Version file name kotlinx-coroutines-core-jvm Medium Version file version 1.5.0 High Version gradle version 1.5.0 Highest
logging-interceptor-4.12.0.jarFile Path: /home/runner/.gradle/caches/modules-2/files-2.1/com.squareup.okhttp3/logging-interceptor/4.12.0/e922c1f14d365c0f2bed140cc0825e18462c2778/logging-interceptor-4.12.0.jarMD5: 48029ba5a920bbb533503169cba8e498SHA1: e922c1f14d365c0f2bed140cc0825e18462c2778SHA256: f3e8d5f0903c250c2b55d2f47fcfe008e80634385da8385161c7a63aaed0c74cReferenced In Projects/Scopes:
documentation:javadocClasspath github-plugin:compileClasspath github-plugin:runtimeClasspath maven-plugin-plugin:compileClasspath okhttp-plugin:runtimeClasspath maven-plugin-plugin:runtimeClasspath maven-plugin:compileClasspath okhttp-plugin:compileClasspath maven-plugin:runtimeClasspath logging-interceptor-4.12.0.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/io.freefair.gradle/maven-plugin-plugin@8.6 pkg:maven/io.freefair.gradle/okhttp-plugin@8.6 pkg:maven/io.freefair.gradle/okhttp-plugin@8.6 pkg:maven/io.freefair.gradle/maven-plugin@8.6 pkg:maven/io.freefair.gradle/github-plugin@8.6 pkg:maven/io.freefair.gradle/maven-plugin@8.6 pkg:maven/com.squareup.okhttp3/okhttp-bom@4.12.0 pkg:maven/io.freefair.gradle/maven-plugin@8.6 pkg:maven/io.freefair.gradle/okhttp-plugin@8.6 pkg:maven/io.freefair.gradle/okhttp-plugin@8.6 pkg:maven/io.freefair.gradle/okhttp-plugin@8.6 pkg:maven/com.squareup.okhttp3/okhttp-bom@4.12.0 pkg:maven/io.freefair.gradle/okhttp-plugin@8.6 pkg:maven/io.freefair.gradle/okhttp-plugin@8.6 Evidence Type Source Name Value Confidence Vendor file name logging-interceptor High Vendor gradle artifactid logging-interceptor Highest Vendor gradle groupid com.squareup.okhttp3 Highest Vendor jar package name logging Highest Vendor jar package name logging Low Vendor jar package name okhttp3 Highest Vendor jar package name okhttp3 Low Vendor Manifest automatic-module-name okhttp3.logging Medium Product file name logging-interceptor High Product gradle artifactid logging-interceptor Highest Product jar package name logging Highest Product jar package name logging Low Product jar package name okhttp3 Highest Product Manifest automatic-module-name okhttp3.logging Medium Version file name logging-interceptor Medium Version file version 4.12.0 High Version gradle version 4.12.0 Highest
lombok-1.18.30.jar lombok-1.18.30.jar: mavenEcjBootstrapAgent.jarFile Path: /home/runner/.gradle/caches/modules-2/files-2.1/org.projectlombok/lombok/1.18.30/f195ee86e6c896ea47a1d39defbe20eb59cd149d/lombok-1.18.30.jar/lombok/launch/mavenEcjBootstrapAgent.jarMD5: 2bc7812d729aa7f761f721c6f0620848SHA1: e67209a53266080be85e8848c01fd15af98700c7SHA256: 63da6c6457ba6bfb61867cf644542464783adc57bbf36a7f0843c2822c288169Referenced In Projects/Scopes:
plugin-utils:lombok test-common:annotationProcessor maven-plugin:annotationProcessor mkdocs-plugin:annotationProcessor code-generator-plugin:annotationProcessor jacoco-plugin:lombok code-generator-plugin:compileClasspath lombok-plugin:compileClasspath quicktype-plugin:lombok quicktype-plugin:annotationProcessor mjml-plugin:compileOnlyDependenciesMetadata github-plugin:compileClasspath okhttp-plugin:lombok test-code-generator:annotationProcessor git-plugin:annotationProcessor test-code-generator:lombok git-plugin:lombok code-generator-api:annotationProcessor settings-plugin:annotationProcessor embedded-sass-plugin:annotationProcessor code-generator-api:lombok lombok-plugin:lombok okhttp-plugin:compileClasspath aspectj-plugin:lombok git-plugin:compileClasspath code-generator-api:compileClasspath embedded-sass-plugin:lombok mjml-plugin:compileClasspath okhttp-plugin:annotationProcessor plugin-utils:compileClasspath test-common:lombok mkdocs-plugin:lombok settings-plugin:lombok mjml-plugin:lombok maven-plugin:lombok maven-plugin-plugin:compileClasspath compress-plugin:lombok settings-plugin:compileClasspath lombok-plugin:annotationProcessor mjml-plugin:annotationProcessor aspectj-plugin:compileClasspath compress-plugin:compileClasspath maven-plugin:compileClasspath test-common:compileClasspath embedded-sass-plugin:compileClasspath github-plugin:lombok plantuml-plugin:annotationProcessor jacoco-plugin:annotationProcessor plugin-utils:annotationProcessor aspectj-plugin:annotationProcessor mkdocs-plugin:compileClasspath maven-plugin-plugin:annotationProcessor quicktype-plugin:compileOnlyDependenciesMetadata jacoco-plugin:compileClasspath compress-plugin:annotationProcessor maven-plugin-plugin:lombok plantuml-plugin:compileClasspath plantuml-plugin:lombok quicktype-plugin:compileClasspath github-plugin:annotationProcessor test-code-generator:compileClasspath code-generator-plugin:lombok Evidence Type Source Name Value Confidence Vendor file name mavenEcjBootstrapAgent High Vendor jar package name launch Low Vendor jar package name lombok Low Vendor Manifest can-redefine-classes true Low Product file name mavenEcjBootstrapAgent High Product jar package name launch Low Product Manifest can-redefine-classes true Low
lombok-plugin-8.6.jarFile Path: /home/runner/work/gradle-plugins/gradle-plugins/lombok-plugin/build/libs/lombok-plugin-8.6.jarMD5: 0f7969389e0fb281350df6e09ea89964SHA1: 5e80f0a76ddf6261815d73b5bbacfbfa2914df3cSHA256: 4b7c7d2a981294e803f75aeb589f110f369f647aa34feb50a3bfcdf55c8f00e6Referenced In Project/Scope: documentation:javadocClasspathlombok-plugin-8.6.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/io.freefair.gradle/documentation@8.6
Evidence Type Source Name Value Confidence Vendor file name lombok-plugin High Vendor gradle artifactid lombok-plugin Highest Vendor gradle groupid io.freefair.gradle Highest Vendor jar package name freefair Low Vendor jar package name gradle Low Vendor jar package name io Low Product file name lombok-plugin High Product gradle artifactid lombok-plugin Highest Product jar package name freefair Low Product jar package name gradle Low Product jar package name plugins Low Version file version 8.6 High Version Manifest Implementation-Version 8.6 High
maven-aether-provider-3.2.5.jarDescription:
Extensions to Aether for utilizing Maven POM and repository metadata. File Path: /home/runner/.gradle/caches/modules-2/files-2.1/org.apache.maven/maven-aether-provider/3.2.5/dfddf469d20b877b184dda5d6e60f0c75f558a72/maven-aether-provider-3.2.5.jarMD5: 5b6cc79c8c8abc3c92ae7d57c4cbb078SHA1: dfddf469d20b877b184dda5d6e60f0c75f558a72SHA256: 703944b922d5351aad53b842f7dd38439b7213425f13c6c7f034b8b699b7d578Referenced In Projects/Scopes:
documentation:javadocClasspath maven-plugin-plugin:compileClasspath maven-plugin-plugin:runtimeClasspath maven-aether-provider-3.2.5.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/io.freefair.gradle/maven-plugin-plugin@8.6 pkg:maven/org.apache.maven.plugins/maven-plugin-plugin@3.11.0 pkg:maven/org.apache.maven.plugin-tools/maven-plugin-tools-annotations@3.11.0 pkg:maven/org.apache.maven.plugin-tools/maven-plugin-tools-annotations@3.11.0 pkg:maven/org.apache.maven.plugins/maven-plugin-plugin@3.11.0 pkg:maven/org.apache.maven.plugin-tools/maven-plugin-tools-generators@3.11.0 pkg:maven/org.apache.maven.plugin-tools/maven-plugin-tools-generators@3.11.0 Evidence Type Source Name Value Confidence Vendor file name maven-aether-provider High Vendor gradle artifactid maven-aether-provider Highest Vendor gradle groupid org.apache.maven Highest Vendor jar package name apache Highest Vendor jar package name maven Highest Vendor jar package name repository Highest Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor Manifest Implementation-Vendor-Id org.apache.maven Medium Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor pom artifactid maven-aether-provider Low Vendor pom groupid org.apache.maven Highest Vendor pom name Maven Aether Provider High Vendor pom parent-artifactid maven Low Product file name maven-aether-provider High Product gradle artifactid maven-aether-provider Highest Product jar package name apache Highest Product jar package name maven Highest Product jar package name repository Highest Product Manifest Implementation-Title Maven Aether Provider High Product Manifest specification-title Maven Aether Provider Medium Product pom artifactid maven-aether-provider Highest Product pom groupid org.apache.maven Highest Product pom name Maven Aether Provider High Product pom parent-artifactid maven Medium Version file version 3.2.5 High Version gradle version 3.2.5 Highest Version Manifest Implementation-Version 3.2.5 High Version pom version 3.2.5 Highest
maven-artifact-3.2.5.jarFile Path: /home/runner/.gradle/caches/modules-2/files-2.1/org.apache.maven/maven-artifact/3.2.5/bf5ce89d5f7ff57f2a33e78067ba97e62bae007d/maven-artifact-3.2.5.jarMD5: 6ca73ba6de24218f238a45d8a06e519bSHA1: bf5ce89d5f7ff57f2a33e78067ba97e62bae007dSHA256: 270385907ecfbcb256fe5afb883869fd57a5c021b5242693743ef787605c6335Referenced In Projects/Scopes:
documentation:javadocClasspath maven-plugin-plugin:compileClasspath maven-plugin-plugin:runtimeClasspath maven-artifact-3.2.5.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/io.freefair.gradle/maven-plugin-plugin@8.6 pkg:maven/org.apache.maven.plugins/maven-plugin-plugin@3.11.0 pkg:maven/org.apache.maven.plugin-tools/maven-plugin-tools-annotations@3.11.0 pkg:maven/org.apache.maven.plugin-tools/maven-plugin-tools-annotations@3.11.0 pkg:maven/org.apache.maven.plugins/maven-plugin-plugin@3.11.0 pkg:maven/org.apache.maven.plugin-tools/maven-plugin-tools-generators@3.11.0 pkg:maven/org.apache.maven.plugin-tools/maven-plugin-tools-generators@3.11.0 Evidence Type Source Name Value Confidence Vendor file name maven-artifact High Vendor gradle artifactid maven-artifact Highest Vendor gradle groupid org.apache.maven Highest Vendor jar package name apache Highest Vendor jar package name artifact Highest Vendor jar package name maven Highest Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor Manifest Implementation-Vendor-Id org.apache.maven Medium Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor pom artifactid maven-artifact Low Vendor pom groupid org.apache.maven Highest Vendor pom name Maven Artifact High Vendor pom parent-artifactid maven Low Product file name maven-artifact High Product gradle artifactid maven-artifact Highest Product jar package name apache Highest Product jar package name artifact Highest Product jar package name maven Highest Product Manifest Implementation-Title Maven Artifact High Product Manifest specification-title Maven Artifact Medium Product pom artifactid maven-artifact Highest Product pom groupid org.apache.maven Highest Product pom name Maven Artifact High Product pom parent-artifactid maven Medium Version file version 3.2.5 High Version gradle version 3.2.5 Highest Version Manifest Implementation-Version 3.2.5 High Version pom version 3.2.5 Highest
maven-core-3.2.5.jarDescription:
Maven Core classes. File Path: /home/runner/.gradle/caches/modules-2/files-2.1/org.apache.maven/maven-core/3.2.5/fbec7cf0df4fbc2896a6768ae59053877c05c241/maven-core-3.2.5.jarMD5: 0988ce2795bb72277a0199179154d398SHA1: fbec7cf0df4fbc2896a6768ae59053877c05c241SHA256: 4f1a0af8997e1daf778b91c5ae9e973f92df699439d909fdec7fc6055c09de12Referenced In Projects/Scopes:
documentation:javadocClasspath maven-plugin-plugin:compileClasspath maven-plugin-plugin:runtimeClasspath maven-core-3.2.5.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/io.freefair.gradle/maven-plugin-plugin@8.6 pkg:maven/org.apache.maven.plugins/maven-plugin-plugin@3.11.0 pkg:maven/org.apache.maven.plugin-tools/maven-plugin-tools-annotations@3.11.0 pkg:maven/org.apache.maven.plugin-tools/maven-plugin-tools-annotations@3.11.0 pkg:maven/org.apache.maven.plugins/maven-plugin-plugin@3.11.0 pkg:maven/org.apache.maven.plugin-tools/maven-plugin-tools-generators@3.11.0 pkg:maven/org.apache.maven.plugin-tools/maven-plugin-tools-generators@3.11.0 Evidence Type Source Name Value Confidence Vendor file name maven-core High Vendor gradle artifactid maven-core Highest Vendor gradle groupid org.apache.maven Highest Vendor jar package name apache Highest Vendor jar package name maven Highest Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor Manifest Implementation-Vendor-Id org.apache.maven Medium Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor pom artifactid maven-core Low Vendor pom groupid org.apache.maven Highest Vendor pom name Maven Core High Vendor pom parent-artifactid maven Low Product file name maven-core High Product gradle artifactid maven-core Highest Product jar package name apache Highest Product jar package name maven Highest Product Manifest Implementation-Title Maven Core High Product Manifest specification-title Maven Core Medium Product pom artifactid maven-core Highest Product pom groupid org.apache.maven Highest Product pom name Maven Core High Product pom parent-artifactid maven Medium Version file version 3.2.5 High Version gradle version 3.2.5 Highest Version Manifest Implementation-Version 3.2.5 High Version pom version 3.2.5 Highest
CVE-2021-26291 suppress
Apache Maven will follow repositories that are defined in a dependency���s Project Object Model (pom) which may be surprising to some users, resulting in potential risk if a malicious actor takes over that repository or is able to insert themselves into a position to pretend to be that repository. Maven is changing the default behavior in 3.8.1+ to no longer follow http (non-SSL) repository references by default. More details available in the referenced urls. If you are currently using a repository manager to govern the repositories used by your builds, you are unaffected by the risks present in the legacy behavior, and are unaffected by this vulnerability and change to default behavior. See this link for more information about repository management: https://maven.apache.org/repository-management.html CWE-346 Origin Validation Error
CVSSv2:
Base Score: MEDIUM (6.4) Vector: /AV:N/AC:L/Au:N/C:P/I:P/A:N CVSSv3:
Base Score: CRITICAL (9.1) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:3.9/RC:R/MAV:A References:
Vulnerable Software & Versions: (show all )
maven-model-3.2.5.jarDescription:
Model for Maven POM (Project Object Model) File Path: /home/runner/.gradle/caches/modules-2/files-2.1/org.apache.maven/maven-model/3.2.5/ced305476a43e8a042a59e94ef38b3291d9ce1e7/maven-model-3.2.5.jarMD5: 16ceccebac412654c427dcd66df4f6f9SHA1: ced305476a43e8a042a59e94ef38b3291d9ce1e7SHA256: 8d439cc1661349dab1c69eed0f831336d187e162cc6d68aa4deefcff57ee0624Referenced In Project/Scope: maven-plugin-plugin:compileClasspathmaven-model-3.2.5.jar is in the transitive dependency tree of the listed items. Included by:
pkg:maven/org.apache.maven.plugin-tools/maven-plugin-tools-annotations@3.11.0 pkg:maven/org.apache.maven.plugins/maven-plugin-plugin@3.11.0 pkg:maven/org.apache.maven.plugin-tools/maven-plugin-tools-generators@3.11.0 Evidence Type Source Name Value Confidence Vendor file name maven-model High Vendor gradle artifactid maven-model Highest Vendor gradle groupid org.apache.maven Highest Vendor jar package name apache Highest Vendor jar package name maven Highest Vendor jar package name model Highest Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor Manifest Implementation-Vendor-Id org.apache.maven Medium Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor pom artifactid maven-model Low Vendor pom groupid org.apache.maven Highest Vendor pom name Maven Model High Vendor pom parent-artifactid maven Low Product file name maven-model High Product gradle artifactid maven-model Highest Product jar package name apache Highest Product jar package name maven Highest Product jar package name model Highest Product Manifest Implementation-Title Maven Model High Product Manifest specification-title Maven Model Medium Product pom artifactid maven-model Highest Product pom groupid org.apache.maven Highest Product pom name Maven Model High Product pom parent-artifactid maven Medium Version file version 3.2.5 High Version gradle version 3.2.5 Highest Version Manifest Implementation-Version 3.2.5 High Version pom version 3.2.5 Highest
maven-model-3.9.4.jarDescription:
Model for Maven POM (Project Object Model) File Path: /home/runner/.gradle/caches/modules-2/files-2.1/org.apache.maven/maven-model/3.9.4/5b79d873cf6d13b3fc4020eac04e2a62ebbfa0aa/maven-model-3.9.4.jarMD5: d507b64e6608681ce809307a9e669316SHA1: 5b79d873cf6d13b3fc4020eac04e2a62ebbfa0aaSHA256: 7931dc8dda878eef46988d9fd07c4ade3c91892d7fb3208c742cb9457135bb15Referenced In Projects/Scopes:
mjml-plugin:runtimeClasspath mjml-plugin:compileClasspath mjml-plugin:implementationDependenciesMetadata maven-model-3.9.4.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/io.freefair.gradle/mjml-plugin@8.6 pkg:maven/io.freefair.gradle/mjml-plugin@8.6 pkg:maven/io.freefair.gradle/mjml-plugin@8.6 Evidence Type Source Name Value Confidence Vendor file name maven-model High Vendor gradle artifactid maven-model Highest Vendor gradle groupid org.apache.maven Highest Vendor jar package name apache Highest Vendor jar package name maven Highest Vendor jar package name model Highest Vendor Manifest build-jdk-spec 17 Low Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor pom artifactid maven-model Low Vendor pom groupid org.apache.maven Highest Vendor pom name Maven Model High Vendor pom parent-artifactid maven Low Product file name maven-model High Product gradle artifactid maven-model Highest Product jar package name apache Highest Product jar package name maven Highest Product jar package name model Highest Product Manifest build-jdk-spec 17 Low Product Manifest Implementation-Title Maven Model High Product Manifest specification-title Maven Model Medium Product pom artifactid maven-model Highest Product pom groupid org.apache.maven Highest Product pom name Maven Model High Product pom parent-artifactid maven Medium Version file version 3.9.4 High Version gradle version 3.9.4 Highest Version Manifest Implementation-Version 3.9.4 High Version pom version 3.9.4 Highest
maven-model-3.9.6.jarDescription:
Model for Maven POM (Project Object Model) File Path: /home/runner/.gradle/caches/modules-2/files-2.1/org.apache.maven/maven-model/3.9.6/ac9a1c8a8cfa36f3a5489837e653ec0cd530d576/maven-model-3.9.6.jarMD5: ac8747986567850914e2c7f0e85599b3SHA1: ac9a1c8a8cfa36f3a5489837e653ec0cd530d576SHA256: 4f8f07fdb6b8701fa89a23a2edf830808fd65892d90cce40c0e6df7c8f2fcb62Referenced In Projects/Scopes:
documentation:javadocClasspath maven-plugin-plugin:runtimeClasspath maven-plugin:compileClasspath maven-plugin:runtimeClasspath maven-model-3.9.6.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/io.freefair.gradle/maven-plugin-plugin@8.6 pkg:maven/io.freefair.gradle/maven-plugin@8.6 pkg:maven/io.freefair.gradle/mjml-plugin@8.6 pkg:maven/org.apache.maven.plugins/maven-plugin-plugin@3.11.0 pkg:maven/io.freefair.gradle/maven-plugin@8.6 pkg:maven/io.freefair.gradle/maven-plugin@8.6 pkg:maven/io.freefair.gradle/maven-plugin@8.6 pkg:maven/org.apache.maven.plugin-tools/maven-plugin-tools-annotations@3.11.0 pkg:maven/org.apache.maven.plugin-tools/maven-plugin-tools-generators@3.11.0 Evidence Type Source Name Value Confidence Vendor file name maven-model High Vendor gradle artifactid maven-model Highest Vendor gradle groupid org.apache.maven Highest Vendor jar package name apache Highest Vendor jar package name maven Highest Vendor jar package name model Highest Vendor Manifest build-jdk-spec 21 Low Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor pom artifactid maven-model Low Vendor pom groupid org.apache.maven Highest Vendor pom name Maven Model High Vendor pom parent-artifactid maven Low Product file name maven-model High Product gradle artifactid maven-model Highest Product jar package name apache Highest Product jar package name maven Highest Product jar package name model Highest Product Manifest build-jdk-spec 21 Low Product Manifest Implementation-Title Maven Model High Product Manifest specification-title Maven Model Medium Product pom artifactid maven-model Highest Product pom groupid org.apache.maven Highest Product pom name Maven Model High Product pom parent-artifactid maven Medium Version file version 3.9.6 High Version gradle version 3.9.6 Highest Version Manifest Implementation-Version 3.9.6 High Version pom version 3.9.6 Highest
maven-model-builder-3.2.5.jarDescription:
The effective model builder, with inheritance, profile activation, interpolation, ... File Path: /home/runner/.gradle/caches/modules-2/files-2.1/org.apache.maven/maven-model-builder/3.2.5/7a32f3966fab463df9cdae95fd6df8c2e561e3ae/maven-model-builder-3.2.5.jarMD5: a216c67dae851a4cedb4b431a674eba2SHA1: 7a32f3966fab463df9cdae95fd6df8c2e561e3aeSHA256: cc5321269d080ad6694458f53186be5391a21c488ab3a7d6dd73123c7681879dReferenced In Projects/Scopes:
documentation:javadocClasspath maven-plugin-plugin:compileClasspath maven-plugin-plugin:runtimeClasspath maven-model-builder-3.2.5.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/io.freefair.gradle/maven-plugin-plugin@8.6 pkg:maven/org.apache.maven.plugins/maven-plugin-plugin@3.11.0 pkg:maven/org.apache.maven.plugin-tools/maven-plugin-tools-annotations@3.11.0 pkg:maven/org.apache.maven.plugin-tools/maven-plugin-tools-annotations@3.11.0 pkg:maven/org.apache.maven.plugins/maven-plugin-plugin@3.11.0 pkg:maven/org.apache.maven.plugin-tools/maven-plugin-tools-generators@3.11.0 pkg:maven/org.apache.maven.plugin-tools/maven-plugin-tools-generators@3.11.0 Evidence Type Source Name Value Confidence Vendor file name maven-model-builder High Vendor gradle artifactid maven-model-builder Highest Vendor gradle groupid org.apache.maven Highest Vendor jar package name apache Highest Vendor jar package name inheritance Highest Vendor jar package name interpolation Highest Vendor jar package name maven Highest Vendor jar package name model Highest Vendor jar package name profile Highest Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor Manifest Implementation-Vendor-Id org.apache.maven Medium Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor pom artifactid maven-model-builder Low Vendor pom groupid org.apache.maven Highest Vendor pom name Maven Model Builder High Vendor pom parent-artifactid maven Low Product file name maven-model-builder High Product gradle artifactid maven-model-builder Highest Product jar package name apache Highest Product jar package name inheritance Highest Product jar package name interpolation Highest Product jar package name maven Highest Product jar package name model Highest Product jar package name profile Highest Product Manifest Implementation-Title Maven Model Builder High Product Manifest specification-title Maven Model Builder Medium Product pom artifactid maven-model-builder Highest Product pom groupid org.apache.maven Highest Product pom name Maven Model Builder High Product pom parent-artifactid maven Medium Version file version 3.2.5 High Version gradle version 3.2.5 Highest Version Manifest Implementation-Version 3.2.5 High Version pom version 3.2.5 Highest
maven-plugin-8.6.jarFile Path: /home/runner/work/gradle-plugins/gradle-plugins/maven-plugin/build/libs/maven-plugin-8.6.jarMD5: 00c1369f9c785ab20a104762ff024ccbSHA1: cde787b1d78819a226c1300e5df55084bb3fbe2bSHA256: f2eaa4fdb6a9c1b6aa07a6eca671fd00ae15395fdca10f55dfdbf887c84c4c5eReferenced In Projects/Scopes:
documentation:javadocClasspath maven-plugin-plugin:compileClasspath maven-plugin-plugin:runtimeClasspath maven-plugin-8.6.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/io.freefair.gradle/maven-plugin-plugin@8.6 pkg:maven/io.freefair.gradle/maven-plugin-plugin@8.6 pkg:maven/io.freefair.gradle/maven-plugin-plugin@8.6 pkg:maven/io.freefair.gradle/documentation@8.6 Evidence Type Source Name Value Confidence Vendor file name maven-plugin High Vendor gradle artifactid maven-plugin Highest Vendor gradle groupid io.freefair.gradle Highest Vendor jar package name freefair Low Vendor jar package name gradle Low Vendor jar package name io Low Product file name maven-plugin High Product gradle artifactid maven-plugin Highest Product jar package name freefair Low Product jar package name gradle Low Product jar package name plugins Low Version file version 8.6 High Version Manifest Implementation-Version 8.6 High
maven-plugin-annotations-3.11.0.jarDescription:
Java annotations to use in Mojos File Path: /home/runner/.gradle/caches/modules-2/files-2.1/org.apache.maven.plugin-tools/maven-plugin-annotations/3.11.0/b38718cb50fa187f4b168034c120704be7e1c3a3/maven-plugin-annotations-3.11.0.jarMD5: 8182135d00fb5f440608fe17a88489f1SHA1: b38718cb50fa187f4b168034c120704be7e1c3a3SHA256: ec1f1741f529b289090cd34799e69be43b6cc37e26a69b5db70789f10af7b7b0Referenced In Projects/Scopes:
documentation:javadocClasspath maven-plugin-plugin:compileClasspath maven-plugin-plugin:runtimeClasspath maven-plugin-annotations-3.11.0.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/io.freefair.gradle/maven-plugin-plugin@8.6 pkg:maven/org.apache.maven.plugins/maven-plugin-plugin@3.11.0 pkg:maven/org.apache.maven.plugin-tools/maven-plugin-tools-annotations@3.11.0 pkg:maven/org.apache.maven.plugin-tools/maven-plugin-tools-annotations@3.11.0 pkg:maven/org.apache.maven.plugins/maven-plugin-plugin@3.11.0 Evidence Type Source Name Value Confidence Vendor file name maven-plugin-annotations High Vendor gradle artifactid maven-plugin-annotations Highest Vendor gradle groupid org.apache.maven.plugin-tools Highest Vendor jar package name annotations Highest Vendor jar package name apache Highest Vendor jar package name maven Highest Vendor Manifest build-jdk-spec 1.8 Low Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor pom artifactid maven-plugin-annotations Low Vendor pom groupid org.apache.maven.plugin-tools Highest Vendor pom name Maven Plugin Tools Java Annotations High Vendor pom parent-artifactid maven-plugin-tools Low Product file name maven-plugin-annotations High Product gradle artifactid maven-plugin-annotations Highest Product jar package name annotations Highest Product jar package name apache Highest Product jar package name maven Highest Product Manifest build-jdk-spec 1.8 Low Product Manifest Implementation-Title Maven Plugin Tools Java Annotations High Product Manifest specification-title Maven Plugin Tools Java Annotations Medium Product pom artifactid maven-plugin-annotations Highest Product pom groupid org.apache.maven.plugin-tools Highest Product pom name Maven Plugin Tools Java Annotations High Product pom parent-artifactid maven-plugin-tools Medium Version file version 3.11.0 High Version gradle version 3.11.0 Highest Version Manifest Implementation-Version 3.11.0 High Version pom version 3.11.0 Highest
maven-plugin-api-3.2.5.jarDescription:
The API for plugins - Mojos - development. File Path: /home/runner/.gradle/caches/modules-2/files-2.1/org.apache.maven/maven-plugin-api/3.2.5/5c6893f4ac5425d07c4053f3c4e27b2a3b37c516/maven-plugin-api-3.2.5.jarMD5: 11a402fb287811b6a249a553e9af5383SHA1: 5c6893f4ac5425d07c4053f3c4e27b2a3b37c516SHA256: 194a6f0ce889ed3b0d8a9bc4d3c79541e878098b7e303e4ac76c1031850772c3Referenced In Projects/Scopes:
documentation:javadocClasspath maven-plugin-plugin:compileClasspath maven-plugin-plugin:runtimeClasspath maven-plugin-api-3.2.5.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/io.freefair.gradle/maven-plugin-plugin@8.6 pkg:maven/org.apache.maven.plugins/maven-plugin-plugin@3.11.0 pkg:maven/org.apache.maven.plugin-tools/maven-plugin-tools-annotations@3.11.0 pkg:maven/org.apache.maven.plugin-tools/maven-plugin-tools-annotations@3.11.0 pkg:maven/org.apache.maven.plugins/maven-plugin-plugin@3.11.0 pkg:maven/org.apache.maven.plugin-tools/maven-plugin-tools-generators@3.11.0 pkg:maven/org.apache.maven.plugin-tools/maven-plugin-tools-generators@3.11.0 Evidence Type Source Name Value Confidence Vendor file name maven-plugin-api High Vendor gradle artifactid maven-plugin-api Highest Vendor gradle groupid org.apache.maven Highest Vendor jar package name apache Highest Vendor jar package name maven Highest Vendor jar package name plugin Highest Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor Manifest Implementation-Vendor-Id org.apache.maven Medium Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor pom artifactid maven-plugin-api Low Vendor pom groupid org.apache.maven Highest Vendor pom name Maven Plugin API High Vendor pom parent-artifactid maven Low Product file name maven-plugin-api High Product gradle artifactid maven-plugin-api Highest Product jar package name apache Highest Product jar package name maven Highest Product jar package name plugin Highest Product Manifest Implementation-Title Maven Plugin API High Product Manifest specification-title Maven Plugin API Medium Product pom artifactid maven-plugin-api Highest Product pom groupid org.apache.maven Highest Product pom name Maven Plugin API High Product pom parent-artifactid maven Medium Version file version 3.2.5 High Version gradle version 3.2.5 Highest Version Manifest Implementation-Version 3.2.5 High Version pom version 3.2.5 Highest
maven-plugin-plugin-3.11.0.jarDescription:
The Plugin Plugin is used to create a Maven plugin descriptor for any Mojos found in the source tree
in order to include them the resulting JAR. It is also used to generate a generic help goal. File Path: /home/runner/.gradle/caches/modules-2/files-2.1/org.apache.maven.plugins/maven-plugin-plugin/3.11.0/7013288e1c9a8bd1176e33b0152fce7f16e05dfa/maven-plugin-plugin-3.11.0.jarMD5: 5f1bb4ed767f3602e8b454c97167f499SHA1: 7013288e1c9a8bd1176e33b0152fce7f16e05dfaSHA256: d9f05594016a40596d2474e12791db734dbdb9b849649e1902439dd87c83ede2Referenced In Projects/Scopes:
documentation:javadocClasspath maven-plugin-plugin:compileClasspath maven-plugin-plugin-3.11.0.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/io.freefair.gradle/maven-plugin-plugin@8.6 pkg:maven/io.freefair.gradle/documentation@8.6 Evidence Type Source Name Value Confidence Vendor file name maven-plugin-plugin High Vendor gradle artifactid maven-plugin-plugin Highest Vendor gradle groupid org.apache.maven.plugins Highest Vendor jar package name apache Highest Vendor jar package name maven Highest Vendor jar package name plugin Highest Vendor jar package name plugins Highest Vendor Manifest build-jdk-spec 1.8 Low Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor pom artifactid maven-plugin-plugin Low Vendor pom groupid org.apache.maven.plugins Highest Vendor pom name Maven Plugin Plugin High Vendor pom parent-artifactid maven-plugin-tools Low Vendor pom parent-groupid org.apache.maven.plugin-tools Medium Product file name maven-plugin-plugin High Product gradle artifactid maven-plugin-plugin Highest Product jar package name apache Highest Product jar package name maven Highest Product jar package name plugin Highest Product jar package name plugins Highest Product Manifest build-jdk-spec 1.8 Low Product Manifest Implementation-Title Maven Plugin Plugin High Product Manifest specification-title Maven Plugin Plugin Medium Product pom artifactid maven-plugin-plugin Highest Product pom groupid org.apache.maven.plugins Highest Product pom name Maven Plugin Plugin High Product pom parent-artifactid maven-plugin-tools Medium Product pom parent-groupid org.apache.maven.plugin-tools Medium Version file version 3.11.0 High Version gradle version 3.11.0 Highest Version Manifest Implementation-Version 3.11.0 High Version pom version 3.11.0 Highest
maven-plugin-plugin-8.6.jarFile Path: /home/runner/work/gradle-plugins/gradle-plugins/maven-plugin-plugin/build/libs/maven-plugin-plugin-8.6.jarMD5: 4d54944b283846834aaf618c9a304a0aSHA1: ebae3d97d039bbf929dedba79173ef9085f89d66SHA256: d514a50de95b27b953bd019bfed398e5543df781d966a862c0e2acce58197135Referenced In Project/Scope: documentation:javadocClasspathmaven-plugin-plugin-8.6.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/io.freefair.gradle/documentation@8.6
Evidence Type Source Name Value Confidence Vendor file name maven-plugin-plugin High Vendor gradle artifactid maven-plugin-plugin Highest Vendor gradle groupid io.freefair.gradle Highest Vendor jar package name freefair Low Vendor jar package name gradle Low Vendor jar package name io Low Product file name maven-plugin-plugin High Product gradle artifactid maven-plugin-plugin Highest Product jar package name freefair Low Product jar package name gradle Low Product jar package name plugins Low Version file version 8.6 High Version Manifest Implementation-Version 8.6 High
maven-plugin-tools-annotations-3.11.0.jarDescription:
Descriptor extractor for plugins written in Java with Java annotations. File Path: /home/runner/.gradle/caches/modules-2/files-2.1/org.apache.maven.plugin-tools/maven-plugin-tools-annotations/3.11.0/afbaf10cc3de69f17e66f2f8332310fdbbe2269d/maven-plugin-tools-annotations-3.11.0.jarMD5: 4756e20a7dcbddb3513c751694ce88c3SHA1: afbaf10cc3de69f17e66f2f8332310fdbbe2269dSHA256: b11ebbd742110a7d83ff98aa77594b86c8539727ec257b5080863227ff4d3e0eReferenced In Projects/Scopes:
documentation:javadocClasspath maven-plugin-plugin:compileClasspath maven-plugin-plugin:runtimeClasspath maven-plugin-tools-annotations-3.11.0.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/io.freefair.gradle/maven-plugin-plugin@8.6 pkg:maven/io.freefair.gradle/maven-plugin-plugin@8.6 pkg:maven/io.freefair.gradle/maven-plugin-plugin@8.6 pkg:maven/org.apache.maven.plugins/maven-plugin-plugin@3.11.0 Evidence Type Source Name Value Confidence Vendor file name maven-plugin-tools-annotations High Vendor gradle artifactid maven-plugin-tools-annotations Highest Vendor gradle groupid org.apache.maven.plugin-tools Highest Vendor jar package name apache Highest Vendor jar package name maven Highest Vendor jar package name plugin Highest Vendor jar package name tools Highest Vendor Manifest build-jdk-spec 1.8 Low Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor pom artifactid maven-plugin-tools-annotations Low Vendor pom groupid org.apache.maven.plugin-tools Highest Vendor pom name Maven Plugin Tool for Java with Annotations High Vendor pom parent-artifactid maven-plugin-tools Low Product file name maven-plugin-tools-annotations High Product gradle artifactid maven-plugin-tools-annotations Highest Product jar package name apache Highest Product jar package name maven Highest Product jar package name plugin Highest Product jar package name tools Highest Product Manifest build-jdk-spec 1.8 Low Product Manifest Implementation-Title Maven Plugin Tool for Java with Annotations High Product Manifest specification-title Maven Plugin Tool for Java with Annotations Medium Product pom artifactid maven-plugin-tools-annotations Highest Product pom groupid org.apache.maven.plugin-tools Highest Product pom name Maven Plugin Tool for Java with Annotations High Product pom parent-artifactid maven-plugin-tools Medium Version file version 3.11.0 High Version gradle version 3.11.0 Highest Version Manifest Implementation-Version 3.11.0 High Version pom version 3.11.0 Highest
maven-plugin-tools-api-3.11.0.jarDescription:
The Maven Plugin Tools Extractor API provides an API to extract descriptor information from Maven Plugins. File Path: /home/runner/.gradle/caches/modules-2/files-2.1/org.apache.maven.plugin-tools/maven-plugin-tools-api/3.11.0/8c62fda6a51355581156af815418ed57a0f248c0/maven-plugin-tools-api-3.11.0.jarMD5: b5e21df28b5c341ac0278bb61c2d6633SHA1: 8c62fda6a51355581156af815418ed57a0f248c0SHA256: bb2fe00ea47d75edcb332874988a54871a77167a10425139d58903ebfebbad38Referenced In Projects/Scopes:
documentation:javadocClasspath maven-plugin-plugin:compileClasspath maven-plugin-plugin:runtimeClasspath maven-plugin-tools-api-3.11.0.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/io.freefair.gradle/maven-plugin-plugin@8.6 pkg:maven/org.apache.maven.plugins/maven-plugin-plugin@3.11.0 pkg:maven/org.apache.maven.plugin-tools/maven-plugin-tools-annotations@3.11.0 pkg:maven/org.apache.maven.plugin-tools/maven-plugin-tools-annotations@3.11.0 pkg:maven/org.apache.maven.plugins/maven-plugin-plugin@3.11.0 pkg:maven/org.apache.maven.plugin-tools/maven-plugin-tools-generators@3.11.0 pkg:maven/org.apache.maven.plugin-tools/maven-plugin-tools-generators@3.11.0 Evidence Type Source Name Value Confidence Vendor file name maven-plugin-tools-api High Vendor gradle artifactid maven-plugin-tools-api Highest Vendor gradle groupid org.apache.maven.plugin-tools Highest Vendor jar package name apache Highest Vendor jar package name maven Highest Vendor jar package name plugin Highest Vendor jar package name tools Highest Vendor Manifest build-jdk-spec 1.8 Low Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor pom artifactid maven-plugin-tools-api Low Vendor pom groupid org.apache.maven.plugin-tools Highest Vendor pom name Maven Plugin Tools Extractor API High Vendor pom parent-artifactid maven-plugin-tools Low Product file name maven-plugin-tools-api High Product gradle artifactid maven-plugin-tools-api Highest Product jar package name apache Highest Product jar package name maven Highest Product jar package name plugin Highest Product jar package name tools Highest Product Manifest build-jdk-spec 1.8 Low Product Manifest Implementation-Title Maven Plugin Tools Extractor API High Product Manifest specification-title Maven Plugin Tools Extractor API Medium Product pom artifactid maven-plugin-tools-api Highest Product pom groupid org.apache.maven.plugin-tools Highest Product pom name Maven Plugin Tools Extractor API High Product pom parent-artifactid maven-plugin-tools Medium Version file version 3.11.0 High Version gradle version 3.11.0 Highest Version Manifest Implementation-Version 3.11.0 High Version pom version 3.11.0 Highest
maven-plugin-tools-generators-3.11.0.jarDescription:
The Maven Plugin Tools Generators provide content generation (XML descriptor, documentation, help goal) from
plugin descriptor extracted from plugin sources. File Path: /home/runner/.gradle/caches/modules-2/files-2.1/org.apache.maven.plugin-tools/maven-plugin-tools-generators/3.11.0/91cca115cedc4f6995987c7701330224f228b7c9/maven-plugin-tools-generators-3.11.0.jarMD5: c0371bf96fbb38f7e2b01f7efd7653ddSHA1: 91cca115cedc4f6995987c7701330224f228b7c9SHA256: 30dcc715efbc0c773140187b5bfaba94ed460d013aed8cb0a402d3ac3565367bReferenced In Projects/Scopes:
documentation:javadocClasspath maven-plugin-plugin:compileClasspath maven-plugin-plugin:runtimeClasspath maven-plugin-tools-generators-3.11.0.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/io.freefair.gradle/maven-plugin-plugin@8.6 pkg:maven/io.freefair.gradle/maven-plugin-plugin@8.6 pkg:maven/io.freefair.gradle/maven-plugin-plugin@8.6 pkg:maven/org.apache.maven.plugins/maven-plugin-plugin@3.11.0 pkg:maven/org.apache.maven.plugins/maven-plugin-plugin@3.11.0 Evidence Type Source Name Value Confidence Vendor file name maven-plugin-tools-generators High Vendor gradle artifactid maven-plugin-tools-generators Highest Vendor gradle groupid org.apache.maven.plugin-tools Highest Vendor jar package name apache Highest Vendor jar package name maven Highest Vendor jar package name plugin Highest Vendor jar package name tools Highest Vendor Manifest build-jdk-spec 1.8 Low Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor pom artifactid maven-plugin-tools-generators Low Vendor pom groupid org.apache.maven.plugin-tools Highest Vendor pom name Maven Plugin Tools Generators High Vendor pom parent-artifactid maven-plugin-tools Low Product file name maven-plugin-tools-generators High Product gradle artifactid maven-plugin-tools-generators Highest Product jar package name apache Highest Product jar package name maven Highest Product jar package name plugin Highest Product jar package name tools Highest Product Manifest build-jdk-spec 1.8 Low Product Manifest Implementation-Title Maven Plugin Tools Generators High Product Manifest specification-title Maven Plugin Tools Generators Medium Product pom artifactid maven-plugin-tools-generators Highest Product pom groupid org.apache.maven.plugin-tools Highest Product pom name Maven Plugin Tools Generators High Product pom parent-artifactid maven-plugin-tools Medium Version file version 3.11.0 High Version gradle version 3.11.0 Highest Version Manifest Implementation-Version 3.11.0 High Version pom version 3.11.0 Highest
maven-plugin-tools-java-3.11.0.jarDescription:
Descriptor extractor for plugins written in Java annotated with Mojo Javadoc Tags. File Path: /home/runner/.gradle/caches/modules-2/files-2.1/org.apache.maven.plugin-tools/maven-plugin-tools-java/3.11.0/71d43c43ffd5ebb6a3301ee4f42862c84f7e8029/maven-plugin-tools-java-3.11.0.jarMD5: ae7aa7d142a3cd2170efe1cbf0bc2186SHA1: 71d43c43ffd5ebb6a3301ee4f42862c84f7e8029SHA256: 22997f4da550e6b80c38370a6b60fed75e69fd6b3679fae381aed9f13238dcfcReferenced In Project/Scope: documentation:javadocClasspathmaven-plugin-tools-java-3.11.0.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.apache.maven.plugins/maven-plugin-plugin@3.11.0
Evidence Type Source Name Value Confidence Vendor file name maven-plugin-tools-java High Vendor gradle artifactid maven-plugin-tools-java Highest Vendor gradle groupid org.apache.maven.plugin-tools Highest Vendor jar package name apache Highest Vendor jar package name maven Highest Vendor jar package name plugin Highest Vendor jar package name tools Highest Vendor Manifest build-jdk-spec 1.8 Low Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor pom artifactid maven-plugin-tools-java Low Vendor pom groupid org.apache.maven.plugin-tools Highest Vendor pom name Maven Plugin Tool for Java with Javadoc Tags High Vendor pom parent-artifactid maven-plugin-tools Low Product file name maven-plugin-tools-java High Product gradle artifactid maven-plugin-tools-java Highest Product jar package name apache Highest Product jar package name maven Highest Product jar package name plugin Highest Product jar package name tools Highest Product Manifest build-jdk-spec 1.8 Low Product Manifest Implementation-Title Maven Plugin Tool for Java with Javadoc Tags High Product Manifest specification-title Maven Plugin Tool for Java with Javadoc Tags Medium Product pom artifactid maven-plugin-tools-java Highest Product pom groupid org.apache.maven.plugin-tools Highest Product pom name Maven Plugin Tool for Java with Javadoc Tags High Product pom parent-artifactid maven-plugin-tools Medium Version file version 3.11.0 High Version gradle version 3.11.0 Highest Version Manifest Implementation-Version 3.11.0 High Version pom version 3.11.0 Highest
maven-reporting-api-3.1.1.jarDescription:
API to manage report generation. File Path: /home/runner/.gradle/caches/modules-2/files-2.1/org.apache.maven.reporting/maven-reporting-api/3.1.1/74ca00a13e46d065071cdf6376d7d231e0208916/maven-reporting-api-3.1.1.jarMD5: 1e1e0b2f189c861995e33a2a746501bbSHA1: 74ca00a13e46d065071cdf6376d7d231e0208916SHA256: 25be6603c97d28fa3dcd122073054271c8fcaf667d220dce7a26a61a6f3cffd1Referenced In Projects/Scopes:
documentation:javadocClasspath maven-plugin-plugin:compileClasspath maven-plugin-plugin:runtimeClasspath maven-reporting-api-3.1.1.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/io.freefair.gradle/maven-plugin-plugin@8.6 pkg:maven/org.apache.maven.plugins/maven-plugin-plugin@3.11.0 pkg:maven/org.apache.maven.plugin-tools/maven-plugin-tools-annotations@3.11.0 pkg:maven/org.apache.maven.plugin-tools/maven-plugin-tools-annotations@3.11.0 pkg:maven/org.apache.maven.plugins/maven-plugin-plugin@3.11.0 pkg:maven/org.apache.maven.plugin-tools/maven-plugin-tools-generators@3.11.0 pkg:maven/org.apache.maven.plugin-tools/maven-plugin-tools-generators@3.11.0 Evidence Type Source Name Value Confidence Vendor file name maven-reporting-api High Vendor gradle artifactid maven-reporting-api Highest Vendor gradle groupid org.apache.maven.reporting Highest Vendor jar package name apache Highest Vendor jar package name maven Highest Vendor jar package name reporting Highest Vendor Manifest build-jdk-spec 1.8 Low Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor pom artifactid maven-reporting-api Low Vendor pom developer email vincent.siveton@gmail.com Low Vendor pom developer id vsiveton Medium Vendor pom developer name Vincent Siveton Medium Vendor pom groupid org.apache.maven.reporting Highest Vendor pom name Apache Maven Reporting API High Vendor pom parent-artifactid maven-shared-components Low Vendor pom parent-groupid org.apache.maven.shared Medium Product file name maven-reporting-api High Product gradle artifactid maven-reporting-api Highest Product jar package name apache Highest Product jar package name maven Highest Product jar package name reporting Highest Product Manifest build-jdk-spec 1.8 Low Product Manifest Implementation-Title Apache Maven Reporting API High Product Manifest specification-title Apache Maven Reporting API Medium Product pom artifactid maven-reporting-api Highest Product pom developer email vincent.siveton@gmail.com Low Product pom developer id vsiveton Low Product pom developer name Vincent Siveton Low Product pom groupid org.apache.maven.reporting Highest Product pom name Apache Maven Reporting API High Product pom parent-artifactid maven-shared-components Medium Product pom parent-groupid org.apache.maven.shared Medium Version file version 3.1.1 High Version gradle version 3.1.1 Highest Version Manifest Implementation-Version 3.1.1 High Version pom parent-version 3.1.1 Low Version pom version 3.1.1 Highest
maven-repository-metadata-3.2.5.jarDescription:
Per-directory local and remote repository metadata. File Path: /home/runner/.gradle/caches/modules-2/files-2.1/org.apache.maven/maven-repository-metadata/3.2.5/17049c63ce63654c112eeb82797edee49f8a4601/maven-repository-metadata-3.2.5.jarMD5: bda12e2d6070d417a6118c6ba769fd4fSHA1: 17049c63ce63654c112eeb82797edee49f8a4601SHA256: 62b517b77f24edebdee0e382ecddb44bb6632b7c08c528d625aed7d2980df12bReferenced In Projects/Scopes:
documentation:javadocClasspath maven-plugin-plugin:compileClasspath maven-plugin-plugin:runtimeClasspath maven-repository-metadata-3.2.5.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/io.freefair.gradle/maven-plugin-plugin@8.6 pkg:maven/org.apache.maven.plugins/maven-plugin-plugin@3.11.0 pkg:maven/org.apache.maven.plugin-tools/maven-plugin-tools-annotations@3.11.0 pkg:maven/org.apache.maven.plugin-tools/maven-plugin-tools-annotations@3.11.0 pkg:maven/org.apache.maven.plugins/maven-plugin-plugin@3.11.0 pkg:maven/org.apache.maven.plugin-tools/maven-plugin-tools-generators@3.11.0 pkg:maven/org.apache.maven.plugin-tools/maven-plugin-tools-generators@3.11.0 Evidence Type Source Name Value Confidence Vendor file name maven-repository-metadata High Vendor gradle artifactid maven-repository-metadata Highest Vendor gradle groupid org.apache.maven Highest Vendor jar package name apache Highest Vendor jar package name maven Highest Vendor jar package name repository Highest Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor Manifest Implementation-Vendor-Id org.apache.maven Medium Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor pom artifactid maven-repository-metadata Low Vendor pom groupid org.apache.maven Highest Vendor pom name Maven Repository Metadata Model High Vendor pom parent-artifactid maven Low Product file name maven-repository-metadata High Product gradle artifactid maven-repository-metadata Highest Product jar package name apache Highest Product jar package name maven Highest Product jar package name repository Highest Product Manifest Implementation-Title Maven Repository Metadata Model High Product Manifest specification-title Maven Repository Metadata Model Medium Product pom artifactid maven-repository-metadata Highest Product pom groupid org.apache.maven Highest Product pom name Maven Repository Metadata Model High Product pom parent-artifactid maven Medium Version file version 3.2.5 High Version gradle version 3.2.5 Highest Version Manifest Implementation-Version 3.2.5 High Version pom version 3.2.5 Highest
maven-settings-3.2.5.jarDescription:
Maven Settings model. File Path: /home/runner/.gradle/caches/modules-2/files-2.1/org.apache.maven/maven-settings/3.2.5/52179da78893ed7afea98d980c55e658fb04d9b4/maven-settings-3.2.5.jarMD5: 9f78e75d76e2f92c08cbbc859bf6e272SHA1: 52179da78893ed7afea98d980c55e658fb04d9b4SHA256: 1874d4ee660b935675a60bdb2ef63e0ff5a81769f4fc04a035fa9d4c4e238224Referenced In Projects/Scopes:
documentation:javadocClasspath maven-plugin-plugin:compileClasspath maven-plugin-plugin:runtimeClasspath maven-settings-3.2.5.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/io.freefair.gradle/maven-plugin-plugin@8.6 pkg:maven/org.apache.maven.plugins/maven-plugin-plugin@3.11.0 pkg:maven/org.apache.maven.plugin-tools/maven-plugin-tools-annotations@3.11.0 pkg:maven/org.apache.maven.plugin-tools/maven-plugin-tools-annotations@3.11.0 pkg:maven/org.apache.maven.plugins/maven-plugin-plugin@3.11.0 pkg:maven/org.apache.maven.plugin-tools/maven-plugin-tools-generators@3.11.0 pkg:maven/org.apache.maven.plugin-tools/maven-plugin-tools-generators@3.11.0 Evidence Type Source Name Value Confidence Vendor file name maven-settings High Vendor gradle artifactid maven-settings Highest Vendor gradle groupid org.apache.maven Highest Vendor jar package name apache Highest Vendor jar package name maven Highest Vendor jar package name settings Highest Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor Manifest Implementation-Vendor-Id org.apache.maven Medium Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor pom artifactid maven-settings Low Vendor pom groupid org.apache.maven Highest Vendor pom name Maven Settings High Vendor pom parent-artifactid maven Low Product file name maven-settings High Product gradle artifactid maven-settings Highest Product jar package name apache Highest Product jar package name maven Highest Product jar package name settings Highest Product Manifest Implementation-Title Maven Settings High Product Manifest specification-title Maven Settings Medium Product pom artifactid maven-settings Highest Product pom groupid org.apache.maven Highest Product pom name Maven Settings High Product pom parent-artifactid maven Medium Version file version 3.2.5 High Version gradle version 3.2.5 Highest Version Manifest Implementation-Version 3.2.5 High Version pom version 3.2.5 Highest
CVE-2021-26291 (OSSINDEX) suppress
Apache Maven will follow repositories that are defined in a dependency’s Project Object Model (pom) which may be surprising to some users, resulting in potential risk if a malicious actor takes over that repository or is able to insert themselves into a position to pretend to be that repository. Maven is changing the default behavior in 3.8.1+ to no longer follow http (non-SSL) repository references by default. More details available in the referenced urls. If you are currently using a repository manager to govern the repositories used by your builds, you are unaffected by the risks present in the legacy behavior, and are unaffected by this vulnerability and change to default behavior. See this link for more information about repository management: https://maven.apache.org/repository-management.html CWE-346 Origin Validation Error
CVSSv3:
Base Score: CRITICAL (9.100000381469727) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N References:
Vulnerable Software & Versions (OSSINDEX):
cpe:2.3:a:org.apache.maven:maven-settings:3.2.5:*:*:*:*:*:*:* maven-settings-builder-3.2.5.jarDescription:
The effective settings builder, with inheritance and password decryption. File Path: /home/runner/.gradle/caches/modules-2/files-2.1/org.apache.maven/maven-settings-builder/3.2.5/7fd98de76398a3ff5c1d9a7b85f26cb65a862578/maven-settings-builder-3.2.5.jarMD5: c48b8a83cd03a5672f07b559ca1a5307SHA1: 7fd98de76398a3ff5c1d9a7b85f26cb65a862578SHA256: 9c5a014ceb8abb55e997dcc41d17bbe0ae145db574be6b7186e75950c241269fReferenced In Projects/Scopes:
documentation:javadocClasspath maven-plugin-plugin:compileClasspath maven-plugin-plugin:runtimeClasspath maven-settings-builder-3.2.5.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/io.freefair.gradle/maven-plugin-plugin@8.6 pkg:maven/org.apache.maven.plugins/maven-plugin-plugin@3.11.0 pkg:maven/org.apache.maven.plugin-tools/maven-plugin-tools-annotations@3.11.0 pkg:maven/org.apache.maven.plugin-tools/maven-plugin-tools-annotations@3.11.0 pkg:maven/org.apache.maven.plugins/maven-plugin-plugin@3.11.0 pkg:maven/org.apache.maven.plugin-tools/maven-plugin-tools-generators@3.11.0 pkg:maven/org.apache.maven.plugin-tools/maven-plugin-tools-generators@3.11.0 Evidence Type Source Name Value Confidence Vendor file name maven-settings-builder High Vendor gradle artifactid maven-settings-builder Highest Vendor gradle groupid org.apache.maven Highest Vendor jar package name apache Highest Vendor jar package name maven Highest Vendor jar package name settings Highest Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor Manifest Implementation-Vendor-Id org.apache.maven Medium Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor pom artifactid maven-settings-builder Low Vendor pom groupid org.apache.maven Highest Vendor pom name Maven Settings Builder High Vendor pom parent-artifactid maven Low Product file name maven-settings-builder High Product gradle artifactid maven-settings-builder Highest Product jar package name apache Highest Product jar package name maven Highest Product jar package name settings Highest Product Manifest Implementation-Title Maven Settings Builder High Product Manifest specification-title Maven Settings Builder Medium Product pom artifactid maven-settings-builder Highest Product pom groupid org.apache.maven Highest Product pom name Maven Settings Builder High Product pom parent-artifactid maven Medium Version file version 3.2.5 High Version gradle version 3.2.5 Highest Version Manifest Implementation-Version 3.2.5 High Version pom version 3.2.5 Highest
mjml-plugin-8.6.jarFile Path: /home/runner/work/gradle-plugins/gradle-plugins/mjml-plugin/build/libs/mjml-plugin-8.6.jarMD5: 68302f547a9ed20f634eb5c74018d265SHA1: 9c346b7ecc5b162bf8ad3af902647fe0f651f1deSHA256: 56630b0a804e97ce51309a5d80d0b76c6289418e95275b48f9b0884cc684696aReferenced In Project/Scope: documentation:javadocClasspathmjml-plugin-8.6.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/io.freefair.gradle/documentation@8.6
Evidence Type Source Name Value Confidence Vendor file name mjml-plugin High Vendor gradle artifactid mjml-plugin Highest Vendor gradle groupid io.freefair.gradle Highest Vendor jar package name freefair Low Vendor jar package name gradle Low Vendor jar package name io Low Product file name mjml-plugin High Product gradle artifactid mjml-plugin Highest Product jar package name freefair Low Product jar package name gradle Low Product jar package name plugins Low Version file version 8.6 High Version Manifest Implementation-Version 8.6 High
mkdocs-plugin-8.6.jarFile Path: /home/runner/work/gradle-plugins/gradle-plugins/mkdocs-plugin/build/libs/mkdocs-plugin-8.6.jarMD5: 5c7301596b5398cd059db1ae4fb3e3bcSHA1: 1a3f01602eff3efb33e32869a8f08585ddb93454SHA256: 5c9fac60ad54e87e00672025d96e0f0130d9216f8e30a45bf5b1b42a190a2788Referenced In Project/Scope: documentation:javadocClasspathmkdocs-plugin-8.6.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/io.freefair.gradle/documentation@8.6
Evidence Type Source Name Value Confidence Vendor file name mkdocs-plugin High Vendor gradle artifactid mkdocs-plugin Highest Vendor gradle groupid io.freefair.gradle Highest Vendor jar package name freefair Low Vendor jar package name gradle Low Vendor jar package name io Low Product file name mkdocs-plugin High Product gradle artifactid mkdocs-plugin Highest Product jar package name freefair Low Product jar package name gradle Low Product jar package name plugins Low Version file version 8.6 High Version Manifest Implementation-Version 8.6 High
okhttp-4.12.0.jarFile Path: /home/runner/.gradle/caches/modules-2/files-2.1/com.squareup.okhttp3/okhttp/4.12.0/2f4525d4a200e97e1b87449c2cd9bd2e25b7e8cd/okhttp-4.12.0.jarMD5: 6acba053af88fed87e710c6c29911d7cSHA1: 2f4525d4a200e97e1b87449c2cd9bd2e25b7e8cdSHA256: b1050081b14bb7a3a7e55a4d3ef01b5dcfabc453b4573a4fc019767191d5f4e0Referenced In Projects/Scopes:
documentation:javadocClasspath github-plugin:compileClasspath github-plugin:runtimeClasspath maven-plugin-plugin:compileClasspath okhttp-plugin:runtimeClasspath maven-plugin-plugin:runtimeClasspath maven-plugin:compileClasspath okhttp-plugin:compileClasspath maven-plugin:runtimeClasspath okhttp-4.12.0.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/io.freefair.gradle/maven-plugin-plugin@8.6 pkg:maven/io.freefair.gradle/okhttp-plugin@8.6 pkg:maven/io.freefair.gradle/okhttp-plugin@8.6 pkg:maven/io.freefair.gradle/maven-plugin@8.6 pkg:maven/com.squareup.retrofit2/converter-gson@2.9.0 pkg:maven/com.squareup.retrofit2/retrofit@2.9.0 pkg:maven/io.freefair.gradle/github-plugin@8.6 pkg:maven/io.freefair.gradle/maven-plugin@8.6 pkg:maven/com.squareup.retrofit2/converter-gson@2.9.0 pkg:maven/com.squareup.okhttp3/okhttp-bom@4.12.0 pkg:maven/com.squareup.okhttp3/logging-interceptor@4.12.0 pkg:maven/com.squareup.okhttp3/logging-interceptor@4.12.0 pkg:maven/io.freefair.gradle/maven-plugin@8.6 pkg:maven/io.freefair.gradle/okhttp-plugin@8.6 pkg:maven/io.freefair.gradle/okhttp-plugin@8.6 pkg:maven/com.squareup.retrofit2/retrofit@2.9.0 pkg:maven/io.freefair.gradle/okhttp-plugin@8.6 pkg:maven/com.squareup.okhttp3/okhttp-bom@4.12.0 pkg:maven/io.freefair.gradle/okhttp-plugin@8.6 pkg:maven/io.freefair.gradle/okhttp-plugin@8.6 Evidence Type Source Name Value Confidence Vendor file name okhttp High Vendor gradle artifactid okhttp Highest Vendor gradle groupid com.squareup.okhttp3 Highest Vendor jar package name internal Low Vendor jar package name okhttp3 Highest Vendor jar package name okhttp3 Low Vendor Manifest automatic-module-name okhttp3 Medium Product file name okhttp High Product gradle artifactid okhttp Highest Product jar package name internal Low Product jar package name okhttp3 Highest Product Manifest automatic-module-name okhttp3 Medium Version file name okhttp Medium Version file version 4.12.0 High Version gradle version 4.12.0 Highest
okhttp-plugin-8.6.jarFile Path: /home/runner/work/gradle-plugins/gradle-plugins/okhttp-plugin/build/libs/okhttp-plugin-8.6.jarMD5: 40de244516183620d20c03726009c038SHA1: 2c9a48d2bfdb685b31262de690c06471d79ee026SHA256: cb3f27c9829b7059711002a41a2b633d662c32279279c68c9e1b40edeca54c6eReferenced In Projects/Scopes:
documentation:javadocClasspath github-plugin:compileClasspath github-plugin:runtimeClasspath maven-plugin-plugin:compileClasspath maven-plugin-plugin:runtimeClasspath maven-plugin:compileClasspath maven-plugin:runtimeClasspath okhttp-plugin-8.6.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/io.freefair.gradle/maven-plugin-plugin@8.6 pkg:maven/io.freefair.gradle/github-plugin@8.6 pkg:maven/io.freefair.gradle/maven-plugin@8.6 pkg:maven/io.freefair.gradle/documentation@8.6 pkg:maven/io.freefair.gradle/maven-plugin@8.6 pkg:maven/io.freefair.gradle/maven-plugin@8.6 pkg:maven/io.freefair.gradle/maven-plugin@8.6 pkg:maven/io.freefair.gradle/github-plugin@8.6 pkg:maven/io.freefair.gradle/maven-plugin@8.6 pkg:maven/io.freefair.gradle/github-plugin@8.6 Evidence Type Source Name Value Confidence Vendor file name okhttp-plugin High Vendor gradle artifactid okhttp-plugin Highest Vendor gradle groupid io.freefair.gradle Highest Vendor jar package name freefair Low Vendor jar package name gradle Low Vendor jar package name io Low Product file name okhttp-plugin High Product gradle artifactid okhttp-plugin Highest Product jar package name freefair Low Product jar package name gradle Low Product jar package name plugins Low Version file version 8.6 High Version Manifest Implementation-Version 8.6 High
okio-jvm-3.6.0.jarFile Path: /home/runner/.gradle/caches/modules-2/files-2.1/com.squareup.okio/okio-jvm/3.6.0/5600569133b7bdefe1daf9ec7f4abeb6d13e1786/okio-jvm-3.6.0.jarMD5: 26370180ff99a7e8a12dcaac2a70cc6eSHA1: 5600569133b7bdefe1daf9ec7f4abeb6d13e1786SHA256: 67543f0736fc422ae927ed0e504b98bc5e269fda0d3500579337cb713da28412Referenced In Projects/Scopes:
documentation:javadocClasspath github-plugin:compileClasspath github-plugin:runtimeClasspath maven-plugin-plugin:compileClasspath okhttp-plugin:runtimeClasspath maven-plugin-plugin:runtimeClasspath maven-plugin:compileClasspath okhttp-plugin:compileClasspath maven-plugin:runtimeClasspath okio-jvm-3.6.0.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/io.freefair.gradle/maven-plugin-plugin@8.6 pkg:maven/io.freefair.gradle/okhttp-plugin@8.6 pkg:maven/io.freefair.gradle/maven-plugin@8.6 pkg:maven/com.squareup.retrofit2/converter-gson@2.9.0 pkg:maven/com.squareup.retrofit2/retrofit@2.9.0 pkg:maven/io.freefair.gradle/github-plugin@8.6 pkg:maven/com.squareup.okhttp3/okhttp@4.12.0 pkg:maven/io.freefair.gradle/maven-plugin@8.6 pkg:maven/com.squareup.retrofit2/converter-gson@2.9.0 pkg:maven/com.squareup.okhttp3/okhttp-bom@4.12.0 pkg:maven/com.squareup.okhttp3/logging-interceptor@4.12.0 pkg:maven/com.squareup.okhttp3/logging-interceptor@4.12.0 pkg:maven/io.freefair.gradle/maven-plugin@8.6 pkg:maven/com.squareup.okhttp3/okhttp@4.12.0 pkg:maven/io.freefair.gradle/okhttp-plugin@8.6 pkg:maven/com.squareup.retrofit2/retrofit@2.9.0 pkg:maven/io.freefair.gradle/okhttp-plugin@8.6 pkg:maven/com.squareup.okhttp3/okhttp-bom@4.12.0 pkg:maven/io.freefair.gradle/okhttp-plugin@8.6 pkg:maven/io.freefair.gradle/okhttp-plugin@8.6 Evidence Type Source Name Value Confidence Vendor file name okio-jvm High Vendor gradle artifactid okio-jvm Highest Vendor gradle groupid com.squareup.okio Highest Vendor jar package name okio Highest Vendor jar package name okio Low Vendor Manifest automatic-module-name okio Medium Vendor Manifest bundle-symbolicname com.squareup.okio Medium Product file name okio-jvm High Product gradle artifactid okio-jvm Highest Product jar package name okio Highest Product Manifest automatic-module-name okio Medium Product Manifest Bundle-Name com.squareup.okio Medium Product Manifest bundle-symbolicname com.squareup.okio Medium Version file name okio-jvm Medium Version file version 3.6.0 High Version gradle version 3.6.0 Highest Version Manifest Bundle-Version 3.6.0 High
opentest4j-1.3.0.jarLicense:
The Apache License, Version 2.0 File Path: /home/runner/.gradle/caches/modules-2/files-2.1/org.opentest4j/opentest4j/1.3.0/152ea56b3a72f655d4fd677fc0ef2596c3dd5e6e/opentest4j-1.3.0.jar
MD5: 03c404f727531f3fd3b4c73997899327
SHA1: 152ea56b3a72f655d4fd677fc0ef2596c3dd5e6e
SHA256: 48e2df636cab6563ced64dcdff8abb2355627cb236ef0bf37598682ddf742f1b
Referenced In Projects/Scopes: documentation:javadocClasspath test-common:compileClasspath test-common:runtimeClasspath opentest4j-1.3.0.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.junit/junit-bom@5.10.2 pkg:maven/org.junit.jupiter/junit-jupiter-api@5.10.2 pkg:maven/org.junit.jupiter/junit-jupiter-api@5.10.2 pkg:maven/org.junit/junit-bom@5.10.2 pkg:maven/io.freefair.gradle/test-common@8.6 Evidence Type Source Name Value Confidence Vendor file name opentest4j High Vendor gradle artifactid opentest4j Highest Vendor gradle groupid org.opentest4j Highest Vendor jar package name opentest4j Highest Vendor jar package name opentest4j Low Vendor Manifest build-date 2023-07-06 Low Vendor Manifest build-revision 214973bfa4e7e9be7d04e623202cc4147c7036d2 Low Vendor Manifest build-time 14:25:06.116+0200 Low Vendor Manifest bundle-symbolicname org.opentest4j Medium Vendor Manifest Implementation-Vendor opentest4j.org High Vendor Manifest specification-vendor opentest4j.org Low Product file name opentest4j High Product gradle artifactid opentest4j Highest Product jar package name opentest4j Highest Product Manifest build-date 2023-07-06 Low Product Manifest build-revision 214973bfa4e7e9be7d04e623202cc4147c7036d2 Low Product Manifest build-time 14:25:06.116+0200 Low Product Manifest Bundle-Name opentest4j Medium Product Manifest bundle-symbolicname org.opentest4j Medium Product Manifest Implementation-Title opentest4j High Product Manifest specification-title opentest4j Medium Version file version 1.3.0 High Version Manifest Implementation-Version 1.3.0 High
org.eclipse.sisu.inject-0.9.0.M2.jarDescription:
JSR330-based container; supports classpath scanning, auto-binding, and dynamic auto-wiring License:
"Eclipse Public License, Version 1.0";link="http://www.eclipse.org/legal/epl-v10.html" File Path: /home/runner/.gradle/caches/modules-2/files-2.1/org.eclipse.sisu/org.eclipse.sisu.inject/0.9.0.M2/5ace70e1ea696d156f5034a42a615df13a52003a/org.eclipse.sisu.inject-0.9.0.M2.jar
MD5: eb805c5b2e22c8002877f0caadc6a87c
SHA1: 5ace70e1ea696d156f5034a42a615df13a52003a
SHA256: 9b62bcfc352a2ec87da8b01e37c952a54d358bbb1af3f212648aeafe7ab2dbb5
Referenced In Projects/Scopes: documentation:javadocClasspath maven-plugin-plugin:compileClasspath maven-plugin-plugin:runtimeClasspath org.eclipse.sisu.inject-0.9.0.M2.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/io.freefair.gradle/maven-plugin-plugin@8.6 pkg:maven/org.apache.maven.plugins/maven-plugin-plugin@3.11.0 pkg:maven/org.apache.maven.plugin-tools/maven-plugin-tools-annotations@3.11.0 pkg:maven/org.apache.maven.plugin-tools/maven-plugin-tools-annotations@3.11.0 pkg:maven/org.apache.maven.plugins/maven-plugin-plugin@3.11.0 pkg:maven/org.apache.maven.plugin-tools/maven-plugin-tools-generators@3.11.0 pkg:maven/org.apache.maven.plugin-tools/maven-plugin-tools-generators@3.11.0 Evidence Type Source Name Value Confidence Vendor file name org.eclipse.sisu.inject High Vendor gradle artifactid org.eclipse.sisu.inject Highest Vendor gradle groupid org.eclipse.sisu Highest Vendor jar package name eclipse Highest Vendor jar package name inject Highest Vendor jar package name sisu Highest Vendor Manifest build-jdk-spec 11 Low Vendor Manifest bundle-copyright Copyright (c) 2010-present Sonatype, Inc. and others Low Vendor Manifest bundle-developers mcculls;name="Stuart McCulloch",cstamas;name="Tamas Cservenak",kwin;name="Konrad Windszus" Low Vendor Manifest bundle-docurl http://www.eclipse.org/sisu/ Low Vendor Manifest bundle-symbolicname org.eclipse.sisu.inject;singleton:=true Medium Vendor pom artifactid eclipse.sisu.inject Low Vendor pom groupid org.eclipse.sisu Highest Vendor pom parent-artifactid sisu-inject Low Product file name org.eclipse.sisu.inject High Product gradle artifactid org.eclipse.sisu.inject Highest Product jar package name dynamic Highest Product jar package name eclipse Highest Product jar package name inject Highest Product jar package name sisu Highest Product jar package name sonatype Highest Product jar package name wiring Highest Product Manifest build-jdk-spec 11 Low Product Manifest bundle-copyright Copyright (c) 2010-present Sonatype, Inc. and others Low Product Manifest bundle-developers mcculls;name="Stuart McCulloch",cstamas;name="Tamas Cservenak",kwin;name="Konrad Windszus" Low Product Manifest bundle-docurl http://www.eclipse.org/sisu/ Low Product Manifest Bundle-Name Sisu-Inject (Incubation) Medium Product Manifest bundle-symbolicname org.eclipse.sisu.inject;singleton:=true Medium Product pom artifactid eclipse.sisu.inject Highest Product pom groupid org.eclipse.sisu Highest Product pom parent-artifactid sisu-inject Medium Version gradle version 0.9.0.M2 Highest Version Manifest Bundle-Version 0.9.0.M2 High Version pom version 0.9.0.M2 Highest
org.eclipse.sisu.plexus-0.9.0.M2.jarDescription:
Plexus-JSR330 adapter; adds Plexus support to the Sisu-Inject container License:
"Eclipse Public License, Version 1.0";link="http://www.eclipse.org/legal/epl-v10.html" File Path: /home/runner/.gradle/caches/modules-2/files-2.1/org.eclipse.sisu/org.eclipse.sisu.plexus/0.9.0.M2/31456dd2293197bb282c03168f6767acca3dec96/org.eclipse.sisu.plexus-0.9.0.M2.jar
MD5: 98e320df2caac742b2ae33d938c69df8
SHA1: 31456dd2293197bb282c03168f6767acca3dec96
SHA256: 9500d303ce467e26d129dda8559c3f3a91277d41ab49d2c4b4a5779536a62fc1
Referenced In Projects/Scopes: documentation:javadocClasspath maven-plugin-plugin:compileClasspath maven-plugin-plugin:runtimeClasspath org.eclipse.sisu.plexus-0.9.0.M2.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/io.freefair.gradle/maven-plugin-plugin@8.6 pkg:maven/org.apache.maven.plugins/maven-plugin-plugin@3.11.0 pkg:maven/org.apache.maven.plugin-tools/maven-plugin-tools-annotations@3.11.0 pkg:maven/org.apache.maven.plugin-tools/maven-plugin-tools-annotations@3.11.0 pkg:maven/org.apache.maven.plugins/maven-plugin-plugin@3.11.0 pkg:maven/org.apache.maven.plugin-tools/maven-plugin-tools-generators@3.11.0 pkg:maven/org.apache.maven.plugin-tools/maven-plugin-tools-generators@3.11.0 Evidence Type Source Name Value Confidence Vendor file name org.eclipse.sisu.plexus High Vendor gradle artifactid org.eclipse.sisu.plexus Highest Vendor gradle groupid org.eclipse.sisu Highest Vendor jar package name eclipse Highest Vendor jar package name plexus Highest Vendor jar package name sisu Highest Vendor Manifest build-jdk-spec 11 Low Vendor Manifest bundle-copyright Copyright (c) 2010-present Sonatype, Inc. and others Low Vendor Manifest bundle-developers mcculls;name="Stuart McCulloch",cstamas;name="Tamas Cservenak",kwin;name="Konrad Windszus" Low Vendor Manifest bundle-docurl http://www.eclipse.org/sisu/ Low Vendor Manifest bundle-symbolicname org.eclipse.sisu.plexus;singleton:=true Medium Vendor pom artifactid eclipse.sisu.plexus Low Vendor pom groupid org.eclipse.sisu Highest Vendor pom parent-artifactid sisu-plexus Low Product file name org.eclipse.sisu.plexus High Product gradle artifactid org.eclipse.sisu.plexus Highest Product jar package name eclipse Highest Product jar package name plexus Highest Product jar package name sisu Highest Product Manifest build-jdk-spec 11 Low Product Manifest bundle-copyright Copyright (c) 2010-present Sonatype, Inc. and others Low Product Manifest bundle-developers mcculls;name="Stuart McCulloch",cstamas;name="Tamas Cservenak",kwin;name="Konrad Windszus" Low Product Manifest bundle-docurl http://www.eclipse.org/sisu/ Low Product Manifest Bundle-Name Sisu-Plexus (Incubation) Medium Product Manifest bundle-symbolicname org.eclipse.sisu.plexus;singleton:=true Medium Product pom artifactid eclipse.sisu.plexus Highest Product pom groupid org.eclipse.sisu Highest Product pom parent-artifactid sisu-plexus Medium Version gradle version 0.9.0.M2 Highest Version Manifest Bundle-Version 0.9.0.M2 High Version pom version 0.9.0.M2 Highest
org.jacoco.agent-0.8.11.jarDescription:
JaCoCo Agent License:
https://www.eclipse.org/legal/epl-2.0/ File Path: /home/runner/.gradle/caches/modules-2/files-2.1/org.jacoco/org.jacoco.agent/0.8.11/699ee14f7f0f3ae66dc76e7591799bb97c753155/org.jacoco.agent-0.8.11.jar
MD5: a828d0957ce1610af66233db2e9a3790
SHA1: 699ee14f7f0f3ae66dc76e7591799bb97c753155
SHA256: d3ed85dea78a9ed55846a7738e3a0ca15c702c661ee4bc8cbfe02a8b9f4a99c0
Referenced In Projects/Scopes: mjml-plugin:jacocoAgent quicktype-plugin:jacocoAnt code-generator-api:jacocoAnt compress-plugin:jacocoAnt documentation:javadocClasspath maven-plugin-plugin:jacocoAnt okhttp-plugin:jacocoAgent jacoco-plugin:jacocoAnt maven-plugin:jacocoAgent mkdocs-plugin:jacocoAgent mjml-plugin:jacocoAnt settings-plugin:jacocoAgent plantuml-plugin:jacocoAnt git-plugin:jacocoAgent github-plugin:jacocoAnt embedded-sass-plugin:jacocoAnt aspectj-plugin:jacocoAgent test-code-generator:jacocoAnt git-plugin:jacocoAnt github-plugin:jacocoAgent maven-plugin-plugin:jacocoAgent test-common:jacocoAgent code-generator-plugin:jacocoAgent okhttp-plugin:jacocoAnt aspectj-plugin:jacocoAnt compress-plugin:jacocoAgent plugin-utils:jacocoAnt plantuml-plugin:jacocoAgent maven-plugin:jacocoAnt settings-plugin:jacocoAnt jacoco-plugin:compileClasspath quicktype-plugin:jacocoAgent plugin-utils:jacocoAgent code-generator-api:jacocoAgent mkdocs-plugin:jacocoAnt test-code-generator:jacocoAgent lombok-plugin:jacocoAgent embedded-sass-plugin:jacocoAgent lombok-plugin:jacocoAnt test-common:jacocoAnt jacoco-plugin:jacocoAgent code-generator-plugin:jacocoAnt org.jacoco.agent-0.8.11.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.jacoco/org.jacoco.ant@0.8.11 pkg:maven/org.jacoco/org.jacoco.ant@0.8.11 pkg:maven/org.jacoco/org.jacoco.ant@0.8.11 pkg:maven/org.jacoco/org.jacoco.ant@0.8.11 pkg:maven/org.jacoco/org.jacoco.ant@0.8.11 pkg:maven/io.freefair.gradle/code-generator-api@8.6 pkg:maven/io.freefair.gradle/plugin-utils@8.6 pkg:maven/org.jacoco/org.jacoco.ant@0.8.11 pkg:maven/io.freefair.gradle/lombok-plugin@8.6 pkg:maven/io.freefair.gradle/test-common@8.6 pkg:maven/org.jacoco/org.jacoco.ant@0.8.11 pkg:maven/org.jacoco/org.jacoco.ant@0.8.11 pkg:maven/io.freefair.gradle/okhttp-plugin@8.6 pkg:maven/io.freefair.gradle/code-generator-plugin@8.6 pkg:maven/org.jacoco/org.jacoco.ant@0.8.11 pkg:maven/org.jacoco/org.jacoco.ant@0.8.11 pkg:maven/io.freefair.gradle/github-plugin@8.6 pkg:maven/org.jacoco/org.jacoco.ant@0.8.11 pkg:maven/org.jacoco/org.jacoco.ant@0.8.11 pkg:maven/io.freefair.gradle/compress-plugin@8.6 pkg:maven/io.freefair.gradle/maven-plugin-plugin@8.6 pkg:maven/org.jacoco/org.jacoco.ant@0.8.11 pkg:maven/org.jacoco/org.jacoco.ant@0.8.11 pkg:maven/org.jacoco/org.jacoco.ant@0.8.11 pkg:maven/org.jacoco/org.jacoco.ant@0.8.11 pkg:maven/org.jacoco/org.jacoco.ant@0.8.11 pkg:maven/org.jacoco/org.jacoco.ant@0.8.11 pkg:maven/io.freefair.gradle/mjml-plugin@8.6 pkg:maven/org.jacoco/org.jacoco.ant@0.8.11 pkg:maven/org.jacoco/org.jacoco.ant@0.8.11 pkg:maven/io.freefair.gradle/quicktype-plugin@8.6 pkg:maven/io.freefair.gradle/test-code-generator@8.6 pkg:maven/io.freefair.gradle/mkdocs-plugin@8.6 pkg:maven/io.freefair.gradle/settings-plugin@8.6 pkg:maven/org.jacoco/org.jacoco.ant@0.8.11 pkg:maven/io.freefair.gradle/jacoco-plugin@8.6 pkg:maven/io.freefair.gradle/git-plugin@8.6 pkg:maven/io.freefair.gradle/maven-plugin@8.6 pkg:maven/org.jacoco/org.jacoco.ant@0.8.11 pkg:maven/io.freefair.gradle/aspectj-plugin@8.6 pkg:maven/io.freefair.gradle/embedded-sass-plugin@8.6 pkg:maven/io.freefair.gradle/plantuml-plugin@8.6 Evidence Type Source Name Value Confidence Vendor file name org.jacoco.agent High Vendor gradle artifactid org.jacoco.agent Highest Vendor gradle groupid org.jacoco Highest Vendor jar package name agent Highest Vendor jar package name jacoco Highest Vendor Manifest automatic-module-name org.jacoco.agent Medium Vendor Manifest build-jdk-spec 17 Low Vendor Manifest bundle-requiredexecutionenvironment J2SE-1.5 Low Vendor Manifest bundle-symbolicname org.jacoco.agent Medium Vendor pom artifactid jacoco.agent Low Vendor pom groupid org.jacoco Highest Vendor pom name JaCoCo :: Agent High Vendor pom parent-artifactid org.jacoco.build Low Product file name org.jacoco.agent High Product gradle artifactid org.jacoco.agent Highest Product jar package name agent Highest Product jar package name jacoco Highest Product Manifest automatic-module-name org.jacoco.agent Medium Product Manifest build-jdk-spec 17 Low Product Manifest Bundle-Name JaCoCo Agent Medium Product Manifest bundle-requiredexecutionenvironment J2SE-1.5 Low Product Manifest bundle-symbolicname org.jacoco.agent Medium Product pom artifactid jacoco.agent Highest Product pom groupid org.jacoco Highest Product pom name JaCoCo :: Agent High Product pom parent-artifactid org.jacoco.build Medium Version file version 0.8.11 High Version gradle version 0.8.11 Highest Version pom version 0.8.11 Highest
org.jacoco.agent-0.8.11.jar: jacocoagent.jar (shaded: org.jacoco:org.jacoco.agent.rt:0.8.11)Description:
JaCoCo Java Agent File Path: /home/runner/.gradle/caches/modules-2/files-2.1/org.jacoco/org.jacoco.agent/0.8.11/699ee14f7f0f3ae66dc76e7591799bb97c753155/org.jacoco.agent-0.8.11.jar/jacocoagent.jar/META-INF/maven/org.jacoco/org.jacoco.agent.rt/pom.xmlMD5: 8d0f23f1c67bdffca848dd8b5bc2d403SHA1: cbd5c132575912927afd717bac0de8de3f6b4a48SHA256: 9b82e7a84f6b1426f4a6bab7e3b7ceac2034934cf04c3a501d572f6864c359c9Referenced In Projects/Scopes:
mjml-plugin:jacocoAgent quicktype-plugin:jacocoAnt code-generator-api:jacocoAnt compress-plugin:jacocoAnt documentation:javadocClasspath maven-plugin-plugin:jacocoAnt okhttp-plugin:jacocoAgent jacoco-plugin:jacocoAnt maven-plugin:jacocoAgent mkdocs-plugin:jacocoAgent mjml-plugin:jacocoAnt settings-plugin:jacocoAgent plantuml-plugin:jacocoAnt git-plugin:jacocoAgent github-plugin:jacocoAnt embedded-sass-plugin:jacocoAnt aspectj-plugin:jacocoAgent test-code-generator:jacocoAnt git-plugin:jacocoAnt github-plugin:jacocoAgent maven-plugin-plugin:jacocoAgent test-common:jacocoAgent code-generator-plugin:jacocoAgent okhttp-plugin:jacocoAnt aspectj-plugin:jacocoAnt compress-plugin:jacocoAgent plugin-utils:jacocoAnt plantuml-plugin:jacocoAgent maven-plugin:jacocoAnt settings-plugin:jacocoAnt jacoco-plugin:compileClasspath quicktype-plugin:jacocoAgent plugin-utils:jacocoAgent code-generator-api:jacocoAgent mkdocs-plugin:jacocoAnt test-code-generator:jacocoAgent lombok-plugin:jacocoAgent embedded-sass-plugin:jacocoAgent lombok-plugin:jacocoAnt test-common:jacocoAnt jacoco-plugin:jacocoAgent code-generator-plugin:jacocoAnt Evidence Type Source Name Value Confidence Vendor pom artifactid jacoco.agent.rt Low Vendor pom groupid org.jacoco Highest Vendor pom name JaCoCo :: Agent RT High Vendor pom parent-artifactid org.jacoco.build Low Product pom artifactid jacoco.agent.rt Highest Product pom groupid org.jacoco Highest Product pom name JaCoCo :: Agent RT High Product pom parent-artifactid org.jacoco.build Medium Version pom version 0.8.11 Highest
org.jacoco.agent-0.8.11.jar: jacocoagent.jarFile Path: /home/runner/.gradle/caches/modules-2/files-2.1/org.jacoco/org.jacoco.agent/0.8.11/699ee14f7f0f3ae66dc76e7591799bb97c753155/org.jacoco.agent-0.8.11.jar/jacocoagent.jarMD5: 89a8ddcf1ddebe9721a25037873f0140SHA1: d5287cced3d0afd0cfa0be7f84773ea811836f21SHA256: 47257ae9f22b93817eea11bc1b1fd31fc8e23049ad5dd483bfde603eaa624d0bReferenced In Projects/Scopes:
mjml-plugin:jacocoAgent quicktype-plugin:jacocoAnt code-generator-api:jacocoAnt compress-plugin:jacocoAnt documentation:javadocClasspath maven-plugin-plugin:jacocoAnt okhttp-plugin:jacocoAgent jacoco-plugin:jacocoAnt maven-plugin:jacocoAgent mkdocs-plugin:jacocoAgent mjml-plugin:jacocoAnt settings-plugin:jacocoAgent plantuml-plugin:jacocoAnt git-plugin:jacocoAgent github-plugin:jacocoAnt embedded-sass-plugin:jacocoAnt aspectj-plugin:jacocoAgent test-code-generator:jacocoAnt git-plugin:jacocoAnt github-plugin:jacocoAgent maven-plugin-plugin:jacocoAgent test-common:jacocoAgent code-generator-plugin:jacocoAgent okhttp-plugin:jacocoAnt aspectj-plugin:jacocoAnt compress-plugin:jacocoAgent plugin-utils:jacocoAnt plantuml-plugin:jacocoAgent maven-plugin:jacocoAnt settings-plugin:jacocoAnt jacoco-plugin:compileClasspath quicktype-plugin:jacocoAgent plugin-utils:jacocoAgent code-generator-api:jacocoAgent mkdocs-plugin:jacocoAnt test-code-generator:jacocoAgent lombok-plugin:jacocoAgent embedded-sass-plugin:jacocoAgent lombok-plugin:jacocoAnt test-common:jacocoAnt jacoco-plugin:jacocoAgent code-generator-plugin:jacocoAnt Evidence Type Source Name Value Confidence Vendor file name jacocoagent High Vendor jar package name agent Highest Vendor jar package name agent Low Vendor jar package name jacoco Highest Vendor jar package name jacoco Low Vendor jar package name rt Highest Vendor jar package name rt Low Vendor Manifest automatic-module-name org.jacoco.agent.rt Medium Vendor Manifest build-jdk-spec 17 Low Vendor Manifest Implementation-Vendor Mountainminds GmbH & Co. KG High Product file name jacocoagent High Product jar package name agent Highest Product jar package name agent Low Product jar package name internal_4742761 Low Product jar package name jacoco Highest Product jar package name rt Highest Product jar package name rt Low Product Manifest automatic-module-name org.jacoco.agent.rt Medium Product Manifest build-jdk-spec 17 Low Product Manifest Implementation-Title JaCoCo Java Agent High Version Manifest build-jdk-spec 17 Low Version Manifest Implementation-Version 0.8.11 High
org.jacoco.ant-0.8.11.jarDescription:
JaCoCo Ant Tasks License:
https://www.eclipse.org/legal/epl-2.0/ File Path: /home/runner/.gradle/caches/modules-2/files-2.1/org.jacoco/org.jacoco.ant/0.8.11/13ae25fa9149b42cec8e3f495c783c00fbfbccd9/org.jacoco.ant-0.8.11.jar
MD5: b9fc2dc3734c916bfd7783b4a604b6a7
SHA1: 13ae25fa9149b42cec8e3f495c783c00fbfbccd9
SHA256: 81d7eb8890d9be30a939612c295603541063529cdd03a53265aba74474b70b7c
Referenced In Projects/Scopes: quicktype-plugin:jacocoAnt code-generator-api:jacocoAnt compress-plugin:jacocoAnt documentation:javadocClasspath maven-plugin-plugin:jacocoAnt okhttp-plugin:jacocoAnt aspectj-plugin:jacocoAnt jacoco-plugin:jacocoAnt plugin-utils:jacocoAnt maven-plugin:jacocoAnt settings-plugin:jacocoAnt jacoco-plugin:compileClasspath mjml-plugin:jacocoAnt mkdocs-plugin:jacocoAnt plantuml-plugin:jacocoAnt github-plugin:jacocoAnt embedded-sass-plugin:jacocoAnt lombok-plugin:jacocoAnt test-common:jacocoAnt test-code-generator:jacocoAnt code-generator-plugin:jacocoAnt git-plugin:jacocoAnt org.jacoco.ant-0.8.11.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/io.freefair.gradle/github-plugin@8.6 pkg:maven/io.freefair.gradle/maven-plugin@8.6 pkg:maven/io.freefair.gradle/plugin-utils@8.6 pkg:maven/io.freefair.gradle/settings-plugin@8.6 pkg:maven/io.freefair.gradle/test-code-generator@8.6 pkg:maven/io.freefair.gradle/lombok-plugin@8.6 pkg:maven/io.freefair.gradle/mjml-plugin@8.6 pkg:maven/io.freefair.gradle/plantuml-plugin@8.6 pkg:maven/io.freefair.gradle/embedded-sass-plugin@8.6 pkg:maven/io.freefair.gradle/okhttp-plugin@8.6 pkg:maven/io.freefair.gradle/test-common@8.6 pkg:maven/io.freefair.gradle/jacoco-plugin@8.6 pkg:maven/io.freefair.gradle/jacoco-plugin@8.6 pkg:maven/io.freefair.gradle/mkdocs-plugin@8.6 pkg:maven/io.freefair.gradle/code-generator-plugin@8.6 pkg:maven/io.freefair.gradle/compress-plugin@8.6 pkg:maven/io.freefair.gradle/documentation@8.6 pkg:maven/io.freefair.gradle/maven-plugin-plugin@8.6 pkg:maven/io.freefair.gradle/aspectj-plugin@8.6 pkg:maven/io.freefair.gradle/code-generator-api@8.6 pkg:maven/io.freefair.gradle/git-plugin@8.6 pkg:maven/io.freefair.gradle/quicktype-plugin@8.6 Evidence Type Source Name Value Confidence Vendor file name org.jacoco.ant High Vendor gradle artifactid org.jacoco.ant Highest Vendor gradle groupid org.jacoco Highest Vendor jar package name ant Highest Vendor jar package name jacoco Highest Vendor Manifest automatic-module-name org.jacoco.ant Medium Vendor Manifest bundle-requiredexecutionenvironment J2SE-1.5 Low Vendor Manifest bundle-symbolicname org.jacoco.ant Medium Vendor Manifest require-bundle org.apache.ant;bundle-version="[1.7.0,2.0.0)" Low Vendor pom artifactid jacoco.ant Low Vendor pom groupid org.jacoco Highest Vendor pom name JaCoCo :: Ant High Vendor pom parent-artifactid org.jacoco.build Low Product file name org.jacoco.ant High Product gradle artifactid org.jacoco.ant Highest Product jar package name ant Highest Product jar package name jacoco Highest Product Manifest automatic-module-name org.jacoco.ant Medium Product Manifest Bundle-Name JaCoCo Ant Tasks Medium Product Manifest bundle-requiredexecutionenvironment J2SE-1.5 Low Product Manifest bundle-symbolicname org.jacoco.ant Medium Product Manifest require-bundle org.apache.ant;bundle-version="[1.7.0,2.0.0)" Low Product pom artifactid jacoco.ant Highest Product pom groupid org.jacoco Highest Product pom name JaCoCo :: Ant High Product pom parent-artifactid org.jacoco.build Medium Version file version 0.8.11 High Version gradle version 0.8.11 Highest Version pom version 0.8.11 Highest
org.jacoco.core-0.8.11.jarDescription:
JaCoCo Core License:
https://www.eclipse.org/legal/epl-2.0/ File Path: /home/runner/.gradle/caches/modules-2/files-2.1/org.jacoco/org.jacoco.core/0.8.11/2ea73c899b5d6cde2a0a5e0ca29268b37622845d/org.jacoco.core-0.8.11.jar
MD5: efd6feb6a58c4b9c5a254cc982ec033d
SHA1: 2ea73c899b5d6cde2a0a5e0ca29268b37622845d
SHA256: fcd188c688473fc8dcc0c6caaf355e7b389502243527c33b9597a3ec28791f47
Referenced In Projects/Scopes: quicktype-plugin:jacocoAnt code-generator-api:jacocoAnt compress-plugin:jacocoAnt documentation:javadocClasspath maven-plugin-plugin:jacocoAnt okhttp-plugin:jacocoAnt aspectj-plugin:jacocoAnt jacoco-plugin:jacocoAnt plugin-utils:jacocoAnt maven-plugin:jacocoAnt settings-plugin:jacocoAnt jacoco-plugin:compileClasspath mjml-plugin:jacocoAnt mkdocs-plugin:jacocoAnt plantuml-plugin:jacocoAnt github-plugin:jacocoAnt embedded-sass-plugin:jacocoAnt lombok-plugin:jacocoAnt test-common:jacocoAnt test-code-generator:jacocoAnt code-generator-plugin:jacocoAnt git-plugin:jacocoAnt org.jacoco.core-0.8.11.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.jacoco/org.jacoco.ant@0.8.11 pkg:maven/org.jacoco/org.jacoco.ant@0.8.11 pkg:maven/org.jacoco/org.jacoco.ant@0.8.11 pkg:maven/org.jacoco/org.jacoco.ant@0.8.11 pkg:maven/org.jacoco/org.jacoco.ant@0.8.11 pkg:maven/org.jacoco/org.jacoco.ant@0.8.11 pkg:maven/org.jacoco/org.jacoco.ant@0.8.11 pkg:maven/org.jacoco/org.jacoco.ant@0.8.11 pkg:maven/org.jacoco/org.jacoco.ant@0.8.11 pkg:maven/org.jacoco/org.jacoco.ant@0.8.11 pkg:maven/org.jacoco/org.jacoco.ant@0.8.11 pkg:maven/org.jacoco/org.jacoco.ant@0.8.11 pkg:maven/org.jacoco/org.jacoco.ant@0.8.11 pkg:maven/org.jacoco/org.jacoco.ant@0.8.11 pkg:maven/org.jacoco/org.jacoco.ant@0.8.11 pkg:maven/org.jacoco/org.jacoco.ant@0.8.11 pkg:maven/org.jacoco/org.jacoco.ant@0.8.11 pkg:maven/org.jacoco/org.jacoco.ant@0.8.11 pkg:maven/org.jacoco/org.jacoco.ant@0.8.11 pkg:maven/org.jacoco/org.jacoco.ant@0.8.11 pkg:maven/org.jacoco/org.jacoco.ant@0.8.11 pkg:maven/org.jacoco/org.jacoco.ant@0.8.11 Evidence Type Source Name Value Confidence Vendor file name org.jacoco.core High Vendor gradle artifactid org.jacoco.core Highest Vendor gradle groupid org.jacoco Highest Vendor jar package name core Highest Vendor jar package name jacoco Highest Vendor Manifest automatic-module-name org.jacoco.core Medium Vendor Manifest build-jdk-spec 17 Low Vendor Manifest bundle-requiredexecutionenvironment J2SE-1.5 Low Vendor Manifest bundle-symbolicname org.jacoco.core Medium Vendor pom artifactid jacoco.core Low Vendor pom groupid org.jacoco Highest Vendor pom name JaCoCo :: Core High Vendor pom parent-artifactid org.jacoco.build Low Product file name org.jacoco.core High Product gradle artifactid org.jacoco.core Highest Product jar package name core Highest Product jar package name jacoco Highest Product Manifest automatic-module-name org.jacoco.core Medium Product Manifest build-jdk-spec 17 Low Product Manifest Bundle-Name JaCoCo Core Medium Product Manifest bundle-requiredexecutionenvironment J2SE-1.5 Low Product Manifest bundle-symbolicname org.jacoco.core Medium Product pom artifactid jacoco.core Highest Product pom groupid org.jacoco Highest Product pom name JaCoCo :: Core High Product pom parent-artifactid org.jacoco.build Medium Version file version 0.8.11 High Version gradle version 0.8.11 Highest Version pom version 0.8.11 Highest
org.jacoco.report-0.8.11.jarDescription:
JaCoCo Report License:
https://www.eclipse.org/legal/epl-2.0/ File Path: /home/runner/.gradle/caches/modules-2/files-2.1/org.jacoco/org.jacoco.report/0.8.11/177b88cc906c3251250cef5ef9bbdda548cdc1c5/org.jacoco.report-0.8.11.jar
MD5: 8e5dfa440e6504244e59ff7b88497dc5
SHA1: 177b88cc906c3251250cef5ef9bbdda548cdc1c5
SHA256: 8393295ae24680ed10cad8333907040f928b871332491581ca5bc784e2cb4fbe
Referenced In Projects/Scopes: quicktype-plugin:jacocoAnt code-generator-api:jacocoAnt compress-plugin:jacocoAnt documentation:javadocClasspath maven-plugin-plugin:jacocoAnt okhttp-plugin:jacocoAnt aspectj-plugin:jacocoAnt jacoco-plugin:jacocoAnt plugin-utils:jacocoAnt maven-plugin:jacocoAnt settings-plugin:jacocoAnt jacoco-plugin:compileClasspath mjml-plugin:jacocoAnt mkdocs-plugin:jacocoAnt plantuml-plugin:jacocoAnt github-plugin:jacocoAnt embedded-sass-plugin:jacocoAnt lombok-plugin:jacocoAnt test-common:jacocoAnt test-code-generator:jacocoAnt code-generator-plugin:jacocoAnt git-plugin:jacocoAnt org.jacoco.report-0.8.11.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.jacoco/org.jacoco.ant@0.8.11 pkg:maven/org.jacoco/org.jacoco.ant@0.8.11 pkg:maven/org.jacoco/org.jacoco.ant@0.8.11 pkg:maven/org.jacoco/org.jacoco.ant@0.8.11 pkg:maven/org.jacoco/org.jacoco.ant@0.8.11 pkg:maven/org.jacoco/org.jacoco.ant@0.8.11 pkg:maven/org.jacoco/org.jacoco.ant@0.8.11 pkg:maven/org.jacoco/org.jacoco.ant@0.8.11 pkg:maven/org.jacoco/org.jacoco.ant@0.8.11 pkg:maven/org.jacoco/org.jacoco.ant@0.8.11 pkg:maven/org.jacoco/org.jacoco.ant@0.8.11 pkg:maven/org.jacoco/org.jacoco.ant@0.8.11 pkg:maven/org.jacoco/org.jacoco.ant@0.8.11 pkg:maven/org.jacoco/org.jacoco.ant@0.8.11 pkg:maven/org.jacoco/org.jacoco.ant@0.8.11 pkg:maven/org.jacoco/org.jacoco.ant@0.8.11 pkg:maven/org.jacoco/org.jacoco.ant@0.8.11 pkg:maven/org.jacoco/org.jacoco.ant@0.8.11 pkg:maven/org.jacoco/org.jacoco.ant@0.8.11 pkg:maven/org.jacoco/org.jacoco.ant@0.8.11 pkg:maven/org.jacoco/org.jacoco.ant@0.8.11 pkg:maven/org.jacoco/org.jacoco.ant@0.8.11 Evidence Type Source Name Value Confidence Vendor file name org.jacoco.report High Vendor gradle artifactid org.jacoco.report Highest Vendor gradle groupid org.jacoco Highest Vendor jar package name jacoco Highest Vendor jar package name report Highest Vendor Manifest automatic-module-name org.jacoco.report Medium Vendor Manifest build-jdk-spec 17 Low Vendor Manifest bundle-requiredexecutionenvironment J2SE-1.5 Low Vendor Manifest bundle-symbolicname org.jacoco.report Medium Vendor pom artifactid jacoco.report Low Vendor pom groupid org.jacoco Highest Vendor pom name JaCoCo :: Report High Vendor pom parent-artifactid org.jacoco.build Low Product file name org.jacoco.report High Product gradle artifactid org.jacoco.report Highest Product jar package name jacoco Highest Product jar package name report Highest Product Manifest automatic-module-name org.jacoco.report Medium Product Manifest build-jdk-spec 17 Low Product Manifest Bundle-Name JaCoCo Report Medium Product Manifest bundle-requiredexecutionenvironment J2SE-1.5 Low Product Manifest bundle-symbolicname org.jacoco.report Medium Product pom artifactid jacoco.report Highest Product pom groupid org.jacoco Highest Product pom name JaCoCo :: Report High Product pom parent-artifactid org.jacoco.build Medium Version file version 0.8.11 High Version gradle version 0.8.11 Highest Version pom version 0.8.11 Highest
org.jacoco.report-0.8.11.jar: prettify.jsFile Path: /home/runner/.gradle/caches/modules-2/files-2.1/org.jacoco/org.jacoco.report/0.8.11/177b88cc906c3251250cef5ef9bbdda548cdc1c5/org.jacoco.report-0.8.11.jar/org/jacoco/report/internal/html/resources/prettify.jsMD5: 4b337aaa3c606cfc1a6ff1986db2c8cbSHA1: 290093755739da933c180ae7e7ebf283724dad1dSHA256: 743c6c4cab9499cd0bfe18a5a62281eccce843f47ec75eedb32eeb29c755aa68Referenced In Projects/Scopes:
quicktype-plugin:jacocoAnt code-generator-api:jacocoAnt compress-plugin:jacocoAnt documentation:javadocClasspath maven-plugin-plugin:jacocoAnt okhttp-plugin:jacocoAnt aspectj-plugin:jacocoAnt jacoco-plugin:jacocoAnt plugin-utils:jacocoAnt maven-plugin:jacocoAnt settings-plugin:jacocoAnt jacoco-plugin:compileClasspath mjml-plugin:jacocoAnt mkdocs-plugin:jacocoAnt plantuml-plugin:jacocoAnt github-plugin:jacocoAnt embedded-sass-plugin:jacocoAnt lombok-plugin:jacocoAnt test-common:jacocoAnt test-code-generator:jacocoAnt code-generator-plugin:jacocoAnt git-plugin:jacocoAnt Evidence Type Source Name Value Confidence
org.jacoco.report-0.8.11.jar: sort.jsFile Path: /home/runner/.gradle/caches/modules-2/files-2.1/org.jacoco/org.jacoco.report/0.8.11/177b88cc906c3251250cef5ef9bbdda548cdc1c5/org.jacoco.report-0.8.11.jar/org/jacoco/report/internal/html/resources/sort.jsMD5: d101d06d26e7deaf2b224e0d2137509aSHA1: 2c715325b546adf5beff3d624ce002a7256e3efeSHA256: 7ff293dabc89d68e33d5611f2de0dbbbcfed7e0177726fab5f9dcc0b91f593afReferenced In Projects/Scopes:
quicktype-plugin:jacocoAnt code-generator-api:jacocoAnt compress-plugin:jacocoAnt documentation:javadocClasspath maven-plugin-plugin:jacocoAnt okhttp-plugin:jacocoAnt aspectj-plugin:jacocoAnt jacoco-plugin:jacocoAnt plugin-utils:jacocoAnt maven-plugin:jacocoAnt settings-plugin:jacocoAnt jacoco-plugin:compileClasspath mjml-plugin:jacocoAnt mkdocs-plugin:jacocoAnt plantuml-plugin:jacocoAnt github-plugin:jacocoAnt embedded-sass-plugin:jacocoAnt lombok-plugin:jacocoAnt test-common:jacocoAnt test-code-generator:jacocoAnt code-generator-plugin:jacocoAnt git-plugin:jacocoAnt Evidence Type Source Name Value Confidence
packageurl-java-1.5.0.jarDescription:
The official Java implementation of the PackageURL specification. PackageURL (purl) is a minimal
specification for describing a package via a "mostly universal" URL.
License:
MIT: https://opensource.org/licenses/MIT File Path: /home/runner/.gradle/caches/modules-2/files-2.1/com.github.package-url/packageurl-java/1.5.0/e6bf530f52feab911f4032604ca0b8216f7ff337/packageurl-java-1.5.0.jar
MD5: 90856d8bb5b17e08fdf03b6a2f93b81c
SHA1: e6bf530f52feab911f4032604ca0b8216f7ff337
SHA256: e45551727707acc0c56ac62d56964332ea0f138d6cc3656d988b9369150f5247
Referenced In Projects/Scopes: documentation:javadocClasspath github-plugin:compileClasspath github-plugin:runtimeClasspath packageurl-java-1.5.0.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/io.freefair.gradle/github-plugin@8.6 pkg:maven/io.freefair.gradle/github-plugin@8.6 pkg:maven/io.freefair.gradle/github-plugin@8.6 Evidence Type Source Name Value Confidence Vendor file name packageurl-java High Vendor gradle artifactid packageurl-java Highest Vendor gradle groupid com.github.package-url Highest Vendor jar package name github Highest Vendor jar package name packageurl Highest Vendor Manifest build-jdk-spec 1.8 Low Vendor pom artifactid packageurl-java Low Vendor pom developer email Steve.Springett@owasp.org Low Vendor pom developer name Steve Springett Medium Vendor pom developer org OWASP Medium Vendor pom developer org URL http://www.owasp.org/ Medium Vendor pom groupid com.github.package-url Highest Vendor pom name Package URL High Vendor pom url package-url/packageurl-java Highest Product file name packageurl-java High Product gradle artifactid packageurl-java Highest Product jar package name github Highest Product jar package name packageurl Highest Product Manifest build-jdk-spec 1.8 Low Product pom artifactid packageurl-java Highest Product pom developer email Steve.Springett@owasp.org Low Product pom developer name Steve Springett Low Product pom developer org OWASP Low Product pom developer org URL http://www.owasp.org/ Low Product pom groupid com.github.package-url Highest Product pom name Package URL High Product pom url package-url/packageurl-java High Version file version 1.5.0 High Version gradle version 1.5.0 Highest Version pom version 1.5.0 Highest
plantuml-1.2024.3.jarFile Path: /home/runner/.gradle/caches/modules-2/files-2.1/net.sourceforge.plantuml/plantuml/1.2024.3/3fd11e68e30df254ded5ef2ff7360900c9ff1b18/plantuml-1.2024.3.jarMD5: 516de1a14319828b5256e47a000f12daSHA1: 3fd11e68e30df254ded5ef2ff7360900c9ff1b18SHA256: 414a5753abbca0d30c7d8784077c601476db9bb612bfd10647fc160e4f150a08Referenced In Projects/Scopes:
documentation:javadocClasspath plantuml-plugin:compileClasspath plantuml-1.2024.3.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/io.freefair.gradle/plantuml-plugin@8.6 pkg:maven/io.freefair.gradle/documentation@8.6 Evidence Type Source Name Value Confidence Vendor file name plantuml High Vendor gradle artifactid plantuml Highest Vendor gradle groupid net.sourceforge.plantuml Highest Vendor jar package name net Highest Vendor jar package name net Low Vendor jar package name plantuml Highest Vendor jar package name plantuml Low Vendor jar package name sourceforge Highest Vendor jar package name sourceforge Low Vendor Manifest automatic-module-name net.sourceforge.plantuml Medium Vendor Manifest build-jdk-spec 17 Low Product file name plantuml High Product gradle artifactid plantuml Highest Product jar package name net Highest Product jar package name plantuml Highest Product jar package name plantuml Low Product jar package name sourceforge Highest Product jar package name sourceforge Low Product Manifest automatic-module-name net.sourceforge.plantuml Medium Product Manifest build-jdk-spec 17 Low Version file version 1.2024.3 High Version Manifest Implementation-Version 1.2024.3 High
plantuml-1.2024.3.jar: default.jsFile Path: /home/runner/.gradle/caches/modules-2/files-2.1/net.sourceforge.plantuml/plantuml/1.2024.3/3fd11e68e30df254ded5ef2ff7360900c9ff1b18/plantuml-1.2024.3.jar/svg/default.jsMD5: 2ea3fc778111da6c287c742fd32023d9SHA1: 419024dadbaa67f19ee5b8956eefa701ed3c068bSHA256: b12967a940ebb3b3914dfe765b9b72916897f3f6a86a497f1ffa308d17da1f3eReferenced In Projects/Scopes:
documentation:javadocClasspath plantuml-plugin:compileClasspath Evidence Type Source Name Value Confidence
plantuml-1.2024.3.jar: onmouseinteractivefooter.jsFile Path: /home/runner/.gradle/caches/modules-2/files-2.1/net.sourceforge.plantuml/plantuml/1.2024.3/3fd11e68e30df254ded5ef2ff7360900c9ff1b18/plantuml-1.2024.3.jar/svg/onmouseinteractivefooter.jsMD5: a62b900322928cc1922cc3ee48d6f300SHA1: 5ba41a8018b018ac566db6abf0d8d4b1ca51d1b6SHA256: 9088fe529d7a1f2468c476b106fcefff67a929f91b7759641b871f95dff13489Referenced In Projects/Scopes:
documentation:javadocClasspath plantuml-plugin:compileClasspath Evidence Type Source Name Value Confidence
plantuml-plugin-8.6.jarFile Path: /home/runner/work/gradle-plugins/gradle-plugins/plantuml-plugin/build/libs/plantuml-plugin-8.6.jarMD5: f78437337d2b9d5418f364bcef449e1eSHA1: ecff50df399bce085c9939bf63d84859e9b3f970SHA256: 7c8d2acf42c02f7643f6ce16e46684fabd86cf7b1710296f5eea8b342d38024eReferenced In Project/Scope: documentation:javadocClasspathplantuml-plugin-8.6.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/io.freefair.gradle/documentation@8.6
Evidence Type Source Name Value Confidence Vendor file name plantuml-plugin High Vendor gradle artifactid plantuml-plugin Highest Vendor gradle groupid io.freefair.gradle Highest Vendor jar package name freefair Low Vendor jar package name gradle Low Vendor jar package name io Low Product file name plantuml-plugin High Product gradle artifactid plantuml-plugin Highest Product jar package name freefair Low Product jar package name gradle Low Product jar package name plugins Low Version file version 8.6 High Version Manifest Implementation-Version 8.6 High
plexus-archiver-4.9.1.jarFile Path: /home/runner/.gradle/caches/modules-2/files-2.1/org.codehaus.plexus/plexus-archiver/4.9.1/4af255703504c078c9e4ab9f94cdc9e915ba8977/plexus-archiver-4.9.1.jarMD5: e9e2ae43947dd9054f4062f4c0de01faSHA1: 4af255703504c078c9e4ab9f94cdc9e915ba8977SHA256: a33a0817c46e75f1d0af9abb201eab5f53b09cc7767595914d754ae17769da2dReferenced In Projects/Scopes:
documentation:javadocClasspath maven-plugin-plugin:compileClasspath maven-plugin-plugin:runtimeClasspath plexus-archiver-4.9.1.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/io.freefair.gradle/maven-plugin-plugin@8.6 pkg:maven/org.apache.maven.plugins/maven-plugin-plugin@3.11.0 pkg:maven/org.apache.maven.plugin-tools/maven-plugin-tools-annotations@3.11.0 pkg:maven/org.apache.maven.plugin-tools/maven-plugin-tools-annotations@3.11.0 Evidence Type Source Name Value Confidence Vendor file name plexus-archiver High Vendor gradle artifactid plexus-archiver Highest Vendor gradle groupid org.codehaus.plexus Highest Vendor jar package name archiver Highest Vendor jar package name codehaus Highest Vendor jar package name plexus Highest Vendor Manifest build-jdk-spec 21 Low Vendor pom artifactid plexus-archiver Low Vendor pom groupid org.codehaus.plexus Highest Vendor pom name Plexus Archiver Component High Vendor pom parent-artifactid plexus Low Vendor pom url https://codehaus-plexus.github.io/plexus-archiver/ Highest Product file name plexus-archiver High Product gradle artifactid plexus-archiver Highest Product jar package name archiver Highest Product jar package name codehaus Highest Product jar package name plexus Highest Product Manifest build-jdk-spec 21 Low Product pom artifactid plexus-archiver Highest Product pom groupid org.codehaus.plexus Highest Product pom name Plexus Archiver Component High Product pom parent-artifactid plexus Medium Product pom url https://codehaus-plexus.github.io/plexus-archiver/ Medium Version file version 4.9.1 High Version gradle version 4.9.1 Highest Version pom parent-version 4.9.1 Low Version pom version 4.9.1 Highest
plexus-build-api-0.0.7.jarFile Path: /home/runner/.gradle/caches/modules-2/files-2.1/org.sonatype.plexus/plexus-build-api/0.0.7/e6ba5cd4bfd8de00235af936e7f63eb24ed436e6/plexus-build-api-0.0.7.jarMD5: 49f0f8c6bdf2687e358870a4fc1559c6SHA1: e6ba5cd4bfd8de00235af936e7f63eb24ed436e6SHA256: 934171640fbd3d2495c50b79b0d9adb11e2c83e65bad157df8fe34bcac0ff798Referenced In Projects/Scopes:
documentation:javadocClasspath maven-plugin-plugin:compileClasspath plexus-build-api-0.0.7.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.apache.maven.plugins/maven-plugin-plugin@3.11.0 pkg:maven/org.apache.maven.plugins/maven-plugin-plugin@3.11.0 Evidence Type Source Name Value Confidence Vendor file name plexus-build-api High Vendor gradle artifactid plexus-build-api Highest Vendor gradle groupid org.sonatype.plexus Highest Vendor jar package name build Highest Vendor jar package name build Low Vendor jar package name plexus Highest Vendor jar package name plexus Low Vendor jar package name sonatype Highest Vendor jar package name sonatype Low Vendor pom artifactid plexus-build-api Low Vendor pom groupid org.sonatype.plexus Highest Vendor pom parent-artifactid spice-parent Low Vendor pom parent-groupid org.sonatype.spice Medium Product file name plexus-build-api High Product gradle artifactid plexus-build-api Highest Product jar package name build Highest Product jar package name build Low Product jar package name incremental Low Product jar package name plexus Highest Product jar package name plexus Low Product jar package name sonatype Highest Product pom artifactid plexus-build-api Highest Product pom groupid org.sonatype.plexus Highest Product pom parent-artifactid spice-parent Medium Product pom parent-groupid org.sonatype.spice Medium Version file version 0.0.7 High Version gradle version 0.0.7 Highest Version pom parent-version 0.0.7 Low Version pom version 0.0.7 Highest
plexus-cipher-1.4.jarFile Path: /home/runner/.gradle/caches/modules-2/files-2.1/org.sonatype.plexus/plexus-cipher/1.4/50ade46f23bb38cd984b4ec560c46223432aac38/plexus-cipher-1.4.jarMD5: 7b2d6fcf0d5800d5b1ce09d98d98dcafSHA1: 50ade46f23bb38cd984b4ec560c46223432aac38SHA256: 5a15fdba22669e0fdd06e10dcce6320879e1f7398fbc910cd0677b50672a78c4Referenced In Projects/Scopes:
documentation:javadocClasspath maven-plugin-plugin:compileClasspath maven-plugin-plugin:runtimeClasspath plexus-cipher-1.4.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/io.freefair.gradle/maven-plugin-plugin@8.6 pkg:maven/org.apache.maven.plugins/maven-plugin-plugin@3.11.0 pkg:maven/org.apache.maven.plugin-tools/maven-plugin-tools-annotations@3.11.0 pkg:maven/org.apache.maven.plugin-tools/maven-plugin-tools-annotations@3.11.0 pkg:maven/org.apache.maven.plugins/maven-plugin-plugin@3.11.0 pkg:maven/org.apache.maven.plugin-tools/maven-plugin-tools-generators@3.11.0 pkg:maven/org.apache.maven.plugin-tools/maven-plugin-tools-generators@3.11.0 Evidence Type Source Name Value Confidence Vendor file name plexus-cipher High Vendor gradle artifactid plexus-cipher Highest Vendor gradle groupid org.sonatype.plexus Highest Vendor jar package name cipher Highest Vendor jar package name components Low Vendor jar package name plexus Highest Vendor jar package name plexus Low Vendor jar package name sonatype Highest Vendor jar package name sonatype Low Vendor pom artifactid plexus-cipher Low Vendor pom groupid org.sonatype.plexus Highest Vendor pom name Plexus Cipher: encryption/decryption Component High Vendor pom parent-artifactid spice-parent Low Vendor pom parent-groupid org.sonatype.spice Medium Vendor pom url http://spice.sonatype.org/ Highest Product file name plexus-cipher High Product gradle artifactid plexus-cipher Highest Product jar package name cipher Highest Product jar package name cipher Low Product jar package name components Low Product jar package name plexus Highest Product jar package name plexus Low Product jar package name sonatype Highest Product pom artifactid plexus-cipher Highest Product pom groupid org.sonatype.plexus Highest Product pom name Plexus Cipher: encryption/decryption Component High Product pom parent-artifactid spice-parent Medium Product pom parent-groupid org.sonatype.spice Medium Product pom url http://spice.sonatype.org/ Medium Version file version 1.4 High Version gradle version 1.4 Highest Version pom parent-version 1.4 Low Version pom version 1.4 Highest
plexus-classworlds-2.6.0.jarDescription:
A class loader framework License:
http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /home/runner/.gradle/caches/modules-2/files-2.1/org.codehaus.plexus/plexus-classworlds/2.6.0/8587e80fcb38e70b70fae8d5914b6376bfad6259/plexus-classworlds-2.6.0.jar
MD5: 67e722b27e3a33b33c1b263b99dd7c43
SHA1: 8587e80fcb38e70b70fae8d5914b6376bfad6259
SHA256: 52f77c5ec49f787c9c417ebed5d6efd9922f44a202f217376e4f94c0d74f3549
Referenced In Projects/Scopes: documentation:javadocClasspath maven-plugin-plugin:compileClasspath maven-plugin-plugin:runtimeClasspath plexus-classworlds-2.6.0.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/io.freefair.gradle/maven-plugin-plugin@8.6 pkg:maven/org.apache.maven.plugins/maven-plugin-plugin@3.11.0 pkg:maven/org.apache.maven.plugin-tools/maven-plugin-tools-annotations@3.11.0 pkg:maven/org.apache.maven.plugin-tools/maven-plugin-tools-annotations@3.11.0 pkg:maven/org.apache.maven.plugins/maven-plugin-plugin@3.11.0 pkg:maven/org.apache.maven.plugin-tools/maven-plugin-tools-generators@3.11.0 pkg:maven/org.apache.maven.plugin-tools/maven-plugin-tools-generators@3.11.0 Evidence Type Source Name Value Confidence Vendor file name plexus-classworlds High Vendor gradle artifactid plexus-classworlds Highest Vendor gradle groupid org.codehaus.plexus Highest Vendor jar package name classworlds Highest Vendor jar package name codehaus Highest Vendor jar package name plexus Highest Vendor Manifest bundle-docurl http://codehaus-plexus.github.io/ Low Vendor Manifest bundle-symbolicname org.codehaus.plexus.classworlds Medium Vendor pom artifactid plexus-classworlds Low Vendor pom groupid org.codehaus.plexus Highest Vendor pom name Plexus Classworlds High Vendor pom parent-artifactid plexus Low Product file name plexus-classworlds High Product gradle artifactid plexus-classworlds Highest Product jar package name classworlds Highest Product jar package name codehaus Highest Product jar package name plexus Highest Product Manifest bundle-docurl http://codehaus-plexus.github.io/ Low Product Manifest Bundle-Name Plexus Classworlds Medium Product Manifest bundle-symbolicname org.codehaus.plexus.classworlds Medium Product pom artifactid plexus-classworlds Highest Product pom groupid org.codehaus.plexus Highest Product pom name Plexus Classworlds High Product pom parent-artifactid plexus Medium Version file version 2.6.0 High Version gradle version 2.6.0 Highest Version Manifest Bundle-Version 2.6.0 High Version pom parent-version 2.6.0 Low Version pom version 2.6.0 Highest
CVE-2022-4244 suppress
A flaw was found in codeplex-codehaus. A directory traversal attack (also known as path traversal) aims to access files and directories stored outside the intended folder. By manipulating files with "dot-dot-slash (../)" sequences and their variations or by using absolute file paths, it may be possible to access arbitrary files and directories stored on the file system, including application source code, configuration, and other critical system files. CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVSSv3:
Base Score: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:3.9/RC:R/MAV:A References:
Vulnerable Software & Versions: (show all )
CVE-2022-4245 suppress
A flaw was found in codehaus-plexus. The org.codehaus.plexus.util.xml.XmlWriterUtil#writeComment fails to sanitize comments for a --> sequence. This issue means that text contained in the command string could be interpreted as XML and allow for XML injection. CWE-611 Improper Restriction of XML External Entity Reference, CWE-91 XML Injection (aka Blind XPath Injection)
CVSSv3:
Base Score: MEDIUM (4.3) Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:2.8/RC:R/MAV:A References:
Vulnerable Software & Versions: (show all )
plexus-component-annotations-2.1.0.jarDescription:
Plexus Component "Java 5" Annotations, to describe plexus components properties in java sources with
standard annotations instead of javadoc annotations.
File Path: /home/runner/.gradle/caches/modules-2/files-2.1/org.codehaus.plexus/plexus-component-annotations/2.1.0/2f2147a6cc6a119a1b51a96f31d45c557f6244b9/plexus-component-annotations-2.1.0.jarMD5: 141fd7a2ae613cb17d25ecd54b43eb3fSHA1: 2f2147a6cc6a119a1b51a96f31d45c557f6244b9SHA256: bde3617ce9b5bcf9584126046080043af6a4b3baea40a3b153f02e7bbc32acacReferenced In Projects/Scopes:
documentation:javadocClasspath maven-plugin-plugin:compileClasspath maven-plugin-plugin:runtimeClasspath plexus-component-annotations-2.1.0.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/io.freefair.gradle/maven-plugin-plugin@8.6 pkg:maven/org.apache.maven.plugins/maven-plugin-plugin@3.11.0 pkg:maven/org.apache.maven.plugin-tools/maven-plugin-tools-annotations@3.11.0 pkg:maven/org.apache.maven.plugin-tools/maven-plugin-tools-annotations@3.11.0 pkg:maven/org.apache.maven.plugins/maven-plugin-plugin@3.11.0 pkg:maven/org.apache.maven.plugin-tools/maven-plugin-tools-generators@3.11.0 pkg:maven/org.apache.maven.plugin-tools/maven-plugin-tools-generators@3.11.0 Evidence Type Source Name Value Confidence Vendor file name plexus-component-annotations High Vendor gradle artifactid plexus-component-annotations Highest Vendor gradle groupid org.codehaus.plexus Highest Vendor jar package name annotations Highest Vendor jar package name codehaus Highest Vendor jar package name codehaus Low Vendor jar package name component Highest Vendor jar package name component Low Vendor jar package name plexus Highest Vendor jar package name plexus Low Vendor pom artifactid plexus-component-annotations Low Vendor pom groupid org.codehaus.plexus Highest Vendor pom name Plexus :: Component Annotations High Vendor pom parent-artifactid plexus-containers Low Product file name plexus-component-annotations High Product gradle artifactid plexus-component-annotations Highest Product jar package name annotations Highest Product jar package name annotations Low Product jar package name codehaus Highest Product jar package name component Highest Product jar package name component Low Product jar package name plexus Highest Product jar package name plexus Low Product pom artifactid plexus-component-annotations Highest Product pom groupid org.codehaus.plexus Highest Product pom name Plexus :: Component Annotations High Product pom parent-artifactid plexus-containers Medium Version file version 2.1.0 High Version gradle version 2.1.0 Highest Version pom version 2.1.0 Highest
CVE-2022-4244 suppress
A flaw was found in codeplex-codehaus. A directory traversal attack (also known as path traversal) aims to access files and directories stored outside the intended folder. By manipulating files with "dot-dot-slash (../)" sequences and their variations or by using absolute file paths, it may be possible to access arbitrary files and directories stored on the file system, including application source code, configuration, and other critical system files. CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVSSv3:
Base Score: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:3.9/RC:R/MAV:A References:
Vulnerable Software & Versions: (show all )
CVE-2022-4245 suppress
A flaw was found in codehaus-plexus. The org.codehaus.plexus.util.xml.XmlWriterUtil#writeComment fails to sanitize comments for a --> sequence. This issue means that text contained in the command string could be interpreted as XML and allow for XML injection. CWE-611 Improper Restriction of XML External Entity Reference, CWE-91 XML Injection (aka Blind XPath Injection)
CVSSv3:
Base Score: MEDIUM (4.3) Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:2.8/RC:R/MAV:A References:
Vulnerable Software & Versions: (show all )
plexus-interpolation-1.21.jarFile Path: /home/runner/.gradle/caches/modules-2/files-2.1/org.codehaus.plexus/plexus-interpolation/1.21/f92de59d295f16868001644acc21720f3ec9eb15/plexus-interpolation-1.21.jarMD5: 6629656495f4e5eac4f244fe3b252ea1SHA1: f92de59d295f16868001644acc21720f3ec9eb15SHA256: aba7980581027ad5fc74a27ee4d64aad74932fdb32694967242d03fc50290d1fReferenced In Projects/Scopes:
documentation:javadocClasspath maven-plugin-plugin:compileClasspath maven-plugin-plugin:runtimeClasspath plexus-interpolation-1.21.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/io.freefair.gradle/maven-plugin-plugin@8.6 pkg:maven/org.apache.maven.plugins/maven-plugin-plugin@3.11.0 pkg:maven/org.apache.maven.plugin-tools/maven-plugin-tools-annotations@3.11.0 pkg:maven/org.apache.maven.plugin-tools/maven-plugin-tools-annotations@3.11.0 pkg:maven/org.apache.maven.plugins/maven-plugin-plugin@3.11.0 pkg:maven/org.apache.maven.plugin-tools/maven-plugin-tools-generators@3.11.0 pkg:maven/org.apache.maven.plugin-tools/maven-plugin-tools-generators@3.11.0 Evidence Type Source Name Value Confidence Vendor file name plexus-interpolation High Vendor gradle artifactid plexus-interpolation Highest Vendor gradle groupid org.codehaus.plexus Highest Vendor jar package name codehaus Highest Vendor jar package name codehaus Low Vendor jar package name interpolation Highest Vendor jar package name interpolation Low Vendor jar package name plexus Highest Vendor jar package name plexus Low Vendor pom artifactid plexus-interpolation Low Vendor pom groupid org.codehaus.plexus Highest Vendor pom name Plexus Interpolation API High Vendor pom parent-artifactid plexus-components Low Product file name plexus-interpolation High Product gradle artifactid plexus-interpolation Highest Product jar package name codehaus Highest Product jar package name interpolation Highest Product jar package name interpolation Low Product jar package name plexus Highest Product jar package name plexus Low Product pom artifactid plexus-interpolation Highest Product pom groupid org.codehaus.plexus Highest Product pom name Plexus Interpolation API High Product pom parent-artifactid plexus-components Medium Version file version 1.21 High Version gradle version 1.21 Highest Version pom parent-version 1.21 Low Version pom version 1.21 Highest
CVE-2022-4244 suppress
A flaw was found in codeplex-codehaus. A directory traversal attack (also known as path traversal) aims to access files and directories stored outside the intended folder. By manipulating files with "dot-dot-slash (../)" sequences and their variations or by using absolute file paths, it may be possible to access arbitrary files and directories stored on the file system, including application source code, configuration, and other critical system files. CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVSSv3:
Base Score: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:3.9/RC:R/MAV:A References:
Vulnerable Software & Versions: (show all )
CVE-2022-4245 suppress
A flaw was found in codehaus-plexus. The org.codehaus.plexus.util.xml.XmlWriterUtil#writeComment fails to sanitize comments for a --> sequence. This issue means that text contained in the command string could be interpreted as XML and allow for XML injection. CWE-611 Improper Restriction of XML External Entity Reference, CWE-91 XML Injection (aka Blind XPath Injection)
CVSSv3:
Base Score: MEDIUM (4.3) Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:2.8/RC:R/MAV:A References:
Vulnerable Software & Versions: (show all )
plexus-io-3.4.1.jarFile Path: /home/runner/.gradle/caches/modules-2/files-2.1/org.codehaus.plexus/plexus-io/3.4.1/e9dc0280372501917a124af943dcb709f73577a2/plexus-io-3.4.1.jarMD5: 7921fc78e18b1dc3dabe8ca5e3558657SHA1: e9dc0280372501917a124af943dcb709f73577a2SHA256: ac3be07c2968f98656604ddb8fdf08f1cfc560bc7b329fd17847f151510dc2c4Referenced In Projects/Scopes:
documentation:javadocClasspath maven-plugin-plugin:compileClasspath maven-plugin-plugin:runtimeClasspath plexus-io-3.4.1.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/io.freefair.gradle/maven-plugin-plugin@8.6 pkg:maven/org.apache.maven.plugins/maven-plugin-plugin@3.11.0 pkg:maven/org.apache.maven.plugin-tools/maven-plugin-tools-annotations@3.11.0 pkg:maven/org.apache.maven.plugin-tools/maven-plugin-tools-annotations@3.11.0 Evidence Type Source Name Value Confidence Vendor file name plexus-io High Vendor gradle artifactid plexus-io Highest Vendor gradle groupid org.codehaus.plexus Highest Vendor jar package name codehaus Highest Vendor jar package name components Highest Vendor jar package name io Highest Vendor jar package name plexus Highest Vendor Manifest build-jdk-spec 1.8 Low Vendor pom artifactid plexus-io Low Vendor pom groupid org.codehaus.plexus Highest Vendor pom name Plexus IO Components High Vendor pom parent-artifactid plexus Low Product file name plexus-io High Product gradle artifactid plexus-io Highest Product jar package name codehaus Highest Product jar package name components Highest Product jar package name io Highest Product jar package name plexus Highest Product Manifest build-jdk-spec 1.8 Low Product pom artifactid plexus-io Highest Product pom groupid org.codehaus.plexus Highest Product pom name Plexus IO Components High Product pom parent-artifactid plexus Medium Version file version 3.4.1 High Version gradle version 3.4.1 Highest Version pom parent-version 3.4.1 Low Version pom version 3.4.1 Highest
plexus-java-1.2.0.jarFile Path: /home/runner/.gradle/caches/modules-2/files-2.1/org.codehaus.plexus/plexus-java/1.2.0/3f161764aac786d64c4cac26511215369250d4fd/plexus-java-1.2.0.jarMD5: fc0976d9a939e5afe5c543f72438f290SHA1: 3f161764aac786d64c4cac26511215369250d4fdSHA256: 4d2d63cdcad46feba432110ef64bcdc8f8fad48538fda5cd2253686b45a94304Referenced In Projects/Scopes:
documentation:javadocClasspath maven-plugin-plugin:compileClasspath maven-plugin-plugin:runtimeClasspath plexus-java-1.2.0.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/io.freefair.gradle/maven-plugin-plugin@8.6 pkg:maven/org.apache.maven.plugins/maven-plugin-plugin@3.11.0 pkg:maven/org.apache.maven.plugin-tools/maven-plugin-tools-annotations@3.11.0 pkg:maven/org.apache.maven.plugin-tools/maven-plugin-tools-annotations@3.11.0 pkg:maven/org.apache.maven.plugins/maven-plugin-plugin@3.11.0 pkg:maven/org.apache.maven.plugin-tools/maven-plugin-tools-generators@3.11.0 pkg:maven/org.apache.maven.plugin-tools/maven-plugin-tools-generators@3.11.0 Evidence Type Source Name Value Confidence Vendor file name plexus-java High Vendor gradle artifactid plexus-java Highest Vendor gradle groupid org.codehaus.plexus Highest Vendor jar package name codehaus Highest Vendor jar package name java Highest Vendor jar package name languages Highest Vendor jar package name org Highest Vendor jar package name plexus Highest Vendor Manifest build-jdk-spec 21 Low Vendor Manifest multi-release true Low Vendor pom artifactid plexus-java Low Vendor pom groupid org.codehaus.plexus Highest Vendor pom name Plexus Languages :: Java High Vendor pom parent-artifactid plexus-languages Low Product file name plexus-java High Product gradle artifactid plexus-java Highest Product jar package name codehaus Highest Product jar package name java Highest Product jar package name languages Highest Product jar package name org Highest Product jar package name plexus Highest Product Manifest build-jdk-spec 21 Low Product Manifest multi-release true Low Product pom artifactid plexus-java Highest Product pom groupid org.codehaus.plexus Highest Product pom name Plexus Languages :: Java High Product pom parent-artifactid plexus-languages Medium Version file version 1.2.0 High Version gradle version 1.2.0 Highest Version pom version 1.2.0 Highest
CVE-2022-4244 suppress
A flaw was found in codeplex-codehaus. A directory traversal attack (also known as path traversal) aims to access files and directories stored outside the intended folder. By manipulating files with "dot-dot-slash (../)" sequences and their variations or by using absolute file paths, it may be possible to access arbitrary files and directories stored on the file system, including application source code, configuration, and other critical system files. CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVSSv3:
Base Score: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:3.9/RC:R/MAV:A References:
Vulnerable Software & Versions: (show all )
CVE-2022-4245 suppress
A flaw was found in codehaus-plexus. The org.codehaus.plexus.util.xml.XmlWriterUtil#writeComment fails to sanitize comments for a --> sequence. This issue means that text contained in the command string could be interpreted as XML and allow for XML injection. CWE-611 Improper Restriction of XML External Entity Reference, CWE-91 XML Injection (aka Blind XPath Injection)
CVSSv3:
Base Score: MEDIUM (4.3) Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:2.8/RC:R/MAV:A References:
Vulnerable Software & Versions: (show all )
plexus-sec-dispatcher-1.3.jarFile Path: /home/runner/.gradle/caches/modules-2/files-2.1/org.sonatype.plexus/plexus-sec-dispatcher/1.3/dedc02034fb8fcd7615d66593228cb71709134b4/plexus-sec-dispatcher-1.3.jarMD5: 53160199f5667de3fca69b723173639bSHA1: dedc02034fb8fcd7615d66593228cb71709134b4SHA256: 3b0559bb8432f28937efe6ca193ef54a8506d0075d73fd7406b9b116c6a11063Referenced In Projects/Scopes:
documentation:javadocClasspath maven-plugin-plugin:compileClasspath maven-plugin-plugin:runtimeClasspath plexus-sec-dispatcher-1.3.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/io.freefair.gradle/maven-plugin-plugin@8.6 pkg:maven/org.apache.maven.plugins/maven-plugin-plugin@3.11.0 pkg:maven/org.apache.maven.plugin-tools/maven-plugin-tools-annotations@3.11.0 pkg:maven/org.apache.maven.plugin-tools/maven-plugin-tools-annotations@3.11.0 pkg:maven/org.apache.maven.plugins/maven-plugin-plugin@3.11.0 pkg:maven/org.apache.maven.plugin-tools/maven-plugin-tools-generators@3.11.0 pkg:maven/org.apache.maven.plugin-tools/maven-plugin-tools-generators@3.11.0 Evidence Type Source Name Value Confidence Vendor file name plexus-sec-dispatcher High Vendor gradle artifactid plexus-sec-dispatcher Highest Vendor gradle groupid org.sonatype.plexus Highest Vendor jar package name components Low Vendor jar package name plexus Highest Vendor jar package name plexus Low Vendor jar package name sec Highest Vendor jar package name sonatype Highest Vendor jar package name sonatype Low Vendor pom artifactid plexus-sec-dispatcher Low Vendor pom groupid org.sonatype.plexus Highest Vendor pom name Plexus Security Dispatcher Component High Vendor pom parent-artifactid spice-parent Low Vendor pom parent-groupid org.sonatype.spice Medium Vendor pom url http://spice.sonatype.org/ Highest Product file name plexus-sec-dispatcher High Product gradle artifactid plexus-sec-dispatcher Highest Product jar package name components Low Product jar package name plexus Highest Product jar package name plexus Low Product jar package name sec Highest Product jar package name sec Low Product jar package name sonatype Highest Product pom artifactid plexus-sec-dispatcher Highest Product pom groupid org.sonatype.plexus Highest Product pom name Plexus Security Dispatcher Component High Product pom parent-artifactid spice-parent Medium Product pom parent-groupid org.sonatype.spice Medium Product pom url http://spice.sonatype.org/ Medium Version file version 1.3 High Version gradle version 1.3 Highest Version pom parent-version 1.3 Low Version pom version 1.3 Highest
plexus-utils-3.5.1.jarDescription:
A collection of various utility classes to ease working with strings, files, command lines, XML and
more.
File Path: /home/runner/.gradle/caches/modules-2/files-2.1/org.codehaus.plexus/plexus-utils/3.5.1/c6bfb17c97ecc8863e88778ea301be742c62b06d/plexus-utils-3.5.1.jarMD5: cdec471a77f52e687d0df4c43f392a71SHA1: c6bfb17c97ecc8863e88778ea301be742c62b06dSHA256: 86e0255d4c879c61b4833ed7f13124e8bb679df47debb127326e7db7dd49a07bReferenced In Projects/Scopes:
mjml-plugin:runtimeClasspath maven-plugin:compileClasspath mjml-plugin:compileClasspath mjml-plugin:implementationDependenciesMetadata maven-plugin:runtimeClasspath plexus-utils-3.5.1.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.apache.maven/maven-model@3.9.4 pkg:maven/org.apache.maven/maven-model@3.9.6 pkg:maven/org.apache.maven/maven-model@3.9.4 pkg:maven/org.apache.maven/maven-model@3.9.6 pkg:maven/org.apache.maven/maven-model@3.9.4 Evidence Type Source Name Value Confidence Vendor file name plexus-utils High Vendor gradle artifactid plexus-utils Highest Vendor gradle groupid org.codehaus.plexus Highest Vendor jar package name codehaus Highest Vendor jar package name org Highest Vendor jar package name plexus Highest Vendor jar package name xml Highest Vendor Manifest build-jdk-spec 11 Low Vendor Manifest multi-release true Low Vendor pom artifactid plexus-utils Low Vendor pom groupid org.codehaus.plexus Highest Vendor pom name Plexus Common Utilities High Vendor pom parent-artifactid plexus Low Product file name plexus-utils High Product gradle artifactid plexus-utils Highest Product jar package name 11 Highest Product jar package name codehaus Highest Product jar package name org Highest Product jar package name plexus Highest Product jar package name xml Highest Product Manifest build-jdk-spec 11 Low Product Manifest multi-release true Low Product pom artifactid plexus-utils Highest Product pom groupid org.codehaus.plexus Highest Product pom name Plexus Common Utilities High Product pom parent-artifactid plexus Medium Version file version 3.5.1 High Version gradle version 3.5.1 Highest Version pom parent-version 3.5.1 Low Version pom version 3.5.1 Highest
plexus-utils-4.0.0.jarDescription:
A collection of various utility classes to ease working with strings, files, command lines and
more. File Path: /home/runner/.gradle/caches/modules-2/files-2.1/org.codehaus.plexus/plexus-utils/4.0.0/ff00a04ba971655ed10e9fb93bce0ed3014e9477/plexus-utils-4.0.0.jarMD5: 16481d9d3af602d73a6355e79d2de889SHA1: ff00a04ba971655ed10e9fb93bce0ed3014e9477SHA256: 270cd703b48c6e5c8c691f1875f22d62d22cfe072c73ae2f5814d83d68c1da0bReferenced In Projects/Scopes:
documentation:javadocClasspath maven-plugin-plugin:compileClasspath maven-plugin-plugin:runtimeClasspath plexus-utils-4.0.0.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/io.freefair.gradle/maven-plugin-plugin@8.6 pkg:maven/io.freefair.gradle/maven-plugin@8.6 pkg:maven/io.freefair.gradle/mjml-plugin@8.6 pkg:maven/org.apache.maven.plugins/maven-plugin-plugin@3.11.0 pkg:maven/org.apache.maven.plugin-tools/maven-plugin-tools-annotations@3.11.0 pkg:maven/io.freefair.gradle/maven-plugin@8.6 pkg:maven/org.apache.maven.plugin-tools/maven-plugin-tools-annotations@3.11.0 pkg:maven/org.apache.maven.plugins/maven-plugin-plugin@3.11.0 pkg:maven/org.apache.maven.plugin-tools/maven-plugin-tools-generators@3.11.0 pkg:maven/org.apache.maven.plugin-tools/maven-plugin-tools-generators@3.11.0 Evidence Type Source Name Value Confidence Vendor file name plexus-utils High Vendor gradle artifactid plexus-utils Highest Vendor gradle groupid org.codehaus.plexus Highest Vendor jar package name codehaus Highest Vendor jar package name org Highest Vendor jar package name plexus Highest Vendor Manifest build-jdk-spec 17 Low Vendor Manifest multi-release true Low Vendor pom artifactid plexus-utils Low Vendor pom groupid org.codehaus.plexus Highest Vendor pom name Plexus Common Utilities High Vendor pom parent-artifactid plexus Low Product file name plexus-utils High Product gradle artifactid plexus-utils Highest Product jar package name codehaus Highest Product jar package name org Highest Product jar package name plexus Highest Product Manifest build-jdk-spec 17 Low Product Manifest multi-release true Low Product pom artifactid plexus-utils Highest Product pom groupid org.codehaus.plexus Highest Product pom name Plexus Common Utilities High Product pom parent-artifactid plexus Medium Version file version 4.0.0 High Version gradle version 4.0.0 Highest Version pom parent-version 4.0.0 Low Version pom version 4.0.0 Highest
plexus-velocity-1.2.jarFile Path: /home/runner/.gradle/caches/modules-2/files-2.1/org.codehaus.plexus/plexus-velocity/1.2/1331b9d6bbf99ead362c68c2f318ebe5fedda598/plexus-velocity-1.2.jarMD5: 7d7805136e8165f53c944612a809f1a6SHA1: 1331b9d6bbf99ead362c68c2f318ebe5fedda598SHA256: b4c4a0dbeacad54306a1ae230eff5ab45d58e3ab88c86ab7245d3a0772be57abReferenced In Projects/Scopes:
documentation:javadocClasspath maven-plugin-plugin:compileClasspath maven-plugin-plugin:runtimeClasspath plexus-velocity-1.2.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/io.freefair.gradle/maven-plugin-plugin@8.6 pkg:maven/org.apache.maven.plugins/maven-plugin-plugin@3.11.0 pkg:maven/org.apache.maven.plugins/maven-plugin-plugin@3.11.0 pkg:maven/org.apache.maven.plugin-tools/maven-plugin-tools-generators@3.11.0 pkg:maven/org.apache.maven.plugin-tools/maven-plugin-tools-generators@3.11.0 Evidence Type Source Name Value Confidence Vendor file name plexus-velocity High Vendor gradle artifactid plexus-velocity Highest Vendor gradle groupid org.codehaus.plexus Highest Vendor jar package name codehaus Highest Vendor jar package name codehaus Low Vendor jar package name plexus Highest Vendor jar package name plexus Low Vendor jar package name velocity Highest Vendor jar package name velocity Low Vendor pom artifactid plexus-velocity Low Vendor pom groupid org.codehaus.plexus Highest Vendor pom name Plexus Velocity Component High Vendor pom parent-artifactid plexus-components Low Product file name plexus-velocity High Product gradle artifactid plexus-velocity Highest Product jar package name codehaus Highest Product jar package name plexus Highest Product jar package name plexus Low Product jar package name velocity Highest Product jar package name velocity Low Product pom artifactid plexus-velocity Highest Product pom groupid org.codehaus.plexus Highest Product pom name Plexus Velocity Component High Product pom parent-artifactid plexus-components Medium Version file version 1.2 High Version gradle version 1.2 Highest Version pom parent-version 1.2 Low Version pom version 1.2 Highest
CVE-2022-4244 suppress
A flaw was found in codeplex-codehaus. A directory traversal attack (also known as path traversal) aims to access files and directories stored outside the intended folder. By manipulating files with "dot-dot-slash (../)" sequences and their variations or by using absolute file paths, it may be possible to access arbitrary files and directories stored on the file system, including application source code, configuration, and other critical system files. CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVSSv3:
Base Score: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:3.9/RC:R/MAV:A References:
Vulnerable Software & Versions: (show all )
CVE-2022-4245 suppress
A flaw was found in codehaus-plexus. The org.codehaus.plexus.util.xml.XmlWriterUtil#writeComment fails to sanitize comments for a --> sequence. This issue means that text contained in the command string could be interpreted as XML and allow for XML injection. CWE-611 Improper Restriction of XML External Entity Reference, CWE-91 XML Injection (aka Blind XPath Injection)
CVSSv3:
Base Score: MEDIUM (4.3) Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:2.8/RC:R/MAV:A References:
Vulnerable Software & Versions: (show all )
plexus-xml-3.0.0.jarDescription:
A collection of various utility classes to ease working with XML in Maven 3. File Path: /home/runner/.gradle/caches/modules-2/files-2.1/org.codehaus.plexus/plexus-xml/3.0.0/d16b91678bc3734276886132923d6919c935c9f7/plexus-xml-3.0.0.jarMD5: cccca4a03a8367cd20e4efaead5fba0bSHA1: d16b91678bc3734276886132923d6919c935c9f7SHA256: d2622dc9339b16f5b8c9cad2add440e965831d0e16f19ae1de24e1202b0de536Referenced In Projects/Scopes:
documentation:javadocClasspath maven-plugin-plugin:compileClasspath maven-plugin-plugin:runtimeClasspath plexus-xml-3.0.0.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/io.freefair.gradle/maven-plugin-plugin@8.6 pkg:maven/org.apache.maven.plugins/maven-plugin-plugin@3.11.0 pkg:maven/org.apache.maven.plugin-tools/maven-plugin-tools-annotations@3.11.0 pkg:maven/org.apache.maven.plugin-tools/maven-plugin-tools-annotations@3.11.0 pkg:maven/org.apache.maven.plugins/maven-plugin-plugin@3.11.0 pkg:maven/org.apache.maven.plugin-tools/maven-plugin-tools-generators@3.11.0 pkg:maven/org.apache.maven.plugin-tools/maven-plugin-tools-generators@3.11.0 Evidence Type Source Name Value Confidence Vendor file name plexus-xml High Vendor gradle artifactid plexus-xml Highest Vendor gradle groupid org.codehaus.plexus Highest Vendor jar package name codehaus Highest Vendor jar package name plexus Highest Vendor jar package name xml Highest Vendor Manifest build-jdk-spec 11 Low Vendor pom artifactid plexus-xml Low Vendor pom groupid org.codehaus.plexus Highest Vendor pom name Plexus XML Utilities High Vendor pom parent-artifactid plexus Low Vendor pom url https://codehaus-plexus.github.io/plexus-xml/ Highest Product file name plexus-xml High Product gradle artifactid plexus-xml Highest Product jar package name codehaus Highest Product jar package name plexus Highest Product jar package name xml Highest Product Manifest build-jdk-spec 11 Low Product pom artifactid plexus-xml Highest Product pom groupid org.codehaus.plexus Highest Product pom name Plexus XML Utilities High Product pom parent-artifactid plexus Medium Product pom url https://codehaus-plexus.github.io/plexus-xml/ Medium Version file version 3.0.0 High Version gradle version 3.0.0 Highest Version pom parent-version 3.0.0 Low Version pom version 3.0.0 Highest
CVE-2022-4244 suppress
A flaw was found in codeplex-codehaus. A directory traversal attack (also known as path traversal) aims to access files and directories stored outside the intended folder. By manipulating files with "dot-dot-slash (../)" sequences and their variations or by using absolute file paths, it may be possible to access arbitrary files and directories stored on the file system, including application source code, configuration, and other critical system files. CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVSSv3:
Base Score: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:3.9/RC:R/MAV:A References:
Vulnerable Software & Versions: (show all )
CVE-2022-4245 suppress
A flaw was found in codehaus-plexus. The org.codehaus.plexus.util.xml.XmlWriterUtil#writeComment fails to sanitize comments for a --> sequence. This issue means that text contained in the command string could be interpreted as XML and allow for XML injection. CWE-611 Improper Restriction of XML External Entity Reference, CWE-91 XML Injection (aka Blind XPath Injection)
CVSSv3:
Base Score: MEDIUM (4.3) Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:2.8/RC:R/MAV:A References:
Vulnerable Software & Versions: (show all )
plugin-utils-8.6.jarFile Path: /home/runner/work/gradle-plugins/gradle-plugins/plugin-utils/build/libs/plugin-utils-8.6.jarMD5: 945c11c7e53747371573e134a3ba47a9SHA1: 00ad31f83536bedd08f8a6e149d39c7ebcd1eac5SHA256: a3ea6416db7661cbfe249ca1300bd77f053e4ee30b6df6df18c59072f1e7934aReferenced In Projects/Scopes:
documentation:javadocClasspath aspectj-plugin:compileClasspath aspectj-plugin:runtimeClasspath git-plugin:compileClasspath git-plugin:runtimeClasspath github-plugin:compileClasspath github-plugin:runtimeClasspath plugin-utils-8.6.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/io.freefair.gradle/github-plugin@8.6 pkg:maven/io.freefair.gradle/git-plugin@8.6 pkg:maven/io.freefair.gradle/aspectj-plugin@8.6 pkg:maven/io.freefair.gradle/git-plugin@8.6 pkg:maven/io.freefair.gradle/documentation@8.6 pkg:maven/io.freefair.gradle/aspectj-plugin@8.6 pkg:maven/io.freefair.gradle/github-plugin@8.6 pkg:maven/io.freefair.gradle/git-plugin@8.6 pkg:maven/io.freefair.gradle/aspectj-plugin@8.6 pkg:maven/io.freefair.gradle/github-plugin@8.6 Evidence Type Source Name Value Confidence Vendor file name plugin-utils High Vendor gradle artifactid plugin-utils Highest Vendor gradle groupid io.freefair.gradle Highest Vendor jar package name freefair Low Vendor jar package name gradle Low Vendor jar package name io Low Product file name plugin-utils High Product gradle artifactid plugin-utils Highest Product jar package name freefair Low Product jar package name gradle Low Product jar package name util Low Version file version 8.6 High Version Manifest Implementation-Version 8.6 High
protobuf-java-3.25.2.jarDescription:
Core Protocol Buffers library. Protocol Buffers are a way of encoding structured data in an efficient yet extensible format. License:
https://opensource.org/licenses/BSD-3-Clause File Path: /home/runner/.gradle/caches/modules-2/files-2.1/com.google.protobuf/protobuf-java/3.25.2/70d676d0082fa7a6b00c6073ce9b572c0d335e97/protobuf-java-3.25.2.jar
MD5: 25ac420efb83bf38b8c78b0b37097c2e
SHA1: 70d676d0082fa7a6b00c6073ce9b572c0d335e97
SHA256: cabe49981b86f5913b7fd130b4628e6ee11586e28ca069815d9744f929271902
Referenced In Projects/Scopes: documentation:javadocClasspath embedded-sass-plugin:runtimeClasspath embedded-sass-plugin:compileClasspath protobuf-java-3.25.2.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/io.freefair.gradle/embedded-sass-plugin@8.6 pkg:maven/de.larsgrefer.sass/sass-embedded-host@3.4.0 pkg:maven/de.larsgrefer.sass/sass-embedded-host@3.4.0 Evidence Type Source Name Value Confidence Vendor file name protobuf-java High Vendor gradle artifactid protobuf-java Highest Vendor gradle groupid com.google.protobuf Highest Vendor jar package name google Highest Vendor jar package name google Low Vendor jar package name protobuf Highest Vendor jar package name protobuf Low Vendor Manifest bundle-docurl https://developers.google.com/protocol-buffers/ Low Vendor Manifest bundle-symbolicname com.google.protobuf Medium Vendor Manifest target-label //java/core:lite_runtime_only Low Product file name protobuf-java High Product gradle artifactid protobuf-java Highest Product jar package name google Highest Product jar package name protobuf Highest Product jar package name protobuf Low Product Manifest bundle-docurl https://developers.google.com/protocol-buffers/ Low Product Manifest Bundle-Name Protocol Buffers [Core] Medium Product Manifest bundle-symbolicname com.google.protobuf Medium Product Manifest target-label //java/core:lite_runtime_only Low Version file name protobuf-java Medium Version file version 3.25.2 High Version gradle version 3.25.2 Highest Version jar package name google Highest Version Manifest Bundle-Version 3.25.2 High
qdox-2.0.3.jarDescription:
QDox is a high speed, small footprint parser for extracting class/interface/method definitions from source files
complete with JavaDoc @tags. It is designed to be used by active code generators or documentation tools.
License:
The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /home/runner/.gradle/caches/modules-2/files-2.1/com.thoughtworks.qdox/qdox/2.0.3/d70143d2a58e7b16a8ec73a495508d43a085d83b/qdox-2.0.3.jar
MD5: 1a599568ea16556d01a008d9e062ac89
SHA1: d70143d2a58e7b16a8ec73a495508d43a085d83b
SHA256: ff70c10165714fe9546c418a65d74ecd5d57623ba408cecde9428f0a609b5d1c
Referenced In Projects/Scopes: documentation:javadocClasspath maven-plugin-plugin:compileClasspath maven-plugin-plugin:runtimeClasspath qdox-2.0.3.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/io.freefair.gradle/maven-plugin-plugin@8.6 pkg:maven/org.apache.maven.plugins/maven-plugin-plugin@3.11.0 pkg:maven/org.apache.maven.plugin-tools/maven-plugin-tools-annotations@3.11.0 pkg:maven/org.apache.maven.plugin-tools/maven-plugin-tools-annotations@3.11.0 pkg:maven/org.apache.maven.plugins/maven-plugin-plugin@3.11.0 pkg:maven/org.apache.maven.plugin-tools/maven-plugin-tools-generators@3.11.0 pkg:maven/org.apache.maven.plugin-tools/maven-plugin-tools-generators@3.11.0 Evidence Type Source Name Value Confidence Vendor file name qdox High Vendor gradle artifactid qdox Highest Vendor gradle groupid com.thoughtworks.qdox Highest Vendor jar package name parser Highest Vendor jar package name qdox Highest Vendor jar package name thoughtworks Highest Vendor jar package name tools Highest Vendor Manifest automatic-module-name com.thoughtworks.qdox Medium Vendor Manifest build-jdk-spec 1.8 Low Vendor pom artifactid qdox Low Vendor pom developer id joe Medium Vendor pom developer id mauro Medium Vendor pom developer id mdub Medium Vendor pom developer id paul Medium Vendor pom developer id rfscholte Medium Vendor pom developer id rinkrank Medium Vendor pom developer name Aslak Hellesoy Medium Vendor pom developer name Joe Walnes Medium Vendor pom developer name Mauro Talevi Medium Vendor pom developer name Mike Williams Medium Vendor pom developer name Paul Hammant Medium Vendor pom developer name Robert Scholte Medium Vendor pom groupid com.thoughtworks.qdox Highest Vendor pom name QDox High Vendor pom url paul-hammant/qdox Highest Product file name qdox High Product gradle artifactid qdox Highest Product jar package name parser Highest Product jar package name qdox Highest Product jar package name thoughtworks Highest Product jar package name tools Highest Product Manifest automatic-module-name com.thoughtworks.qdox Medium Product Manifest build-jdk-spec 1.8 Low Product pom artifactid qdox Highest Product pom developer id joe Low Product pom developer id mauro Low Product pom developer id mdub Low Product pom developer id paul Low Product pom developer id rfscholte Low Product pom developer id rinkrank Low Product pom developer name Aslak Hellesoy Low Product pom developer name Joe Walnes Low Product pom developer name Mauro Talevi Low Product pom developer name Mike Williams Low Product pom developer name Paul Hammant Low Product pom developer name Robert Scholte Low Product pom groupid com.thoughtworks.qdox Highest Product pom name QDox High Product pom url paul-hammant/qdox High Version file version 2.0.3 High Version gradle version 2.0.3 Highest Version pom version 2.0.3 Highest
quicktype-plugin-8.6.jarFile Path: /home/runner/work/gradle-plugins/gradle-plugins/quicktype-plugin/build/libs/quicktype-plugin-8.6.jarMD5: 4d7186b05f910ec5b7bc33356ed74d01SHA1: d22bb73c3d2498245998da38871d79d4e708b4a0SHA256: 0682589afb854ccdd894ecd26ba265f03488844eb1ba16d73820a66d0dd6b900Referenced In Project/Scope: documentation:javadocClasspathquicktype-plugin-8.6.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/io.freefair.gradle/documentation@8.6
Evidence Type Source Name Value Confidence Vendor file name quicktype-plugin High Vendor gradle artifactid quicktype-plugin Highest Vendor gradle groupid io.freefair.gradle Highest Vendor jar package name freefair Low Vendor jar package name gradle Low Vendor jar package name io Low Product file name quicktype-plugin High Product gradle artifactid quicktype-plugin Highest Product jar package name freefair Low Product jar package name gradle Low Product jar package name plugins Low Version file version 8.6 High Version Manifest Implementation-Version 8.6 High
retrofit-2.9.0.jarFile Path: /home/runner/.gradle/caches/modules-2/files-2.1/com.squareup.retrofit2/retrofit/2.9.0/d8fdfbd5da952141a665a403348b74538efc05ff/retrofit-2.9.0.jarMD5: 890d951895e6d080185377c741526002SHA1: d8fdfbd5da952141a665a403348b74538efc05ffSHA256: e6ea1929c46852f5bec66ab3357da383476cef4e8d1deefdbf195b79cc4d6581Referenced In Projects/Scopes:
documentation:javadocClasspath github-plugin:compileClasspath github-plugin:runtimeClasspath retrofit-2.9.0.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.squareup.retrofit2/converter-gson@2.9.0 pkg:maven/io.freefair.gradle/github-plugin@8.6 pkg:maven/com.squareup.retrofit2/converter-gson@2.9.0 pkg:maven/io.freefair.gradle/github-plugin@8.6 pkg:maven/io.freefair.gradle/github-plugin@8.6 Evidence Type Source Name Value Confidence Vendor file name retrofit High Vendor gradle artifactid retrofit Highest Vendor gradle groupid com.squareup.retrofit2 Highest Vendor jar package name retrofit2 Highest Vendor jar package name retrofit2 Low Vendor Manifest automatic-module-name retrofit2 Medium Product file name retrofit High Product gradle artifactid retrofit Highest Product jar package name retrofit2 Highest Product Manifest automatic-module-name retrofit2 Medium Version file name retrofit Medium Version file version 2.9.0 High Version gradle version 2.9.0 Highest
sass-embedded-bundled-3.4.0.jarFile Path: /home/runner/.gradle/caches/modules-2/files-2.1/de.larsgrefer.sass/sass-embedded-bundled/3.4.0/7f6fe8b395ec293fdf0acc54402937d62005e45/sass-embedded-bundled-3.4.0.jarMD5: c60ac251f56fda21f0b249845960550cSHA1: 07f6fe8b395ec293fdf0acc54402937d62005e45SHA256: 2368d575ec3b428efe42b65cb129a4724bcd16f8f7e4832c7009b2bbdfd6a07fReferenced In Projects/Scopes:
documentation:javadocClasspath embedded-sass-plugin:runtimeClasspath embedded-sass-plugin:compileClasspath sass-embedded-bundled-3.4.0.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/io.freefair.gradle/embedded-sass-plugin@8.6 pkg:maven/de.larsgrefer.sass/sass-embedded-host@3.4.0 pkg:maven/de.larsgrefer.sass/sass-embedded-host@3.4.0 Evidence Type Source Name Value Confidence Vendor file name sass-embedded-bundled High Vendor gradle artifactid sass-embedded-bundled Highest Vendor gradle groupid de.larsgrefer.sass Highest Vendor jar package name de Low Vendor jar package name larsgrefer Low Vendor jar package name sass Low Vendor Manifest implementation-url https://github.com/larsgrefer/dart-sass-java Low Vendor Manifest specification-vendor Google LLC Low Product file name sass-embedded-bundled High Product gradle artifactid sass-embedded-bundled Highest Product jar package name embedded Highest Product jar package name embedded Low Product jar package name larsgrefer Highest Product jar package name larsgrefer Low Product jar package name sass Highest Product jar package name sass Low Product Manifest Implementation-Title SASS Embedded Bundled Compilers High Product Manifest implementation-url https://github.com/larsgrefer/dart-sass-java Low Version file version 3.4.0 High Version Manifest Implementation-Version 3.4.0 High
sass-embedded-host-3.4.0.jarFile Path: /home/runner/.gradle/caches/modules-2/files-2.1/de.larsgrefer.sass/sass-embedded-host/3.4.0/61a916bcf36095bc6e849a3b51d2cb3f48f53e04/sass-embedded-host-3.4.0.jarMD5: 9ca83549b50fb87d8da491ebfba30a4cSHA1: 61a916bcf36095bc6e849a3b51d2cb3f48f53e04SHA256: 1491f7f59437bb3c5e7364a24ae9e47adc52a1b1c97a84e9646e7d2c08b08b15Referenced In Projects/Scopes:
documentation:javadocClasspath embedded-sass-plugin:runtimeClasspath embedded-sass-plugin:compileClasspath sass-embedded-host-3.4.0.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/io.freefair.gradle/embedded-sass-plugin@8.6 pkg:maven/io.freefair.gradle/embedded-sass-plugin@8.6 pkg:maven/io.freefair.gradle/embedded-sass-plugin@8.6 Evidence Type Source Name Value Confidence Vendor file name sass-embedded-host High Vendor gradle artifactid sass-embedded-host Highest Vendor gradle groupid de.larsgrefer.sass Highest Vendor jar package name de Low Vendor jar package name larsgrefer Low Vendor jar package name sass Low Vendor Manifest implementation-url https://github.com/larsgrefer/dart-sass-java Low Product file name sass-embedded-host High Product gradle artifactid sass-embedded-host Highest Product jar package name embedded Highest Product jar package name embedded Low Product jar package name larsgrefer Highest Product jar package name larsgrefer Low Product jar package name sass Highest Product jar package name sass Low Product Manifest Implementation-Title SASS Embedded Host High Product Manifest implementation-url https://github.com/larsgrefer/dart-sass-java Low Version file version 3.4.0 High Version Manifest Implementation-Version 3.4.0 High
sass-embedded-protocol-3.4.0.jarFile Path: /home/runner/.gradle/caches/modules-2/files-2.1/de.larsgrefer.sass/sass-embedded-protocol/3.4.0/8fde2935fd5d7c688a4dcb87d9d6ee5c279ec0d8/sass-embedded-protocol-3.4.0.jarMD5: 65bd3d8924a8433e6ce4b97d9b04ae98SHA1: 8fde2935fd5d7c688a4dcb87d9d6ee5c279ec0d8SHA256: 373bebb9e55d6fc72157faf373ba8b0ab4170c2dd0a6adedb8e2e3c60c598182Referenced In Projects/Scopes:
documentation:javadocClasspath embedded-sass-plugin:runtimeClasspath embedded-sass-plugin:compileClasspath sass-embedded-protocol-3.4.0.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/io.freefair.gradle/embedded-sass-plugin@8.6 pkg:maven/de.larsgrefer.sass/sass-embedded-host@3.4.0 pkg:maven/de.larsgrefer.sass/sass-embedded-host@3.4.0 Evidence Type Source Name Value Confidence Vendor file name sass-embedded-protocol High Vendor gradle artifactid sass-embedded-protocol Highest Vendor gradle groupid de.larsgrefer.sass Highest Vendor jar package name embedded_protocol Low Vendor jar package name sass_lang Low Vendor Manifest implementation-url https://github.com/larsgrefer/dart-sass-java Low Vendor Manifest specification-vendor Google LLC Low Product file name sass-embedded-protocol High Product gradle artifactid sass-embedded-protocol Highest Product jar package name embedded_protocol Low Product Manifest Implementation-Title SASS Embedded Protocol High Product Manifest implementation-url https://github.com/larsgrefer/dart-sass-java Low Version file version 3.4.0 High Version Manifest Implementation-Version 3.4.0 High
settings-plugin-8.6.jarFile Path: /home/runner/work/gradle-plugins/gradle-plugins/settings-plugin/build/libs/settings-plugin-8.6.jarMD5: 59c097622940fb94900631f8a9e6ea79SHA1: 66b51a7468d6928b63f0e1c476f929818f0353caSHA256: 78266a512e5268947d7526b1394c33a7a5b27e13d42e2bdd34cbdb8ffef88e43Referenced In Project/Scope: documentation:javadocClasspathsettings-plugin-8.6.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/io.freefair.gradle/documentation@8.6
Evidence Type Source Name Value Confidence Vendor file name settings-plugin High Vendor gradle artifactid settings-plugin Highest Vendor gradle groupid io.freefair.gradle Highest Vendor jar package name freefair Low Vendor jar package name gradle Low Vendor jar package name io Low Product file name settings-plugin High Product gradle artifactid settings-plugin Highest Product jar package name freefair Low Product jar package name gradle Low Product jar package name plugins Low Version file version 8.6 High Version Manifest Implementation-Version 8.6 High
sisu-guice-3.2.3-no_aop.jarDescription:
Patched build of Guice: a lightweight dependency injection framework for Java 6 and above License:
http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /home/runner/.gradle/caches/modules-2/files-2.1/org.sonatype.sisu/sisu-guice/3.2.3/6b8262f32ff7b60881aed3e7aa9d81fdb48330e9/sisu-guice-3.2.3-no_aop.jar
MD5: 733be430711a32f2b9ba72da565cab2f
SHA1: 6b8262f32ff7b60881aed3e7aa9d81fdb48330e9
SHA256: 004af7012b6d11ab585ae841130ff091dcad6531d7bf13db4d7deac91589eef4
Referenced In Projects/Scopes: documentation:javadocClasspath maven-plugin-plugin:compileClasspath maven-plugin-plugin:runtimeClasspath sisu-guice-3.2.3-no_aop.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/io.freefair.gradle/maven-plugin-plugin@8.6 pkg:maven/org.apache.maven.plugins/maven-plugin-plugin@3.11.0 pkg:maven/org.apache.maven.plugin-tools/maven-plugin-tools-annotations@3.11.0 pkg:maven/org.apache.maven.plugin-tools/maven-plugin-tools-annotations@3.11.0 pkg:maven/org.apache.maven.plugins/maven-plugin-plugin@3.11.0 pkg:maven/org.apache.maven.plugin-tools/maven-plugin-tools-generators@3.11.0 pkg:maven/org.apache.maven.plugin-tools/maven-plugin-tools-generators@3.11.0 Evidence Type Source Name Value Confidence Vendor file name sisu-guice High Vendor gradle artifactid sisu-guice Highest Vendor gradle groupid org.sonatype.sisu Highest Vendor jar package name google Highest Vendor jar package name google Low Vendor jar package name guice Highest Vendor jar package name inject Low Vendor jar package name internal Low Vendor Manifest bundle-copyright Copyright (C) 2006 Google Inc. Low Vendor Manifest bundle-docurl https://github.com/google/guice Low Vendor Manifest bundle-requiredexecutionenvironment JavaSE-1.6 Low Vendor Manifest bundle-symbolicname org.sonatype.sisu.guice Medium Vendor Manifest eclipse-extensibleapi true Low Vendor Manifest Implementation-Vendor Google, Inc. High Vendor Manifest Implementation-Vendor-Id org.sonatype.sisu Medium Product file name sisu-guice High Product gradle artifactid sisu-guice Highest Product jar package name dependency Highest Product jar package name google Highest Product jar package name guice Highest Product jar package name inject Low Product jar package name internal Low Product Manifest bundle-copyright Copyright (C) 2006 Google Inc. Low Product Manifest bundle-docurl https://github.com/google/guice Low Product Manifest Bundle-Name sisu-guice (no_aop) Medium Product Manifest bundle-requiredexecutionenvironment JavaSE-1.6 Low Product Manifest bundle-symbolicname org.sonatype.sisu.guice Medium Product Manifest eclipse-extensibleapi true Low Product Manifest Implementation-Title Sisu Guice - Core Library High Product Manifest specification-title Sisu Guice - Core Library Medium Version file version 3.2.3 High Version Manifest Implementation-Version 3.2.3 High
slf4j-api-1.7.36.jarDescription:
The slf4j API File Path: /home/runner/.gradle/caches/modules-2/files-2.1/org.slf4j/slf4j-api/1.7.36/6c62681a2f655b49963a5983b8b0950a6120ae14/slf4j-api-1.7.36.jarMD5: 872da51f5de7f3923da4de871d57fd85SHA1: 6c62681a2f655b49963a5983b8b0950a6120ae14SHA256: d3ef575e3e4979678dc01bf1dcce51021493b4d11fb7f1be8ad982877c16a1c0Referenced In Projects/Scopes:
maven-plugin-plugin:compileClasspath maven-plugin-plugin:runtimeClasspath slf4j-api-1.7.36.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.apache.maven.plugin-tools/maven-plugin-tools-annotations@3.11.0 pkg:maven/org.apache.maven.plugin-tools/maven-plugin-tools-annotations@3.11.0 pkg:maven/org.apache.maven.plugins/maven-plugin-plugin@3.11.0 pkg:maven/org.apache.maven.plugin-tools/maven-plugin-tools-generators@3.11.0 pkg:maven/org.apache.maven.plugin-tools/maven-plugin-tools-generators@3.11.0 Evidence Type Source Name Value Confidence Vendor file name slf4j-api High Vendor gradle artifactid slf4j-api Highest Vendor gradle groupid org.slf4j Highest Vendor jar package name slf4j Highest Vendor Manifest automatic-module-name org.slf4j Medium Vendor Manifest build-jdk-spec 1.8 Low Vendor Manifest bundle-requiredexecutionenvironment J2SE-1.5 Low Vendor Manifest bundle-symbolicname slf4j.api Medium Vendor pom artifactid slf4j-api Low Vendor pom groupid org.slf4j Highest Vendor pom name SLF4J API Module High Vendor pom parent-artifactid slf4j-parent Low Vendor pom url http://www.slf4j.org Highest Product file name slf4j-api High Product gradle artifactid slf4j-api Highest Product jar package name slf4j Highest Product Manifest automatic-module-name org.slf4j Medium Product Manifest build-jdk-spec 1.8 Low Product Manifest Bundle-Name slf4j-api Medium Product Manifest bundle-requiredexecutionenvironment J2SE-1.5 Low Product Manifest bundle-symbolicname slf4j.api Medium Product Manifest Implementation-Title slf4j-api High Product pom artifactid slf4j-api Highest Product pom groupid org.slf4j Highest Product pom name SLF4J API Module High Product pom parent-artifactid slf4j-parent Medium Product pom url http://www.slf4j.org Medium Version file version 1.7.36 High Version gradle version 1.7.36 Highest Version Manifest Bundle-Version 1.7.36 High Version Manifest Implementation-Version 1.7.36 High Version pom version 1.7.36 Highest
slf4j-api-2.0.9.jarDescription:
The slf4j API License:
http://www.opensource.org/licenses/mit-license.php File Path: /home/runner/.gradle/caches/modules-2/files-2.1/org.slf4j/slf4j-api/2.0.9/7cf2726fdcfbc8610f9a71fb3ed639871f315340/slf4j-api-2.0.9.jar
MD5: 45630e54b0f0ac2b3c80462515ad8fda
SHA1: 7cf2726fdcfbc8610f9a71fb3ed639871f315340
SHA256: 0818930dc8d7debb403204611691da58e49d42c50b6ffcfdce02dadb7c3c2b6c
Referenced In Projects/Scopes: documentation:javadocClasspath embedded-sass-plugin:runtimeClasspath embedded-sass-plugin:compileClasspath slf4j-api-2.0.9.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/io.freefair.gradle/embedded-sass-plugin@8.6 pkg:maven/io.freefair.gradle/maven-plugin-plugin@8.6 pkg:maven/org.webjars/webjars-locator-core@0.55 pkg:maven/org.apache.maven.plugins/maven-plugin-plugin@3.11.0 pkg:maven/org.webjars/webjars-locator-core@0.55 pkg:maven/de.larsgrefer.sass/sass-embedded-host@3.4.0 pkg:maven/de.larsgrefer.sass/sass-embedded-host@3.4.0 Evidence Type Source Name Value Confidence Vendor file name slf4j-api High Vendor gradle artifactid slf4j-api Highest Vendor gradle groupid org.slf4j Highest Vendor jar package name slf4j Highest Vendor Manifest build-jdk-spec 20 Low Vendor Manifest bundle-docurl http://www.slf4j.org Low Vendor Manifest bundle-symbolicname slf4j.api Medium Vendor Manifest multi-release true Low Vendor pom artifactid slf4j-api Low Vendor pom groupid org.slf4j Highest Vendor pom name SLF4J API Module High Vendor pom parent-artifactid slf4j-parent Low Vendor pom url http://www.slf4j.org Highest Product file name slf4j-api High Product gradle artifactid slf4j-api Highest Product jar package name slf4j Highest Product Manifest build-jdk-spec 20 Low Product Manifest bundle-docurl http://www.slf4j.org Low Product Manifest Bundle-Name SLF4J API Module Medium Product Manifest bundle-symbolicname slf4j.api Medium Product Manifest Implementation-Title slf4j-api High Product Manifest multi-release true Low Product pom artifactid slf4j-api Highest Product pom groupid org.slf4j Highest Product pom name SLF4J API Module High Product pom parent-artifactid slf4j-parent Medium Product pom url http://www.slf4j.org Medium Version file version 2.0.9 High Version gradle version 2.0.9 Highest Version Manifest Bundle-Version 2.0.9 High Version Manifest Implementation-Version 2.0.9 High Version pom version 2.0.9 Highest
snappy-0.4.jarDescription:
Port of Snappy to Java License:
Apache License 2.0: http://www.apache.org/licenses/LICENSE-2.0.html File Path: /home/runner/.gradle/caches/modules-2/files-2.1/org.iq80.snappy/snappy/0.4/a42b2d92a89efd35bb14738000dabcac6bd07a8d/snappy-0.4.jar
MD5: f0792d1dbe7f90d8b34c7c19961e0073
SHA1: a42b2d92a89efd35bb14738000dabcac6bd07a8d
SHA256: 46a0c87d504ce9d6063e1ff6e4d20738feb49d8abf85b5071a7d18df4f11bac9
Referenced In Projects/Scopes: documentation:javadocClasspath maven-plugin-plugin:compileClasspath maven-plugin-plugin:runtimeClasspath snappy-0.4.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/io.freefair.gradle/maven-plugin-plugin@8.6 pkg:maven/org.apache.maven.plugins/maven-plugin-plugin@3.11.0 pkg:maven/org.apache.maven.plugin-tools/maven-plugin-tools-annotations@3.11.0 pkg:maven/org.apache.maven.plugin-tools/maven-plugin-tools-annotations@3.11.0 Evidence Type Source Name Value Confidence Vendor file name snappy High Vendor gradle artifactid snappy Highest Vendor gradle groupid org.iq80.snappy Highest Vendor jar package name iq80 Highest Vendor jar package name iq80 Low Vendor jar package name snappy Highest Vendor jar package name snappy Low Vendor pom artifactid snappy Low Vendor pom developer email dain@iq80.com Low Vendor pom developer email david@acz.org Low Vendor pom developer id dain Medium Vendor pom developer id electrum Medium Vendor pom developer name Dain Sundstrom Medium Vendor pom developer name David Phillips Medium Vendor pom groupid org.iq80.snappy Highest Vendor pom name snappy High Vendor pom url http://github.com/dain/snappy Highest Product file name snappy High Product gradle artifactid snappy Highest Product jar package name iq80 Highest Product jar package name snappy Highest Product jar package name snappy Low Product pom artifactid snappy Highest Product pom developer email dain@iq80.com Low Product pom developer email david@acz.org Low Product pom developer id dain Low Product pom developer id electrum Low Product pom developer name Dain Sundstrom Low Product pom developer name David Phillips Low Product pom groupid org.iq80.snappy Highest Product pom name snappy High Product pom url http://github.com/dain/snappy Medium Version file version 0.4 High Version gradle version 0.4 Highest Version pom version 0.4 Highest
spring-asciidoctor-extensions-block-switch-0.6.3.jarFile Path: /home/runner/.gradle/caches/modules-2/files-2.1/io.spring.asciidoctor/spring-asciidoctor-extensions-block-switch/0.6.3/ee30c30058592d39db61e08daf1d73d2d3fc1f86/spring-asciidoctor-extensions-block-switch-0.6.3.jarMD5: 454a36d905bf2f22f79bb34f7065012bSHA1: ee30c30058592d39db61e08daf1d73d2d3fc1f86SHA256: dfde9951be490a500f2a1e0ac5eb47905f85610be9a53308d5ff53ca1fe7235cReferenced In Project/Scope: documentation:asciidoctorExtspring-asciidoctor-extensions-block-switch-0.6.3.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/io.freefair.gradle/documentation@8.6
Evidence Type Source Name Value Confidence Vendor file name spring-asciidoctor-extensions-block-switch High Vendor gradle artifactid spring-asciidoctor-extensions-block-switch Highest Vendor gradle groupid io.spring.asciidoctor Highest Vendor jar package name asciidoctor Low Vendor jar package name io Low Vendor jar package name spring Low Product file name spring-asciidoctor-extensions-block-switch High Product gradle artifactid spring-asciidoctor-extensions-block-switch Highest Product jar package name asciidoctor Low Product jar package name blockswitch Low Product jar package name spring Low Version file name spring-asciidoctor-extensions-block-switch Medium Version file version 0.6.3 High Version gradle version 0.6.3 Highest
CVE-2018-18385 suppress
Asciidoctor in versions < 1.5.8 allows remote attackers to cause a denial of service (infinite loop). The loop was caused by the fact that Parser.next_block was not exhausting all the lines in the reader as the while loop expected it would. This was happening because the regular expression that detects any list was not agreeing with the regular expression that detects a specific list type. So the line kept getting pushed back onto the reader, hence causing the loop. CWE-835 Loop with Unreachable Exit Condition ('Infinite Loop')
CVSSv2:
Base Score: MEDIUM (5.0) Vector: /AV:N/AC:L/Au:N/C:N/I:N/A:P CVSSv3:
Base Score: HIGH (7.5) Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:3.9/RC:R/MAV:A References:
Vulnerable Software & Versions:
spring-asciidoctor-extensions-block-switch-0.6.3.jar: blockSwitch.jsFile Path: /home/runner/.gradle/caches/modules-2/files-2.1/io.spring.asciidoctor/spring-asciidoctor-extensions-block-switch/0.6.3/ee30c30058592d39db61e08daf1d73d2d3fc1f86/spring-asciidoctor-extensions-block-switch-0.6.3.jar/blockSwitch.jsMD5: d4b8f585cbeb7e87ce363fbbb6eb9454SHA1: c88002921c8338d9ccd08414e17db0ce91236f70SHA256: af0aabf4e915253aa7c1ca649ad9dfa3bab3ac301a05ca1900cdaa1ee0cf0d77Referenced In Project/Scope: documentation:asciidoctorExt
Evidence Type Source Name Value Confidence
trove4j-1.0.20200330.jarFile Path: /home/runner/.gradle/caches/modules-2/files-2.1/org.jetbrains.intellij.deps/trove4j/1.0.20200330/3afb14d5f9ceb459d724e907a21145e8ff394f02/trove4j-1.0.20200330.jarMD5: bb75697e375d588a9d3f8f2653b30f77SHA1: 3afb14d5f9ceb459d724e907a21145e8ff394f02SHA256: c5fd725bffab51846bf3c77db1383c60aaaebfe1b7fe2f00d23fe1b7df0a439dReferenced In Projects/Scopes:
documentation:javadocClasspath quicktype-plugin:runtimeClasspath mjml-plugin:kotlinCompilerClasspath quicktype-plugin:kotlinBuildToolsApiClasspath mjml-plugin:kotlinBuildToolsApiClasspath quicktype-plugin:kotlinKlibCommonizerClasspath quicktype-plugin:kotlinCompilerClasspath mjml-plugin:kotlinKlibCommonizerClasspath trove4j-1.0.20200330.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/io.freefair.gradle/quicktype-plugin@8.6 pkg:maven/org.jetbrains.kotlin/kotlin-compiler-embeddable@1.9.20 pkg:maven/org.jetbrains.kotlin/kotlin-compiler-embeddable@1.9.20 pkg:maven/org.jetbrains.kotlin/kotlin-klib-commonizer-embeddable@1.9.20 pkg:maven/io.freefair.gradle/aspectj-plugin@8.6 pkg:maven/org.jetbrains.kotlin/kotlin-build-tools-impl@1.9.20 pkg:maven/org.jetbrains.kotlin/kotlin-gradle-plugin@1.9.20 pkg:maven/org.jetbrains.kotlin/kotlin-klib-commonizer-embeddable@1.9.20 pkg:maven/org.jetbrains.kotlin/kotlin-build-tools-impl@1.9.20 Evidence Type Source Name Value Confidence Vendor file name trove4j High Vendor gradle artifactid trove4j Highest Vendor gradle groupid org.jetbrains.intellij.deps Highest Vendor jar package name gnu Low Vendor jar package name trove Low Product file name trove4j High Product gradle artifactid trove4j Highest Product jar package name trove Low Version file name trove4j Medium Version file version 1.0.20200330 High Version gradle version 1.0.20200330 Highest
velocity-1.7.jarFile Path: /home/runner/.gradle/caches/modules-2/files-2.1/org.apache.velocity/velocity/1.7/2ceb567b8f3f21118ecdec129fe1271dbc09aa7a/velocity-1.7.jarMD5: 3692dd72f8367cb35fb6280dc2916725SHA1: 2ceb567b8f3f21118ecdec129fe1271dbc09aa7aSHA256: ec92dae810034f4b46dbb16ef4364a4013b0efb24a8c5dd67435cae46a290d8eReferenced In Projects/Scopes:
documentation:javadocClasspath maven-plugin-plugin:compileClasspath maven-plugin-plugin:runtimeClasspath velocity-1.7.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/io.freefair.gradle/maven-plugin-plugin@8.6 pkg:maven/org.apache.maven.plugins/maven-plugin-plugin@3.11.0 pkg:maven/org.apache.maven.plugins/maven-plugin-plugin@3.11.0 pkg:maven/org.apache.maven.plugin-tools/maven-plugin-tools-generators@3.11.0 pkg:maven/org.apache.maven.plugin-tools/maven-plugin-tools-generators@3.11.0 Evidence Type Source Name Value Confidence Vendor file name velocity High Vendor gradle artifactid velocity Highest Vendor gradle groupid org.apache.velocity Highest Vendor jar package name apache Highest Vendor jar package name apache Low Vendor jar package name runtime Low Vendor jar package name velocity Highest Vendor jar package name velocity Low Vendor Manifest bundle-symbolicname org.apache.velocity Medium Vendor Manifest extension-name velocity Medium Vendor Manifest Implementation-Vendor Apache Software Foundation High Vendor Manifest Implementation-Vendor-Id org.apache Medium Vendor Manifest specification-vendor Apache Software Foundation Low Product file name velocity High Product gradle artifactid velocity Highest Product jar package name apache Highest Product jar package name runtime Low Product jar package name template Highest Product jar package name velocity Highest Product jar package name velocity Low Product Manifest Bundle-Name Apache Velocity Medium Product Manifest bundle-symbolicname org.apache.velocity Medium Product Manifest extension-name velocity Medium Product Manifest Implementation-Title org.apache.velocity High Product Manifest specification-title Velocity is a Java-based template engine Medium Version file version 1.7 High Version Manifest Implementation-Version 1.7 High
CVE-2020-13936 suppress
An attacker that is able to modify Velocity templates may execute arbitrary Java code or run arbitrary system commands with the same privileges as the account running the Servlet container. This applies to applications that allow untrusted users to upload/modify velocity templates running Apache Velocity Engine versions up to 2.2. NVD-CWE-noinfo
CVSSv2:
Base Score: HIGH (9.0) Vector: /AV:N/AC:L/Au:S/C:C/I:C/A:C CVSSv3:
Base Score: HIGH (8.8) Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:2.8/RC:R/MAV:A References:
Vulnerable Software & Versions: (show all )
wagon-provider-api-2.4.jarDescription:
Maven Wagon API that defines the contract between different Wagon implementations File Path: /home/runner/.gradle/caches/modules-2/files-2.1/org.apache.maven.wagon/wagon-provider-api/2.4/e40429d9dd849c5fe0bdf97062b1d9358d99826d/wagon-provider-api-2.4.jarMD5: 882add48c16ceb068eacb5a19e636c1eSHA1: e40429d9dd849c5fe0bdf97062b1d9358d99826dSHA256: f65d8d59d71bca18ffa259b5a6de67697bc65b9ff1142c7bb4417ab4b1cacd92Referenced In Projects/Scopes:
documentation:javadocClasspath maven-plugin-plugin:compileClasspath maven-plugin-plugin:runtimeClasspath wagon-provider-api-2.4.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/io.freefair.gradle/maven-plugin-plugin@8.6 pkg:maven/org.apache.maven.plugins/maven-plugin-plugin@3.11.0 pkg:maven/org.apache.maven.plugin-tools/maven-plugin-tools-annotations@3.11.0 pkg:maven/org.apache.maven.plugin-tools/maven-plugin-tools-annotations@3.11.0 pkg:maven/org.apache.maven.plugins/maven-plugin-plugin@3.11.0 pkg:maven/org.apache.maven.plugin-tools/maven-plugin-tools-generators@3.11.0 pkg:maven/org.apache.maven.plugin-tools/maven-plugin-tools-generators@3.11.0 Evidence Type Source Name Value Confidence Vendor file name wagon-provider-api High Vendor gradle artifactid wagon-provider-api Highest Vendor gradle groupid org.apache.maven.wagon Highest Vendor jar package name apache Highest Vendor jar package name maven Highest Vendor jar package name wagon Highest Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor Manifest Implementation-Vendor-Id org.apache.maven.wagon Medium Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor pom artifactid wagon-provider-api Low Vendor pom groupid org.apache.maven.wagon Highest Vendor pom name Apache Maven Wagon :: API High Vendor pom parent-artifactid wagon Low Product file name wagon-provider-api High Product gradle artifactid wagon-provider-api Highest Product jar package name apache Highest Product jar package name maven Highest Product jar package name wagon Highest Product Manifest Implementation-Title Apache Maven Wagon :: API High Product Manifest specification-title Apache Maven Wagon :: API Medium Product pom artifactid wagon-provider-api Highest Product pom groupid org.apache.maven.wagon Highest Product pom name Apache Maven Wagon :: API High Product pom parent-artifactid wagon Medium Version file version 2.4 High Version gradle version 2.4 Highest Version Manifest Implementation-Version 2.4 High Version pom version 2.4 Highest
webjars-locator-core-0.55.jarDescription:
WebJar Locator Core functionality License:
MIT: https://github.com/webjars/webjars-locator-core/blob/master/LICENSE.md File Path: /home/runner/.gradle/caches/modules-2/files-2.1/org.webjars/webjars-locator-core/0.55/d9c819930f44c89af1a6a8af2db6364926f6be69/webjars-locator-core-0.55.jar
MD5: e7e4b0973095490f42fe56ad5e35580c
SHA1: d9c819930f44c89af1a6a8af2db6364926f6be69
SHA256: 15224c767720719d8baaba65a5fe62c30b00b78547c118c6b8c26579d5ebee5c
Referenced In Projects/Scopes: documentation:javadocClasspath embedded-sass-plugin:runtimeClasspath embedded-sass-plugin:compileClasspath webjars-locator-core-0.55.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/io.freefair.gradle/embedded-sass-plugin@8.6 pkg:maven/io.freefair.gradle/embedded-sass-plugin@8.6 pkg:maven/io.freefair.gradle/embedded-sass-plugin@8.6 Evidence Type Source Name Value Confidence Vendor file name webjars-locator-core High Vendor gradle artifactid webjars-locator-core Highest Vendor gradle groupid org.webjars Highest Vendor jar package name webjars Highest Vendor Manifest build-jdk-spec 1.8 Low Vendor pom artifactid webjars-locator-core Low Vendor pom developer email james@jamesward.org Low Vendor pom developer id jamesward Medium Vendor pom developer name James Ward Medium Vendor pom groupid org.webjars Highest Vendor pom name webjars-locator-core High Vendor pom url http://webjars.org Highest Product file name webjars-locator-core High Product gradle artifactid webjars-locator-core Highest Product jar package name webjars Highest Product Manifest build-jdk-spec 1.8 Low Product pom artifactid webjars-locator-core Highest Product pom developer email james@jamesward.org Low Product pom developer id jamesward Low Product pom developer name James Ward Low Product pom groupid org.webjars Highest Product pom name webjars-locator-core High Product pom url http://webjars.org Medium Version file version 0.55 High Version gradle version 0.55 Highest Version pom version 0.55 Highest
xz-1.9.jarFile Path: /home/runner/.gradle/caches/modules-2/files-2.1/org.tukaani/xz/1.9/1ea4bec1a921180164852c65006d928617bd2caf/xz-1.9.jarMD5: 57c2fbfeb55e307ccae52e5322082e02SHA1: 1ea4bec1a921180164852c65006d928617bd2cafSHA256: 211b306cfc44f8f96df3a0a3ddaf75ba8c5289eed77d60d72f889bb855f535e5Referenced In Projects/Scopes:
documentation:javadocClasspath compress-plugin:compileClasspath compress-plugin:runtimeClasspath maven-plugin-plugin:runtimeClasspath xz-1.9.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/io.freefair.gradle/compress-plugin@8.6 pkg:maven/io.freefair.gradle/maven-plugin-plugin@8.6 pkg:maven/org.apache.maven.plugins/maven-plugin-plugin@3.11.0 pkg:maven/org.apache.maven.plugin-tools/maven-plugin-tools-annotations@3.11.0 pkg:maven/io.freefair.gradle/compress-plugin@8.6 pkg:maven/io.freefair.gradle/compress-plugin@8.6 Evidence Type Source Name Value Confidence Vendor file name xz High Vendor gradle artifactid xz Highest Vendor gradle groupid org.tukaani Highest Vendor jar package name tukaani Highest Vendor jar package name tukaani Low Vendor jar package name xz Highest Vendor jar package name xz Low Vendor Manifest bundle-docurl https://tukaani.org/xz/java.html Low Vendor Manifest bundle-symbolicname org.tukaani.xz Medium Vendor Manifest implementation-url https://tukaani.org/xz/java.html Low Vendor Manifest multi-release true Low Product file name xz High Product gradle artifactid xz Highest Product jar package name tukaani Highest Product jar package name xz Highest Product jar package name xz Low Product Manifest bundle-docurl https://tukaani.org/xz/java.html Low Product Manifest Bundle-Name XZ data compression Medium Product Manifest bundle-symbolicname org.tukaani.xz Medium Product Manifest Implementation-Title XZ data compression High Product Manifest implementation-url https://tukaani.org/xz/java.html Low Product Manifest multi-release true Low Version file version 1.9 High Version Manifest Implementation-Version 1.9 High
zstd-jni-1.5.5-11.jarDescription:
JNI bindings for Zstd native library that provides fast and high compression lossless algorithm for Java and all JVM languages. License:
https://opensource.org/licenses/BSD-2-Clause;description=BSD 2-Clause License File Path: /home/runner/.gradle/caches/modules-2/files-2.1/com.github.luben/zstd-jni/1.5.5-11/ca6ab366315e179dd80645aad4a60bab959c6523/zstd-jni-1.5.5-11.jar
MD5: 00977099d76d2c01a7b19263375ee42e
SHA1: ca6ab366315e179dd80645aad4a60bab959c6523
SHA256: d75b2ced6059f81ad23e021c554259b906b6c4f2991cb772409827569ead4c1a
Referenced In Projects/Scopes: documentation:javadocClasspath maven-plugin-plugin:runtimeClasspath zstd-jni-1.5.5-11.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/io.freefair.gradle/maven-plugin-plugin@8.6 pkg:maven/org.apache.maven.plugins/maven-plugin-plugin@3.11.0 pkg:maven/org.apache.maven.plugin-tools/maven-plugin-tools-annotations@3.11.0 Evidence Type Source Name Value Confidence Vendor file name zstd-jni High Vendor gradle artifactid zstd-jni Highest Vendor gradle groupid com.github.luben Highest Vendor jar package name github Highest Vendor jar package name github Low Vendor jar package name luben Highest Vendor jar package name luben Low Vendor jar package name zstd Highest Vendor jar package name zstd Low Vendor Manifest automatic-module-name com.github.luben.zstd_jni Medium Vendor Manifest bundle-nativecode darwin/x86_64/libzstd-jni-1.5.5-11.dylib;osname=MacOS;osname=MacOSX;processor=x86_64,darwin/aarch64/libzstd-jni-1.5.5-11.dylib;osname=MacOS;osname=MacOSX;processor=aarch64,freebsd/amd64/libzstd-jni-1.5.5-11.so;osname=FreeBSD;processor=amd64,freebsd/i386/libzstd-jni-1.5.5-11.so;osname=FreeBSD;processor=i386,linux/aarch64/libzstd-jni-1.5.5-11.so;osname=Linux;processor=aarch64,linux/amd64/libzstd-jni-1.5.5-11.so;osname=Linux;processor=amd64,linux/arm/libzstd-jni-1.5.5-11.so;osname=Linux;processor=arm,linux/i386/libzstd-jni-1.5.5-11.so;osname=Linux;processor=i386,linux/mips64/libzstd-jni-1.5.5-11.so;osname=Linux;processor=mips64,linux/loongarch64/libzstd-jni-1.5.5-11.so;osname=Linux;processor=loongarch64,linux/ppc64/libzstd-jni-1.5.5-11.so;osname=Linux;processor=ppc64,linux/ppc64le/libzstd-jni-1.5.5-11.so;osname=Linux;processor=ppc64le,linux/riscv64/libzstd-jni-1.5.5-11.so;osname=Linux;processor=riscv64,linux/s390x/libzstd-jni-1.5.5-11.so;osname=Linux;processor=s390x,win/amd64/libzstd-jni-1.5.5-11.dll;osname=Win32;processor=amd64,win/aarch64/libzstd-jni-1.5.5-11.dll;osname=Win32;processor=aarch64,win/x86/libzstd-jni-1.5.5-11.dll;osname=Win32;processor=x86 Low Vendor Manifest bundle-symbolicname com.github.luben.zstd-jni Medium Vendor Manifest Implementation-Vendor com.github.luben High Vendor Manifest Implementation-Vendor-Id com.github.luben Medium Vendor Manifest specification-vendor com.github.luben Low Product file name zstd-jni High Product gradle artifactid zstd-jni Highest Product jar package name github Highest Product jar package name luben Highest Product jar package name luben Low Product jar package name zstd Highest Product jar package name zstd Low Product Manifest automatic-module-name com.github.luben.zstd_jni Medium Product Manifest Bundle-Name zstd-jni Medium Product Manifest bundle-nativecode darwin/x86_64/libzstd-jni-1.5.5-11.dylib;osname=MacOS;osname=MacOSX;processor=x86_64,darwin/aarch64/libzstd-jni-1.5.5-11.dylib;osname=MacOS;osname=MacOSX;processor=aarch64,freebsd/amd64/libzstd-jni-1.5.5-11.so;osname=FreeBSD;processor=amd64,freebsd/i386/libzstd-jni-1.5.5-11.so;osname=FreeBSD;processor=i386,linux/aarch64/libzstd-jni-1.5.5-11.so;osname=Linux;processor=aarch64,linux/amd64/libzstd-jni-1.5.5-11.so;osname=Linux;processor=amd64,linux/arm/libzstd-jni-1.5.5-11.so;osname=Linux;processor=arm,linux/i386/libzstd-jni-1.5.5-11.so;osname=Linux;processor=i386,linux/mips64/libzstd-jni-1.5.5-11.so;osname=Linux;processor=mips64,linux/loongarch64/libzstd-jni-1.5.5-11.so;osname=Linux;processor=loongarch64,linux/ppc64/libzstd-jni-1.5.5-11.so;osname=Linux;processor=ppc64,linux/ppc64le/libzstd-jni-1.5.5-11.so;osname=Linux;processor=ppc64le,linux/riscv64/libzstd-jni-1.5.5-11.so;osname=Linux;processor=riscv64,linux/s390x/libzstd-jni-1.5.5-11.so;osname=Linux;processor=s390x,win/amd64/libzstd-jni-1.5.5-11.dll;osname=Win32;processor=amd64,win/aarch64/libzstd-jni-1.5.5-11.dll;osname=Win32;processor=aarch64,win/x86/libzstd-jni-1.5.5-11.dll;osname=Win32;processor=x86 Low Product Manifest bundle-symbolicname com.github.luben.zstd-jni Medium Product Manifest Implementation-Title zstd-jni High Product Manifest specification-title zstd-jni Medium Version file version 1.5.5.11 High Version Manifest Implementation-Version 1.5.5-11 High